0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 20) 20:06:25 executing program 2: ioctl$sock_SIOCSIFVLAN_SET_VLAN_FLAG_CMD(0xffffffffffffffff, 0x8983, &(0x7f00000002c0)={0x7, 'team0\x00', {0x3}, 0x5}) ioctl$sock_SIOCADDDLCI(0xffffffffffffffff, 0x8980, &(0x7f0000000200)={'wg1\x00', 0x3ff}) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f0000000140)={0x1d, 0x37, 0x5, 0x10, 0x5, 0x80000000, 0x5, 0xa6, 0xffffffffffffffff}) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x2, 0x0, 0x0, 0xfffffffc, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f00000000c0)={0x0, 0x1c, 0x0, 0x12, 0x4, 0x8f6, 0x1}) ioctl$BTRFS_IOC_FS_INFO(r0, 0x8400941f, &(0x7f00000004c0)) dup2(0xffffffffffffffff, r0) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000280)='ext4\x00', &(0x7f0000000300)='[^.,+\x00', 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x20, 0x5, &(0x7f0000000440)=[{&(0x7f0000000040)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000000340)="201900d07642da9202d6ff11430c6c6b8c0ac5060048065e0524ecf3bb8ce311427ac446646b66cda5c391a00fbccd665cde761d7307fdcb6b969016edfcfc7632c1f3819bab23a38c40d2318820e65ef0262cc5dd8b5bc96f21bc84022b67785d6741984f29f705f842bd5a08700600000080eb689f80ea060000000000000019dad01907103c1df3928cb15b27437eb6e994a4bed70de633978e40cc4bf867eb3e77379af998bbcd77550e80f99c5d5a20200de5355f8fb14806a954ff97d381ff5daacdbf46e48b2152f4088db986551071f77c817783eb555c6506ee28f07ac2f648e74d69f1e43a1e749c6a2dbe5c1e47f9503600000000000000", 0xfd, 0x4e0}, {0x0, 0x0, 0xffffffffdffffff8}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000011600)="ed41000000080000dff46552e0f4655fe0f4655f000000000000040004", 0x1d, 0x2100}], 0x0, &(0x7f0000000180)) pkey_mprotect(&(0x7f0000ff4000/0x2000)=nil, 0x2000, 0x0, 0xffffffffffffffff) accept$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @private}, &(0x7f00000001c0)=0x10) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) close(r1) dup2(0xffffffffffffffff, r1) pkey_mprotect(&(0x7f0000ff5000/0x1000)=nil, 0x1000, 0x1, 0xffffffffffffffff) r2 = getpgrp(0x0) r3 = pidfd_open(r2, 0x0) r4 = dup(r3) pidfd_send_signal(r4, 0x0, &(0x7f0000000000), 0x0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r4, 0x6, 0x16, &(0x7f0000000240)=[@sack_perm], 0x1) [ 1578.602528] EXT4-fs (loop6): mounted filesystem without journal. Opts: usrjquota=,,errors=continue [ 1578.715359] FAULT_INJECTION: forcing a failure. [ 1578.715359] name failslab, interval 1, probability 0, space 0, times 0 [ 1578.718289] CPU: 1 PID: 12663 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1578.719701] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1578.721368] Call Trace: [ 1578.721931] dump_stack+0x107/0x167 [ 1578.722714] should_fail.cold+0x5/0xa [ 1578.723511] ? create_object.isra.0+0x3a/0xa20 [ 1578.724459] should_failslab+0x5/0x20 [ 1578.725251] kmem_cache_alloc+0x5b/0x310 [ 1578.726103] ? mark_held_locks+0x9e/0xe0 [ 1578.726953] create_object.isra.0+0x3a/0xa20 [ 1578.727865] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1578.728934] kmem_cache_alloc+0x159/0x310 [ 1578.729799] xas_alloc+0x336/0x440 [ 1578.730563] xas_create+0x34a/0x10d0 [ 1578.731358] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1578.732451] xas_store+0x8c/0x1c40 [ 1578.733209] __xa_store+0x164/0x2d0 [ 1578.733979] ? xa_delete_node+0x280/0x280 [ 1578.734855] ? trace_hardirqs_on+0x5b/0x180 [ 1578.735768] xa_store+0x31/0x50 [ 1578.736468] __io_uring_add_tctx_node+0x1cf/0x520 [ 1578.737482] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1578.738595] __do_sys_io_uring_enter+0x136d/0x1730 [ 1578.739625] ? lock_downgrade+0x6d0/0x6d0 [ 1578.740479] ? find_held_lock+0x2c/0x110 [ 1578.741335] ? io_submit_sqes+0x85c0/0x85c0 [ 1578.742251] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1578.743265] ? wait_for_completion_io+0x270/0x270 [ 1578.744267] ? rcu_read_lock_any_held+0x75/0xa0 [ 1578.745236] ? vfs_write+0x354/0xa70 [ 1578.746029] ? fput_many+0x2f/0x1a0 [ 1578.746793] ? ksys_write+0x1a9/0x260 [ 1578.747587] ? __ia32_sys_read+0xb0/0xb0 [ 1578.748445] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1578.749529] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1578.750626] do_syscall_64+0x33/0x40 [ 1578.751409] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1578.752470] RIP: 0033:0x7fcf4787bb19 [ 1578.753246] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1578.757027] RSP: 002b:00007fcf44dd0188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1578.758608] RAX: ffffffffffffffda RBX: 00007fcf4798f020 RCX: 00007fcf4787bb19 [ 1578.760080] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1578.761552] RBP: 00007fcf44dd01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1578.763031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1578.764503] R13: 00007ffe8cffc48f R14: 00007fcf44dd0300 R15: 0000000000022000 20:06:25 executing program 6: r0 = openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x2d3043, 0x1f1) pidfd_send_signal(0xffffffffffffffff, 0x0, &(0x7f0000000000), 0x0) mkdirat(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x1c2) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='auxv\x00') pread64(r1, 0x0, 0x0, 0x0) fcntl$getown(r1, 0x9) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x4000004}, 0x0, 0xffffffffffffffff, r0, 0x0) ftruncate(r0, 0x1000003) fcntl$getflags(r0, 0x40a) r2 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) syz_io_uring_setup(0x23, &(0x7f00000001c0)={0x0, 0x0, 0x20, 0x0, 0xfffffffe, 0x0, 0x0}, &(0x7f0000feb000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000140)=@IORING_OP_WRITEV={0x2, 0x5, 0x0, @fd_index, 0x0, 0x0}, 0x0) pread64(0xffffffffffffffff, 0x0, 0x0, 0x0) r5 = epoll_create1(0x0) fallocate(r5, 0x59, 0x7fffffff, 0x4) fsetxattr$security_selinux(r2, &(0x7f0000000000), &(0x7f0000000080)='system_u:object_r:syslogd_var_lib_t:s0\x00', 0x27, 0x0) ioctl$RTC_WKALM_SET(r2, 0x4028700f, &(0x7f00000000c0)={0x1, 0x1, {0x24, 0x27, 0x1, 0x16, 0x2, 0xfe2d, 0x0, 0x1d, 0x1}}) acct(&(0x7f0000000040)='./file0\x00') openat(r0, &(0x7f0000000100)='./file0\x00', 0x46000, 0x1b8) unshare(0x48020200) 20:06:25 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) r0 = getpgrp(0x0) r1 = pidfd_open(r0, 0x0) r2 = dup(r1) pidfd_send_signal(r2, 0x0, &(0x7f0000000000), 0x0) sendmsg$IPCTNL_MSG_EXP_DELETE(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x34, 0x2, 0x2, 0x801, 0x0, 0x0, {0xa}, [@CTA_EXPECT_TUPLE={0x20, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @local}, {0x8, 0x2, @rand_addr=0x64010101}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24008041}, 0x0) 20:06:25 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 24) 20:06:25 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x1a) perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x9, 0x40, 0x7f, 0x3f, 0x0, 0x6, 0x100, 0x9, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x3, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_bp={&(0x7f0000000140), 0xc}, 0x440, 0x1, 0x8, 0x7, 0x4, 0x80000001, 0x0, 0x0, 0x28c, 0x0, 0x80000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xc) openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x101000, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000440)=[{&(0x7f0000000040)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef", 0x3a, 0x400}, {0x0, 0x0, 0xffffffffdffffff8}, {0x0}, {0x0, 0x0, 0x2900}], 0x0, &(0x7f0000000140)=ANY=[]) r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000200), 0x100, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000240)=0x8) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="040100002600010028bd7000fedbdf2517000000592baa44d0e6db7d6018b845e59fc403ec17047e91a7ae242b781b1fda1f733b4d8523d6c0d47f65f8e874ccc7a2e7fa399eb296fcdd33fcc793da8207bd42e4529ea22971e74f624f676ff90d6629949e5ace498f6eca6b03c804b14293446631d8c06207c5429a6532b9baf444f5c201a3734e4481aa7e7ce6f63cf5c9ed0c64e46f7da44005a2c67862959a05ab92cd7ca9281f21cf946d2a603581a76138fe28bb990f001af18954c6240622e72ad39aefaa719e88ce41fa89f92e36c846a49131175731021be7a639294d989f9b61013c5e25ff7d21566ba2f2e6da656db4ac9c9c734c07c49ebec4e4eb46acbfbab357afab9ff2c752518becc349bc6c73ab2fa8bda26a69090c"], 0x104}, 0x1, 0x0, 0x0, 0x11}, 0x48000) 20:06:25 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 9) [ 1579.028103] FAULT_INJECTION: forcing a failure. [ 1579.028103] name failslab, interval 1, probability 0, space 0, times 0 [ 1579.031022] CPU: 0 PID: 12675 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1579.032410] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1579.034069] Call Trace: [ 1579.034597] dump_stack+0x107/0x167 [ 1579.035332] should_fail.cold+0x5/0xa [ 1579.036104] ? io_setup_async_rw+0x180/0x580 [ 1579.036986] should_failslab+0x5/0x20 [ 1579.037742] __kmalloc+0x72/0x390 [ 1579.038466] io_setup_async_rw+0x180/0x580 [ 1579.039307] ? iov_iter_restore+0x195/0x3a0 [ 1579.040179] io_read+0x775/0x11e0 [ 1579.040884] ? kiocb_done+0xc90/0xc90 [ 1579.041680] ? stack_trace_consume_entry+0x160/0x160 [ 1579.042701] ? lock_acquire+0x197/0x470 [ 1579.043503] ? lock_acquire+0x197/0x470 [ 1579.044293] ? __lock_acquire+0xbb1/0x5b00 [ 1579.045125] io_issue_sqe+0x2e12/0x7660 [ 1579.045911] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1579.046954] ? SOFTIRQ_verbose+0x10/0x10 [ 1579.047752] ? lock_chain_count+0x20/0x20 [ 1579.048568] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1579.049620] ? io_connect+0x610/0x610 [ 1579.050395] ? lock_acquire+0x197/0x470 [ 1579.051198] ? find_held_lock+0x2c/0x110 [ 1579.052014] ? __fget_files+0x26d/0x4c0 [ 1579.052825] ? lock_downgrade+0x6d0/0x6d0 [ 1579.053656] __io_queue_sqe+0x90/0x9d0 [ 1579.054459] ? io_issue_sqe+0x7660/0x7660 [ 1579.055288] ? io_prep_rw+0x7f5/0x1050 [ 1579.056079] io_submit_sqes+0x4461/0x85c0 [ 1579.056943] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1579.057940] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1579.058917] ? lock_downgrade+0x6d0/0x6d0 [ 1579.059748] ? find_held_lock+0x2c/0x110 [ 1579.060566] ? io_submit_sqes+0x85c0/0x85c0 [ 1579.061458] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1579.062444] ? wait_for_completion_io+0x270/0x270 [ 1579.063411] ? rcu_read_lock_any_held+0x75/0xa0 [ 1579.064351] ? vfs_write+0x354/0xa70 [ 1579.065101] ? fput_many+0x2f/0x1a0 [ 1579.065838] ? ksys_write+0x1a9/0x260 [ 1579.066625] ? __ia32_sys_read+0xb0/0xb0 [ 1579.067448] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1579.068507] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1579.069553] do_syscall_64+0x33/0x40 [ 1579.070311] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1579.071352] RIP: 0033:0x7fe40cf96b19 [ 1579.072107] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1579.075796] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1579.077317] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1579.078756] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1579.080178] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1579.081599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1579.083033] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 20:06:26 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETVNETBE(0xffffffffffffffff, 0x400454de, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000002740), 0xffffffffffffffff) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/syz1\x00', 0x200002, 0x0) ioctl$FS_IOC_MEASURE_VERITY(r2, 0xc0046686, &(0x7f00000000c0)={0x0, 0xff, "a792de9f49464aa18b24dd59583c304a2896a103110b5bfda7e5c39770843580be44fa6f78829a9a11f718b6813e38efb67229b399f065ac0030ef7bcc8d4cbe7723f1def24ad952461aab5c63b95a5f950e0b5733de13a11300d3d50ae87ae4ea89e07e3683ab64988baa75c34b6ad39c6d9b4db6a8bd9977446c304878dbdb23a654e519bc18de83b5b6060987ff12e2f2eaf3f9827076653ee853b72febc2973281fd2621189323abb759112981ad8d14eae952ad86f5fbf1dad1e9fa13aa405faae2477bdc03ba4a078bebc2781290f3f583f82dda124fcf3e823109130bdb4d3978f194fd48e0859ca7ecc1876770d58e641d922aa39dc43067beacea"}) sendmsg$ETHTOOL_MSG_EEE_SET(r0, &(0x7f0000002800)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000ecd01317de8c6200", @ANYRES16=r1, @ANYBLOB="010300000000000000000f00000004000180"], 0x18}}, 0x0) 20:06:26 executing program 4: r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000237}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pwrite64(r1, &(0x7f00000000c0)="fe", 0x1, 0x0) fadvise64(r1, 0x0, 0x1, 0x4) fallocate(r1, 0x14, 0xfffffffffffffffa, 0x7) perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0x5, 0x4, 0x0, 0x2, 0x0, 0x9, 0x40000, 0x4, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3611, 0x0, @perf_config_ext={0xfffffffffffffffb, 0x1}, 0x8000, 0x1, 0x81, 0x3, 0x7, 0x222c, 0x4000, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x6, r0, 0xa) ioctl$BTRFS_IOC_BALANCE_CTL(r1, 0x40049421, 0x2) 20:06:26 executing program 3: perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x19004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="28000000100001000000000000000000001e7cb851dfa9862a9e7b3934daf2000000001cdaae86e6ce11544d0000000000"], 0x28}}, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) close(r0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x14, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x40000) r1 = openat$sr(0xffffffffffffff9c, &(0x7f0000000180), 0x101000, 0x0) sendmsg$NFNL_MSG_ACCT_GET_CTRZERO(r1, &(0x7f00000005c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000580)={&(0x7f0000000480)={0x50, 0x2, 0x7, 0x300, 0x0, 0x0, {0xc, 0x0, 0x5}, [@NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0x6}, @NFACCT_NAME={0x9, 0x1, 'syz0\x00'}, @NFACCT_NAME={0x9, 0x1, 'syz1\x00'}, @NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0x8000}, @NFACCT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000d0}, 0x10) r2 = signalfd(r0, &(0x7f0000000200)={[0x9]}, 0x8) sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000400)={&(0x7f0000000500)={0x44, 0x0, 0x20, 0x70bd2a, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_BSS_BASIC_RATES={0x23, 0x24, [{0x30, 0x1}, {0x30}, {0xb}, {0x12, 0x1}, {0xb, 0x1}, {0xb}, {0x18, 0x1}, {0x60}, {0x36}, {0x12}, {0x4, 0x1}, {0x2}, {0x1b}, {0x31}, {0x51}, {0x36}, {0x16}, {0x3, 0x1}, {0x73}, {0x5, 0x1}, {0x6}, {0x5}, {0x18, 0x1}, {0x2, 0x1}, {0x24}, {0x60, 0x1}, {0x9}, {0x3f, 0x1}, {0x3, 0x1}, {0x36747423ff718997, 0x1}, {0x1, 0x1}]}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x2400400c) openat(r2, &(0x7f0000000380)='./file0\x00', 0x2880, 0x82) dup(0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'sit0\x00'}) 20:06:26 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x0) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) [ 1579.192670] FAULT_INJECTION: forcing a failure. [ 1579.192670] name failslab, interval 1, probability 0, space 0, times 0 [ 1579.195337] CPU: 1 PID: 12682 Comm: syz-executor.1 Not tainted 5.10.180 #1 [ 1579.196759] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1579.198472] Call Trace: [ 1579.199031] dump_stack+0x107/0x167 [ 1579.199797] should_fail.cold+0x5/0xa [ 1579.200590] ? create_object.isra.0+0x3a/0xa20 [ 1579.201533] should_failslab+0x5/0x20 [ 1579.202329] kmem_cache_alloc+0x5b/0x310 [ 1579.203171] ? mark_held_locks+0x9e/0xe0 [ 1579.204016] create_object.isra.0+0x3a/0xa20 [ 1579.204928] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1579.206003] kmem_cache_alloc_bulk+0x168/0x320 [ 1579.206955] io_submit_sqes+0x6f76/0x85c0 [ 1579.207827] ? percpu_ref_tryget_many+0x166/0x2d0 [ 1579.208857] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1579.209886] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1579.210897] ? lock_downgrade+0x6d0/0x6d0 [ 1579.211751] ? find_held_lock+0x2c/0x110 [ 1579.212598] ? io_submit_sqes+0x85c0/0x85c0 [ 1579.213500] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1579.214508] ? wait_for_completion_io+0x270/0x270 [ 1579.215505] ? rcu_read_lock_any_held+0x75/0xa0 [ 1579.216461] ? vfs_write+0x354/0xa70 [ 1579.217241] ? fput_many+0x2f/0x1a0 [ 1579.218023] ? ksys_write+0x1a9/0x260 [ 1579.218804] ? __ia32_sys_read+0xb0/0xb0 [ 1579.219640] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1579.220691] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1579.221725] do_syscall_64+0x33/0x40 [ 1579.222494] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1579.223516] RIP: 0033:0x7f5d818b0b19 [ 1579.224273] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1579.228068] RSP: 002b:00007f5d7ee26188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1579.229586] RAX: ffffffffffffffda RBX: 00007f5d819c3f60 RCX: 00007f5d818b0b19 [ 1579.231032] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1579.232481] RBP: 00007f5d7ee261d0 R08: 0000000000000000 R09: 0000000000000000 [ 1579.233930] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1579.235370] R13: 00007fff1ce3d42f R14: 00007f5d7ee26300 R15: 0000000000022000 20:06:26 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 21) [ 1579.533690] FAULT_INJECTION: forcing a failure. [ 1579.533690] name failslab, interval 1, probability 0, space 0, times 0 [ 1579.536450] CPU: 1 PID: 12698 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1579.537861] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1579.539578] Call Trace: [ 1579.540126] dump_stack+0x107/0x167 [ 1579.540885] should_fail.cold+0x5/0xa [ 1579.541669] ? create_object.isra.0+0x3a/0xa20 [ 1579.542596] should_failslab+0x5/0x20 [ 1579.543367] kmem_cache_alloc+0x5b/0x310 [ 1579.544196] ? find_held_lock+0x2c/0x110 [ 1579.545022] create_object.isra.0+0x3a/0xa20 [ 1579.545918] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1579.546955] __kmalloc_node+0x1ae/0x420 [ 1579.547772] memcg_alloc_page_obj_cgroups+0x73/0x100 [ 1579.548800] memcg_slab_post_alloc_hook+0x1f0/0x430 [ 1579.549824] kmem_cache_alloc_bulk+0x182/0x320 [ 1579.550775] io_submit_sqes+0x6f76/0x85c0 [ 1579.551661] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1579.552690] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1579.553685] ? lock_downgrade+0x6d0/0x6d0 [ 1579.554545] ? find_held_lock+0x2c/0x110 [ 1579.555372] ? io_submit_sqes+0x85c0/0x85c0 [ 1579.556254] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1579.557229] ? wait_for_completion_io+0x270/0x270 [ 1579.558214] ? rcu_read_lock_any_held+0x75/0xa0 [ 1579.559147] ? vfs_write+0x354/0xa70 [ 1579.559899] ? fput_many+0x2f/0x1a0 [ 1579.560633] ? ksys_write+0x1a9/0x260 [ 1579.561409] ? __ia32_sys_read+0xb0/0xb0 [ 1579.562244] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1579.563309] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1579.564359] do_syscall_64+0x33/0x40 [ 1579.565116] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1579.566165] RIP: 0033:0x7fcf4787bb19 [ 1579.566927] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1579.570682] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1579.572221] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1579.573664] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 1579.575153] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1579.576612] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1579.578080] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 20:06:42 executing program 3: ftruncate(0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) fallocate(r1, 0x0, 0x0, 0x8800000) dup2(r1, r0) syz_open_procfs(0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000040)={0xa8, 0x9, 0x5, 0x7, 0x3}) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x4080, 0x0) sendfile(r0, r2, 0x0, 0x100000001) 20:06:42 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, 0xffffffffffffffff) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:06:42 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 22) 20:06:42 executing program 6: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x8409, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffe00}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FIONREAD(r0, 0x4b41, &(0x7f0000000140)) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8914, &(0x7f0000000140)={'lo\x00'}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f0000000340)) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000140)={'lo\x00'}) writev(r2, &(0x7f0000000300)=[{&(0x7f0000000080)="d90cad23eee10544fbccdb243cc4038239edc974c39723126c81ac0dbd58310fc03cf9d2b662cd82b8855f36ebee2d69aa505340e20aa8029afa7ca341ff864f65e6a73b9409ffbcdc2b24bbb39d273ae462f03d99ce3ba5a18bc082337be165ee007cd7a0af6d8bda2651dc3988472dde0e991df66335c359f57b136f0ee6e6d103a8426e1a5a0de8", 0x89}, {&(0x7f0000000180)="5e9ab67bce0a239155ee6a088ab3d646d0d0b34f7d16f433b43be2aeb788e26058d550a623873c341f8f504e1c8a7bdeac7e72a57fc1f8cf107d8a44a151b1420583e2a76824e59b06aa40dbd8607254ace920185f5036436bbf5015875d0cacbed7f77866cd7c8b45", 0x69}, {&(0x7f0000000200)="d04c1c20e2742b98fa12c35e89e97c81b66e8ac2a880e451f11c682a3879edd84124703d311798a18f077ca2205f5fe6b8aa2c69e65ce23e189863d89f39d09f2608c65fe9636c3900717d28048c9d19406c83a1c8ea79b0fe1d604e40a9c4f9a5906d44888bbdd2ba1c77f43b319c69fb681ecd4435059e2a895adaebed73ee247ead265b5e844234ffe000d87a4ba47ae6fd1db05c4987016fb7f4723128892f1cd8ede00a2a6f8be438a79b8b626626e89efda2792437ae9f9d182b2d4907f344479e5ae0613abe72b8d918feb3bf822c3785537b67aac97f1ec483cbf49b942d70c5246ec3f01808a61c3126bf6de0235604fefb8b50", 0xf8}], 0x3) ioctl$TCXONC(r0, 0x540a, 0x1) 20:06:42 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 10) 20:06:42 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 25) 20:06:42 executing program 4: r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000000)=0x7) perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x8052, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x6}, 0x0, 0x0, 0x0, 0x0, 0xfffffefffffffffd}, 0x0, 0x7, 0xffffffffffffffff, 0x0) 20:06:42 executing program 2: r0 = getpgrp(0x0) r1 = pidfd_open(r0, 0x0) r2 = dup(r1) pidfd_send_signal(r2, 0x0, &(0x7f0000000000), 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)={0x2c, r6, 0x5, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r7}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x16c1}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x6}]]}, 0x2c}}, 0x0) sendmsg$NL80211_CMD_STOP_P2P_DEVICE(r2, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r4, 0x100, 0x70bd29, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r7}, @void}}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x40) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000440), 0x0, &(0x7f0000000140)) rmdir(&(0x7f00000000c0)='./file0\x00') utime(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x1, 0x6}) [ 1595.340055] FAULT_INJECTION: forcing a failure. [ 1595.340055] name failslab, interval 1, probability 0, space 0, times 0 [ 1595.342391] CPU: 1 PID: 12713 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1595.343795] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1595.345472] Call Trace: [ 1595.346057] dump_stack+0x107/0x167 [ 1595.346830] should_fail.cold+0x5/0xa [ 1595.347625] ? io_setup_async_rw+0x180/0x580 [ 1595.348535] should_failslab+0x5/0x20 [ 1595.349321] __kmalloc+0x72/0x390 [ 1595.350055] io_setup_async_rw+0x180/0x580 [ 1595.350927] ? iov_iter_restore+0x195/0x3a0 [ 1595.351810] io_read+0x775/0x11e0 [ 1595.352542] ? kiocb_done+0xc90/0xc90 [ 1595.353328] ? register_lock_class+0xbb/0x17b0 [ 1595.354356] ? arch_stack_walk+0x99/0xf0 [ 1595.355116] FAULT_INJECTION: forcing a failure. [ 1595.355116] name failslab, interval 1, probability 0, space 0, times 0 [ 1595.355430] ? is_dynamic_key+0x1e0/0x1e0 [ 1595.358890] ? __lock_acquire+0x1657/0x5b00 [ 1595.359915] ? __lock_acquire+0xbb1/0x5b00 [ 1595.360873] io_issue_sqe+0x2e12/0x7660 [ 1595.361731] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1595.362928] ? SOFTIRQ_verbose+0x10/0x10 [ 1595.363794] ? lock_chain_count+0x20/0x20 [ 1595.364654] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1595.365723] ? io_connect+0x610/0x610 [ 1595.366527] ? lock_acquire+0x197/0x470 [ 1595.367344] ? find_held_lock+0x2c/0x110 [ 1595.368183] ? __fget_files+0x26d/0x4c0 [ 1595.368997] ? lock_downgrade+0x6d0/0x6d0 [ 1595.369851] __io_queue_sqe+0x90/0x9d0 [ 1595.370669] ? io_issue_sqe+0x7660/0x7660 [ 1595.371523] ? io_prep_rw+0x7f5/0x1050 [ 1595.372327] io_submit_sqes+0x4461/0x85c0 [ 1595.373216] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1595.374244] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1595.375234] ? lock_downgrade+0x6d0/0x6d0 [ 1595.376074] ? find_held_lock+0x2c/0x110 [ 1595.376910] ? io_submit_sqes+0x85c0/0x85c0 [ 1595.377800] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1595.378812] ? wait_for_completion_io+0x270/0x270 [ 1595.379801] ? rcu_read_lock_any_held+0x75/0xa0 [ 1595.380745] ? vfs_write+0x354/0xa70 [ 1595.381513] ? fput_many+0x2f/0x1a0 [ 1595.382279] ? ksys_write+0x1a9/0x260 [ 1595.383062] ? __ia32_sys_read+0xb0/0xb0 [ 1595.383898] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1595.384965] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1595.386020] do_syscall_64+0x33/0x40 [ 1595.386809] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1595.387837] RIP: 0033:0x7fe40cf96b19 [ 1595.388597] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1595.392244] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1595.393766] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1595.395193] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1595.396610] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1595.398022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1595.399454] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 [ 1595.400921] CPU: 0 PID: 12717 Comm: syz-executor.1 Not tainted 5.10.180 #1 [ 1595.402621] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1595.404314] Call Trace: [ 1595.404846] dump_stack+0x107/0x167 [ 1595.405587] should_fail.cold+0x5/0xa [ 1595.406400] ? io_setup_async_rw+0x180/0x580 [ 1595.407273] should_failslab+0x5/0x20 [ 1595.408020] __kmalloc+0x72/0x390 [ 1595.408714] io_setup_async_rw+0x180/0x580 [ 1595.409547] ? iov_iter_restore+0x195/0x3a0 [ 1595.410422] io_read+0x775/0x11e0 [ 1595.411123] ? kiocb_done+0xc90/0xc90 [ 1595.411896] ? stack_trace_consume_entry+0x160/0x160 [ 1595.412910] ? lock_acquire+0x197/0x470 [ 1595.413700] ? __lock_acquire+0xbb1/0x5b00 [ 1595.414556] io_issue_sqe+0x2e12/0x7660 [ 1595.415076] FAULT_INJECTION: forcing a failure. [ 1595.415076] name failslab, interval 1, probability 0, space 0, times 0 [ 1595.415349] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1595.418528] ? SOFTIRQ_verbose+0x10/0x10 [ 1595.419331] ? lock_chain_count+0x20/0x20 [ 1595.420154] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1595.421190] ? io_connect+0x610/0x610 [ 1595.421951] ? lock_acquire+0x197/0x470 [ 1595.422783] ? find_held_lock+0x2c/0x110 [ 1595.423591] ? __fget_files+0x26d/0x4c0 [ 1595.424375] ? lock_downgrade+0x6d0/0x6d0 [ 1595.425201] __io_queue_sqe+0x90/0x9d0 [ 1595.425970] ? io_issue_sqe+0x7660/0x7660 [ 1595.426802] ? io_prep_rw+0x7f5/0x1050 [ 1595.427576] io_submit_sqes+0x4461/0x85c0 [ 1595.428422] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1595.429449] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1595.430416] ? lock_downgrade+0x6d0/0x6d0 [ 1595.431228] ? find_held_lock+0x2c/0x110 [ 1595.432027] ? io_submit_sqes+0x85c0/0x85c0 [ 1595.432878] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1595.433828] ? wait_for_completion_io+0x270/0x270 [ 1595.434783] ? rcu_read_lock_any_held+0x75/0xa0 [ 1595.435692] ? vfs_write+0x354/0xa70 [ 1595.436421] ? fput_many+0x2f/0x1a0 [ 1595.437135] ? ksys_write+0x1a9/0x260 [ 1595.437880] ? __ia32_sys_read+0xb0/0xb0 [ 1595.438688] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1595.439711] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1595.440721] do_syscall_64+0x33/0x40 [ 1595.441448] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1595.442466] RIP: 0033:0x7f5d818b0b19 [ 1595.443195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1595.446785] RSP: 002b:00007f5d7ee26188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1595.448274] RAX: ffffffffffffffda RBX: 00007f5d819c3f60 RCX: 00007f5d818b0b19 [ 1595.449669] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1595.451072] RBP: 00007f5d7ee261d0 R08: 0000000000000000 R09: 0000000000000000 [ 1595.452458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1595.453851] R13: 00007fff1ce3d42f R14: 00007f5d7ee26300 R15: 0000000000022000 [ 1595.455288] CPU: 1 PID: 12714 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1595.456981] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1595.459004] Call Trace: [ 1595.459652] dump_stack+0x107/0x167 [ 1595.460535] should_fail.cold+0x5/0xa [ 1595.461460] ? create_object.isra.0+0x3a/0xa20 [ 1595.462577] should_failslab+0x5/0x20 [ 1595.463494] kmem_cache_alloc+0x5b/0x310 [ 1595.464478] create_object.isra.0+0x3a/0xa20 [ 1595.465386] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1595.466414] __kmalloc+0x16e/0x390 [ 1595.467129] io_setup_async_rw+0x180/0x580 [ 1595.467971] ? iov_iter_restore+0x195/0x3a0 [ 1595.467991] io_read+0x775/0x11e0 [ 1595.468024] ? kiocb_done+0xc90/0xc90 [ 1595.468043] ? register_lock_class+0xbb/0x17b0 [ 1595.468059] ? arch_stack_walk+0x99/0xf0 [ 1595.468084] ? is_dynamic_key+0x1e0/0x1e0 [ 1595.468121] ? __lock_acquire+0x1657/0x5b00 [ 1595.468148] ? __lock_acquire+0xbb1/0x5b00 [ 1595.468173] io_issue_sqe+0x2e12/0x7660 [ 1595.468201] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1595.468218] ? SOFTIRQ_verbose+0x10/0x10 [ 1595.468236] ? lock_chain_count+0x20/0x20 [ 1595.468258] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1595.468274] ? io_connect+0x610/0x610 [ 1595.468297] ? lock_acquire+0x197/0x470 [ 1595.468313] ? find_held_lock+0x2c/0x110 [ 1595.468336] ? __fget_files+0x26d/0x4c0 [ 1595.468355] ? lock_downgrade+0x6d0/0x6d0 [ 1595.468380] __io_queue_sqe+0x90/0x9d0 [ 1595.468405] ? io_issue_sqe+0x7660/0x7660 [ 1595.468429] ? io_prep_rw+0x7f5/0x1050 [ 1595.468453] io_submit_sqes+0x4461/0x85c0 [ 1595.468504] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1595.468521] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1595.468544] ? lock_downgrade+0x6d0/0x6d0 [ 1595.468559] ? find_held_lock+0x2c/0x110 [ 1595.468582] ? io_submit_sqes+0x85c0/0x85c0 [ 1595.468608] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1595.468630] ? wait_for_completion_io+0x270/0x270 [ 1595.492814] ? rcu_read_lock_any_held+0x75/0xa0 [ 1595.492844] ? vfs_write+0x354/0xa70 [ 1595.494517] ? fput_many+0x2f/0x1a0 [ 1595.495239] ? ksys_write+0x1a9/0x260 [ 1595.495258] ? __ia32_sys_read+0xb0/0xb0 [ 1595.495281] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1595.495302] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1595.495325] do_syscall_64+0x33/0x40 [ 1595.495345] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1595.495357] RIP: 0033:0x7fcf4787bb19 [ 1595.495375] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1595.495393] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1595.506449] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1595.507858] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1595.507868] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 20:06:42 executing program 4: ioctl$EVIOCSABS0(0xffffffffffffffff, 0x401845c0, &(0x7f0000000080)={0xffff, 0x20, 0x4, 0x3f, 0x6, 0x4}) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x0) ioctl$AUTOFS_IOC_PROTOVER(r0, 0x80049363, &(0x7f0000000200)) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$SG_GET_RESERVED_SIZE(0xffffffffffffffff, 0x5421, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x40001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) ioctl$EXT4_IOC_CLEAR_ES_CACHE(r1, 0x6628) r2 = dup2(r0, r1) copy_file_range(r2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)=0x3a, 0x8, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010500)="53595a4b414c4c45522020080000ea80325132510000ea80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c453020202020202010", 0x4c}], 0x0, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, 0x0) [ 1595.507879] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1595.507889] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 20:06:42 executing program 6: ioctl$EXT4_IOC_GETSTATE(0xffffffffffffffff, 0x40046629, &(0x7f00000000c0)) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x8) ftruncate(r0, 0x1000003) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000)) symlink(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='./file0\x00') r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xfc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20480, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2403, 0x0) fork() 20:06:42 executing program 3: ftruncate(0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) fallocate(r1, 0x0, 0x0, 0x8800000) dup2(r1, r0) syz_open_procfs(0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000040)={0xa8, 0x9, 0x5, 0x7, 0x3}) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x4080, 0x0) sendfile(r0, r2, 0x0, 0x100000001) [ 1595.708895] audit: type=1400 audit(1685736402.679:32): avc: denied { tracepoint } for pid=12731 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 20:06:42 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 26) [ 1595.848341] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 20:06:42 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 23) 20:06:42 executing program 2: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x107100, 0x0) read(r0, &(0x7f0000000000), 0x1b4000) openat(r0, &(0x7f0000000000)='./file0\x00', 0x410800, 0x1) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) 20:06:42 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, 0xffffffffffffffff) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) [ 1595.971062] FAULT_INJECTION: forcing a failure. [ 1595.971062] name failslab, interval 1, probability 0, space 0, times 0 [ 1595.975110] CPU: 1 PID: 12741 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1595.976568] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1595.978387] Call Trace: [ 1595.978973] dump_stack+0x107/0x167 [ 1595.979732] should_fail.cold+0x5/0xa [ 1595.980514] should_failslab+0x5/0x20 [ 1595.981285] kmem_cache_alloc_bulk+0x4b/0x320 [ 1595.982208] io_submit_sqes+0x6f76/0x85c0 [ 1595.983095] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1595.984244] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1595.985472] ? lock_downgrade+0x6d0/0x6d0 [ 1595.986547] ? find_held_lock+0x2c/0x110 [ 1595.987593] ? io_submit_sqes+0x85c0/0x85c0 [ 1595.988692] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1595.989923] ? wait_for_completion_io+0x270/0x270 [ 1595.991163] ? rcu_read_lock_any_held+0x75/0xa0 [ 1595.992340] ? vfs_write+0x354/0xa70 [ 1595.993301] ? fput_many+0x2f/0x1a0 [ 1595.994264] ? ksys_write+0x1a9/0x260 [ 1595.995257] ? __ia32_sys_read+0xb0/0xb0 [ 1595.996320] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1595.997676] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1595.999035] do_syscall_64+0x33/0x40 [ 1596.000003] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1596.001504] RIP: 0033:0x7fe40cf96b19 [ 1596.002610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1596.008122] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1596.010430] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1596.012571] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1596.014727] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1596.016855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1596.018979] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 [ 1596.038245] FAULT_INJECTION: forcing a failure. [ 1596.038245] name failslab, interval 1, probability 0, space 0, times 0 [ 1596.040592] CPU: 0 PID: 12744 Comm: syz-executor.5 Not tainted 5.10.180 #1 20:06:43 executing program 3: msgrcv(0xffffffffffffffff, &(0x7f0000000180)={0x0, ""/214}, 0xde, 0x3, 0x0) socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = msgget(0x2, 0x22e) msgctl$IPC_RMID(r0, 0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x0, 0x0) msgsnd(0x0, &(0x7f0000000280)={0x3}, 0x8, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff) copy_file_range(r1, 0x0, 0xffffffffffffffff, &(0x7f0000000040)=0x7fff, 0xa1, 0x0) syz_open_dev$rtc(&(0x7f0000000080), 0x81, 0x2a000) r2 = getpgrp(0x0) r3 = pidfd_open(r2, 0x0) r4 = dup(r3) pidfd_send_signal(r4, 0x0, &(0x7f0000000000), 0x0) r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000100), 0x400000, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f00000006c0)={0x0, 0x0, {0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}}) [ 1596.041710] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1596.043114] Call Trace: [ 1596.043516] dump_stack+0x107/0x167 [ 1596.044060] should_fail.cold+0x5/0xa [ 1596.044628] ? create_object.isra.0+0x3a/0xa20 [ 1596.045307] should_failslab+0x5/0x20 [ 1596.045872] kmem_cache_alloc+0x5b/0x310 [ 1596.046489] create_object.isra.0+0x3a/0xa20 [ 1596.047135] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1596.047880] __kmalloc+0x16e/0x390 [ 1596.048412] io_setup_async_rw+0x180/0x580 [ 1596.049022] ? iov_iter_restore+0x195/0x3a0 [ 1596.049645] io_read+0x775/0x11e0 [ 1596.050166] ? kiocb_done+0xc90/0xc90 [ 1596.050820] ? stack_trace_consume_entry+0x160/0x160 [ 1596.051569] ? lock_acquire+0x197/0x470 [ 1596.052155] ? __lock_acquire+0xbb1/0x5b00 [ 1596.052779] io_issue_sqe+0x2e12/0x7660 [ 1596.053370] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1596.054122] ? SOFTIRQ_verbose+0x10/0x10 [ 1596.054783] ? lock_chain_count+0x20/0x20 [ 1596.055389] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1596.056243] ? io_connect+0x610/0x610 [ 1596.056822] ? lock_acquire+0x197/0x470 [ 1596.057474] ? find_held_lock+0x2c/0x110 [ 1596.058070] ? __fget_files+0x26d/0x4c0 [ 1596.058735] ? lock_downgrade+0x6d0/0x6d0 [ 1596.059416] __io_queue_sqe+0x90/0x9d0 [ 1596.060057] ? io_issue_sqe+0x7660/0x7660 [ 1596.060735] ? io_prep_rw+0x7f5/0x1050 [ 1596.061372] io_submit_sqes+0x4461/0x85c0 [ 1596.062006] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1596.062820] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1596.063593] ? lock_downgrade+0x6d0/0x6d0 [ 1596.064186] ? find_held_lock+0x2c/0x110 [ 1596.064830] ? io_submit_sqes+0x85c0/0x85c0 [ 1596.065511] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1596.066272] ? wait_for_completion_io+0x270/0x270 [ 1596.067014] ? rcu_read_lock_any_held+0x75/0xa0 [ 1596.067733] ? vfs_write+0x354/0xa70 [ 1596.068312] ? copy_kernel_to_fpregs+0x9e/0xe0 [ 1596.068970] ? trace_event_raw_event_x86_fpu+0x390/0x390 [ 1596.069814] ? ksys_write+0x1a9/0x260 [ 1596.070434] ? __ia32_sys_read+0xb0/0xb0 [ 1596.071072] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1596.071917] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1596.072743] do_syscall_64+0x33/0x40 [ 1596.073347] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1596.074158] RIP: 0033:0x7fcf4787bb19 [ 1596.074755] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1596.077554] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1596.078744] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1596.079844] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1596.080848] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1596.081980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1596.083114] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 20:06:43 executing program 6: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x3}, 0x1c) sendmmsg$inet6(0xffffffffffffffff, &(0x7f000000b6c0)=[{{0x0, 0x0, &(0x7f000000b640)=[{0x0}], 0x1, &(0x7f00000000c0)=ANY=[@ANYBLOB="81b9521a884131da6812d0ed6b63022f7ba81f879b83dbe642ff5bfd5ab60dfa95b962afde04f9481fb0328d56bcfe0050cb22167d41b8acae19b3b00d0eae964a7267b5dd919948ced660fff9541c06b588b3c36218946f723b95e3ef5aec5a"], 0x28}}], 0x1, 0x2008000) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x4e22, 0x400, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x71}, 0x1c) open(&(0x7f00000002c0)='./file0\x00', 0x80, 0x9) openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0x4000, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x80002, 0x0) sendmsg$NL80211_CMD_DEL_PMKSA(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000240)={&(0x7f0000000400)={0x8c, 0x0, 0x208, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_PMK={0x14, 0xfe, "770a7c659eba2cfd1338c39b8ab03a26"}, @NL80211_ATTR_PMK={0x14, 0xfe, "063cd9848a42aee6f9a42d70eef7b61d"}, @NL80211_ATTR_PMK_LIFETIME={0x8}, @NL80211_ATTR_PMKID={0x14, 0x55, "5547c8eebc7caab107f52f79d21a77ad"}, @NL80211_ATTR_PMK_REAUTH_THRESHOLD={0x5, 0x120, 0x3a}, @NL80211_ATTR_SSID={0x15, 0x34, @random="edcca5060000000000000001620de5c280"}]}, 0x8c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000894) ioctl$sock_inet6_udp_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x36, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xad8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xfffffffffffffffe, 0xffffffffffffffff, 0x0) getsockopt$inet6_udp_int(r0, 0x11, 0xb, &(0x7f0000000000), &(0x7f0000000040)=0x4) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r2, 0x8914, &(0x7f0000000140)={'lo\x00'}) getsockopt$inet6_buf(r2, 0x29, 0x2f, &(0x7f0000000640)=""/4096, &(0x7f0000000080)=0x1000) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x400000000000070, 0x0) 20:06:43 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 11) [ 1596.239415] FAULT_INJECTION: forcing a failure. [ 1596.239415] name failslab, interval 1, probability 0, space 0, times 0 [ 1596.241320] CPU: 0 PID: 12756 Comm: syz-executor.1 Not tainted 5.10.180 #1 [ 1596.242235] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1596.243290] Call Trace: [ 1596.243647] dump_stack+0x107/0x167 [ 1596.244131] should_fail.cold+0x5/0xa [ 1596.244634] ? create_object.isra.0+0x3a/0xa20 [ 1596.245240] should_failslab+0x5/0x20 [ 1596.245747] kmem_cache_alloc+0x5b/0x310 [ 1596.246297] create_object.isra.0+0x3a/0xa20 [ 1596.246883] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1596.247554] __kmalloc+0x16e/0x390 [ 1596.248033] io_setup_async_rw+0x180/0x580 [ 1596.248585] ? iov_iter_restore+0x195/0x3a0 [ 1596.249181] io_read+0x775/0x11e0 [ 1596.249652] ? kiocb_done+0xc90/0xc90 [ 1596.250215] ? stack_trace_consume_entry+0x160/0x160 [ 1596.250927] ? lock_acquire+0x197/0x470 [ 1596.251483] ? lock_acquire+0x197/0x470 [ 1596.252052] ? __lock_acquire+0xbb1/0x5b00 [ 1596.252657] io_issue_sqe+0x2e12/0x7660 [ 1596.253195] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1596.253880] ? SOFTIRQ_verbose+0x10/0x10 [ 1596.254431] ? lock_chain_count+0x20/0x20 [ 1596.254984] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1596.255717] ? io_connect+0x610/0x610 [ 1596.256262] ? lock_acquire+0x197/0x470 [ 1596.256827] ? find_held_lock+0x2c/0x110 [ 1596.257402] ? __fget_files+0x26d/0x4c0 [ 1596.257964] ? lock_downgrade+0x6d0/0x6d0 [ 1596.258561] __io_queue_sqe+0x90/0x9d0 [ 1596.259119] ? io_issue_sqe+0x7660/0x7660 [ 1596.259708] ? io_prep_rw+0x7f5/0x1050 [ 1596.260264] io_submit_sqes+0x4461/0x85c0 [ 1596.260850] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1596.261550] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1596.262227] ? lock_downgrade+0x6d0/0x6d0 [ 1596.262807] ? find_held_lock+0x2c/0x110 [ 1596.263394] ? io_submit_sqes+0x85c0/0x85c0 [ 1596.264016] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1596.264691] ? wait_for_completion_io+0x270/0x270 [ 1596.265368] ? rcu_read_lock_any_held+0x75/0xa0 [ 1596.266012] ? vfs_write+0x354/0xa70 [ 1596.266538] ? fput_many+0x2f/0x1a0 [ 1596.267050] ? ksys_write+0x1a9/0x260 [ 1596.267573] ? __ia32_sys_read+0xb0/0xb0 [ 1596.268153] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1596.268888] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1596.269614] do_syscall_64+0x33/0x40 [ 1596.270147] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1596.270868] RIP: 0033:0x7f5d818b0b19 [ 1596.271390] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1596.273920] RSP: 002b:00007f5d7ee26188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1596.274979] RAX: ffffffffffffffda RBX: 00007f5d819c3f60 RCX: 00007f5d818b0b19 [ 1596.275921] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1596.276778] RBP: 00007f5d7ee261d0 R08: 0000000000000000 R09: 0000000000000000 [ 1596.277634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1596.278498] R13: 00007fff1ce3d42f R14: 00007f5d7ee26300 R15: 0000000000022000 20:06:43 executing program 2: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_mreqsrc(r0, 0x0, 0x25, &(0x7f0000000040)={@rand_addr=0x64010100, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote}, 0xc) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), 0xffffffffffffffff) r2 = perf_event_open(&(0x7f0000001d80)={0x3, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='net/packet\x00') r4 = dup3(r3, r2, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8914, &(0x7f0000000140)={'lo\x00'}) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000300)=0x9, 0x1aa8) r5 = fcntl$dupfd(0xffffffffffffffff, 0x0, r2) getsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000200)={{{@in=@multicast1}}, {{@in=@initdev}, 0x0, @in6=@ipv4={""/10, ""/2, @private}}}, &(0x7f0000000100)=0xe8) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$ethtool(&(0x7f00000006c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000700)=ANY=[@ANYBLOB="296d63023d49aee21ca46f8ca0a4af26e231527f89996b7dae448c228d3ca9cdec3ae11383683ac920e760b5644770e1413877f091db4537c2ec9611cfad1f4d6452280d181f98440d1327a8937ed2b7e8abe3b7a8cff0e84f82a52b0ff7d8ad04e7f1bf7ca96d3edd03a811afad2fd399fae037cd7f7985bb214561e2eb869ae941c112d119", @ANYRES16=r7, @ANYBLOB="0100000000000100ed5461e715b4ab971f0430cfd2c3a25ee6d382cc7113eaf41c629dccdf86cc082e56aea3aa566cabc9a74553f459ce71e9259619b932c56190d890170f8f4d8dbc28ee5c360e19fcd781607e058c047cfe49c9697a096bbc34218b9dbc4f8c0dfacadb3da028173e3c3a6e0557451cf59366f8769d74d8ca8e12caf78f0bcfb17f7edf26e567c6794f8bee1ccc2765b781d8bbe1a8d27b2ca289b96a73430528c417e73f517350e04e6dd9c7b8cb6f25f93ea150eff098b3df7c8cb4baccf5f9e83ced8f865834750aa235a11272e9e95e62dcd9db5b8d4f591a781f9e084e98b0ab4620ad8a196a33d660b28743b4ade3f2d83c44d810388fb9885f914a8ab49ea77c1c0562c7d9899ec81d550b6379cbe49400"/296, @ANYRES32=r8, @ANYBLOB="0c00a93198f5511828050000"], 0x2c}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r4, 0x89f7, &(0x7f0000000640)={'ip6_vti0\x00', &(0x7f00000004c0)={'syztnl1\x00', r8, 0x29, 0x5, 0x20, 0x101, 0x10, @private2={0xfc, 0x2, '\x00', 0x1}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x7800, 0x8, 0x1, 0x400}}) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r5, 0x89f7, &(0x7f00000000c0)={'ip6tnl0\x00', &(0x7f0000000000)={'sit0\x00', r8, 0x4, 0x1, 0x0, 0x7, 0x12, @local, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x8000, 0x7, 0xffff, 0x4}}) sendmsg$ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="00000000574f0623a3b74ba67193a6eaf3dfca89c9f7114888fb917c91527942371951154bf312b6e7dc26461bb0258723ad6890e693e91173404c9f6c31af7bcb5f7efec451171d05c46a6c86cea3c3cd32ca24c1ae26392d7a1b8c7c88e476b6f6f3de2b7b93e552f74775f4bd26df90965b7e2c8dcda185d0507f7615f807397a8af63570c688a51b98d4ccbf48eb6463bb5f3e292d74c388929b5f5de280966bf12ae012b12dd2cfb040c8430410d43c46069088212d34", @ANYRES16=r1, @ANYBLOB="000425bd7000fddbdf2517000000"], 0x14}, 0x1, 0x0, 0x0, 0x40040}, 0xc001) sendmmsg$inet(r0, &(0x7f0000000480)=[{{&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f0000000340)=[{&(0x7f0000000280)="e869", 0x2}], 0x1, &(0x7f0000000400)=[@ip_tos_int={{0x14}}], 0xf}}], 0x1, 0x0) r9 = syz_io_uring_complete(0x0) setsockopt$inet_mreqsrc(r9, 0x0, 0x27, &(0x7f0000000080)={@initdev={0xac, 0x1e, 0x1, 0x0}, @rand_addr=0x64010102, @multicast1}, 0xc) 20:06:43 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 24) 20:06:43 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 12) [ 1596.420878] FAULT_INJECTION: forcing a failure. [ 1596.420878] name failslab, interval 1, probability 0, space 0, times 0 [ 1596.422631] CPU: 0 PID: 12764 Comm: syz-executor.1 Not tainted 5.10.180 #1 [ 1596.423435] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1596.424392] Call Trace: [ 1596.424711] dump_stack+0x107/0x167 [ 1596.425159] should_fail.cold+0x5/0xa [ 1596.425642] ? io_setup_async_rw+0x180/0x580 [ 1596.426203] should_failslab+0x5/0x20 [ 1596.426678] __kmalloc+0x72/0x390 [ 1596.427120] io_setup_async_rw+0x180/0x580 [ 1596.427649] ? iov_iter_restore+0x195/0x3a0 [ 1596.428188] io_read+0x775/0x11e0 [ 1596.428636] ? kiocb_done+0xc90/0xc90 [ 1596.429115] ? mark_lock+0xf5/0x2df0 [ 1596.429581] ? lock_chain_count+0x20/0x20 [ 1596.430100] ? lock_acquire+0x197/0x470 [ 1596.430580] ? __lock_acquire+0xbb1/0x5b00 [ 1596.431075] io_issue_sqe+0x2e12/0x7660 [ 1596.431575] ? lock_chain_count+0x20/0x20 [ 1596.432098] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1596.432748] ? io_connect+0x610/0x610 [ 1596.433221] ? lock_acquire+0x197/0x470 [ 1596.433713] ? find_held_lock+0x2c/0x110 [ 1596.434240] __io_queue_sqe+0x90/0x9d0 [ 1596.434733] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1596.435404] ? trace_hardirqs_on+0x5b/0x180 [ 1596.435946] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1596.436578] ? io_issue_sqe+0x7660/0x7660 [ 1596.437110] ? io_prep_rw+0x7f5/0x1050 [ 1596.437601] io_submit_sqes+0x4461/0x85c0 [ 1596.438138] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1596.438755] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1596.439354] ? lock_downgrade+0x6d0/0x6d0 [ 1596.439863] ? find_held_lock+0x2c/0x110 [ 1596.440364] ? io_submit_sqes+0x85c0/0x85c0 [ 1596.440901] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1596.441489] ? wait_for_completion_io+0x270/0x270 [ 1596.442084] ? rcu_read_lock_any_held+0x75/0xa0 [ 1596.442660] ? vfs_write+0x354/0xa70 [ 1596.443123] ? fput_many+0x2f/0x1a0 [ 1596.443577] ? ksys_write+0x1a9/0x260 [ 1596.444047] ? __ia32_sys_read+0xb0/0xb0 [ 1596.444549] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1596.445194] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1596.445829] do_syscall_64+0x33/0x40 [ 1596.446298] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1596.446927] RIP: 0033:0x7f5d818b0b19 [ 1596.447386] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1596.449616] RSP: 002b:00007f5d7ee26188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1596.450548] RAX: ffffffffffffffda RBX: 00007f5d819c3f60 RCX: 00007f5d818b0b19 [ 1596.451410] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1596.452268] RBP: 00007f5d7ee261d0 R08: 0000000000000000 R09: 0000000000000000 [ 1596.453125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1596.453989] R13: 00007fff1ce3d42f R14: 00007f5d7ee26300 R15: 0000000000022000 [ 1596.487716] FAULT_INJECTION: forcing a failure. [ 1596.487716] name failslab, interval 1, probability 0, space 0, times 0 [ 1596.490659] CPU: 1 PID: 12762 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1596.492033] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1596.493683] Call Trace: [ 1596.494245] dump_stack+0x107/0x167 [ 1596.494997] should_fail.cold+0x5/0xa [ 1596.495774] ? io_setup_async_rw+0x180/0x580 [ 1596.496666] should_failslab+0x5/0x20 [ 1596.497442] __kmalloc+0x72/0x390 [ 1596.498161] io_setup_async_rw+0x180/0x580 [ 1596.499016] ? iov_iter_restore+0x195/0x3a0 [ 1596.499893] io_read+0x775/0x11e0 [ 1596.500616] ? kiocb_done+0xc90/0xc90 [ 1596.501438] ? stack_trace_consume_entry+0x160/0x160 [ 1596.502497] ? lock_acquire+0x197/0x470 [ 1596.503294] ? __lock_acquire+0xbb1/0x5b00 [ 1596.504163] io_issue_sqe+0x2e12/0x7660 [ 1596.504983] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1596.506033] ? SOFTIRQ_verbose+0x10/0x10 [ 1596.506861] ? lock_chain_count+0x20/0x20 [ 1596.507703] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1596.508749] ? io_connect+0x610/0x610 [ 1596.509532] ? lock_acquire+0x197/0x470 [ 1596.510358] ? find_held_lock+0x2c/0x110 [ 1596.511189] ? __fget_files+0x26d/0x4c0 [ 1596.511997] ? lock_downgrade+0x6d0/0x6d0 [ 1596.512854] __io_queue_sqe+0x90/0x9d0 [ 1596.513650] ? io_issue_sqe+0x7660/0x7660 [ 1596.514507] ? io_prep_rw+0x7f5/0x1050 [ 1596.515304] io_submit_sqes+0x4461/0x85c0 [ 1596.516189] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1596.517197] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1596.518178] ? lock_downgrade+0x6d0/0x6d0 [ 1596.519041] ? find_held_lock+0x2c/0x110 [ 1596.519873] ? io_submit_sqes+0x85c0/0x85c0 [ 1596.520760] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1596.521756] ? wait_for_completion_io+0x270/0x270 [ 1596.522747] ? rcu_read_lock_any_held+0x75/0xa0 [ 1596.523684] ? vfs_write+0x354/0xa70 [ 1596.524455] ? fput_many+0x2f/0x1a0 [ 1596.525222] ? ksys_write+0x1a9/0x260 [ 1596.526020] ? __ia32_sys_read+0xb0/0xb0 [ 1596.526872] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1596.527954] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1596.529010] do_syscall_64+0x33/0x40 [ 1596.529782] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1596.530833] RIP: 0033:0x7fcf4787bb19 [ 1596.531600] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1596.535219] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1596.536759] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1596.538220] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1596.539665] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1596.541114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1596.542565] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 20:07:00 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 27) 20:07:00 executing program 6: r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x82801) r1 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SG_GET_PACK_ID(r1, 0x227c, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = fcntl$dupfd(r0, 0x0, r3) ioctl$SG_NEXT_CMD_LEN(r4, 0x2283, &(0x7f0000000000)=0x1) r5 = getpgrp(0x0) r6 = pidfd_open(r5, 0x0) dup(r6) fsetxattr$security_selinux(r6, &(0x7f0000000100), &(0x7f00000001c0)='system_u:object_r:inetd_child_exec_t:s0\x00', 0x28, 0x2) writev(r4, &(0x7f00000000c0)=[{&(0x7f0000000040)="0040abe0d4dc03000000000000008b2428de4d72b89aeddb2a530000000000000000000c3f089694ed90fa7c43", 0x2d}], 0x1) ioctl$SG_GET_NUM_WAITING(0xffffffffffffffff, 0x227d, &(0x7f0000000380)) r7 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r7, 0x40082404, &(0x7f0000000240)=0x6) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'wlan1\x00'}) dup2(0xffffffffffffffff, r2) r8 = syz_open_dev$vcsn(&(0x7f0000000140), 0x81000000, 0xc00) ioctl$sock_SIOCGSKNS(r8, 0x894c, &(0x7f0000000180)=0x6) 20:07:00 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 25) 20:07:00 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 13) 20:07:00 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000000c0), r0) sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x38, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @mcast2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @multicast1}, @NLBL_MGMT_A_PROTOCOL={0x8}]}, 0x38}}, 0x0) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000040), r1) 20:07:00 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$bind(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x1100882, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000180), 0x6}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup2(r1, r0) sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0xfffffdef, &(0x7f00000004c0)=[{&(0x7f0000000080)='K', 0x1}], 0x1}}], 0x7ffff000, 0x0) sendmmsg$unix(r1, &(0x7f0000008a80)=[{{&(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x40080}}, {{&(0x7f0000001740)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000003000)=[@rights={{0x10}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x28, 0x20040090}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x6, 0x4010) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r4 = creat(&(0x7f0000000540)='./file0\x00', 0x80) splice(r2, &(0x7f00000001c0)=0x4, r4, &(0x7f0000000200)=0xffff, 0x8, 0x8) r5 = getpgrp(0x0) pidfd_open(r5, 0x0) r6 = getpgid(r5) r7 = syz_open_procfs(r6, &(0x7f0000000240)='attr/fscreate\x00') ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r7, 0x40182103, &(0x7f00000003c0)={0x0, 0x2, r3, 0x7fffffff}) 20:07:00 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, 0xffffffffffffffff) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:07:00 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) sendmsg$NLBL_UNLABEL_C_STATICLISTDEF(0xffffffffffffffff, 0x0, 0x0) pwrite64(r1, &(0x7f0000000480)="af", 0x1, 0x1000000) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x1, 0x0, 0x13, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x8, 0x0, 0x8000) [ 1613.671343] FAULT_INJECTION: forcing a failure. [ 1613.671343] name failslab, interval 1, probability 0, space 0, times 0 [ 1613.673640] CPU: 1 PID: 12778 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1613.675060] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1613.676737] Call Trace: [ 1613.677296] dump_stack+0x107/0x167 [ 1613.678059] should_fail.cold+0x5/0xa [ 1613.678861] ? create_object.isra.0+0x3a/0xa20 [ 1613.679802] should_failslab+0x5/0x20 [ 1613.680582] kmem_cache_alloc+0x5b/0x310 [ 1613.681423] create_object.isra.0+0x3a/0xa20 [ 1613.682327] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1613.682433] FAULT_INJECTION: forcing a failure. [ 1613.682433] name failslab, interval 1, probability 0, space 0, times 0 [ 1613.683389] kmem_cache_alloc_bulk+0x168/0x320 [ 1613.683430] io_submit_sqes+0x6f76/0x85c0 [ 1613.683505] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1613.688619] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1613.689607] ? lock_downgrade+0x6d0/0x6d0 [ 1613.690457] ? find_held_lock+0x2c/0x110 [ 1613.691297] ? io_submit_sqes+0x85c0/0x85c0 [ 1613.692189] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1613.693173] ? wait_for_completion_io+0x270/0x270 [ 1613.694152] ? rcu_read_lock_any_held+0x75/0xa0 [ 1613.695116] ? vfs_write+0x354/0xa70 [ 1613.695882] ? fput_many+0x2f/0x1a0 [ 1613.696634] ? ksys_write+0x1a9/0x260 [ 1613.697419] ? __ia32_sys_read+0xb0/0xb0 [ 1613.698260] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1613.699338] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1613.700396] do_syscall_64+0x33/0x40 [ 1613.701167] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1613.702203] RIP: 0033:0x7fe40cf96b19 [ 1613.702977] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1613.706654] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1613.708188] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1613.709624] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1613.711077] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1613.712508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1613.713940] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 [ 1613.715411] CPU: 0 PID: 12780 Comm: syz-executor.1 Not tainted 5.10.180 #1 [ 1613.716813] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1613.718490] Call Trace: [ 1613.719027] dump_stack+0x107/0x167 [ 1613.719762] should_fail.cold+0x5/0xa [ 1613.720526] ? create_object.isra.0+0x3a/0xa20 [ 1613.721440] should_failslab+0x5/0x20 [ 1613.722207] kmem_cache_alloc+0x5b/0x310 [ 1613.723048] create_object.isra.0+0x3a/0xa20 [ 1613.723930] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1613.725176] __kmalloc+0x16e/0x390 [ 1613.725906] io_setup_async_rw+0x180/0x580 [ 1613.726947] ? iov_iter_restore+0x195/0x3a0 [ 1613.727819] io_read+0x775/0x11e0 [ 1613.728683] ? kiocb_done+0xc90/0xc90 [ 1613.729480] ? stack_trace_consume_entry+0x160/0x160 [ 1613.730727] ? lock_acquire+0x197/0x470 [ 1613.731541] ? lock_acquire+0x197/0x470 [ 1613.732514] ? __lock_acquire+0xbb1/0x5b00 [ 1613.733375] io_issue_sqe+0x2e12/0x7660 [ 1613.734351] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1613.735422] ? SOFTIRQ_verbose+0x10/0x10 [ 1613.736415] ? lock_chain_count+0x20/0x20 [ 1613.737259] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1613.738479] ? io_connect+0x610/0x610 [ 1613.739252] ? lock_acquire+0x197/0x470 [ 1613.740044] ? find_held_lock+0x2c/0x110 [ 1613.740869] ? __fget_files+0x26d/0x4c0 [ 1613.741663] ? lock_downgrade+0x6d0/0x6d0 [ 1613.742527] __io_queue_sqe+0x90/0x9d0 [ 1613.743306] ? io_issue_sqe+0x7660/0x7660 [ 1613.744131] ? io_prep_rw+0x7f5/0x1050 [ 1613.744909] io_submit_sqes+0x4461/0x85c0 [ 1613.745763] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1613.746757] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1613.747714] ? lock_downgrade+0x6d0/0x6d0 [ 1613.748526] ? find_held_lock+0x2c/0x110 [ 1613.749338] ? io_submit_sqes+0x85c0/0x85c0 [ 1613.750195] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1613.751156] ? wait_for_completion_io+0x270/0x270 [ 1613.751645] FAULT_INJECTION: forcing a failure. [ 1613.751645] name failslab, interval 1, probability 0, space 0, times 0 [ 1613.752109] ? rcu_read_lock_any_held+0x75/0xa0 [ 1613.752125] ? vfs_write+0x354/0xa70 [ 1613.752146] ? fput_many+0x2f/0x1a0 [ 1613.752164] ? ksys_write+0x1a9/0x260 [ 1613.752181] ? __ia32_sys_read+0xb0/0xb0 [ 1613.752204] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1613.752223] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1613.752259] do_syscall_64+0x33/0x40 [ 1613.761511] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1613.762767] RIP: 0033:0x7f5d818b0b19 [ 1613.763515] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1613.767513] RSP: 002b:00007f5d7ee26188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1613.769149] RAX: ffffffffffffffda RBX: 00007f5d819c3f60 RCX: 00007f5d818b0b19 [ 1613.770590] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1613.772032] RBP: 00007f5d7ee261d0 R08: 0000000000000000 R09: 0000000000000000 [ 1613.773449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1613.774891] R13: 00007fff1ce3d42f R14: 00007f5d7ee26300 R15: 0000000000022000 [ 1613.776350] CPU: 1 PID: 12788 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1613.777743] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1613.779408] Call Trace: [ 1613.779957] dump_stack+0x107/0x167 [ 1613.780707] should_fail.cold+0x5/0xa [ 1613.781484] ? create_object.isra.0+0x3a/0xa20 [ 1613.782432] should_failslab+0x5/0x20 [ 1613.783212] kmem_cache_alloc+0x5b/0x310 [ 1613.784057] create_object.isra.0+0x3a/0xa20 [ 1613.784958] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1613.785991] __kmalloc+0x16e/0x390 [ 1613.786745] io_setup_async_rw+0x180/0x580 [ 1613.787600] ? iov_iter_restore+0x195/0x3a0 [ 1613.788478] io_read+0x775/0x11e0 [ 1613.789208] ? kiocb_done+0xc90/0xc90 [ 1613.790020] ? stack_trace_consume_entry+0x160/0x160 [ 1613.791072] ? lock_acquire+0x197/0x470 [ 1613.791890] ? __lock_acquire+0xbb1/0x5b00 [ 1613.792759] io_issue_sqe+0x2e12/0x7660 [ 1613.793583] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1613.794659] ? SOFTIRQ_verbose+0x10/0x10 [ 1613.795505] ? lock_chain_count+0x20/0x20 [ 1613.796355] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1613.797411] ? io_connect+0x610/0x610 [ 1613.798199] ? lock_acquire+0x197/0x470 [ 1613.799017] ? find_held_lock+0x2c/0x110 [ 1613.799849] ? __fget_files+0x26d/0x4c0 [ 1613.800661] ? lock_downgrade+0x6d0/0x6d0 [ 1613.801515] __io_queue_sqe+0x90/0x9d0 [ 1613.802319] ? io_issue_sqe+0x7660/0x7660 [ 1613.803191] ? io_prep_rw+0x7f5/0x1050 [ 1613.803995] io_submit_sqes+0x4461/0x85c0 [ 1613.804883] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1613.805896] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1613.806896] ? lock_downgrade+0x6d0/0x6d0 [ 1613.807737] ? find_held_lock+0x2c/0x110 [ 1613.808572] ? io_submit_sqes+0x85c0/0x85c0 [ 1613.809461] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1613.810449] ? wait_for_completion_io+0x270/0x270 [ 1613.811431] ? rcu_read_lock_any_held+0x75/0xa0 [ 1613.812373] ? vfs_write+0x354/0xa70 [ 1613.813143] ? fput_many+0x2f/0x1a0 [ 1613.813893] ? ksys_write+0x1a9/0x260 [ 1613.814687] ? __ia32_sys_read+0xb0/0xb0 [ 1613.815524] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1613.816592] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1613.817646] do_syscall_64+0x33/0x40 [ 1613.818418] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1613.819450] RIP: 0033:0x7fcf4787bb19 [ 1613.820214] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1613.823887] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1613.825420] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1613.826863] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1613.828294] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1613.829725] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1613.831183] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 20:07:00 executing program 4: ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x9e}}, './file0\x00'}) r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200", 0x5f, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x8010, &(0x7f0000000500)=ANY=[@ANYBLOB="004eacec960ffb88843307b8c3f3c1aa396415dd0a7ffd1ad8f12a0550226bd1e28d879881662d13c06bd1563ce6e6455c1010e0c99383f289df9cd80279e16dd7853a41d9284e9b104e77ebf144e462a52391011976d3f140e0263d2e6927c4a7fe22a2b3d39164805ddbcd5e20ea37d0bb0dafb3679cfafc7a5d1fdf36418b0d9d884ef11ecadfd88ab04f97b084b807db770a4dd41c413717f80762f24df6f3cfd907c1ed1ce8bf5fc99243f55fd66c3b0cdc46910f862807c6f6940a878ece3120bb641cc82aea70fc808394628c3bd126fc5f753bfb8076acbeed7ed0ebd6e031232d4085ce55feb21d44f12c438dd59977c15a1a1a69baab0327dedda66d3c42cc8250df802b28a60ff2f9815ec11e9d579788a0395bb0d645e849486c19cdca8662546d304276cf76eae0eb170f58252a66cc334b3537fac7e62e7552cf87f0ec6589605d0fa6ffc08057a98a986f8617fa8fbf16b2ba9adba773db091268a5f0e662956ccc0e5e21ee84"]) chdir(&(0x7f0000000040)='./file0\x00') umount2(&(0x7f0000000140)='./file0\x00', 0x8) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc142, 0x8) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8914, &(0x7f0000000140)={'lo\x00'}) write(r1, &(0x7f0000000240)="01", 0x1) openat(0xffffffffffffffff, &(0x7f0000000180)='./file1\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) openat(r0, &(0x7f0000000080)='./file0\x00', 0x101000, 0x8) write$binfmt_elf64(r2, &(0x7f0000000100)=ANY=[@ANYRESHEX, @ANYRES16, @ANYRESDEC, @ANYRESOCT], 0xfdef) [ 1613.875458] sg_write: data in/out 253104/8 bytes for SCSI command 0x3f-- guessing data in; [ 1613.875458] program syz-executor.6 not setting count and/or reply_len properly 20:07:00 executing program 3: r0 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000340)="c9", 0x1, 0x8}, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1614.042987] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue [ 1614.048815] sg_write: data in/out 253104/8 bytes for SCSI command 0x3f-- guessing data in; [ 1614.048815] program syz-executor.6 not setting count and/or reply_len properly 20:07:01 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 14) 20:07:01 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 26) 20:07:01 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 28) 20:07:01 executing program 6: sendmsg$NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x20, 0x0, 0x20, 0x70bd2c, 0x25dfdbfd, {{}, {@void, @void, @val={0xc, 0x99, {0x4, 0xd}}}}, ["", "", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x4004}, 0x20004004) accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = getpgrp(0x0) r1 = pidfd_open(r0, 0x0) r2 = dup(r1) pidfd_send_signal(r2, 0x0, &(0x7f0000000000), 0x0) r3 = syz_io_uring_setup(0x7214, &(0x7f0000000200)={0x0, 0x0, 0x8, 0x1, 0xfdfffffb, 0x0, r2}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000000040)=0x0) r6 = getpgrp(0x0) r7 = pidfd_open(r6, 0x0) r8 = dup(r7) pidfd_send_signal(r8, 0x0, &(0x7f0000000000), 0x0) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0) syz_io_uring_setup(0x1098, &(0x7f0000000280)={0x0, 0xde12, 0x20, 0x2, 0xd5, 0x0, r2}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000300)=0x0) syz_io_uring_submit(r4, r10, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x4, 0x0, r8, 0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x228e00, 0x23456, {0x0, r9}}, 0x0) r11 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r3, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_submit(r11, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r3, 0x58ab, 0x0, 0x0, 0x0, 0x0) r12 = open(&(0x7f0000000140)='./file0\x00', 0x208000, 0x10) io_uring_enter(r12, 0x5af0, 0x7a49, 0x2, &(0x7f00000001c0)={[0xb391]}, 0x8) [ 1614.292185] FAULT_INJECTION: forcing a failure. [ 1614.292185] name failslab, interval 1, probability 0, space 0, times 0 [ 1614.294495] CPU: 1 PID: 12809 Comm: syz-executor.1 Not tainted 5.10.180 #1 [ 1614.295714] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1614.297163] Call Trace: [ 1614.297643] dump_stack+0x107/0x167 [ 1614.298298] should_fail.cold+0x5/0xa [ 1614.298990] ? io_setup_async_rw+0x180/0x580 [ 1614.299774] should_failslab+0x5/0x20 [ 1614.300452] __kmalloc+0x72/0x390 [ 1614.300558] FAULT_INJECTION: forcing a failure. [ 1614.300558] name failslab, interval 1, probability 0, space 0, times 0 [ 1614.301077] io_setup_async_rw+0x180/0x580 [ 1614.301101] ? iov_iter_restore+0x195/0x3a0 [ 1614.301131] io_read+0x775/0x11e0 [ 1614.301175] ? kiocb_done+0xc90/0xc90 [ 1614.301233] ? stack_trace_consume_entry+0x160/0x160 [ 1614.301277] ? lock_acquire+0x197/0x470 [ 1614.301316] ? __lock_acquire+0xbb1/0x5b00 [ 1614.308963] io_issue_sqe+0x2e12/0x7660 [ 1614.309664] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1614.310595] ? SOFTIRQ_verbose+0x10/0x10 [ 1614.311309] ? lock_chain_count+0x20/0x20 [ 1614.312053] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1614.312964] ? io_connect+0x610/0x610 [ 1614.313643] ? lock_acquire+0x197/0x470 [ 1614.314347] ? find_held_lock+0x2c/0x110 [ 1614.315088] ? __fget_files+0x26d/0x4c0 [ 1614.315791] ? lock_downgrade+0x6d0/0x6d0 [ 1614.316535] __io_queue_sqe+0x90/0x9d0 [ 1614.317237] ? io_issue_sqe+0x7660/0x7660 [ 1614.317979] ? io_prep_rw+0x7f5/0x1050 [ 1614.318678] io_submit_sqes+0x4461/0x85c0 [ 1614.319449] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1614.320331] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1614.321193] ? lock_downgrade+0x6d0/0x6d0 [ 1614.321929] ? find_held_lock+0x2c/0x110 [ 1614.322664] ? io_submit_sqes+0x85c0/0x85c0 [ 1614.323439] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1614.324294] ? wait_for_completion_io+0x270/0x270 [ 1614.325151] ? rcu_read_lock_any_held+0x75/0xa0 [ 1614.325966] ? vfs_write+0x354/0xa70 [ 1614.326631] ? fput_many+0x2f/0x1a0 [ 1614.327279] ? ksys_write+0x1a9/0x260 [ 1614.327954] ? __ia32_sys_read+0xb0/0xb0 [ 1614.328668] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1614.329588] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1614.330506] do_syscall_64+0x33/0x40 [ 1614.331164] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1614.332056] RIP: 0033:0x7f5d818b0b19 [ 1614.332708] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1614.335868] RSP: 002b:00007f5d7ee26188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1614.337187] RAX: ffffffffffffffda RBX: 00007f5d819c3f60 RCX: 00007f5d818b0b19 [ 1614.338428] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1614.339660] RBP: 00007f5d7ee261d0 R08: 0000000000000000 R09: 0000000000000000 [ 1614.340896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1614.342131] R13: 00007fff1ce3d42f R14: 00007f5d7ee26300 R15: 0000000000022000 [ 1614.343406] CPU: 0 PID: 12810 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1614.344920] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1614.346615] Call Trace: [ 1614.347195] dump_stack+0x107/0x167 [ 1614.347942] should_fail.cold+0x5/0xa [ 1614.348735] should_failslab+0x5/0x20 [ 1614.349501] kmem_cache_alloc_bulk+0x4b/0x320 [ 1614.350419] io_submit_sqes+0x6f76/0x85c0 [ 1614.351287] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1614.352293] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1614.353275] ? lock_downgrade+0x6d0/0x6d0 [ 1614.354119] ? find_held_lock+0x2c/0x110 [ 1614.354946] ? io_submit_sqes+0x85c0/0x85c0 [ 1614.355824] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1614.356804] ? wait_for_completion_io+0x270/0x270 [ 1614.357782] ? rcu_read_lock_any_held+0x75/0xa0 [ 1614.358732] ? vfs_write+0x354/0xa70 [ 1614.359487] ? fput_many+0x2f/0x1a0 [ 1614.360249] ? ksys_write+0x1a9/0x260 [ 1614.361020] ? __ia32_sys_read+0xb0/0xb0 [ 1614.361842] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1614.362915] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1614.363969] do_syscall_64+0x33/0x40 [ 1614.364730] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1614.365764] RIP: 0033:0x7fcf4787bb19 [ 1614.366522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1614.370238] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1614.371823] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1614.373273] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1614.374728] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1614.376179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1614.377618] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 20:07:01 executing program 4: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file1\x00', 0xd14, 0x0, 0x0, 0x33eb871, 0x0) mount$cgroup2(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="6d656d6f72795f6c6f63616c6576656e74732c00e335d0070c09f9b5cf672b234042ccec3f5de65cff25c59d464ad026a0cd9b4524d015600d724d33d3c5024042ccc6590408822e091caba432640fc4"]) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r1, 0xc0189373, &(0x7f0000000100)={{0x1, 0x1, 0x18, r2, {0x4}}, './file0\x00'}) [ 1614.422219] FAULT_INJECTION: forcing a failure. [ 1614.422219] name failslab, interval 1, probability 0, space 0, times 0 [ 1614.425022] CPU: 0 PID: 12817 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1614.426540] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1614.428391] Call Trace: [ 1614.428958] dump_stack+0x107/0x167 [ 1614.429777] should_fail.cold+0x5/0xa [ 1614.430600] ? create_object.isra.0+0x3a/0xa20 [ 1614.431603] should_failslab+0x5/0x20 [ 1614.432435] kmem_cache_alloc+0x5b/0x310 [ 1614.433279] ? mark_held_locks+0x9e/0xe0 [ 1614.434125] create_object.isra.0+0x3a/0xa20 [ 1614.435054] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1614.436117] kmem_cache_alloc_bulk+0x168/0x320 [ 1614.437068] io_submit_sqes+0x6f76/0x85c0 [ 1614.437971] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1614.439008] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1614.440023] ? lock_downgrade+0x6d0/0x6d0 [ 1614.440880] ? find_held_lock+0x2c/0x110 [ 1614.441734] ? io_submit_sqes+0x85c0/0x85c0 [ 1614.442664] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1614.443668] ? wait_for_completion_io+0x270/0x270 [ 1614.444668] ? rcu_read_lock_any_held+0x75/0xa0 [ 1614.445631] ? vfs_write+0x354/0xa70 [ 1614.446425] ? fput_many+0x2f/0x1a0 [ 1614.447186] ? ksys_write+0x1a9/0x260 [ 1614.447980] ? __ia32_sys_read+0xb0/0xb0 [ 1614.448833] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1614.449921] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1614.451054] do_syscall_64+0x33/0x40 [ 1614.451834] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1614.452931] RIP: 0033:0x7fe40cf96b19 [ 1614.453718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1614.457626] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1614.459210] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1614.460669] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1614.462120] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1614.463592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1614.465048] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 20:07:01 executing program 2: getresuid(0x0, 0x0, 0x0) stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0xffffffffffffffff, r0, 0x0) stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0xffffffffffffffff, r1, 0x0) setresuid(r0, r0, r1) r2 = getpgrp(0x0) r3 = pidfd_open(r2, 0x0) r4 = dup(r3) pidfd_send_signal(r4, 0x0, &(0x7f0000000000), 0x0) r5 = getpgrp(0x0) r6 = pidfd_open(r5, 0x0) r7 = dup(r6) pidfd_send_signal(r7, 0x0, &(0x7f0000000000), 0x0) linkat(r4, &(0x7f0000000140)='./file0\x00', r7, &(0x7f0000000180)='./file0\x00', 0x1400) quotactl(0x2008000000, &(0x7f0000000000)='./file0\x00', r0, &(0x7f0000000040)="5eefb132ec258001e2d5f448b5ccdbfcff6cabb721e961bb979d0c07daa671c6efc7a9980de4576328f8de40b1fca828e13987d805e29a80fada093939ac9ee105da61eba406b96d08527b6d5b8da4e89e823dc8210a4515a19f75b8ff425016b126787ce61ec605dfa5743edac0a24b377435cb82d7240886c444144fd404539d1886aa3186b35b71159bbf37cfce3b8c2f55d4dc94c37940a0d46a05454973f93a7ec5f1809c519c3a7f9c396378fd315ab6f3a724445bd6958b71d4d232b3494526a8b82b84f67a793b3d042ecb59") 20:07:01 executing program 4: r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00') read(r1, &(0x7f00000002c0)=""/225, 0xe1) r2 = dup2(r0, r0) r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6c80) r4 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00') read(r4, &(0x7f00000002c0)=""/225, 0xe1) r5 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ptype\x00') read(r5, &(0x7f00000002c0)=""/225, 0xe1) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r1, 0xffffffffffffffff, r2, r0, r3, r4, r5, r0], 0x8) clone3(&(0x7f0000000200)={0x44004100, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100), {0x1d}, &(0x7f0000000140)=""/49, 0x31, 0x0, &(0x7f00000001c0)=[0x0, 0x0], 0x2}, 0x58) 20:07:17 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) symlink(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='./file1\x00') sendfile(r0, r1, 0x0, 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x24000, 0x0) sendfile(r0, r2, 0x0, 0x80000001) 20:07:17 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r1) pread64(0xffffffffffffffff, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r1, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r2) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:07:17 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000140)={'syz_tun\x00'}) sendmmsg$inet(r1, &(0x7f0000000c80), 0x0, 0x400c100) close_range(r0, 0xffffffffffffffff, 0x0) 20:07:17 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x646e0, 0x0) ioctl$INCFS_IOC_CREATE_FILE(r0, 0xc058671e, &(0x7f0000000140)={{'\x00', 0x3}, {0x3}, 0x1ad, 0x0, 0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000240)="1f944f1129e7dc6c9c980e115a824b5e74ce1594ee9c4915af9008bf64dd0645886d8a63e3334cf08060b959c4054cf8e482626e0d2b9c470d53e9f55d94964aa20a8aedc5617e8f5241450837a543333ab9bc3a1c8ac57af81513e6090abaf5b90f2c10c0dc7f884342ee23f54db947818d2219c20450fead3488f7b8521587c9682348203a378c50455d4ae7b5649406e31bf7b862951f36d4b6cd1664edd804897a01170fbd9a7c42d94fd2a9ad72ce1b00fa7ac034e49a607d775e768b25852864ea27ed56165a6b5d7a4bcc75eb0497318ed71e4e9bf31fd4dbbcb9e2ca7ec8fce8be02b92991375bcfdef7094f5694043c67dd4e372c43020fb815fb96e55daaac569b9a6e324f5380f7a7aa854a811a6d11d728ef52054e4fc6c9b4a55c67b3ddb5a5c127912840", 0x12b, 0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="02000000fc000000000000000cd500000047d8e90b6ffed4260e1f80c383e581144cd1ad3714c201ed0c3606b12e5fdab27989309914caf069b924e4ef5af56a124d98e488d51e7ff9f61c90463a04e7323dc6363d54415762d8706af6213ac0ce445a57eda5ac60508cf3b8b77fcbc522118545e600223a0801119e268284ce8b800f59fa815346e467dd4be76c26c8b56ea66fdca834e99a22db0ee5f49da0bcc684651c7945c101357a4ca1361e0595a14d85fa42a555d95f0b324b2d39eced66cf47f9e85481ca61ac8abafc620bc302a52f4993581d3c94dc75e6c2e629932a3c575dce1a00000051d3ee9813f709ef116315294d495c21209a8d530c2ecd2c9557ce000000c06ff05bb48577ad7a5612450e53d17f5531ff04dfe19bb9dc5a0dba2f99da43d02c70d60a95b3d8176b0cd0e750c95efd7306d2fc5ef423a3fa4df42ac4a3700d06b062fe7a13a62f4dcec47fa63c342d9e84ae88b95bf9978cc39ff27eab1de11265f435b2004946ea884f0222d54f0fd7e6c3755263801139b7e25abd3d8bc69d9a1f7579685aca70e705dc2635f4c52f83ee65ec77d8be1729c72d762bc2d58888b51a27794a2bedcd6129008628dec187bd8792ebb22347c096df331c08e5cc2c021d49b2b7ee22d5192d0f97071df3838f4c6607f82c6d3b64d378680b9d807c5e689b19bd8d9575fc55c686099aa4702f26d1d367761de3f72a9b8aeded9434e6ce7113d0165578d5f511171fd3017f659135f3fe8f0b454455f62af3ff4a7337196c9d57dd6dbebf48d53ad51e9e4408013360c4bd2f9d5b369bceb14ea8cf40681be9d82a3799d7771866e2eadc9d3f57883115059999f7d0f26517bd14a94e97afca1f398015838536a31bad3bfc3a0f12d04e53ca67a3513201051badf39ad972040fefd85f8fc1bbaa3d398bca67317def723c60e01c8dc50d75f23693ed4329425294c0"], 0x1d6}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0) writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000200)="af", 0x1}], 0x1) r3 = getpgrp(0x0) pidfd_open(r3, 0x0) ioctl$DVD_READ_STRUCT(0xffffffffffffffff, 0x6, 0x0) signalfd4(0xffffffffffffffff, &(0x7f0000000400)={[0x322]}, 0x8, 0x80000) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x6000) chown(&(0x7f00000000c0)='./file0\x00', 0xffffffffffffffff, r4) ioctl$TUNSETGROUP(0xffffffffffffffff, 0x400454ce, r4) r5 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$DVD_READ_STRUCT(r5, 0x6, 0x0) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x100) chown(&(0x7f00000000c0)='./file0\x00', 0xffffffffffffffff, r6) ioctl$TUNSETGROUP(r5, 0x400454ce, r6) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000001000)=[{{&(0x7f0000000580)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f0000000740)=[{&(0x7f0000000600)="8064", 0x2}, {&(0x7f0000000640)="9ae65ac9f832645d242e9c1c5b630f2f9041319044d4da42f612d3387ec33760afc092c22bb1a2be6b01b7920758b3d91a4ec9d3ae516a7a94a665f96ca655267d569bcd2845cf0f97d57a99fc59b5b14d40dc5bd4aa36785d5ce1f6552fadeeb69ea8c5d2f498b841a32c698101fbb1303c10bb847392f7ef8f4a79b637", 0x7e}, {&(0x7f00000004c0)="4d9bb7aedcd44fd84071fb8d65bb1ca4f52811d8c4d08b23aa266f3df4735f765bb7220aba7c72bbfc6cd730bc4e50481011c2f0e8e831fc2c752d617a78063ee3a54d2dee2398ae23a787dfc19becc4c36d431aaebf9d173e1ab33060039115e25f7d9e5cb65a2d33f65d21cdabbcd39b4c79c1f94dc7aef3c176d1039dbe12", 0x80}], 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="20000000000000000100000001000000", @ANYRES32=r2, @ANYRES32, @ANYRES32=r1, @ANYRES32, @ANYBLOB="2c0000eeff0000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r2, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="00000000e2feffffffffffff0100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32=r0, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYRES32=0xee00, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32=r2, @ANYRES32, @ANYBLOB="20000000000000000100000001000000", @ANYRES32, @ANYRES32=r1, @ANYRES32=r0, @ANYRESOCT], 0x118}}, {{&(0x7f0000000a80)=@file={0x0, './file2\x00'}, 0x6e, &(0x7f0000000e00)=[{&(0x7f0000000b00)="28144da8a2217822df28c4dafd7878cd5497c13297f97ad86878a38dc0c0d34e9be018341ec47ba83580755615ead26a8681526d20d2433b5fdaf3906ae1f80b794703f1a191cbff3d0f4248b68183106ff5a800e391e6d1d640722dde168f64a31f398473d9913e519ad38054f846b116dfa195bba68a3b73b5f2b40af7b22a778d25a9f6c9b9a62d82ae40cb25482ea637d4b92dfc34769e455164d27c3df665a080f43a8c05f07bcaa19df34fe9227a9d2d3adf48cfb3bca6ff9a0d5b0935ae5b6655ddcc362ab77ce7818c4d815db7926b793ae87b97bfaf275ec7c5", 0xde}, {&(0x7f0000000c00)="c66bf6693f7659fbe7a24c62012f470529160d62853b1ac9c65e62b1e089cace36ae318770e8e537877f919b0afe42b9bd53e3925c96942a0ee000784354544d28fb6032573a29c6539111c885a4959f0eb2a27c978ea28e6c82bd07b6", 0x5d}, {&(0x7f0000000c80)="8425d17f1f4143834139685902ae735cfc586bf65f343c3404dfbcf2a7f09f0134fe577e02671df2a32195b4a92f152713068a4cec817a1aa6d9e7f142834e8dff213b662ad627ea7a4d65803dc4b74bdd1c2aa1ebdfd726f2048c366ec71719905abe71fea1b6f6fb615ee902c56c1068aa2c24f73dc0ba87e3c2ec2dc9d5348304a6c1ac4d63d76aca3ef319130b0d199885bfc9dde5282be7067b97b1dc8164983cb9960c35f91242e9f47c4a63d56195f4636f77f9767c7368db142293fb936ad6850eca49c4eb55cfa06316ff7bead6203c48005602e223a19252de", 0xde}, {&(0x7f0000000d80)="e79f817b24e20e18c491834445422f27c526712ee4365311974f545a", 0x1c}, {&(0x7f0000000dc0)="ccb5a3a2fb8ccd824c3eec8dfa7d1a", 0xf}], 0x5, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYBLOB="684c5c9af3340000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000011c0000000000800001fb00000002000000", @ANYRES32=r3, @ANYRES32=0xee01, @ANYRES32=r4, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYRES32=r6, @ANYBLOB='\x00\x00\x00\x00'], 0x78, 0x1}}], 0x2, 0x400c012) ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000040)={0x0, r2}) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020101000270008000f801", 0x17}, {0x0, 0x0, 0x1e0}], 0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="00444c776d4bf866ed911b24f16ef58dd54fef3d78b6d1673454fbfed54d457609f6ea9c8b395382776d3ff801ec09b5d1f4246d9b5f9ec01dcdb2b103e9cd8dd889a045ca87bbe27aa765ada1413ef2e9e48c450a09556385098115f66e67dc9828ac7a0e82a7523da800c7b43319b312aeaa9aacb742e9256ed6110df1bf0042dec163a5d6fb80c5039ad639075d07519653192c4239794ca74a9d33bdefbbe32b6aef5fec7efb8f447ccbc2759f6d7e8706c0e0ebb9e79440b496ee2c3422bb082433a7d6ef76aa5e69edfe7458369ad2011b9e8d74ea1ec4fb19860f8d39b1f58f"]) 20:07:17 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 15) [ 1630.133489] FAULT_INJECTION: forcing a failure. [ 1630.133489] name failslab, interval 1, probability 0, space 0, times 0 [ 1630.135362] CPU: 0 PID: 12836 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1630.136270] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1630.137470] Call Trace: [ 1630.137828] dump_stack+0x107/0x167 [ 1630.138311] should_fail.cold+0x5/0xa [ 1630.138828] ? create_object.isra.0+0x3a/0xa20 [ 1630.139435] should_failslab+0x5/0x20 [ 1630.139932] kmem_cache_alloc+0x5b/0x310 [ 1630.140470] ? mark_held_locks+0x9e/0xe0 [ 1630.141001] create_object.isra.0+0x3a/0xa20 [ 1630.141579] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1630.142253] kmem_cache_alloc_bulk+0x168/0x320 [ 1630.142863] io_submit_sqes+0x6f76/0x85c0 [ 1630.143436] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1630.144106] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1630.144745] ? lock_downgrade+0x6d0/0x6d0 [ 1630.145293] ? find_held_lock+0x2c/0x110 [ 1630.145838] ? io_submit_sqes+0x85c0/0x85c0 [ 1630.146417] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1630.147076] ? wait_for_completion_io+0x270/0x270 [ 1630.147719] ? rcu_read_lock_any_held+0x75/0xa0 [ 1630.148326] ? vfs_write+0x354/0xa70 [ 1630.148837] ? fput_many+0x2f/0x1a0 [ 1630.149316] ? ksys_write+0x1a9/0x260 [ 1630.149822] ? __ia32_sys_read+0xb0/0xb0 [ 1630.150362] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1630.151117] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1630.151821] do_syscall_64+0x33/0x40 [ 1630.152354] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1630.153071] RIP: 0033:0x7fe40cf96b19 [ 1630.153598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1630.156162] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1630.157205] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1630.158208] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1630.159221] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1630.160210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1630.161195] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 20:07:17 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 27) 20:07:17 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 29) 20:07:17 executing program 6: timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)) clock_gettime(0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f00000000c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) timer_create(0x3, 0x0, &(0x7f0000000040)=0x0) timer_settime(r0, 0x0, &(0x7f0000000400)={{}, {0x77359400}}, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_udp_int(r1, 0x11, 0x67, &(0x7f0000000140)=0x7f, 0x4) connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c) sendmsg$inet(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x404c008) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$inet6(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000bc0)='+', 0x1fc0}], 0x1}, 0x0) fallocate(r2, 0x4, 0x5a3f, 0x2) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r3, 0x8914, &(0x7f0000000140)={'lo\x00'}) sendmsg$inet6(r3, &(0x7f0000000580)={&(0x7f0000000080)={0xa, 0x4e22, 0x542, @local, 0x400}, 0x1c, &(0x7f0000000500)=[{&(0x7f0000000180)="b034c2786e9c5b04e4d1e74aafc67a8358691402d2a1d6e6a227d0452fee257ead3381a9d66394f0eb2d547df5df3190664c4b8b9a4a48ed894ca79ed20c9b8b910dcce94ff0a19a867d153ff7ee037a917f408684e0fe43f657517ba539648da854475b34c449c4d6b53410e489edebb42c8ca143", 0x75}, {&(0x7f0000000200)="22589dfa2624cc2e797764576bd2ef609fa60091750a950f7a2329af5b942d808b4d4d3fb9c9c9fd464f3a4f6078c432802c31ba5a47f8120d09ae6a747e25d87c9f9bddff3509bfecfd5e6d9bb21d20ef39e69b9cf864192755f3e6498cd55bb8fb2febcd9397a686572cebdf", 0x6d}, {&(0x7f0000000300)="12fd4ac34466cdc8835226e7f020884cd94015dabba90510696f0428c89de296fd248191589a0a629704b9", 0x2b}, {&(0x7f0000000340)="0a2f3b9676dfd0b6754f29af7a708b569921c2441d96886fd001fa8a9919cf6b3f5dccf38c336c73d7ce6ab150522f7350fa398e9d4621012de65d23f1d3e8d3216e584b057ef46501f940a98b600eb6c6d0c05d65c92b3ab63b6957a352f7d18524745b23aa74e8ea286c4e42ab2c0f636d1a630efa2457c9da79201e7460e5f9c4f001f126a2ce42caef989d6f2a595e9b3f14ddb416d8", 0x98}, {&(0x7f0000000440)="e4f94661383d33a9a896f4c5b6862b", 0xf}, {&(0x7f0000000480)="c700619767b4a6ac401ae68a5a07cccd630e8d133b5017d077ec816765d83d01ae69a975aa77089b1c4a1e169dab80e1", 0x30}, {&(0x7f00000004c0)="5f91240b76c59aff40887fd507b34cecc7976680608602fd4a531fa4666e7223ba632e19d4d11d", 0x27}], 0x7, &(0x7f0000000640)=[@rthdr={{0x38, 0x29, 0x39, {0x0, 0x4, 0xf1807ae10fd2fdcf, 0x4, 0x0, [@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01']}}}, @rthdr={{0x48, 0x29, 0x39, {0x0, 0x6, 0x1, 0x7, 0x0, [@loopback, @mcast1, @mcast1]}}}, @rthdr_2292={{0x98, 0x29, 0x39, {0x62, 0x10, 0x1, 0x80, 0x0, [@remote, @local, @private1={0xfc, 0x1, '\x00', 0x1}, @private1, @mcast2, @ipv4={'\x00', '\xff\xff', @empty}, @mcast1, @private1={0xfc, 0x1, '\x00', 0x1}]}}}, @rthdr_2292={{0x78, 0x29, 0x39, {0x2c, 0xc, 0x2, 0x1, 0x0, [@private2, @empty, @empty, @local, @loopback, @local]}}}, @dstopts_2292={{0x170, 0x29, 0x4, {0x2c, 0x2a, '\x00', [@hao={0xc9, 0x10, @loopback}, @pad1, @calipso={0x7, 0x28, {0x3, 0x8, 0x3, 0x8001, [0x4c80, 0x0, 0x3, 0xc007]}}, @generic={0x7, 0xd1, "6c233835feedb3e251a846828191e18902ed5d42972900f8c54855e6141b5cede5d041af9f5adfbe55c5d00c92114d912e3f7c3171c54436015e60bb0bbd37517d1201219043a99d15b470ca817c538dca59946efeac991582594a005df392b1c07ff639da8099ad97cb86fc611be689f8b2f615432ea001dc47a3a27c879622512ba8df30b463149f07492460eb0ee2d4f74ef97a73129cb61f656bbabe120adcc538b49b065fad15272b038852b3ee0903cfe5f5ea8e64defc458c6174e401c50a084f466f367b560723e335a63f7dd9"}, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}, @pad1, @calipso={0x7, 0x38, {0x3, 0xc, 0x63, 0xc5f, [0x5, 0x944, 0xffffffff80000001, 0x40, 0x9, 0x80000001]}}]}}}, @hopopts_2292={{0x208, 0x29, 0x36, {0x6, 0x3d, '\x00', [@generic={0x3f, 0x77, "4b15c44c8079277117b6a1336914d67a5f2dd98f2a40e62b3179ecd30388544a8a8693be730bc2f540ddc8d979eae34278474666c5031ee1218f34cb93c16e8da0f231e755918f79c33ee3a924a2b19fa46916fb9e1393f75a1d986ca4a4245d65853ce99abb91abffe3dddb9521626249a1ecd0a63a89"}, @enc_lim={0x4, 0x1, 0x5a}, @generic={0x5, 0xc2, "812eb6209fda95c6801923e5b2771551a521a9908d3a4b5367efabbb7e66bf247ff4febeb2acb5b0fb4cd673bdb914c0e7e1085726b5368cac6bdf5dab5b12c25f183a8a36188bb01761fbcaa4377101dd2b339312767ef2ed56ed130b760926baf3eb5ec4c000213a482513d3dcb951c563778f00814570ab1eb054840c88aad52e5e45859db004e4f6bc8cf05d9996b09949c24053f627faa45969da93755d81811336db7700bbe040cfc93e28ce16616b37ea8aad8199cb8bb6a75f5c49383126"}, @enc_lim={0x4, 0x1, 0x3}, @calipso={0x7, 0x38, {0x3, 0xc, 0x4, 0x0, [0x1, 0x5, 0x1000, 0xb25, 0x80, 0x2]}}, @calipso={0x7, 0x30, {0x0, 0xa, 0x7d, 0x78, [0x7d1, 0x9, 0x8, 0x1, 0xfff]}}, @padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}, @generic={0x3, 0x31, "eb1402e14cb78c42ef78f0444f37111389e888da194a2cb4b504bd976af59756673305aa2b286737c66684624a7cdda363"}, @enc_lim={0x4, 0x1, 0x40}]}}}], 0x508}, 0x48c5) clone3(&(0x7f00000005c0)={0x40182300, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1630.192452] FAULT_INJECTION: forcing a failure. [ 1630.192452] name failslab, interval 1, probability 0, space 0, times 0 [ 1630.194350] CPU: 0 PID: 12843 Comm: syz-executor.1 Not tainted 5.10.180 #1 [ 1630.195274] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1630.196369] Call Trace: [ 1630.196719] dump_stack+0x107/0x167 [ 1630.197213] should_fail.cold+0x5/0xa [ 1630.197739] ? create_object.isra.0+0x3a/0xa20 [ 1630.198350] should_failslab+0x5/0x20 [ 1630.198851] kmem_cache_alloc+0x5b/0x310 [ 1630.199387] create_object.isra.0+0x3a/0xa20 [ 1630.199965] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1630.200620] __kmalloc+0x16e/0x390 [ 1630.201069] io_setup_async_rw+0x180/0x580 [ 1630.201588] ? iov_iter_restore+0x195/0x3a0 [ 1630.202113] io_read+0x775/0x11e0 [ 1630.202550] ? kiocb_done+0xc90/0xc90 [ 1630.203055] ? stack_trace_consume_entry+0x160/0x160 [ 1630.203676] ? lock_acquire+0x197/0x470 [ 1630.204160] ? __lock_acquire+0xbb1/0x5b00 [ 1630.204683] io_issue_sqe+0x2e12/0x7660 [ 1630.205175] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1630.205820] ? SOFTIRQ_verbose+0x10/0x10 [ 1630.206315] ? lock_chain_count+0x20/0x20 [ 1630.206828] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1630.207467] ? io_connect+0x610/0x610 [ 1630.207944] ? lock_acquire+0x197/0x470 [ 1630.208432] ? find_held_lock+0x2c/0x110 [ 1630.208939] ? __fget_files+0x26d/0x4c0 [ 1630.209426] ? lock_downgrade+0x6d0/0x6d0 [ 1630.209939] __io_queue_sqe+0x90/0x9d0 [ 1630.210414] ? io_issue_sqe+0x7660/0x7660 [ 1630.210946] ? io_prep_rw+0x7f5/0x1050 [ 1630.211427] io_submit_sqes+0x4461/0x85c0 [ 1630.211968] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1630.212608] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1630.213230] ? lock_downgrade+0x6d0/0x6d0 [ 1630.213761] ? find_held_lock+0x2c/0x110 [ 1630.214284] ? io_submit_sqes+0x85c0/0x85c0 [ 1630.214855] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1630.215465] ? wait_for_completion_io+0x270/0x270 [ 1630.216089] ? rcu_read_lock_any_held+0x75/0xa0 [ 1630.216685] ? vfs_write+0x354/0xa70 [ 1630.217163] ? fput_many+0x2f/0x1a0 [ 1630.217627] ? ksys_write+0x1a9/0x260 [ 1630.218115] ? __ia32_sys_read+0xb0/0xb0 [ 1630.218646] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1630.219320] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1630.220026] do_syscall_64+0x33/0x40 [ 1630.220571] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1630.221220] RIP: 0033:0x7f5d818b0b19 [ 1630.221693] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1630.224012] RSP: 002b:00007f5d7ee26188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1630.224977] RAX: ffffffffffffffda RBX: 00007f5d819c3f60 RCX: 00007f5d818b0b19 [ 1630.225881] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1630.226785] RBP: 00007f5d7ee261d0 R08: 0000000000000000 R09: 0000000000000000 [ 1630.227702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1630.228607] R13: 00007fff1ce3d42f R14: 00007f5d7ee26300 R15: 0000000000022000 [ 1630.234339] FAULT_INJECTION: forcing a failure. [ 1630.234339] name failslab, interval 1, probability 0, space 0, times 0 [ 1630.237122] CPU: 1 PID: 12846 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1630.238633] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1630.240428] Call Trace: [ 1630.241030] dump_stack+0x107/0x167 [ 1630.241839] should_fail.cold+0x5/0xa [ 1630.242698] ? create_object.isra.0+0x3a/0xa20 [ 1630.243701] should_failslab+0x5/0x20 [ 1630.244539] kmem_cache_alloc+0x5b/0x310 [ 1630.245441] create_object.isra.0+0x3a/0xa20 [ 1630.246408] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1630.247546] kmem_cache_alloc_bulk+0x168/0x320 [ 1630.248556] io_submit_sqes+0x6f76/0x85c0 [ 1630.249500] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1630.250583] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1630.251673] ? lock_downgrade+0x6d0/0x6d0 [ 1630.252583] ? find_held_lock+0x2c/0x110 [ 1630.253679] ? io_submit_sqes+0x85c0/0x85c0 [ 1630.254750] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1630.255899] ? wait_for_completion_io+0x270/0x270 [ 1630.257091] ? rcu_read_lock_any_held+0x75/0xa0 [ 1630.258180] ? vfs_write+0x354/0xa70 [ 1630.259084] ? fput_many+0x2f/0x1a0 [ 1630.260022] ? ksys_write+0x1a9/0x260 [ 1630.260947] ? __ia32_sys_read+0xb0/0xb0 [ 1630.262045] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1630.263319] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1630.264677] do_syscall_64+0x33/0x40 [ 1630.265545] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1630.266893] RIP: 0033:0x7fcf4787bb19 [ 1630.267755] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1630.272554] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1630.274312] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1630.275970] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1630.277595] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1630.279246] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1630.280886] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 20:07:17 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ftruncate(r0, 0x1000003) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000)) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a) readv(r2, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) readv(r3, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1) acct(&(0x7f0000000040)='./file0\x00') unshare(0x48020200) mmap(&(0x7f0000ffa000/0x5000)=nil, 0x5000, 0x1, 0x8fe657b7f0a7ca1d, r1, 0x3590d000) 20:07:17 executing program 4: timerfd_settime(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) r2 = getpgrp(0x0) r3 = pidfd_open(r2, 0x0) r4 = dup(r3) pidfd_send_signal(r4, 0x0, &(0x7f0000000000), 0x0) fcntl$setsig(r4, 0xa, 0x38) sendmsg$nl_xfrm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=@newpolicy={0xfc, 0x13, 0x1, 0x0, 0x0, {{@in=@broadcast, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0xa}}, [@tmpl={0x44, 0x5, [{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x4}]}]}, 0xfc}}, 0x0) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=@newpolicy={0xfc, 0x13, 0x1, 0x0, 0x0, {{@in=@broadcast, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0xa}}, [@tmpl={0x44, 0x5, [{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}}, 0x0, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x4}]}]}, 0xfc}}, 0x0) poll(&(0x7f0000000080)=[{r1, 0x19}, {r0, 0x402c}, {r5, 0x8040}], 0x3, 0x9) r6 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c0000001a0001010000000000007b828f25ec5b0000000000000000"], 0x1c}}, 0x0) getpgrp(0x0) getpgrp(0x0) openat$vcsu(0xffffffffffffff9c, &(0x7f00000002c0), 0x1, 0x0) readv(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f00000000c0)=""/183, 0xb7}, {&(0x7f0000000400)=""/253, 0xfd}], 0x2) sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x2, 0x10000022, 0x20, 0x6, 0x65, 0xffffffffffff8000, 0xe77, 0x9, 0x8}, 0x0) unshare(0x48020200) [ 1630.336892] program syz-executor.3 is using a deprecated SCSI ioctl, please convert it to SG_IO 20:07:17 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 30) [ 1630.415282] FAULT_INJECTION: forcing a failure. [ 1630.415282] name failslab, interval 1, probability 0, space 0, times 0 [ 1630.417055] CPU: 0 PID: 12858 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1630.417834] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1630.418750] Call Trace: [ 1630.419068] dump_stack+0x107/0x167 [ 1630.419482] should_fail.cold+0x5/0xa [ 1630.419917] ? create_object.isra.0+0x3a/0xa20 [ 1630.420432] should_failslab+0x5/0x20 [ 1630.420861] kmem_cache_alloc+0x5b/0x310 [ 1630.421321] ? mark_held_locks+0x9e/0xe0 [ 1630.421785] create_object.isra.0+0x3a/0xa20 [ 1630.422297] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1630.422900] kmem_cache_alloc_bulk+0x168/0x320 [ 1630.423415] io_submit_sqes+0x6f76/0x85c0 [ 1630.423903] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1630.424459] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1630.425012] ? lock_downgrade+0x6d0/0x6d0 [ 1630.425488] ? find_held_lock+0x2c/0x110 [ 1630.425960] ? io_submit_sqes+0x85c0/0x85c0 [ 1630.426454] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1630.427021] ? wait_for_completion_io+0x270/0x270 [ 1630.427570] ? rcu_read_lock_any_held+0x75/0xa0 [ 1630.428098] ? vfs_write+0x354/0xa70 [ 1630.428535] ? fput_many+0x2f/0x1a0 [ 1630.428960] ? ksys_write+0x1a9/0x260 [ 1630.429396] ? __ia32_sys_read+0xb0/0xb0 [ 1630.429858] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1630.430445] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1630.431032] do_syscall_64+0x33/0x40 [ 1630.431454] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1630.432042] RIP: 0033:0x7fe40cf96b19 [ 1630.432469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1630.434529] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1630.435396] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1630.436192] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1630.437006] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1630.437813] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1630.438628] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 20:07:17 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x3, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ftruncate(r0, 0x1000003) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) write$eventfd(r0, &(0x7f0000000140)=0xfff, 0x8) r2 = socket$inet6(0xa, 0x80000, 0x8) recvfrom$inet6(r2, &(0x7f00000001c0)=""/164, 0xa4, 0x10000, &(0x7f00000002c0)={0xa, 0x4e24, 0xb2, @empty, 0xfffffff7}, 0x1c) write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a) readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1) r3 = openat$ptmx(0xffffffffffffff9c, 0x0, 0xc02, 0x0) r4 = getpid() ioctl$BINDER_FREEZE(r0, 0x400c620e, &(0x7f0000000180)={r4, 0x10000000}) ioctl$INCFS_IOC_PERMIT_FILL(r3, 0x40046721, &(0x7f0000000040)={r1}) openat(r0, &(0x7f0000000300)='./file0\x00', 0x0, 0x109) r5 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0) r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000140)={'lo\x00'}) fcntl$dupfd(r5, 0x406, r6) 20:07:17 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 16) 20:07:17 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r1) pread64(0xffffffffffffffff, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r1, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r2) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:07:17 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 31) [ 1630.648703] FAULT_INJECTION: forcing a failure. [ 1630.648703] name failslab, interval 1, probability 0, space 0, times 0 [ 1630.652089] CPU: 1 PID: 12867 Comm: syz-executor.1 Not tainted 5.10.180 #1 [ 1630.653609] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1630.655426] Call Trace: [ 1630.656156] dump_stack+0x107/0x167 [ 1630.657040] should_fail.cold+0x5/0xa [ 1630.658041] ? io_setup_async_rw+0x180/0x580 [ 1630.659075] should_failslab+0x5/0x20 [ 1630.660061] __kmalloc+0x72/0x390 [ 1630.660874] io_setup_async_rw+0x180/0x580 [ 1630.661978] ? iov_iter_restore+0x195/0x3a0 [ 1630.663001] io_read+0x775/0x11e0 [ 1630.663921] ? kiocb_done+0xc90/0xc90 [ 1630.664828] ? stack_trace_consume_entry+0x160/0x160 [ 1630.666157] ? lock_acquire+0x197/0x470 [ 1630.667098] ? __lock_acquire+0xbb1/0x5b00 [ 1630.668120] io_issue_sqe+0x2e12/0x7660 [ 1630.669030] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1630.670235] ? SOFTIRQ_verbose+0x10/0x10 [ 1630.671173] ? lock_chain_count+0x20/0x20 [ 1630.672052] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1630.673139] ? io_connect+0x610/0x610 [ 1630.673958] ? lock_acquire+0x197/0x470 [ 1630.674803] ? find_held_lock+0x2c/0x110 [ 1630.675670] ? __fget_files+0x26d/0x4c0 [ 1630.676514] ? lock_downgrade+0x6d0/0x6d0 [ 1630.677395] __io_queue_sqe+0x90/0x9d0 [ 1630.678226] ? io_issue_sqe+0x7660/0x7660 [ 1630.679128] ? io_prep_rw+0x7f5/0x1050 [ 1630.679948] io_submit_sqes+0x4461/0x85c0 [ 1630.680457] FAULT_INJECTION: forcing a failure. [ 1630.680457] name failslab, interval 1, probability 0, space 0, times 0 [ 1630.680858] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1630.683184] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1630.684204] ? lock_downgrade+0x6d0/0x6d0 [ 1630.685077] ? find_held_lock+0x2c/0x110 [ 1630.685935] ? io_submit_sqes+0x85c0/0x85c0 [ 1630.686873] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1630.687887] ? wait_for_completion_io+0x270/0x270 [ 1630.688908] ? rcu_read_lock_any_held+0x75/0xa0 [ 1630.689883] ? vfs_write+0x354/0xa70 [ 1630.690680] ? fput_many+0x2f/0x1a0 [ 1630.691449] ? ksys_write+0x1a9/0x260 [ 1630.692256] ? __ia32_sys_read+0xb0/0xb0 [ 1630.693115] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1630.694226] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1630.695354] do_syscall_64+0x33/0x40 [ 1630.696145] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1630.697241] RIP: 0033:0x7f5d818b0b19 [ 1630.698040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1630.701974] RSP: 002b:00007f5d7ee26188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1630.703585] RAX: ffffffffffffffda RBX: 00007f5d819c3f60 RCX: 00007f5d818b0b19 [ 1630.705106] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1630.706632] RBP: 00007f5d7ee261d0 R08: 0000000000000000 R09: 0000000000000000 [ 1630.708147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1630.709657] R13: 00007fff1ce3d42f R14: 00007f5d7ee26300 R15: 0000000000022000 [ 1630.711213] CPU: 0 PID: 12870 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1630.711998] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1630.712903] Call Trace: [ 1630.713211] dump_stack+0x107/0x167 [ 1630.713627] should_fail.cold+0x5/0xa [ 1630.714064] ? create_object.isra.0+0x3a/0xa20 [ 1630.714587] should_failslab+0x5/0x20 [ 1630.715032] kmem_cache_alloc+0x5b/0x310 [ 1630.715495] ? mark_held_locks+0x9e/0xe0 [ 1630.715957] create_object.isra.0+0x3a/0xa20 [ 1630.716448] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1630.717020] kmem_cache_alloc_bulk+0x168/0x320 [ 1630.717538] io_submit_sqes+0x6f76/0x85c0 [ 1630.718034] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1630.718591] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1630.719148] ? lock_downgrade+0x6d0/0x6d0 [ 1630.719608] ? find_held_lock+0x2c/0x110 [ 1630.720071] ? io_submit_sqes+0x85c0/0x85c0 [ 1630.720558] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1630.721104] ? wait_for_completion_io+0x270/0x270 [ 1630.721642] ? rcu_read_lock_any_held+0x75/0xa0 [ 1630.722169] ? vfs_write+0x354/0xa70 [ 1630.722586] ? fput_many+0x2f/0x1a0 [ 1630.723019] ? ksys_write+0x1a9/0x260 [ 1630.723456] ? __ia32_sys_read+0xb0/0xb0 [ 1630.723922] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1630.724509] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1630.725098] do_syscall_64+0x33/0x40 [ 1630.725526] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1630.726115] RIP: 0033:0x7fe40cf96b19 [ 1630.726541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1630.728562] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1630.729410] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1630.730207] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1630.731003] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1630.731783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1630.732571] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 [ 1630.828167] Process accounting resumed [ 1630.876975] Process accounting resumed 20:07:32 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 28) 20:07:32 executing program 2: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000011c0)='smaps_rollup\x00') pread64(r0, &(0x7f0000000140)=""/4096, 0x1000, 0x0) r1 = syz_open_dev$ptys(0xc, 0x3, 0x1) fcntl$setlease(r1, 0x400, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) 20:07:32 executing program 3: r0 = socket$netlink(0x10, 0x3, 0xe) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r1, 0xc0189374, &(0x7f00000001c0)=ANY=[@ANYBLOB="6c88aba8aa7176ac2cf9fde00100", @ANYRES32=r1, @ANYBLOB="1b37ffff000000002e2f66696c653000"]) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000140)={0x0, 0x0}) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) fcntl$dupfd(r0, 0x406, r4) ioctl$sock_SIOCGIFINDEX(r4, 0x8914, &(0x7f0000000140)={'lo\x00'}) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), r0) readv(r4, &(0x7f0000000a80)=[{&(0x7f0000000700)=""/154, 0x9a}, {&(0x7f00000007c0)=""/62, 0x3e}, {&(0x7f0000000800)=""/234, 0xea}, {&(0x7f0000000900)=""/87, 0x57}, {&(0x7f0000000980)=""/138, 0x8a}, {&(0x7f0000000a40)=""/20, 0x14}], 0x6) sendmsg$nl_generic(r2, &(0x7f00000006c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000680)={&(0x7f0000000b00)=ANY=[@ANYBLOB="b00400002f00120026bd7000fddbdf251f00000043008e8008003800", @ANYRES32=r3, @ANYBLOB="d338765debee308bf8c9ae2bb2eb5060564d208374eae5a70887438adfdfbc40865b01bc1345ef99a9ca43368020df87e7ff638af0d6c00014010580a06a881b5dc5670a7fa0ac435d597b9e46336dac3d31faf9265f1c86504f5771cd5416eafbacdb1e0d14dc5a6594c48bbf569c395980b3cf1c5ef871d9d8512e80c272ea49f64e5f534da43b462400c1f666cd991c0a03a0d4575315c62512fbc562cfcc45764ff3fb4a94405aa303b5aa67b1b9db151a606b460752c8bf97ba6fdce3384749d01117831b3053caff5984268298184e2dd62cb50ae43182bbcb105fb6d6677ed2a0420951be1d0eb8a9c4fd61f4d2534294dcc5b9f2bb10b4ce1ab63a5570f316df85388f7c00d7924ee9804b07c310822a46445ed70000c9316e2c4bf60d3116579e97cfaf7bfea7ca4237f28e9a3cbcbaedcd4c374b22f5fdaaff137c0c0072003f00000000000000cd6c78c8217623121145680a70bfb458863d975e0118aefc8fd42d676e9a4f91347afdb5bf78df993634f344004f1f673233d0ddc3e67af4ecf5c7cbc9e8122176668e4e585e35754f6bcbc153f905e09649d21341c3a2f5d66fee76994d8257947d053c4bd73a6d1dd2e8f5cebeaeeafcf3622e551a54e9644f928a3a653df9751ca45df8b908008d008fae7bdb8a363a0f63e0c65dc4de32c762d8c5be6b3985412e211e3a2c164c4fad5dd6cfc82c7a16272bbdcd6f041800ef0c9ffe72ffa5e41224fe6faf743588aeb20d397a350afd0982dd2f993abb6312fb6cf04dd96cc573b07e593a758a7661e294ad175b15305644bed19469e6d8ac1a9a7038dcef97a1c93c659e54837bba98364935cb126dc787019521555b3418b59fc28f806edbf9ef40ade2796ebcc9e0568d4655d786afa88b67d94be30ee7866a64dc238ce19b4151707aff1426b0a64d59c9714867fea46a9653af5481334a414337", @ANYRES32=0x0, @ANYBLOB="fcae607707f151cfaf62460b7c3d774677cb79c5334693ea7db9baa51e363082f416af1bd56e9d2ec7d3cb53d2e332e0f37b463fd3cad4732cf7b3578ed3d026c589b0eff92e9f647223b40179807197b2b517823e93d0954fa7b690c44e56923683f1649dda139b1f7ff75cb6153d71b2148050650002f1cd86ef66717bc79d76d74029444f2e1d6e5b1567d2243f67f52281bd37fab8857eb38251f9f450d5d39d59f820ace1ff6b96740e27418ec0bc99fbfa96902f6f75cbe848a3485d51649ee8fd3d707e14e384cad0fee246e354d4a175a557ee3d3931e066a897ff187db5d4199f10a249b89d37c580893eba6b8272f714c33f189e02bc6ed450082cad44c9862c796b7cd39491efba1bd3640cadbc35198d60d837c0cc860e538237289788567e7a52062e323706c2672e2158f1d56bfb810dcaa7fc49b8fc562ff707120e653b4ef865cbb940b74cae1c1ce7d689d60cd36bb004a143b32ca76784323978e9418965863bc854cb566ac9d1dae5e9e1d6aba1aa3ea114ed3e727c46ef7cb0f70f23e4dd8dfd412b439c1da1826036ddc9592b1602341e5c8a8aeb1f2bbd4a762768d60173bb9dfa49ce6e8c0858d07a01a07b2c05d8ad0efb3885bb721da8a275d7803ba8fdfbcf9be8c29f01ab39ff52424bf265209017c0e009931a553e8e22307e322f860fca32e95a78bb9393fd971108000b00000070ac50da6a492ede7111afdaaf241e3c471ada0801832f97e6aac8797082d7527d80eda66b6b2bad2267c426db93699e1564da1bf59e2e329af61016fb229be5af38fd58ddd3aa9287fb1063276313011c849fe57537e7d79da96122295070a86b359f15a21037f2f91e3e9524acc81bc2ca27e7e9116ce9616a692f9e7e50801dd5ac94cd872be090b5bff6c9649bb606e58007a0c3a5b60f40a26e5dbf8de0c6cf1e67c6c2113031ccbfd32ae26b6b08009080040063000000"], 0x4b0}}, 0x4000000) sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="280000001800210c00000000000000000a0000000800fe00000000000c0009"], 0x28}}, 0x0) 20:07:32 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 17) 20:07:32 executing program 6: r0 = epoll_create(0xa81) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000080)={0x80000010}) perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x1a) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000440)=[{&(0x7f0000000040)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef", 0x3a, 0x400}, {0x0, 0x0, 0xffffffffdffffff8}, {0x0}, {0x0, 0x0, 0x2900}], 0x0, &(0x7f0000000140)=ANY=[]) connect$unix(0xffffffffffffffff, &(0x7f0000000140)=@file={0x0, './file0\x00'}, 0x6e) 20:07:32 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r1) pread64(0xffffffffffffffff, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r1, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r2) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:07:32 executing program 4: set_mempolicy(0x0, &(0x7f00000000c0)=0x6c0e, 0x7fff) syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f0000000000)=@default_ap_ssid, 0x6, 0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x3, 0x207e, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2000000, 0x13, r0, 0x0) syz_80211_inject_frame(&(0x7f00000000c0), &(0x7f0000000200)=ANY=[@ANYRESOCT=0x0, @ANYRESHEX=r0], 0x2f) syz_80211_inject_frame(&(0x7f0000000140), &(0x7f0000000300)=@ctrl_frame=@ba={{}, {0x6}, @device_b, @device_a, @multi={{0x0, 0x1, 0x1, 0x0, 0xa}, [{0x0, 0x4, {0x0, 0x4}, "993ce3d0609c5db8"}, {0x0, 0xd, {0xb, 0x9}, "e77f29ff3f1987fe"}, {0x0, 0x9, {0x4, 0x7}, "02eb8b2fe1fdfcf9"}, {0x0, 0x5, {0x6, 0x8}, "216dd6ca704b0b9f"}, {0x0, 0x3, {0x3, 0x1}, "d23d555f25987375"}, {0x0, 0x5, {0x3, 0x5}, "3d5ae3f5729674f6"}, {0x0, 0x0, {0x4, 0x7}, "dd0108abf43f00a2"}, {0x0, 0x5, {0x9, 0x3}, "d99ae34b2d40d791"}, {0x0, 0x9, {0x3, 0x7}, "19a4834908c1beff"}, {0x0, 0xa, {0x8, 0x8}, "cde61265d7b4de51"}], {0x0, 0x8, {0xf, 0x3}, "ae57af9745e216ec"}}}, 0x96) set_mempolicy(0x0, 0x0, 0x0) syz_80211_join_ibss(&(0x7f0000000080)='wlan1\x00', &(0x7f00000001c0)=@default_ap_ssid, 0x6, 0x2) getpgid(0xffffffffffffffff) fork() ioctl$CDROMSETSPINDOWN(0xffffffffffffffff, 0x531e, &(0x7f00000002c0)=0x1) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f00000003c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0x100, 0x1ff, 0x8, 0x2, 0x3, 0xee8}, {0x5df2, 0x6, 0x80, 0x7f, 0x5, 0x4}], ['\x00', '\x00', '\x00', '\x00']}) ptrace$cont(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x200}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) set_mempolicy(0x2, &(0x7f0000000100)=0x200000002000003, 0x4) syz_80211_join_ibss(&(0x7f0000000240)='wlan0\x00', &(0x7f0000000280)=@default_ap_ssid, 0x6, 0x0) 20:07:32 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 32) [ 1645.462614] FAULT_INJECTION: forcing a failure. [ 1645.462614] name failslab, interval 1, probability 0, space 0, times 0 [ 1645.464217] CPU: 0 PID: 12890 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1645.465130] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1645.466210] Call Trace: [ 1645.466574] dump_stack+0x107/0x167 [ 1645.467070] should_fail.cold+0x5/0xa [ 1645.467583] ? create_object.isra.0+0x3a/0xa20 [ 1645.468184] should_failslab+0x5/0x20 [ 1645.468694] kmem_cache_alloc+0x5b/0x310 [ 1645.469231] ? mark_held_locks+0x9e/0xe0 [ 1645.469770] create_object.isra.0+0x3a/0xa20 [ 1645.470348] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1645.471188] kmem_cache_alloc_bulk+0x168/0x320 [ 1645.471978] io_submit_sqes+0x6f76/0x85c0 [ 1645.472716] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1645.473567] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1645.474300] ? lock_downgrade+0x6d0/0x6d0 [ 1645.474960] ? find_held_lock+0x2c/0x110 [ 1645.475560] ? io_submit_sqes+0x85c0/0x85c0 [ 1645.476131] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1645.476770] ? wait_for_completion_io+0x270/0x270 [ 1645.477400] ? rcu_read_lock_any_held+0x75/0xa0 [ 1645.478015] ? vfs_write+0x354/0xa70 [ 1645.478508] ? fput_many+0x2f/0x1a0 [ 1645.479013] ? ksys_write+0x1a9/0x260 [ 1645.479512] ? __ia32_sys_read+0xb0/0xb0 [ 1645.480061] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1645.480750] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1645.481423] do_syscall_64+0x33/0x40 [ 1645.481922] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1645.482597] RIP: 0033:0x7fe40cf96b19 [ 1645.483095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1645.485481] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1645.486472] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1645.487413] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1645.488346] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1645.489274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1645.490206] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 [ 1645.526076] FAULT_INJECTION: forcing a failure. [ 1645.526076] name failslab, interval 1, probability 0, space 0, times 0 [ 1645.527652] CPU: 0 PID: 12899 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1645.528551] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1645.529630] Call Trace: [ 1645.529986] dump_stack+0x107/0x167 [ 1645.530462] should_fail.cold+0x5/0xa [ 1645.530995] ? create_object.isra.0+0x3a/0xa20 [ 1645.531618] should_failslab+0x5/0x20 [ 1645.532118] kmem_cache_alloc+0x5b/0x310 [ 1645.532662] ? mark_held_locks+0x9e/0xe0 [ 1645.532719] FAULT_INJECTION: forcing a failure. [ 1645.532719] name failslab, interval 1, probability 0, space 0, times 0 [ 1645.533182] create_object.isra.0+0x3a/0xa20 [ 1645.533208] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1645.536683] kmem_cache_alloc_bulk+0x168/0x320 [ 1645.537262] io_submit_sqes+0x6f76/0x85c0 [ 1645.537803] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1645.538428] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1645.539043] ? lock_downgrade+0x6d0/0x6d0 [ 1645.539572] ? find_held_lock+0x2c/0x110 [ 1645.540074] ? io_submit_sqes+0x85c0/0x85c0 [ 1645.540634] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1645.541224] ? wait_for_completion_io+0x270/0x270 [ 1645.541838] ? rcu_read_lock_any_held+0x75/0xa0 [ 1645.542399] ? vfs_write+0x354/0xa70 [ 1645.542890] ? fput_many+0x2f/0x1a0 [ 1645.543335] ? ksys_write+0x1a9/0x260 [ 1645.543835] ? __ia32_sys_read+0xb0/0xb0 [ 1645.544348] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1645.545010] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1645.545663] do_syscall_64+0x33/0x40 [ 1645.546135] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1645.546786] RIP: 0033:0x7fcf4787bb19 [ 1645.547270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1645.549599] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1645.550564] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1645.551478] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1645.552385] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1645.553307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1645.554208] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 [ 1645.555181] CPU: 1 PID: 12900 Comm: syz-executor.1 Not tainted 5.10.180 #1 [ 1645.556636] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1645.558354] Call Trace: [ 1645.558940] dump_stack+0x107/0x167 [ 1645.559727] should_fail.cold+0x5/0xa [ 1645.560533] ? create_object.isra.0+0x3a/0xa20 [ 1645.561508] should_failslab+0x5/0x20 [ 1645.562322] kmem_cache_alloc+0x5b/0x310 [ 1645.563202] create_object.isra.0+0x3a/0xa20 [ 1645.564112] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1645.565183] __kmalloc+0x16e/0x390 [ 1645.565935] io_setup_async_rw+0x180/0x580 [ 1645.566844] ? iov_iter_restore+0x195/0x3a0 [ 1645.567735] io_read+0x775/0x11e0 [ 1645.568493] ? kiocb_done+0xc90/0xc90 [ 1645.569325] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1645.569369] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1645.571145] ? trace_hardirqs_on+0x5b/0x180 [ 1645.572066] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1645.573209] ? __lock_acquire+0xbb1/0x5b00 [ 1645.574115] io_issue_sqe+0x2e12/0x7660 [ 1645.574966] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1645.576065] ? SOFTIRQ_verbose+0x10/0x10 [ 1645.576912] ? lock_chain_count+0x20/0x20 [ 1645.577802] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1645.578926] ? io_connect+0x610/0x610 [ 1645.579730] ? lock_acquire+0x197/0x470 [ 1645.580572] ? find_held_lock+0x2c/0x110 [ 1645.581430] ? __fget_files+0x26d/0x4c0 [ 1645.582277] ? lock_downgrade+0x6d0/0x6d0 [ 1645.583159] __io_queue_sqe+0x90/0x9d0 [ 1645.583991] ? io_issue_sqe+0x7660/0x7660 [ 1645.584861] ? io_prep_rw+0x7f5/0x1050 [ 1645.585695] io_submit_sqes+0x4461/0x85c0 [ 1645.586601] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1645.587655] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1645.588663] ? lock_downgrade+0x6d0/0x6d0 [ 1645.589521] ? find_held_lock+0x2c/0x110 [ 1645.590381] ? io_submit_sqes+0x85c0/0x85c0 [ 1645.591290] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1645.592289] ? wait_for_completion_io+0x270/0x270 [ 1645.593289] ? rcu_read_lock_any_held+0x75/0xa0 [ 1645.594245] ? vfs_write+0x354/0xa70 [ 1645.595043] ? fput_many+0x2f/0x1a0 [ 1645.595800] ? ksys_write+0x1a9/0x260 [ 1645.596592] ? __ia32_sys_read+0xb0/0xb0 [ 1645.597442] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1645.598536] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1645.599628] do_syscall_64+0x33/0x40 [ 1645.600405] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1645.601453] RIP: 0033:0x7f5d818b0b19 [ 1645.602232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1645.605970] RSP: 002b:00007f5d7ee26188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1645.607535] RAX: ffffffffffffffda RBX: 00007f5d819c3f60 RCX: 00007f5d818b0b19 [ 1645.608987] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1645.610443] RBP: 00007f5d7ee261d0 R08: 0000000000000000 R09: 0000000000000000 [ 1645.611905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1645.613363] R13: 00007fff1ce3d42f R14: 00007f5d7ee26300 R15: 0000000000022000 [ 1645.617292] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 1645.618585] EXT4-fs (loop6): group descriptors corrupted! [ 1645.679429] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 1645.681664] EXT4-fs (loop6): group descriptors corrupted! 20:07:32 executing program 2: ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, 0x0}) r1 = fsmount(0xffffffffffffffff, 0x0, 0x80) ioctl$VT_RESIZEX(r1, 0x560a, &(0x7f0000000000)={0x8, 0x3, 0x7ff, 0x8000, 0xe9, 0x6}) r2 = perf_event_open(&(0x7f0000001d80)={0x4, 0x80, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x3, 0x6}, r0, 0xf, 0xffffffffffffffff, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) clock_gettime(0xa, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB="2c7766646eff0139c28aa3fb26", @ANYRESHEX=r4, @ANYBLOB="8dba548f53bf98c98a2c0aca1d9c4d5d5616bd1612623c1fa7c29fb1ab09bbc640304f544c9166e19ef2c3fbf625e615a9f7a2ef3bb7b08a987edac6f5c1e29aa2aa49bf218c62cc4f5b5fec5d38c8094892618e5b7da46d0452f1692c5da9529e65b5934ded6836678f42740546f9f7b1bc"]) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) r7 = getpgrp(0x0) r8 = pidfd_open(r7, 0x0) r9 = dup(r8) pidfd_send_signal(r9, 0x0, &(0x7f0000000000), 0x0) sendmsg$TIPC_NL_LINK_SET(r9, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000900)={0x354, 0x0, 0x400, 0x70bd2d, 0x25dfdbfc, {}, [@TIPC_NLA_LINK={0xac, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0xffffffffffffffe1, 0x4, 0xf4fcda4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8000}]}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x44}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}]}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7ff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x81}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}, @TIPC_NLA_SOCK={0x0, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x0, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x0, 0x1, 0x2}, @TIPC_NLA_CON_FLAG={0x0, 0x1, 0xffff}]}, @TIPC_NLA_SOCK_REF={0x0, 0x2, 0xe2b}]}, @TIPC_NLA_NET={0x50, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x3}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x7}, @TIPC_NLA_NET_NODEID_W1={0xc}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x1}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x9}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x401}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x8d}]}, @TIPC_NLA_PUBL={0x54, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xa2}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x1f}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x5}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x9}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x101}, @TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x2}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xffffffff}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x80000000}]}, @TIPC_NLA_SOCK={0x18, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xa7}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_MEDIA={0x48, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}]}]}, @TIPC_NLA_NODE={0x16c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x43, 0x4, {'gcm(aes)\x00', 0x1b, "d0e9b4e6b4345117a9a941014aaf6a34a9ff1f70ed560d946c05f8"}}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x35}, @TIPC_NLA_NODE_KEY={0x3e, 0x4, {'gcm(aes)\x00', 0x16, "ace20990a12e3367f237958922848c3e20411b6d1a05"}}, @TIPC_NLA_NODE_KEY={0x45, 0x4, {'gcm(aes)\x00', 0x1d, "12e070a67b149a3099e7d5e256fcccdf99d2fb8cd97d8f424b83dbfb77"}}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ID={0x8b, 0x3, "672c2e51eaa499389534947dec6157767d5aca0565f7fdf822994b9a84c58eac42d9f3787a9f6aa1464faf6b046d3abf0c4a4994e8f519aced80c3dc94f66bde33177162fdbebb330402fccfbd0add25b370617d5ebd243123bf0c6f61d0cc29b4de0410f18d63cc48ce34e0d77e00ebc80013286b2221cc9cad59ab8811ef39a6b08ee95335f4"}]}]}, 0x354}, 0x1, 0x0, 0x0, 0x44000}, 0x4008001) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r9, 0x40182103, &(0x7f00000008c0)={0x0, 0x1, r2, 0x2, 0x80000}) clock_settime(0x0, &(0x7f0000000200)={r5, r6+60000000}) ioctl$F2FS_IOC_SET_PIN_FILE(r4, 0x4004f50d, &(0x7f0000000080)=0x1) r10 = socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r11, 0x1}, 0x14}}, 0x0) sendmsg$NL80211_CMD_DEL_NAN_FUNCTION(r1, &(0x7f0000000800)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000740)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="00012abd7000fbdbdf257600000008000300", @ANYRES32=0x0, @ANYBLOB="0c009900008000006c0000000c0058005e000000000000000000000000000c00dd27e3910000000000000c0058007b000000000000000c00580076000000000000000c00580048000000000000a6348674003800000000000000"], 0x7c}, 0x1, 0x0, 0x0, 0x20040000}, 0x4000040) 20:07:32 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 18) 20:07:32 executing program 6: openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/key-users\x00', 0x300, 0x0) [ 1645.856994] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 20:07:32 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 29) [ 1645.897626] FAULT_INJECTION: forcing a failure. [ 1645.897626] name failslab, interval 1, probability 0, space 0, times 0 [ 1645.900142] CPU: 0 PID: 12921 Comm: syz-executor.1 Not tainted 5.10.180 #1 [ 1645.901545] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1645.903231] Call Trace: [ 1645.903773] dump_stack+0x107/0x167 [ 1645.904517] should_fail.cold+0x5/0xa [ 1645.905296] ? io_setup_async_rw+0x180/0x580 [ 1645.906194] should_failslab+0x5/0x20 [ 1645.907006] __kmalloc+0x72/0x390 [ 1645.907722] io_setup_async_rw+0x180/0x580 [ 1645.908569] ? iov_iter_restore+0x195/0x3a0 [ 1645.909432] io_read+0x775/0x11e0 [ 1645.910141] ? kiocb_done+0xc90/0xc90 [ 1645.910938] ? stack_trace_consume_entry+0x160/0x160 [ 1645.911969] ? lock_acquire+0x197/0x470 [ 1645.912771] ? __lock_acquire+0xbb1/0x5b00 [ 1645.913625] io_issue_sqe+0x2e12/0x7660 [ 1645.914430] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1645.915496] ? SOFTIRQ_verbose+0x10/0x10 [ 1645.916326] ? lock_chain_count+0x20/0x20 [ 1645.917178] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1645.918237] ? io_connect+0x610/0x610 [ 1645.919029] ? lock_acquire+0x197/0x470 [ 1645.919833] ? find_held_lock+0x2c/0x110 [ 1645.920659] ? __fget_files+0x26d/0x4c0 [ 1645.921463] ? lock_downgrade+0x6d0/0x6d0 [ 1645.922316] __io_queue_sqe+0x90/0x9d0 [ 1645.923133] ? io_issue_sqe+0x7660/0x7660 [ 1645.923988] ? io_prep_rw+0x7f5/0x1050 [ 1645.924794] io_submit_sqes+0x4461/0x85c0 [ 1645.925679] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1645.926708] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1645.927699] ? lock_downgrade+0x6d0/0x6d0 [ 1645.928550] ? find_held_lock+0x2c/0x110 [ 1645.929391] ? io_submit_sqes+0x85c0/0x85c0 [ 1645.930280] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1645.931285] ? wait_for_completion_io+0x270/0x270 [ 1645.932267] ? rcu_read_lock_any_held+0x75/0xa0 [ 1645.933179] ? vfs_write+0x354/0xa70 [ 1645.933918] ? fput_many+0x2f/0x1a0 [ 1645.934650] ? ksys_write+0x1a9/0x260 [ 1645.935456] ? __ia32_sys_read+0xb0/0xb0 [ 1645.936294] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1645.937382] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1645.938432] do_syscall_64+0x33/0x40 [ 1645.939207] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1645.940237] RIP: 0033:0x7f5d818b0b19 [ 1645.940993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1645.944717] RSP: 002b:00007f5d7ee26188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1645.946252] RAX: ffffffffffffffda RBX: 00007f5d819c3f60 RCX: 00007f5d818b0b19 [ 1645.947705] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1645.949151] RBP: 00007f5d7ee261d0 R08: 0000000000000000 R09: 0000000000000000 [ 1645.950592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1645.952055] R13: 00007fff1ce3d42f R14: 00007f5d7ee26300 R15: 0000000000022000 20:07:33 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 33) [ 1646.006563] FAULT_INJECTION: forcing a failure. [ 1646.006563] name failslab, interval 1, probability 0, space 0, times 0 [ 1646.009393] CPU: 1 PID: 12928 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1646.010894] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1646.012685] Call Trace: [ 1646.013275] dump_stack+0x107/0x167 [ 1646.014083] should_fail.cold+0x5/0xa [ 1646.014968] ? create_object.isra.0+0x3a/0xa20 [ 1646.015957] should_failslab+0x5/0x20 [ 1646.016774] kmem_cache_alloc+0x5b/0x310 [ 1646.017647] ? mark_held_locks+0x9e/0xe0 [ 1646.018525] create_object.isra.0+0x3a/0xa20 [ 1646.019484] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1646.020594] kmem_cache_alloc_bulk+0x168/0x320 [ 1646.021602] io_submit_sqes+0x6f76/0x85c0 [ 1646.022548] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1646.023624] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1646.024687] ? lock_downgrade+0x6d0/0x6d0 [ 1646.025599] ? find_held_lock+0x2c/0x110 [ 1646.026499] ? io_submit_sqes+0x85c0/0x85c0 [ 1646.027477] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1646.028539] ? wait_for_completion_io+0x270/0x270 [ 1646.029602] ? rcu_read_lock_any_held+0x75/0xa0 [ 1646.030612] ? vfs_write+0x354/0xa70 [ 1646.031418] ? fput_many+0x2f/0x1a0 [ 1646.032224] ? ksys_write+0x1a9/0x260 [ 1646.033057] ? __ia32_sys_read+0xb0/0xb0 [ 1646.033954] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1646.035136] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1646.036256] do_syscall_64+0x33/0x40 [ 1646.037068] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1646.038153] RIP: 0033:0x7fcf4787bb19 [ 1646.038980] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 20:07:33 executing program 2: rename(&(0x7f00000006c0)='./file0\x00', 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e24, @multicast2}, 0x10) fcntl$getflags(r0, 0x40a) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000380)={{{@in6=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0xfffffffe}, {{@in6=@private1, 0x0, 0x6c}}}, 0xe8) bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) sendto$inet(r0, &(0x7f0000000080)="a8bb77a50c50feb39cfa2b2796a1e7150d911823fb47f4c65e583986b4f103cae377c6b2b3c37974a8ebc67cae319f1d13787b48650bf14a6484d876c662c8c0f98ccbaed6c1e31c2107e51a302d7746acd7", 0x52, 0x40081, 0x0, 0x0) ftruncate(0xffffffffffffffff, 0x1000003) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef) r1 = syz_mount_image$tmpfs(&(0x7f0000000080), &(0x7f00000000c0)='./mnt\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="6d706f6c1f0072656645722c00"]) mknodat$loop(r1, &(0x7f0000000240)='./mnt\x00', 0x0, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000100)={0x0, 0x9, [0x4, 0x81, 0x9, 0x1b35, 0x5, 0x4]}) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000001c0), 0x7fff) syz_open_procfs(0x0, &(0x7f0000000040)='cgroup\x00') openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='blkio.throttle.io_service_bytes_recursive\x00', 0x0, 0x0) unshare(0x48020200) [ 1646.042936] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1646.044768] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1646.046272] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1646.047778] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1646.049256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1646.050729] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 20:07:33 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, 0x0, 0x0, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) [ 1646.113689] FAULT_INJECTION: forcing a failure. [ 1646.113689] name failslab, interval 1, probability 0, space 0, times 0 [ 1646.116300] CPU: 0 PID: 12930 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1646.117714] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1646.119417] Call Trace: [ 1646.119963] dump_stack+0x107/0x167 [ 1646.120707] should_fail.cold+0x5/0xa [ 1646.121486] ? create_object.isra.0+0x3a/0xa20 [ 1646.122418] should_failslab+0x5/0x20 [ 1646.123217] kmem_cache_alloc+0x5b/0x310 [ 1646.124040] ? mark_held_locks+0x9e/0xe0 [ 1646.124867] create_object.isra.0+0x3a/0xa20 [ 1646.125763] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1646.126796] kmem_cache_alloc_bulk+0x168/0x320 [ 1646.127732] io_submit_sqes+0x6f76/0x85c0 [ 1646.128597] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1646.129604] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1646.130573] ? lock_downgrade+0x6d0/0x6d0 [ 1646.131428] ? find_held_lock+0x2c/0x110 [ 1646.132253] ? io_submit_sqes+0x85c0/0x85c0 [ 1646.133147] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1646.134122] ? wait_for_completion_io+0x270/0x270 [ 1646.135130] ? rcu_read_lock_any_held+0x75/0xa0 [ 1646.136059] ? vfs_write+0x354/0xa70 [ 1646.136815] ? fput_many+0x2f/0x1a0 [ 1646.137554] ? ksys_write+0x1a9/0x260 [ 1646.138328] ? __ia32_sys_read+0xb0/0xb0 [ 1646.139167] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1646.140223] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1646.141264] do_syscall_64+0x33/0x40 [ 1646.142021] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1646.143082] RIP: 0033:0x7fe40cf96b19 [ 1646.143843] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1646.147582] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1646.149117] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1646.150553] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1646.152011] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1646.153474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1646.154929] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 20:07:33 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 19) 20:07:33 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 30) [ 1646.236375] tmpfs: Unknown parameter 'mpol' [ 1646.308246] FAULT_INJECTION: forcing a failure. [ 1646.308246] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 1646.311137] CPU: 1 PID: 12937 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1646.312597] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1646.314331] Call Trace: [ 1646.314920] dump_stack+0x107/0x167 [ 1646.315695] should_fail.cold+0x5/0xa [ 1646.316519] __alloc_pages_nodemask+0x182/0x600 [ 1646.317520] ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130 [ 1646.318812] alloc_pages_current+0x187/0x280 [ 1646.319752] allocate_slab+0x26f/0x380 [ 1646.320583] ___slab_alloc+0x470/0x700 [ 1646.321418] ? io_submit_sqes+0x6f76/0x85c0 [ 1646.322353] ? kmem_cache_alloc_bulk+0x1ec/0x320 [ 1646.323365] kmem_cache_alloc_bulk+0x1ec/0x320 [ 1646.324329] io_submit_sqes+0x6f76/0x85c0 [ 1646.325269] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1646.326466] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1646.327639] ? lock_downgrade+0x6d0/0x6d0 [ 1646.328625] ? find_held_lock+0x2c/0x110 [ 1646.329611] ? io_submit_sqes+0x85c0/0x85c0 [ 1646.330660] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1646.331830] ? wait_for_completion_io+0x270/0x270 [ 1646.332988] ? rcu_read_lock_any_held+0x75/0xa0 [ 1646.334101] ? vfs_write+0x354/0xa70 [ 1646.335040] ? fput_many+0x2f/0x1a0 [ 1646.335917] ? ksys_write+0x1a9/0x260 [ 1646.336839] ? __ia32_sys_read+0xb0/0xb0 [ 1646.337819] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1646.339074] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1646.340299] do_syscall_64+0x33/0x40 [ 1646.341188] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1646.342393] RIP: 0033:0x7fcf4787bb19 [ 1646.343312] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1646.347587] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1646.349371] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1646.351034] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1646.352697] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1646.354366] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1646.356039] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 [ 1646.388306] FAULT_INJECTION: forcing a failure. [ 1646.388306] name failslab, interval 1, probability 0, space 0, times 0 [ 1646.391207] CPU: 1 PID: 12939 Comm: syz-executor.1 Not tainted 5.10.180 #1 [ 1646.392786] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1646.394658] Call Trace: [ 1646.395288] dump_stack+0x107/0x167 [ 1646.396136] should_fail.cold+0x5/0xa [ 1646.397021] ? io_setup_async_rw+0x180/0x580 [ 1646.398030] should_failslab+0x5/0x20 [ 1646.398904] __kmalloc+0x72/0x390 [ 1646.399721] io_setup_async_rw+0x180/0x580 [ 1646.400690] ? iov_iter_restore+0x195/0x3a0 [ 1646.401673] io_read+0x775/0x11e0 [ 1646.402501] ? kiocb_done+0xc90/0xc90 [ 1646.403392] ? register_lock_class+0xbb/0x17b0 [ 1646.404427] ? arch_stack_walk+0x99/0xf0 [ 1646.405365] ? is_dynamic_key+0x1e0/0x1e0 [ 1646.406320] ? mark_lock+0xf5/0x2df0 [ 1646.407178] ? mark_lock+0xf5/0x2df0 [ 1646.408037] ? __lock_acquire+0x1657/0x5b00 [ 1646.409038] ? __lock_acquire+0xbb1/0x5b00 [ 1646.410025] io_issue_sqe+0x2e12/0x7660 [ 1646.410957] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1646.412131] ? SOFTIRQ_verbose+0x10/0x10 [ 1646.413050] ? lock_chain_count+0x20/0x20 20:07:33 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 34) [ 1646.413995] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1646.415460] ? io_connect+0x610/0x610 [ 1646.416334] ? lock_acquire+0x197/0x470 [ 1646.417240] ? find_held_lock+0x2c/0x110 [ 1646.418164] ? __fget_files+0x26d/0x4c0 [ 1646.419097] ? lock_downgrade+0x6d0/0x6d0 [ 1646.420040] __io_queue_sqe+0x90/0x9d0 [ 1646.420934] ? io_issue_sqe+0x7660/0x7660 [ 1646.421867] ? io_prep_rw+0x7f5/0x1050 [ 1646.422761] io_submit_sqes+0x4461/0x85c0 [ 1646.423735] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1646.424848] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1646.425931] ? lock_downgrade+0x6d0/0x6d0 [ 1646.426863] ? find_held_lock+0x2c/0x110 [ 1646.427781] ? io_submit_sqes+0x85c0/0x85c0 [ 1646.428764] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1646.429843] ? wait_for_completion_io+0x270/0x270 [ 1646.430946] ? rcu_read_lock_any_held+0x75/0xa0 [ 1646.431977] ? vfs_write+0x354/0xa70 [ 1646.432806] ? fput_many+0x2f/0x1a0 [ 1646.433612] ? ksys_write+0x1a9/0x260 [ 1646.434468] ? __ia32_sys_read+0xb0/0xb0 [ 1646.435382] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1646.436550] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1646.437686] do_syscall_64+0x33/0x40 [ 1646.438526] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1646.439676] RIP: 0033:0x7f5d818b0b19 [ 1646.440519] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1646.444508] RSP: 002b:00007f5d7ee26188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1646.446163] RAX: ffffffffffffffda RBX: 00007f5d819c3f60 RCX: 00007f5d818b0b19 [ 1646.447720] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1646.449263] RBP: 00007f5d7ee261d0 R08: 0000000000000000 R09: 0000000000000000 [ 1646.450815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1646.452364] R13: 00007fff1ce3d42f R14: 00007f5d7ee26300 R15: 0000000000022000 [ 1646.545095] FAULT_INJECTION: forcing a failure. [ 1646.545095] name failslab, interval 1, probability 0, space 0, times 0 [ 1646.547853] CPU: 0 PID: 12948 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1646.549305] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1646.551036] Call Trace: [ 1646.551606] dump_stack+0x107/0x167 [ 1646.552384] should_fail.cold+0x5/0xa [ 1646.553197] ? create_object.isra.0+0x3a/0xa20 [ 1646.554153] should_failslab+0x5/0x20 [ 1646.554976] kmem_cache_alloc+0x5b/0x310 [ 1646.555834] ? mark_held_locks+0x9e/0xe0 [ 1646.556692] create_object.isra.0+0x3a/0xa20 [ 1646.557614] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1646.558675] kmem_cache_alloc_bulk+0x168/0x320 [ 1646.559650] io_submit_sqes+0x6f76/0x85c0 [ 1646.560562] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1646.561596] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1646.562608] ? lock_downgrade+0x6d0/0x6d0 [ 1646.563492] ? find_held_lock+0x2c/0x110 [ 1646.564356] ? io_submit_sqes+0x85c0/0x85c0 [ 1646.565272] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1646.566283] ? wait_for_completion_io+0x270/0x270 [ 1646.567306] ? rcu_read_lock_any_held+0x75/0xa0 [ 1646.568271] ? vfs_write+0x354/0xa70 [ 1646.569066] ? fput_many+0x2f/0x1a0 [ 1646.569834] ? ksys_write+0x1a9/0x260 [ 1646.570653] ? __ia32_sys_read+0xb0/0xb0 [ 1646.571522] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1646.572628] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1646.573721] do_syscall_64+0x33/0x40 [ 1646.574516] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1646.575597] RIP: 0033:0x7fe40cf96b19 [ 1646.576394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1646.580212] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1646.581817] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1646.583292] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1646.584768] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1646.586242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1646.587736] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 20:07:33 executing program 3: shmget$private(0x0, 0x1000, 0x1000, &(0x7f0000ffe000/0x1000)=nil) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) unshare(0x42000000) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e24, 0x80, @local, 0x80000000}, 0x1c) unshare(0x40880) 20:07:33 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, 0x0, 0x0, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:07:33 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 31) [ 1646.759730] tmpfs: Unknown parameter 'mpol' [ 1646.823110] FAULT_INJECTION: forcing a failure. [ 1646.823110] name failslab, interval 1, probability 0, space 0, times 0 [ 1646.825711] CPU: 1 PID: 12958 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1646.827148] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1646.828836] Call Trace: [ 1646.829384] dump_stack+0x107/0x167 [ 1646.830148] should_fail.cold+0x5/0xa [ 1646.830918] ? create_object.isra.0+0x3a/0xa20 [ 1646.831870] should_failslab+0x5/0x20 [ 1646.832636] kmem_cache_alloc+0x5b/0x310 [ 1646.833451] create_object.isra.0+0x3a/0xa20 [ 1646.834334] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1646.835364] kmem_cache_alloc_bulk+0x168/0x320 [ 1646.836275] io_submit_sqes+0x6f76/0x85c0 [ 1646.837138] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1646.838114] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1646.839078] ? lock_downgrade+0x6d0/0x6d0 [ 1646.839895] ? find_held_lock+0x2c/0x110 [ 1646.840703] ? io_submit_sqes+0x85c0/0x85c0 [ 1646.841575] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1646.842546] ? wait_for_completion_io+0x270/0x270 [ 1646.843525] ? rcu_read_lock_any_held+0x75/0xa0 [ 1646.844443] ? vfs_write+0x354/0xa70 [ 1646.845204] ? fput_many+0x2f/0x1a0 [ 1646.845928] ? ksys_write+0x1a9/0x260 [ 1646.846683] ? __ia32_sys_read+0xb0/0xb0 [ 1646.847522] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1646.848558] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1646.849582] do_syscall_64+0x33/0x40 [ 1646.850341] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1646.851376] RIP: 0033:0x7fcf4787bb19 [ 1646.852125] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1646.855910] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1646.857420] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1646.858882] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1646.860265] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1646.861668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1646.863086] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 20:07:49 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000740)='./file0\x00', &(0x7f0000000780)='debugfs\x00', 0x0, 0x0) mount(&(0x7f0000000000)=@nullb, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='minix\x00', 0x8000, &(0x7f00000000c0)='\x00') syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0xc020, &(0x7f0000000140)=ANY=[@ANYBLOB="0169643d", @ANYRESHEX, @ANYBLOB=',\x00']) 20:07:49 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 35) 20:07:49 executing program 2: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000030c0)='mountinfo\x00') r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'lo\x00'}) pipe(&(0x7f0000000040)={0xffffffffffffffff}) ioctl$sock_ifreq(r2, 0x8920, &(0x7f0000000000)={'ipvlan0\x00', @ifru_addrs=@l2}) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000500)='ramfs\x00', 0x0, 0x0) preadv(r0, &(0x7f0000002400)=[{&(0x7f0000000140)=""/203, 0xcb}], 0x1, 0x7ff, 0x0) 20:07:49 executing program 3: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, 0x0, 0x0, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:07:49 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 32) 20:07:49 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, 0x0, 0x0, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:07:49 executing program 6: syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff) accept4$inet6(0xffffffffffffffff, 0x0, &(0x7f00000002c0), 0x400) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000200)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=0xffffffffffffffff, @ANYBLOB="2f66698f653000af0e93b0e6000000000000000000"]) r1 = syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, &(0x7f0000000400)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x24, r1, 0x400, 0x70bd27, 0x25dfdbfb, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x1}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x200000c0}, 0x14050880) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000100)={{{@in6=@initdev, @in6=@ipv4={""/10, ""/2, @local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@remote}, 0x0, @in6=@empty}}, &(0x7f0000000200)=0xe8) r3 = perf_event_open(&(0x7f0000001d80)={0x3, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000000}, 0x40400, 0x10001, 0xfffffffe, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x8, 0xffffffffffffffff, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='net/packet\x00') r5 = dup3(r4, r3, 0x0) r6 = fcntl$dupfd(0xffffffffffffffff, 0x0, r3) getsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000200)={{{@in=@multicast1}}, {{@in=@initdev}, 0x0, @in6=@ipv4={""/10, ""/2, @private}}}, &(0x7f0000000100)=0xe8) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$ethtool(&(0x7f00000006c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000700)=ANY=[@ANYBLOB="296d63023d49aee21ca46f8ca0a4af26e231527f89996b7dae448c228d3ca9cdec3ae11383683ac920e760b5644770e1413877f091db4537c2ec9611cfad1f4d6452280d181f98440d1327a8937ed2b7e8abe3b7a8cff0e84f82a52b0ff7d8ad04e7f1bf7ca96d3edd03a811afad2fd399fae037cd7f7985bb214561e2eb869ae941c112d119", @ANYRES16=r8, @ANYBLOB="0100000000000100ed5461e715b4ab971f0430cfd2c3a25ee6d382cce1cfeaf41c629dccdf86cc082e56aea3aa566cabc9a74553f459ce71e9259619b932c56190d890170f8f4d8dbc28ee5c360e19fcd781607e058c047cfe49c9697a096bbc34218b9dbc4f8c0dfacadb3d9428173e3cb50fe19ad0a9e8af66f8769d74d8ca8e12caf78f0bcff07f7edf26e567c6794f8bee1ccc2765b781d8bbe1a8d27b2ca289b96a73430528c417e73f517350e04e6dd9c7b8cb6f25f93ea150eff098b3df7c8cb4baccf5f9e83c", @ANYRES32=r9, @ANYBLOB="0c00a93198f5511828050000"], 0x2c}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r5, 0x89f7, &(0x7f0000000640)={'ip6_vti0\x00', &(0x7f00000004c0)={'syztnl1\x00', r9, 0x29, 0x5, 0x20, 0x101, 0x10, @private2={0xfc, 0x2, '\x00', 0x1}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x7800, 0x8, 0x1, 0x400}}) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r6, 0x89f7, &(0x7f00000000c0)={'ip6tnl0\x00', &(0x7f0000000000)={'sit0\x00', r9, 0x4, 0x1, 0x0, 0x7, 0x12, @local, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x8000, 0x7, 0xffff, 0x4}}) sendmsg$BATADV_CMD_TP_METER_CANCEL(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x64, r1, 0x100, 0x70bd2b, 0x25dfdbfb, {}, [@BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x97}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x9}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x4}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x3}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r9}]}, 0x64}, 0x1, 0x0, 0x0, 0x40000}, 0x40830) openat$nvram(0xffffffffffffff9c, &(0x7f0000000380), 0x2080, 0x0) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, 0x0) 20:07:49 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 20) [ 1662.164111] FAULT_INJECTION: forcing a failure. [ 1662.164111] name failslab, interval 1, probability 0, space 0, times 0 [ 1662.167050] CPU: 1 PID: 12974 Comm: syz-executor.1 Not tainted 5.10.180 #1 [ 1662.168525] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1662.170237] Call Trace: [ 1662.170805] dump_stack+0x107/0x167 [ 1662.171578] should_fail.cold+0x5/0xa [ 1662.172386] ? io_setup_async_rw+0x180/0x580 [ 1662.173313] should_failslab+0x5/0x20 [ 1662.174116] __kmalloc+0x72/0x390 [ 1662.174868] io_setup_async_rw+0x180/0x580 [ 1662.175768] ? iov_iter_restore+0x195/0x3a0 [ 1662.176683] io_read+0x775/0x11e0 [ 1662.177441] ? kiocb_done+0xc90/0xc90 [ 1662.178291] ? stack_trace_consume_entry+0x160/0x160 [ 1662.179408] ? lock_acquire+0x197/0x470 [ 1662.180260] ? __lock_acquire+0xbb1/0x5b00 [ 1662.181146] io_issue_sqe+0x2e12/0x7660 [ 1662.181985] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1662.183090] ? SOFTIRQ_verbose+0x10/0x10 [ 1662.183956] ? lock_chain_count+0x20/0x20 [ 1662.184846] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1662.185945] ? io_connect+0x610/0x610 [ 1662.186159] FAULT_INJECTION: forcing a failure. [ 1662.186159] name failslab, interval 1, probability 0, space 0, times 0 [ 1662.186747] ? lock_acquire+0x197/0x470 [ 1662.186780] ? find_held_lock+0x2c/0x110 [ 1662.186820] ? __fget_files+0x26d/0x4c0 [ 1662.191554] ? lock_downgrade+0x6d0/0x6d0 [ 1662.192439] __io_queue_sqe+0x90/0x9d0 [ 1662.193269] ? io_issue_sqe+0x7660/0x7660 [ 1662.194149] ? io_prep_rw+0x7f5/0x1050 [ 1662.194976] io_submit_sqes+0x4461/0x85c0 [ 1662.195900] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1662.196948] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1662.197961] ? lock_downgrade+0x6d0/0x6d0 [ 1662.198828] ? find_held_lock+0x2c/0x110 [ 1662.199707] ? io_submit_sqes+0x85c0/0x85c0 [ 1662.200626] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1662.201642] ? wait_for_completion_io+0x270/0x270 [ 1662.202657] ? rcu_read_lock_any_held+0x75/0xa0 [ 1662.203642] ? vfs_write+0x354/0xa70 [ 1662.204438] ? fput_many+0x2f/0x1a0 [ 1662.205211] ? ksys_write+0x1a9/0x260 [ 1662.206013] ? __ia32_sys_read+0xb0/0xb0 [ 1662.206874] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1662.207983] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1662.209068] do_syscall_64+0x33/0x40 [ 1662.209857] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1662.210925] RIP: 0033:0x7f5d818b0b19 [ 1662.211725] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1662.215509] RSP: 002b:00007f5d7ee26188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1662.217095] RAX: ffffffffffffffda RBX: 00007f5d819c3f60 RCX: 00007f5d818b0b19 [ 1662.218548] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1662.220084] RBP: 00007f5d7ee261d0 R08: 0000000000000000 R09: 0000000000000000 [ 1662.221581] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1662.223067] R13: 00007fff1ce3d42f R14: 00007f5d7ee26300 R15: 0000000000022000 [ 1662.224591] CPU: 0 PID: 12982 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1662.226059] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1662.227783] Call Trace: [ 1662.228349] dump_stack+0x107/0x167 [ 1662.229121] should_fail.cold+0x5/0xa [ 1662.229923] ? io_setup_async_rw+0x180/0x580 [ 1662.230837] should_failslab+0x5/0x20 [ 1662.231634] __kmalloc+0x72/0x390 [ 1662.232366] io_setup_async_rw+0x180/0x580 [ 1662.233230] ? iov_iter_restore+0x195/0x3a0 [ 1662.234101] io_read+0x775/0x11e0 [ 1662.234869] ? kiocb_done+0xc90/0xc90 [ 1662.235718] ? stack_trace_consume_entry+0x160/0x160 [ 1662.236793] ? lock_acquire+0x197/0x470 [ 1662.237620] ? __lock_acquire+0xbb1/0x5b00 [ 1662.238511] io_issue_sqe+0x2e12/0x7660 [ 1662.239384] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1662.240491] ? SOFTIRQ_verbose+0x10/0x10 [ 1662.241351] ? lock_chain_count+0x20/0x20 [ 1662.242234] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1662.243360] ? io_connect+0x610/0x610 [ 1662.244180] ? lock_acquire+0x197/0x470 [ 1662.245025] ? find_held_lock+0x2c/0x110 [ 1662.245900] ? __fget_files+0x26d/0x4c0 [ 1662.246750] ? lock_downgrade+0x6d0/0x6d0 [ 1662.247663] __io_queue_sqe+0x90/0x9d0 [ 1662.248505] ? io_issue_sqe+0x7660/0x7660 [ 1662.249396] ? io_prep_rw+0x7f5/0x1050 [ 1662.250236] io_submit_sqes+0x4461/0x85c0 [ 1662.251191] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1662.252259] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1662.253290] ? lock_downgrade+0x6d0/0x6d0 [ 1662.254175] ? find_held_lock+0x2c/0x110 [ 1662.255061] ? io_submit_sqes+0x85c0/0x85c0 [ 1662.255974] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1662.256977] ? wait_for_completion_io+0x270/0x270 [ 1662.258009] ? rcu_read_lock_any_held+0x75/0xa0 [ 1662.258996] ? vfs_write+0x354/0xa70 [ 1662.259809] ? fput_many+0x2f/0x1a0 [ 1662.260596] ? ksys_write+0x1a9/0x260 [ 1662.261416] ? __ia32_sys_read+0xb0/0xb0 [ 1662.262292] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1662.263428] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1662.264537] do_syscall_64+0x33/0x40 [ 1662.265338] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1662.266418] RIP: 0033:0x7fe40cf96b19 [ 1662.267230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1662.271050] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1662.272651] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1662.274141] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1662.275655] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1662.277150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1662.278643] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 [ 1662.287524] FAULT_INJECTION: forcing a failure. [ 1662.287524] name failslab, interval 1, probability 0, space 0, times 0 [ 1662.290204] CPU: 1 PID: 12981 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1662.291666] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1662.293431] Call Trace: [ 1662.293997] dump_stack+0x107/0x167 [ 1662.294774] should_fail.cold+0x5/0xa [ 1662.295596] ? create_object.isra.0+0x3a/0xa20 [ 1662.296560] should_failslab+0x5/0x20 [ 1662.297355] kmem_cache_alloc+0x5b/0x310 [ 1662.298205] ? mark_held_locks+0x9e/0xe0 [ 1662.299076] create_object.isra.0+0x3a/0xa20 [ 1662.299981] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1662.301031] kmem_cache_alloc_bulk+0x168/0x320 [ 1662.301984] io_submit_sqes+0x6f76/0x85c0 [ 1662.302869] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1662.303888] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1662.304853] ? lock_downgrade+0x6d0/0x6d0 [ 1662.305719] ? find_held_lock+0x2c/0x110 [ 1662.306543] ? io_submit_sqes+0x85c0/0x85c0 [ 1662.307450] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1662.308429] ? wait_for_completion_io+0x270/0x270 [ 1662.309399] ? rcu_read_lock_any_held+0x75/0xa0 [ 1662.310332] ? vfs_write+0x354/0xa70 [ 1662.311097] ? fput_many+0x2f/0x1a0 [ 1662.311842] ? ksys_write+0x1a9/0x260 [ 1662.312657] ? __ia32_sys_read+0xb0/0xb0 [ 1662.313473] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1662.314524] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1662.315567] do_syscall_64+0x33/0x40 [ 1662.316324] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1662.317394] RIP: 0033:0x7fcf4787bb19 [ 1662.318145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1662.321818] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1662.323350] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1662.324784] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1662.326225] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1662.327665] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1662.329098] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 20:07:49 executing program 2: openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f00000001c0)='./file0\x00', 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) r3 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) open_by_handle_at(r3, &(0x7f0000000100)=@reiserfs_2={0x8, 0x2, {0x2, 0x8000}}, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x2, 0x0, 0x0, 0xfffffffc, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r1, r0) 20:07:49 executing program 6: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = eventfd(0xfffffffb) fsetxattr(r0, &(0x7f0000000000)=@random={'security.', '\x00'}, &(0x7f00000000c0)='*\x00', 0x2, 0x3) perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) unshare(0x42000000) 20:08:05 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 36) 20:08:05 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366f6f84b00080801000440004000f801", 0x17}, {0x0, 0x0, 0x2000800}], 0x0, &(0x7f0000000040)={[{}]}) r1 = getpgrp(0x0) r2 = pidfd_open(r1, 0x0) r3 = dup(r2) pidfd_send_signal(r3, 0x0, &(0x7f0000000000), 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r3, 0xc018937a, &(0x7f00000015c0)={{0x1, 0x1, 0x18, r3, {0x8}}, './file0\x00'}) openat(r4, &(0x7f0000001600)='./file0\x00', 0x14000, 0xd0) getsockname$unix(r3, &(0x7f0000001540)=@abs, &(0x7f00000017c0)=0x6e) statx(r0, &(0x7f0000001300)='./file0\x00', 0x400, 0x8, &(0x7f0000001340)={0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$nfs4(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x3, 0x3, &(0x7f0000001280)=[{&(0x7f0000000140)="a9b1d66435aba25b43f363856bcdcdf3a7864d36560b0a43b0bb216bcab7a38023f112bd944bf3e0fce60ac3946e0eee13d8d89de88cb05433f1c639e4ff6222aac1b8cdbb90a2119f80021a7c4a9daa238fe3d866bec5312fb55821c143e315b02d9fc3aad77c427d9af94bb8d9ee734e05f49df054fbe7aed940fe426789e0bd17d1fcc71897a5bc0b97a5420f6a", 0x8f, 0x200000000000}, {&(0x7f0000000240)="c102a9276d93672f52d5363bd163f70ea3d4f925d320c6b5be97233966fb627abb715fa0cefadb550b24aa7b0b5599f365c06146b550556ae060935626ba5e64c618e7b02d8ab4034c84726977ddc5900a3a99acee0a5b5e5aba82f9a2df81d4b07b6db0ef915d66792466367dc78e5383e9368c4edaf3707876c05ff96319c6a2139571a18b362556d31c57953015fad0ec5f3053515518e89443ed0c927908e7d6b23c083c873101e1c570a6e0ce9550bbec84ed3e466ea529ec8329a3af26b594bb8fa1abd108ba0b48004bdd399180c47194cad1ae77132a34818142d704b04278f6107aa143d11612aa1962d9045073d27fe3b92e4cc7ae2fe263054a71b468c40c3736619539c3288a1a11dc8fcb11198c107fc895ee021c2aed7dd5c4978246aabc3cd6ef48dd6fa26ceff09984a54980c0e2388887e511886064dc83bf9bed559a331cba02e3553d7677a8d4b6a27236534b0f1dba92120060dc15ea173cf25317ca1da2957ae15fc5ebfdca339a35269ef9d77ce1c30207726b806b66011d322026231381ed933cdb97eba2cb7fb8eaaf207d91b7eb3b52cab8b530e28472a8a063cde9e599fbabe6b4ce478ae0a9e59364c5bb02b554ff471878302d7d9d0abdb0cef0207b8e222ecbfff219181a265c6e9f788e08429f0b5621ea4da1303c4b6d52d16825e8c9cd7522d3ebbb050c641e68b51ba9b4fa36cab70df616adb67e45dbd80e7f7ceb730516e9f1b7834156d4e185251d9c8e49df420c442332dacff49579c28ec5c60169bf525f91cdfe84abaf24f43d7b60f767d79e72c4a38ce749c3f69f58e2d9a1f70a998e5640306505484b72cbb6bfd112d869d660c9dfcaba7b61f2f1cde46357ebb9bf1162c573de80dc39b8b3475b2765b83b933a03207a4fe3a18b3e0d5c0c5ee52cc848d382769104731543baf639fbb1bbb32fe6756324c9162955b2308f49c06b7b3061b3fcc127a467939d8a68887fc2f8909976f1cb3ee068ecd2c7d56cfb1a630aece4b0204666e0db87854791a206af8abbb19293f64caa5fd7cf2050f1d6acd1838da1863a66ac13f45b467e09aa9df70e48eb506a96e1195adb056008c8e29b9bf5c5b48102fa02a58e222ccb7eac4624ed27dd9b916d1de86c8371c2d0b6b8fcac7e6ba8a3f7104708d96e6f95d788dd7925ee813b06e895c3d06c27124544864515958aa4cf3b45deeb68bf0153627866c79a820e9b56d1d0aea1a37befecda5f924f6a630f1bbb61391b833b06bb1f0249cdc8baa95a20374cc0ea5d8513fbe65903d7c8b3149e7238901e81191ee2069f3093e8c853ba319e0db2542ee982318480df5b292ab58f467a61fd5dcf482bd09e57a186c758888832bc19f71e2f934e6eac02e26f5f3d4740d3fd37952a1308c3a234fa1db61f71ea5d22be9a39dc2f244be188fd299085503375495472e65b8a6bd46157faa82a8d08ea54838b730da75220ebe0607253368d8566ec584bc3b6d4fc911c31718e1546e399d3a3928ca06ba3d40d283e8d6dbe6400f2036aff50d4ce8bc0ddbd2bad5a2a9ae3edfce1db0a2bef011e5f7bdd623ec0fcc3cc21eea40a20baae4bf4d55a778495b84d474cbf9fab299fb112bae6c7adcabccef50b12f929d51d24208c7b1408043fcab26ec105360a51880eeb33af0111fa44a94fa22fab8cb6967dd11f74c14a83e84eeaa35e9f8724cd0908e3121e0eb43dade673d0290d8d0d7aff3a7260234226abadd80f55cd237fee406d4f54fb3fa9e3310f3840f0cc6b9c2d6c9b460a18a1a40d37b778b413ef1b23a51051a50f9c01f93a75373b2db9d946bcafa5aa086ea8832fd367fee26231a950017aeef97c3e4c87bb0cbda836df4e51f09052d1096c0a1db4d718a27802301bf56e5585362683ec1602abdd488f7f446b36847fa5f039b681e27f1b243b3457f822a92bd94c4b72eb4549dc24bf83a544d95bf28980a2f09e0dc649d177c05407bea882e02ae3de2dbc93952222d58a9c7faa773a3a9eae090971def6939021529ce67d65b933a9c7edcbcd22f436fd78f3885610da34f4726bf06aa2fe3dd373d63ab04a82d1f93eb47057d26ead84d3fff86e468d184a82ebe46ec729fe3a402e7f258cf37467826a76056f3fd89ef3624fe198acbafac24ddf6304fcbaae86ba2911b7d137f6ff0a33e6b2fdcd77d4fad4d6941de054649fecca73343b431a7eeed6d80dff25b59abf876a94eec3481fa98147eaea4e6a2a6bfbef76b24c8886ba66dacd0e3e17d18e3813636052da8fa732b45a716575132c3b6299c2f48ebfa86bdb305c0d17d8dc2846b2441fac7bad1c39809f6b5ecca6bc2f5b4d090b3132a7b53f559f81bb3e37d7e6bda4edda613b0f809586b23be4d22390e13a8b8f8315768a0f6c3acae72e09a3edbbbb3589e25f41c35e99c90c2b48005774bd75b75478fe7e3e142d1a3b5f7859b557088f87f8974270a46753216a8d5574329ebbc763529f11745809098f53a41242456e4ad8fbb47a9d8cbcfe145a73889f045d948be84feaa64e0375e1d61b2f70d03d1160a2749595862f00f0bbe1e095e2ae12847a90b07e712dfa45726fada33ec1148286e60f7b83bd3f75ab023d17445f536579fa228f5bf6d7981de34e92939f5c0ae804c6b7cce57e53360871a47f9e4433ad95e69cb040e615a855729a38c817135f5f2f7516bb3e59ef0346999a74295a85085a771c74dc9b7eac3e995e033b13c05c0a779a5db73a0801b31242609861926dac895d182c61a2d44c700f0f2805b040904ebae50b6a3efbe5dd6461622faab4afa4e3a531eacca69c4e196740d51bee1d4bda76ebb31fcc6073008b6fb1db75702d38fd76444017f2f4dc16f6020101a91ae536ff9d2074f6af28c3d4030ba47c686959def34a58ec7c275b6e6ebfddc25696b9a5741fa98e05aa818894319cb24a05de026f9d3fb4e08e50f59f9dc4129c62e0f42343acb0dc22644e07f7ed687af1882d7f4e49f6a06625f7001f74bc6f6ebefbd353cc6908bba4572e42de03d0eab3987b21aedd6b795632611302f986897bb41b51ec70f0880fa125138415c9359d26d347b24b65431bbc1444d47385e31764524eca35c454c5de0921fe74dc05d2711a9a5bdc42ba7414f2d2f7e2bfb6997bc52497620c197aea5862be58692be22cbeaf5da7608a819ae3ce16127c4a9fd48c38d5b2ce80c01d802bba70d889124dd271c3b93bd53b9bef476227ab110a2106257aa28177f18c80126e3c73021440a28adb302c390b2215c66a3e457494a2df4abf1661337cd36cedfdf1ef70d2191dcdd401979431791fd6a1401a9d27498fc41271539c56b4473fae396ba56c7047c756eff54a6c3c49bc718bf536f09c87f2d6e9fafefbb0e0500a1b0b73e49fd2ee823c3a45cc04f9a3d8738a00eaa3535c0244bf1a8cdaadf2c4806bb383c1268aff8faeb19d92270b23ff98877412d1d685ca90c49780360e6763ce7bbab081369c5cc964b0d0c60ee7b641c18426a7230b005be1fea8c288b99492009daf231b96319bd4308e49b791336e24693c1bc1f5f741d5b4db20ec298e2ef0263b5338766f10d2bcd4dddc35320a36404c56d424d6fc9b6d9d2e5df3ec85c33e6bc3db72ebb2909ff73cc1a2bdf6590d7f7e9e70b8958d9c3acdc9760e21eba57f6f85e70d30c97452ef5b0a48cc655b8638ea2e48012304e3559547ce7818136b89a6b7064e699259b649e8c91ea1a40990bcbe0618b91e7047ee39d9f54f15e3e7e0de5210566c696fbd1260b1c51858be7c7d88e7bbce60369556227968025a419311e3d2100f2b77720560e34ba7a605d33adbb212ffa48915749df121b4f3611bcc2631b5bc97a0abcbd7d28c778d044e9fa4176dbbde12a412b8a0f459ff4856007779b11460bbc5823f1d0db5b8000f8c87baab7556a1cecc5b680b4b3d84ce0d5b3a5d92c920f55fae71455579891d6d3ac4d6b0c6f5dc511138dda75ae6b1b0679071b06070263fb3a31f3e03905b3e7e042d7bf75afa190ce8d985cb2fdc45d14316287f08e4dbf259c1bf32b74537b58ef1e7f47da9cbe3d2deb32df8fca3691e3dbef42ab8bcf2e082391a910349397d40f5126b24855ccb33e247946becea3f23dc3437b22c7f4e89f2f42ea6f740858d29d9576caf01d084de3626937d151d1935ed37d8d670c0a0b1911f5304647f29c4576a26ab700550bbef6e5bc230261f4e4961faa06ad3e1be3ce53704c6252c669de7abc6d74ab62c497c878bdaeae472b482eb179cb98b98ad5b4b9ac091058cc1537f46edf2a1cfdb43009f3a39573d9c61c5ce65e2dc1e1c130a999d20d1dec9d888592e2a2bf6d7af2679369e74a676d4dd9292d2bc034f7df2b10b498f1973e829bad2b340ce621f278dd95335bbc5afeb2e87315216a18d24d387a7f8f1496c317209e37ffc126a2db448884bc5c5d0b2dbd51a122a09021cd2a0058bdaed511ea542b61eeefcf503eefcca1c3832d30ee27bb6d9b360e504238178db5da9fdadc14d6af409617915b42709fadf183462b57c672c0b172054db7f3921fd8a827ea64f88d40c3b38d65a53cd11827aa053efca12aa5a4cab2c61dbe9448f96379bd395b9e9c4a51cc38a151c9196d65bf90b789c630febc5fa0f7295b845a94ad80d9105bbe5da406d2e6dd0a131043458e02a399a48d4af7ddb514d39fcc6b2d662bf8697cf7f38df31ca52dc697f75a35f2bbaa1b9fa254fca91a45a53b81be69633872cbb4ca57e692bbd5df0d5386b69d8e068f9cf72abae4785c98b5d937c4796927c8f9a709a800de539c1123ecce0e44f38f98630d768781e3811baa222c313b2c26d11bbb2846312b5ec4a1391d14861f5227f583382f3294514922dec1acb553ca5e23c2bd66797a05b668ed9a01a0e2a26c0a6b1cb4318f1ee5cc2ff45875b1b5a0313c4bef9bdf81527433f7087d2c1ee9d3f820fd793c324ee9f25b0bafdf4f1eeb79717a1fec578c649631a221fabdef34c140310a2466aed430afbdcfd7b9a357e430f2d8ccaa67c812148cd31b74c042e45d1ae9695f89b2adfc9e57af58ab62f72ad01709c825ec1524036a144d3b5b73ca656f6b97a502a3c7aaae2e7eb3581b029b576170fd5a433834fbe1fd91797403efb31491f43557e585c79af443ccf12e6e79fc266ed2261e22973b199a3a50937a0dfc303999a98fa0a104610a8acaa0e07edc4afe69835b496d0b611eb046cbecef32b28d574cd638589305742a6e50dd628e40bc47e5b734b1e6bde320710b27d5f89eac79700e3839a0b3d90ee5bf9538eddb6bf0f9ed5609a86245c20e665c38598e56746e88227a5c1bee4a12d7ed9f4ccf6f8fc82a06694b155d7f3db198f7c5b6f76740bb18416280d5809003b0d0a815f9f4ff88763080892bb8a5ac2494f895528fa2870d1a23df285db88989fbf191098ef1aa9db8fd44135e3914d97460033b9f995e8f91f66eaf0784152c3e88c8fd54a35b4170df1d2b0309123bf6dbbc059adb1c4890ba4f91a84c6ad0e9c624d539c35a991f7c183f4b9ab6334209b8918c3852168c04230d183d6d48a7d4942783cf9c3b5acc94136f8773cb261417dcacd2f683bc28b02b7696d977b2be3016140dea644ee82ffcaed542c929fb4429e41c5f206c8ae064ecc871e97b7209b299477e432bc93916d6856d4188ca09858e1d2b288220797df0fa44a777972e3f8f81731e31cc84016172321a71f095e23e4174df6a339939102c942b030d8c1fd501426bfae3ce9b309d44354", 0x1000, 0xdf79}, {&(0x7f0000001240)="a67f4954804165b199686b", 0xb, 0x8001}], 0x0, &(0x7f0000001800)={[{'/}\xb3fg\xac\xd4\xd0\xa2\xf9Jk\x03\xbb\xc2\xad\x94\xf8\xe8\x0e)-\xcbC\xf7\x9am\xb5\xb7\xa4\xa6\x9c\x97\xff\xc2\xe6\",\xb2\xca!\xfdQ~>[\x9c\xa3\x9a\xf7\xa7\x00\xc9\xc4K&V\xe0\x98:\x1f\xf43\xbf\xed\xc1t\xf5\x1b\xcf\xdc\x00\x00\x82\xf4y\xcd<>\x17v^\xc1\xdd;\x871\x8d\x95h\x82>3\xf3\x9bL\xcdr=\xa2\xa1GW\xc6\\\x9c\xba\x14s\n\xe6\xfc$\xf9J\x8c*\xcd\xdc\x7fXckb\x81l\x9b\xa1\xb5F\xa1:\x1a\xa0Y\xfe3\x98\xc0\xcb\xeb'}, {'\x18&\xcc\xf7\x81\xea\x92U\x03Qt|_\x85\xc4U\xf8Y\xdc\x052^\x06iY$Y\xb6\xd3\xe6\x8a\xaf\xa7\xcc6;1\xb2\x01\x00\x01\x00\x00\x00\x00\x00\xf2\xc9\xcbg\xa9\x1a\xbb$c\xb2\xac\xb6\x89\r9\xdf<\x01\x00\x00\x00\x00\x00\x00\x00\x83\xb0\xf7\xf64]\xb4-\xed\x92\xdd@\xaa\xf8\xc8\xb6\\D\xb4\xfe\xf3\xd5\x04[\xf3\xe0T\xfd\xdb(\x97\x84p)`\xed\x15W\xd3\xcc\xe4\xa3j\xce\xb2\x97oH/T\n\xe1\x99m\x8a\xca\xc5\xd3\xc2\xda\x8a\xccU\xb6(a\xa4\xb6\x06+\x12\x9f\xc2\x8b\x89*1\xe1w\'xz@\b\\g\xde\x1de\xe9!\x8c\xaf\xa8\xe82\xd4\x82,\x8e\xa4G\x9e3\xf7/\x84C.\xcb\xba\x035\xb5T)\xbf\x03[\x05T`\xf6\xd1+\x0eA\xeb\\\t\xe4H\x9e \xa4\x02\x876l\xa0\x8a<\x13>\xf8'}, {'check=relaxed'}, {'vfat\x00'}, {'vfat\x00'}], [{@permit_directio}, {@fowner_lt={'fowner<', r5}}, {@hash}, {@subj_type={'subj_type', 0x3d, '/}'}}, {@subj_type={'subj_type', 0x3d, '.$'}}]}) readlink(&(0x7f0000001440)='./file0\x00', &(0x7f0000001480)=""/175, 0xaf) 20:08:05 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0x0) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:08:05 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 21) 20:08:05 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x93, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat2(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x40}, 0x18) r0 = gettid() syz_io_uring_setup(0x3167, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000002c0)=0x0, &(0x7f0000000340)=0x0) r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r4 = getpgrp(0x0) pidfd_open(r4, 0x0) r5 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000140), 0x240800, 0x0) timer_create(0x0, &(0x7f0000000180)={0x0, 0x11, 0x1, @tid=r0}, &(0x7f0000000240)) kcmp(r0, r4, 0x3, r3, r5) r6 = dup2(r3, r3) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r6, 0x80, &(0x7f00000001c0)=@sco}, 0x0) r7 = fork() r8 = getpgrp(0x0) pidfd_open(r8, 0x0) perf_event_open(&(0x7f00000000c0)={0x3, 0x80, 0x21, 0x89, 0x3, 0x7, 0x0, 0x0, 0x40000, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x3, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0xc}, 0x800, 0x3, 0x7, 0x8, 0x3, 0xf3, 0x6, 0x0, 0x1c5, 0x0, 0x3}, r8, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) tkill(r7, 0x14) ptrace$setsig(0x4203, r7, 0x90, &(0x7f0000001300)={0x11, 0x3, 0x2}) 20:08:05 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) write$binfmt_elf64(r0, &(0x7f0000000140)=ANY=[@ANYBLOB="7f454c46e006fa9ea2a413ffffffff4112c04ca10007fff11b548f000000b9e380be73620fffffffe400003e60152e0a8a6e8d9c29f3e3d84be69c5343ea01cc93748a32350ced75748ae87534f590a6462665371286f70d30ffb2ff19c1900e50a56cfe7e9b46f762300600b2e834bf8ed6eaef00000000c471455f8f96487005d05367cf682af80a1fd55b89deee2e6d21f2132bd86c137181c5ca60c82518d3532bb356af21d42c8978a14ae5f72d5df2e7d2a70994adc1201d502bf32f61bcd4c9f40c5bff"], 0xaf2) close(r0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) openat$vcsu(0xffffffffffffff9c, &(0x7f0000000280), 0x10802, 0x0) sendmsg$SMC_PNETID_ADD(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x1, 0x70bd27, 0xffffffc0, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80c0}, 0x10000004) execveat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0, 0x1000) 20:08:05 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 33) 20:08:05 executing program 4: r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x0) r1 = socket$inet(0x2, 0xb, 0x7) connect$inet(0xffffffffffffffff, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2a}}, 0x10) shutdown(r1, 0x1) bind$inet(0xffffffffffffffff, &(0x7f0000000280)={0x2, 0x4e22, @loopback}, 0x10) recvfrom(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000400)=@tipc=@id={0x1e, 0x3, 0x1, {0x4e24, 0x3}}, 0x80) fsetxattr$security_capability(r0, &(0x7f0000000000), &(0x7f0000000040)=@v1={0x1000000, [{0x5, 0x400}]}, 0xc, 0x0) r2 = openat$sr(0xffffffffffffff9c, &(0x7f00000002c0), 0x1c1e02, 0x0) ioctl$CDROMRESET(r2, 0x5329) unshare(0x48020200) unshare(0xa000000) r3 = accept$inet(r1, 0x0, &(0x7f0000000080)) getsockopt$EBT_SO_GET_INIT_ENTRIES(r3, 0x0, 0x83, &(0x7f00000001c0)={'filter\x00', 0x0, 0x3, 0x68, [0x4, 0x1, 0xffff, 0xf9, 0x936, 0x3], 0x5, &(0x7f00000000c0)=[{}, {}, {}, {}, {}], &(0x7f0000000140)=""/104}, &(0x7f0000000300)=0x78) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f00000006c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000700)=ANY=[@ANYBLOB="296d63023d49aee21ca46f8ca0a4af26e231527f89996b7dae448c228d3ca9cdec3ae11383683ac920e760b5644770e1413877f091db4537c2ec9611cfad1f4d6452280d181f98440d1327a8937ed2b7e8abe3b7a8cff0e84f82a52b0ff7d8ad04e7f1bf7ca96d3edd03a811afad2fd399fae037cd7f7985bb214561e2eb869ae941c112d119", @ANYRES16=r4, @ANYBLOB="0100000000000100ed5461e715b4ab971f0430cfd2c3a25ee6d382cce1cfeaf41c629dccdf86cc082e56aea3aa566cabc9a74553f459ce71e9259619b932c56190d890170f8f4d8dbc28ee5c360e19fcd781607e058c047cfe49c9697a096bbc34218b9dbc4f8c0dfacadb3d9428173e3cb50fe19ad0a9e8af66f8769d74d8ca8e12caf78f0bcff07f7edf26e567c6794f8bee1ccc2765b781d8bbe1a8d27b2ca289b96a73430528c417e73f517350e04e6dd9c7b8cb6f25f93ea150eff098b3df7c8cb4baccf5f9e83c", @ANYRES32=r5, @ANYBLOB="0c00a93198f5511828050000"], 0x2c}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(0xffffffffffffffff, 0x89f7, &(0x7f0000000640)={'ip6_vti0\x00', &(0x7f00000004c0)={'syztnl1\x00', r5, 0x29, 0x5, 0x20, 0x101, 0x10, @private2={0xfc, 0x2, '\x00', 0x1}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x7800, 0x8, 0x1, 0x400}}) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(0xffffffffffffffff, 0x89f7, &(0x7f0000000380)={'ip6tnl0\x00', &(0x7f0000000000)={'ip6gre0\x00', r5, 0x4, 0x1, 0x0, 0x7, 0x12, @local, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x8000, 0x7800, 0xffff, 0x4}}) sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000540)=ANY=[@ANYBLOB="09fa7600", @ANYRES16=0x0, @ANYBLOB="00012dbd7000fcdbdf2501000000080003000400000048000180060001000a000000050002006e0000000800060001000000140004002001000000000000000000000000000208000700", @ANYRES32=r5, @ANYBLOB="08000300e0000002080006000200000008000200010000000c00018008000300ac1414bb"], 0x78}}, 0x4000000) [ 1678.567618] FAULT_INJECTION: forcing a failure. [ 1678.567618] name failslab, interval 1, probability 0, space 0, times 0 [ 1678.570290] CPU: 0 PID: 13013 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1678.571701] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1678.573372] Call Trace: [ 1678.573913] dump_stack+0x107/0x167 [ 1678.574655] should_fail.cold+0x5/0xa [ 1678.575448] ? create_object.isra.0+0x3a/0xa20 [ 1678.576372] should_failslab+0x5/0x20 [ 1678.577139] kmem_cache_alloc+0x5b/0x310 [ 1678.577960] ? mark_held_locks+0x9e/0xe0 [ 1678.578784] create_object.isra.0+0x3a/0xa20 [ 1678.579680] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1678.580712] kmem_cache_alloc_bulk+0x168/0x320 [ 1678.581640] io_submit_sqes+0x6f76/0x85c0 [ 1678.582509] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1678.583528] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1678.584519] ? lock_downgrade+0x6d0/0x6d0 [ 1678.585349] ? find_held_lock+0x2c/0x110 [ 1678.586169] ? io_submit_sqes+0x85c0/0x85c0 [ 1678.587044] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1678.588022] ? wait_for_completion_io+0x270/0x270 [ 1678.588993] ? rcu_read_lock_any_held+0x75/0xa0 [ 1678.589925] ? vfs_write+0x354/0xa70 [ 1678.590676] ? fput_many+0x2f/0x1a0 [ 1678.591418] ? ksys_write+0x1a9/0x260 [ 1678.592182] ? __ia32_sys_read+0xb0/0xb0 [ 1678.593002] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1678.594076] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1678.595161] do_syscall_64+0x33/0x40 [ 1678.595935] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1678.596978] RIP: 0033:0x7fcf4787bb19 [ 1678.597731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1678.601463] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1678.602993] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1678.604446] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1678.605894] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1678.607359] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1678.608809] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 20:08:05 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r2, 0x8914, &(0x7f0000000140)={'lo\x00'}) fallocate(r2, 0x44, 0x6, 0x6) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000140)={'lo\x00', 0x0}) bind$packet(r1, &(0x7f00000017c0)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @remote}, 0x14) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0x500000001) [ 1678.638412] FAULT_INJECTION: forcing a failure. [ 1678.638412] name failslab, interval 1, probability 0, space 0, times 0 [ 1678.641037] CPU: 0 PID: 13011 Comm: syz-executor.1 Not tainted 5.10.180 #1 [ 1678.642453] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1678.644168] Call Trace: [ 1678.644738] dump_stack+0x107/0x167 [ 1678.645514] should_fail.cold+0x5/0xa [ 1678.646354] ? create_object.isra.0+0x3a/0xa20 [ 1678.647570] should_failslab+0x5/0x20 [ 1678.648586] kmem_cache_alloc+0x5b/0x310 [ 1678.649652] create_object.isra.0+0x3a/0xa20 [ 1678.650566] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1678.651624] __kmalloc+0x16e/0x390 [ 1678.652373] io_setup_async_rw+0x180/0x580 [ 1678.653257] ? iov_iter_restore+0x195/0x3a0 [ 1678.654167] io_read+0x775/0x11e0 [ 1678.654905] ? kiocb_done+0xc90/0xc90 [ 1678.655734] ? stack_trace_consume_entry+0x160/0x160 [ 1678.656787] ? lock_acquire+0x197/0x470 [ 1678.657619] ? __lock_acquire+0xbb1/0x5b00 [ 1678.658508] io_issue_sqe+0x2e12/0x7660 [ 1678.659344] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1678.660396] ? SOFTIRQ_verbose+0x10/0x10 [ 1678.661219] ? lock_chain_count+0x20/0x20 [ 1678.662061] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1678.663127] ? io_connect+0x610/0x610 [ 1678.663906] ? lock_acquire+0x197/0x470 [ 1678.664707] ? find_held_lock+0x2c/0x110 [ 1678.665529] ? __fget_files+0x26d/0x4c0 [ 1678.666335] ? lock_downgrade+0x6d0/0x6d0 [ 1678.667174] __io_queue_sqe+0x90/0x9d0 [ 1678.667979] ? io_issue_sqe+0x7660/0x7660 [ 1678.668817] ? io_prep_rw+0x7f5/0x1050 [ 1678.669610] io_submit_sqes+0x4461/0x85c0 [ 1678.670474] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1678.671491] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1678.672466] ? lock_downgrade+0x6d0/0x6d0 [ 1678.673292] ? find_held_lock+0x2c/0x110 [ 1678.674112] ? io_submit_sqes+0x85c0/0x85c0 [ 1678.674987] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1678.675971] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1678.677037] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1678.678126] ? trace_hardirqs_on+0x5b/0x180 [ 1678.679009] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1678.680108] ? __io_uring_cancel+0x20/0x20 [ 1678.680975] do_syscall_64+0x33/0x40 [ 1678.681730] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1678.682764] RIP: 0033:0x7f5d818b0b19 [ 1678.683530] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1678.687222] RSP: 002b:00007f5d7ee26188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1678.688757] RAX: ffffffffffffffda RBX: 00007f5d819c3f60 RCX: 00007f5d818b0b19 [ 1678.690191] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1678.691642] RBP: 00007f5d7ee261d0 R08: 0000000000000000 R09: 0000000000000000 [ 1678.693080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1678.694518] R13: 00007fff1ce3d42f R14: 00007f5d7ee26300 R15: 0000000000022000 [ 1678.708517] FAULT_INJECTION: forcing a failure. [ 1678.708517] name failslab, interval 1, probability 0, space 0, times 0 [ 1678.711055] CPU: 0 PID: 13017 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1678.712450] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1678.714107] Call Trace: [ 1678.714641] dump_stack+0x107/0x167 [ 1678.715384] should_fail.cold+0x5/0xa [ 1678.716149] ? create_object.isra.0+0x3a/0xa20 [ 1678.717068] should_failslab+0x5/0x20 [ 1678.717835] kmem_cache_alloc+0x5b/0x310 [ 1678.718655] create_object.isra.0+0x3a/0xa20 [ 1678.719563] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1678.720579] __kmalloc+0x16e/0x390 [ 1678.721306] io_setup_async_rw+0x180/0x580 [ 1678.722156] ? iov_iter_restore+0x195/0x3a0 [ 1678.723025] io_read+0x775/0x11e0 [ 1678.723744] ? kiocb_done+0xc90/0xc90 [ 1678.724537] ? stack_trace_consume_entry+0x160/0x160 [ 1678.725580] ? lock_acquire+0x197/0x470 [ 1678.726386] ? __lock_acquire+0xbb1/0x5b00 [ 1678.727250] io_issue_sqe+0x2e12/0x7660 [ 1678.728059] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1678.729112] ? SOFTIRQ_verbose+0x10/0x10 [ 1678.729931] ? lock_chain_count+0x20/0x20 [ 1678.730771] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1678.731841] ? io_connect+0x610/0x610 [ 1678.732625] ? lock_acquire+0x197/0x470 [ 1678.733427] ? find_held_lock+0x2c/0x110 [ 1678.734272] ? __fget_files+0x26d/0x4c0 [ 1678.735072] ? lock_downgrade+0x6d0/0x6d0 [ 1678.735918] __io_queue_sqe+0x90/0x9d0 [ 1678.736715] ? io_issue_sqe+0x7660/0x7660 [ 1678.737555] ? io_prep_rw+0x7f5/0x1050 [ 1678.738346] io_submit_sqes+0x4461/0x85c0 [ 1678.739227] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1678.740233] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1678.741209] ? lock_downgrade+0x6d0/0x6d0 [ 1678.742044] ? find_held_lock+0x2c/0x110 [ 1678.742871] ? io_submit_sqes+0x85c0/0x85c0 [ 1678.743760] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1678.744739] ? wait_for_completion_io+0x270/0x270 [ 1678.745716] ? rcu_read_lock_any_held+0x75/0xa0 [ 1678.746644] ? vfs_write+0x354/0xa70 [ 1678.747401] ? fput_many+0x2f/0x1a0 [ 1678.748119] ? ksys_write+0x1a9/0x260 [ 1678.748973] ? __ia32_sys_read+0xb0/0xb0 [ 1678.750002] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1678.751362] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1678.752567] do_syscall_64+0x33/0x40 [ 1678.753346] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1678.754421] RIP: 0033:0x7fe40cf96b19 [ 1678.755184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1678.758970] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1678.760511] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1678.761940] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1678.763399] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1678.764831] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1678.766260] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 20:08:05 executing program 6: r0 = msgget$private(0x0, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) connect$inet6(r1, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000001c40)={0x3, 0x7}, 0x4) r3 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000140)={{0x1, 0x1, 0x18, r3}, './file0\x00'}) msgrcv(r0, &(0x7f0000000240)={0x0, ""/213}, 0xdd, 0x0, 0x0) getsockopt$bt_hci(r3, 0x0, 0x2, &(0x7f0000000100)=""/215, &(0x7f0000000200)=0xd7) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x44}, 0x0, 0xd0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmmsg$inet6(r1, &(0x7f0000004d00), 0x2f, 0x0) 20:08:06 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000140)={'lo\x00', 0x0}) bind$packet(r1, &(0x7f0000000240)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @remote}, 0x14) r4 = dup2(0xffffffffffffffff, r0) recvmmsg$unix(r0, &(0x7f0000004a80)=[{{&(0x7f0000000080), 0x6e, &(0x7f0000000180)=[{&(0x7f0000000100)=""/34, 0x22}, {&(0x7f0000000280)=""/109, 0x6d}, {&(0x7f0000000300)=""/110, 0x6e}], 0x3, &(0x7f0000000380)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x60}}, {{0x0, 0x0, &(0x7f0000001800)=[{&(0x7f0000000400)=""/112, 0x70}, {&(0x7f0000000480)=""/250, 0xfa}, {&(0x7f0000000200)=""/11, 0xb}, {&(0x7f0000000580)=""/96, 0x60}, {&(0x7f0000000600)=""/195, 0xc3}, {&(0x7f0000000700)=""/4096, 0x1000}, {&(0x7f0000001700)=""/56, 0x38}, {&(0x7f0000001740)=""/140, 0x8c}], 0x8, &(0x7f0000001880)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf8}}, {{&(0x7f0000001980), 0x6e, &(0x7f0000001c40)=[{&(0x7f0000001a00)=""/201, 0xc9}, {&(0x7f0000001b00)=""/108, 0x6c}, {&(0x7f0000001b80)=""/176, 0xb0}], 0x3, &(0x7f0000001c80)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x98}}, {{&(0x7f0000001e00), 0x6e, &(0x7f00000023c0)=[{&(0x7f0000001d40)=""/38, 0x26}, {&(0x7f0000001e80)=""/73, 0x49}, {&(0x7f0000001f00)=""/204, 0xcc}, {&(0x7f0000002000)=""/111, 0x6f}, {&(0x7f0000002080)=""/84, 0x54}, {&(0x7f0000002100)=""/218, 0xda}, {&(0x7f0000002200)=""/179, 0xb3}, {&(0x7f00000022c0)=""/255, 0xff}], 0x8, &(0x7f0000002440)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xa8}}, {{&(0x7f0000002500)=@abs, 0x6e, &(0x7f0000003800)=[{&(0x7f0000002580)=""/76, 0x4c}, {&(0x7f0000002600)=""/74, 0x4a}, {&(0x7f0000002680)=""/4096, 0x1000}, {&(0x7f0000003680)=""/113, 0x71}, {&(0x7f0000003700)=""/72, 0x48}, {&(0x7f0000003780)=""/86, 0x56}], 0x6}}, {{&(0x7f0000003880)=@abs, 0x6e, &(0x7f0000004a00)=[{&(0x7f0000003900)=""/211, 0xd3}, {&(0x7f0000003a00)=""/4096, 0x1000}], 0x2, &(0x7f0000004a40)=[@rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x38}}], 0x6, 0x10000, &(0x7f0000004c00)={0x0, 0x3938700}) sendfile(r4, r5, &(0x7f0000004c40)=0x10001, 0x386040000000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0x500000001) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0) creat(&(0x7f0000000040)='./file1\x00', 0x12) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0) 20:08:06 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 34) [ 1679.030563] FAULT_INJECTION: forcing a failure. [ 1679.030563] name failslab, interval 1, probability 0, space 0, times 0 [ 1679.033235] CPU: 1 PID: 13041 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1679.034701] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1679.036401] Call Trace: [ 1679.036973] dump_stack+0x107/0x167 [ 1679.037753] should_fail.cold+0x5/0xa [ 1679.038583] ? create_object.isra.0+0x3a/0xa20 [ 1679.039540] should_failslab+0x5/0x20 [ 1679.040341] kmem_cache_alloc+0x5b/0x310 [ 1679.041207] ? mark_held_locks+0x9e/0xe0 [ 1679.042061] create_object.isra.0+0x3a/0xa20 [ 1679.042990] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1679.044074] kmem_cache_alloc_bulk+0x168/0x320 [ 1679.045052] io_submit_sqes+0x6f76/0x85c0 [ 1679.045969] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1679.047021] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1679.048030] ? lock_downgrade+0x6d0/0x6d0 [ 1679.048906] ? find_held_lock+0x2c/0x110 [ 1679.049776] ? io_submit_sqes+0x85c0/0x85c0 [ 1679.050682] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1679.051711] ? wait_for_completion_io+0x270/0x270 [ 1679.052725] ? rcu_read_lock_any_held+0x75/0xa0 [ 1679.053712] ? vfs_write+0x354/0xa70 [ 1679.054502] ? fput_many+0x2f/0x1a0 [ 1679.055303] ? ksys_write+0x1a9/0x260 [ 1679.056104] ? __ia32_sys_read+0xb0/0xb0 [ 1679.056959] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1679.058063] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1679.059133] do_syscall_64+0x33/0x40 [ 1679.059945] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1679.061003] RIP: 0033:0x7fcf4787bb19 [ 1679.061795] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1679.065507] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1679.067077] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1679.068553] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1679.070000] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1679.071466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1679.072921] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 20:08:06 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000100)='net/udplite\x00') r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = socket$inet_udplite(0x2, 0x2, 0x88) syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000340)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r3, 0x0, 0x0, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_complete(r3) syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000340)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r5, 0x0, 0x0, 0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, 0x0}, 0x0) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r3, r6, &(0x7f00000000c0)=@IORING_OP_WRITE={0x17, 0x2, 0x4000, @fd, 0x7fff, &(0x7f0000000500)="64b73e3d81ae17b2ffa34a0099e60f10c33db9a499db0443f092c093f6cf5666c117c98380773ee96078f67659c7a8fcd2f3441d4e5dc539cd8cb8ee463bd8b5b82dead8b503313e2cd0c3510eb502b33f1c43a0852b1613f1c95b24f5f56dd8336b9e91375f0449903f541bdc385936d2393359968130299b4c93715ab3f01a3a34418bf36f649274232eb32923b19087210e83f0880c7cfd67b89b101e31519c9cf2f91fa2798d89694a66b2437b8bceb0c6e223c23737de7caff6e7eb9febfc62e9a7238b38048a8b436554be9f", 0xcf, 0x8, 0x0, {0x0, r7}}, 0x9) sendmmsg$inet(r2, &(0x7f0000001740)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) syz_open_dev$vcsn(&(0x7f00000002c0), 0x10001, 0x4000) sendmmsg$inet(r1, &(0x7f0000001740)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) readv(r0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/141, 0x8d}, {&(0x7f0000000140)=""/241, 0xf1}, {&(0x7f0000000240)=""/57, 0x39}], 0x3) r8 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000140)={'lo\x00'}) getsockopt$inet6_IPV6_IPSEC_POLICY(r8, 0x29, 0x22, &(0x7f0000000400)={{{@in=@dev, @in6=@private0}}, {{@in=@multicast2}, 0x0, @in=@remote}}, &(0x7f0000000300)=0xe8) open_tree(0xffffffffffffffff, &(0x7f00000003c0)='./file0\x00', 0x1100) 20:08:06 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0x0) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:08:06 executing program 2: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000440)=[{&(0x7f0000000040)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {0x0, 0x0, 0x4e0}, {0x0, 0x0, 0xffffffffdffffff8}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000011600)="ed41000000080000dff46552e0f4655fe0f4655f000000000000040004", 0x1d, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='usrjquopa=,\x00']) mmap$IORING_OFF_SQES(&(0x7f0000ff3000/0xc000)=nil, 0xc000, 0x2000002, 0x10, 0xffffffffffffffff, 0x10000000) pkey_mprotect(&(0x7f0000ff4000/0x4000)=nil, 0x4000, 0x0, 0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000001c00)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000380000,noextend,dfltgid=', @ANYRESHEX=0x0, @ANYBLOB="2c00ab0d79d6c54d7506c80f00a4e52a52128cf34ef83482a3cac73c3ed12873e0d7659500e45d99fa93583e3a56bd88180632f10efc8b91b86cdd79ef8b6773c1931af09b2c72092e439c56d02938a911954caa44ac893dbb5203"]) setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, &(0x7f00000001c0)="e52ef1a3fa36e399239b154a2561cbb2", 0x10) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x80000001, @loopback}, 0x1c) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000200)={0x53, 0xfffffffffffffffc, 0xc, 0x0, @buffer={0x0, 0xba, &(0x7f0000000000)=""/186}, &(0x7f00000000c0)="a72217d9c90938b28a946a86", &(0x7f0000000180)=""/13, 0x400, 0x0, 0x0, 0x0}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000280)={0x0}, &(0x7f00000002c0)=0xc) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f00000023c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x8}}, './file1\x00'}) r2 = accept4$inet6(r0, &(0x7f0000001b40)={0xa, 0x0, 0x0, @loopback}, &(0x7f0000001b80)=0x1c, 0x100800) ioctl$sock_SIOCOUTQ(r2, 0x5411, &(0x7f0000001bc0)) msgctl$IPC_SET(0xffffffffffffffff, 0x1, &(0x7f0000000300)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0x0, 0x7f, 0x40000, 0x7, 0x6, 0x0, 0x1, 0x9, 0x4, r1}) r3 = pkey_alloc(0x0, 0x3) pkey_mprotect(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x4, r3) process_vm_readv(r1, &(0x7f0000000800)=[{&(0x7f00000002c0)=""/203, 0xcb}, {&(0x7f00000003c0)=""/14, 0xe}, {&(0x7f0000000400)=""/28, 0x1c}, {&(0x7f0000000540)=""/123, 0x7b}, {&(0x7f00000005c0)=""/92, 0x5c}, {&(0x7f0000000640)=""/116, 0x74}, {&(0x7f00000006c0)=""/75, 0x4b}, {&(0x7f0000000740)=""/162, 0xa2}], 0x8, &(0x7f0000001b00)=[{&(0x7f0000000880)=""/212, 0xd4}, {&(0x7f0000000980)=""/4096, 0x1000}, {&(0x7f0000001980)=""/109, 0x6d}, {&(0x7f0000001a00)=""/199, 0xc7}], 0x4, 0x0) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0xa, 0x0, 0x0) open(&(0x7f0000000280)='./file1\x00', 0x200241, 0x0) listen(r0, 0x0) 20:08:06 executing program 3: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r2, 0x8914, &(0x7f0000000140)={'lo\x00'}) r3 = syz_open_dev$ptys(0xc, 0x3, 0x1) sendfile(r2, r3, &(0x7f0000000000)=0x1, 0x8) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 20:08:06 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 37) [ 1679.474311] FAULT_INJECTION: forcing a failure. [ 1679.474311] name failslab, interval 1, probability 0, space 0, times 0 [ 1679.476772] CPU: 1 PID: 13057 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1679.476792] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1679.476801] Call Trace: [ 1679.476841] dump_stack+0x107/0x167 [ 1679.476881] should_fail.cold+0x5/0xa [ 1679.482144] ? create_object.isra.0+0x3a/0xa20 [ 1679.483108] should_failslab+0x5/0x20 [ 1679.483929] kmem_cache_alloc+0x5b/0x310 [ 1679.484789] ? mark_held_locks+0x9e/0xe0 [ 1679.485659] create_object.isra.0+0x3a/0xa20 [ 1679.486596] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1679.487677] kmem_cache_alloc_bulk+0x168/0x320 [ 1679.488648] io_submit_sqes+0x6f76/0x85c0 [ 1679.489585] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1679.490631] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1679.491653] ? lock_downgrade+0x6d0/0x6d0 [ 1679.492544] ? find_held_lock+0x2c/0x110 [ 1679.493419] ? io_submit_sqes+0x85c0/0x85c0 [ 1679.494349] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1679.495382] ? wait_for_completion_io+0x270/0x270 [ 1679.496397] ? rcu_read_lock_any_held+0x75/0xa0 [ 1679.497362] ? vfs_write+0x354/0xa70 [ 1679.498168] ? fput_many+0x2f/0x1a0 [ 1679.498935] ? ksys_write+0x1a9/0x260 [ 1679.499750] ? __ia32_sys_read+0xb0/0xb0 [ 1679.500627] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1679.501731] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1679.502793] do_syscall_64+0x33/0x40 [ 1679.503583] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1679.504641] RIP: 0033:0x7fe40cf96b19 [ 1679.505427] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1679.509216] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1679.510809] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1679.512327] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1679.513825] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1679.515326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1679.516825] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 20:08:21 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 22) 20:08:21 executing program 4: connect$inet6(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x248e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x107100, 0x0) read(r1, &(0x7f0000000000), 0x1b4000) io_setup(0xf7, &(0x7f0000000000)=0x0) r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000001c0)={&(0x7f00000003c0)={0xb8, 0x2a, 0x300, 0x70bd2d, 0x25dfdbfc, {0x19}, [@typed={0x4, 0x56}, @typed={0x4, 0x31}, @generic="6d7ad144c7ddb3950c64e3a2385f102065d5be016f51a9f15c6e634db44223ca610b57da82aa86b66813e0a7269f7b49374df9bed7eb7c5bfe64d71a68b0ccb53547e8cf4652ac53a3833561cc8e86173ba2939db8ec3bbd7b11c397f526a55e419a626380f3571bbdf1364524c369c930effcd0c80c6c80d4001a079900475bdfd825ea9be1a8d2dc19de7bf932650a7f54250f19430e6fc3ac37"]}, 0xb8}, 0x1, 0x0, 0x0, 0xc000}, 0x24044080) io_submit(r2, 0x3, &(0x7f0000000380)=[&(0x7f0000001080)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x3000000}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}]) connect$inet6(r3, &(0x7f00000002c0)={0xa, 0x4e21, 0x7, @private2, 0x3}, 0x1c) capget(&(0x7f0000000040)={0x20071026}, &(0x7f00000000c0)={0x7, 0x1, 0x400, 0x7, 0x8}) clone3(&(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 20:08:21 executing program 6: msgsnd(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="03000000000000008aed6ec1573f403502a98e514c30a1e0e1ca15478fdc5fffa8d68c34de283e43295fa17c355996bbc803ada07b16588ece298d647c15b8feb945f0779335667f4b1390c6872c99f05bb6aab86e59ee1decbc03938e24024a3ee06f127b9c425fef9dbc4c5d200324125300c5ea91b50cf16348eb70392314edc9afa6a5ddf45450fa0aaf66398c3d54e9b090cf8d5f8e7d2d57bc4c221b17ce8d18a08d672837faf3d2fcf61d7ad89792e444d3def9a8f3c53953c2648708a7ca863855e44e0e5511187c5e2156a7195ada4d582ca19287b1174b09c6ee53a9dc2ff375f36ebcffe8f40e981bfbcbc800d07ff476dde5877ca16ca5838894a8351dbd08de979893987ac78e52aa472d63a13431c99e5d30971e23be14c71406f69a0a1cf5260bd3340637638e40ac10e590ef292f206ef4f374ae712175957c794c19e52640e4ce5e62b0ac82c83e79b5c9115cadfe3fae36a7b053d2a7251929c2e2b0a0fdd4bfb1bc9e075ccdac03a430d507e872f0b68b6a8cf5086c77fad4fe2b3f9ea145c99a6be40073c439244b476e74c6397405ee840f9e5041e188d83a3b586e43e79995c6a47db0eb6886c7fe6dbf6f269d75283d4882b76880348a63bb47bb802a5f039e81c807e4c4d1ceced26781a4cbcb0d96ec65d8c8d3927af3950a3876504ba821ad14cbbaf8e77daa9e7704d315071dae8b8ac02d63da1752c1113541a1478cbd0ce1f0b236af7193ca974fc481ce68bde62b6b90f017129728041fb982f4e52d119de3c28eea914dbe64e4a9f6fa84bc0a43289446d0d3cc65c98455856eb6c1a5cf6f23fe9ae24fa133e465309ec386ebef006f681b5fa453e0aa45892c1cf8fff09308a9cfa87a0f125281de9ed4f84c7a675c76838fd80efd452b9c4f5707a0e78cc4357ba8747941972c6f6f56ffe8f9b9717e7e15c2daa4da45848896b40b3c37409c983291a894478b2fa39d2855c97ffb2949f6d9790902cf163b32759a6886db7ad4354f4d4dfdc7718da7ee0fbaec1bd18e817473af5bd6f5c6d5bcfd26f2161dbd420bc32369c7f47ea3656ecf2fe38886ff1e3806a03bcd09da19a4a90499c5f5bf5b259f0bde346780e07f7168f95a0136a985aee65e1993e7e51c088212aa4bf160f055a5b141330c3036d78c376c6b1984c3b2d3a1a8dfee9255263ef35c46a153c1dba76adc020f2367295703cb33b79f5780cb7cf8c8198a153d9a489dccbd93d51d7f0876204b40b613b7a80e9f69b39704395e5513a50b5cdabb146d5b137e023e1db42090c40679c15d2140aec7c25a9f827cfaced207ab6bc2f7eb3347261f87a31af4ba2f4607dde35d5ac65b154149911b4be1603b30b2972cfecd79cbe0617cf285a1a5bf6aa3d5fed64fd2608febee42900cf98cef837f253f1cd5f0e83ae8d0dbe4"], 0x3f9, 0x0) msgctl$IPC_RMID(0x0, 0x0) msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000040)=""/47) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(0x0, 0x0) r0 = getpgrp(0x0) setpriority(0x0, r0, 0x0) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000001c00), 0x0, 0x10000, &(0x7f0000001c40)={0x0, 0x989680}) r1 = getpgrp(0x0) setpriority(0x0, r1, 0x0) r2 = getpgrp(0x0) setpriority(0x0, r2, 0x0) r3 = getpgrp(0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff) setpriority(0x0, r3, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000001cc0)='/sys/power/pm_async', 0x80100, 0x60) write(0xffffffffffffffff, &(0x7f0000000240)="01", 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x18}, 0x0, 0x0, 0x1002}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f00000000c0)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1480}, {&(0x7f0000000540)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[]) setpriority(0x1, 0x0, 0x9) 20:08:21 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0x0) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:08:21 executing program 2: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x23, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000290000000f000000000000000200000002000000008000000080000020000000d3f4655fd3f4655f0100ffff53ef010001000000d3f4655f000000000000000001000000000000000b000000800000000800000052470000620100000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e39313835313737393300"/192, 0xc0, 0x400}, {&(0x7f0000010100)="0000000000000000000000001990af8004b0449aa6346f3aaa58d0b5010000000c00000000000000d3f4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="0100000000000500080000000000000000000000040000007200000000000000", 0x20, 0x560}, {&(0x7f0000010300)="030000000400"/32, 0x20, 0x640}, {&(0x7f0000010400)="02000000120000002200000029000f0003000400"/32, 0x20, 0x1000}, {&(0x7f0000010500)="ff3f0c00fc010000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050266696c65300000000f0000001000050166696c6531000000100000001000050166696c6532000000100000001000050166696c653300000011000000940f090166696c652e636f6c64000000", 0x1080, 0x2000}, {&(0x7f0000011600)="0b0000000c0001022e00000002000000f40f02022e2e00"/32, 0x20, 0x4000}, {&(0x7f0000011700)="00000000001000"/32, 0x20, 0x5000}, {&(0x7f0000011800)="000000000010000000000000000000000000f6b08c84a0941b00000000000000", 0x20, 0x6000}, {&(0x7f0000011900)="00000000001000"/32, 0x20, 0x7000}, {&(0x7f0000011a00)="504d4d00504d4dffd3f4655f00000000647679756b6f762d676c6170746f70320000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006c6f6f7033300075782f746573742f73797a5f6d6f756e745f696d6167655f650500"/128, 0x80, 0x8000}, {&(0x7f0000011b00)="111fc0d901000000803a0900803a090000000000060000000000000005000000", 0x20, 0x9000}, {&(0x7f0000011c00)="0200"/32, 0x20, 0x9400}, {&(0x7f0000011d00)="0300"/32, 0x20, 0x9800}, {&(0x7f0000011e00)="0400"/32, 0x20, 0x9c00}, {&(0x7f0000011f00)="0500"/32, 0x20, 0xa000}, {&(0x7f0000012000)="000000000000000001000000000000000000000081a99a520000000000000000000000000000000008000000000000000000000000000000000000000000000000d000"/96, 0x60, 0xa400}, {&(0x7f0000012100)="2719c0d901000000803a0900803a090000000000060000000000000005000000", 0x20, 0xb000}, {&(0x7f0000012200)="0200"/32, 0x20, 0xb400}, {&(0x7f0000012300)="0300"/32, 0x20, 0xb800}, {&(0x7f0000012400)="0400"/32, 0x20, 0xbc00}, {&(0x7f0000012500)="0500"/32, 0x20, 0xc000}, {&(0x7f0000012600)="000000000000000001000000000000000000000081a99a520000000000000000000000000000000008000000000000000000000000000000000000000000000000d000"/96, 0x60, 0xc400}, {&(0x7f0000012700)="0c0000000c0001022e000000020000000c0002022e2e00000d0000001000050166696c65300000000e000000d80f050766696c653100"/64, 0x40, 0xd000}, {&(0x7f0000012800)="ffff0100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff000002ea0100000001000000270f240c000000000000000000000000000000000601f80f0000000006000000779b539778617474723100000601f00f00000000060000007498539778617474723200"/4192, 0x1060, 0x12000}, {&(0x7f0000013900)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xattr2\x00\x00xattr1\x00\x00', 0x20, 0x13fe0}, {&(0x7f0000013a00)="0000000000000000d3f4655fd3f4655fd3f4655f00"/32, 0x20, 0x22000}, {&(0x7f0000013b00)="ed41000000100000d3f4655fd3f4655fd3f4655f00000000000004000800000000000800050000000af301000400000000000000000000000100000003000000", 0x40, 0x22080}, {&(0x7f0000013c00)="8081000000180000d3f4655fd3f4655fd3f4655f00000000000001001000000010000800000000000af301000400000000000000000000000200000009000000", 0x40, 0x22100}, {&(0x7f0000013d00)="8081000000180000d3f4655fd3f4655fd3f4655f00000000000001001000000010000800000000000af30100040000000000000000000000020000000b000000", 0x40, 0x22180}, {&(0x7f0000013e00)="c041000000400000d3f4655fd3f4655fd3f4655f00000000000002002000000000000800000000000af301000400000000000000000000000400000004000000", 0x40, 0x22500}, {&(0x7f0000013f00)="ed41000000100000d3f4655fd3f4655fd3f4655f00000000000002000800000000000800030000000af30100040000000000000000000000010000000d00000000000000000000000000000000000000000000000000000000000000000000000000000043c80773000000000000000000000000000000000000000000000000ed8100001a040000d3f4655fd3f4655fd3f4655f00000000000001000800000000000800010000000af301000400000000000000000000000100000023000000000000000000000000000000000000000000000000000000000000000000000000000000e2d10f33000000000000000000000000000000000000000000000000ffa1000026000000d3f4655fd3f4655fd3f4655f00000000000001000000000000000000010000002f746d702f73797a2d696d61676567656e3931383531373739332f66696c65302f66696c653000000000000000000000000000000000000000000000c5138713000000000000000000000000000000000000000000000000ed8100000a000000d3f4655fd3f4655fd3f4655f00000000000001001000000000000800010000000af301000400000000000000000000000100000024000000000000000000000000000000000000000000000000000000000000000000000000000000f9342088130000000000000000000000000000000000000000000000ed81000028230000d3f4655fd3f4655fd3f4655f00000000000002001800000000000800010000000af301000400000000000000000000000300000025000000020000000100000027000000020000000180000027000000000000000000000000000000f7d62bee000000000000000000000000000000000000000000000000ed81000064000000d3f4655fd3f4655fd3f4655f00000000000001000800000000000800010000000af301000400000000000000000000000100000028000000000000000000000000000000000000000000000000000000000000000000000000000000fc8c5a3c00"/768, 0x300, 0x22580}, {&(0x7f0000014200)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x23000}, {&(0x7f0000014700)='syzkallers\x00'/32, 0x20, 0x24000}, {&(0x7f0000014800)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x28000}], 0x0, &(0x7f0000003cc0)=ANY=[@ANYBLOB="00cb3ca979f8e1c03b9d8040c4a323ed92aa68b65fb4effc080c01cbd2f1e892d50196f0eda463"]) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'lo\x00'}) clock_gettime(0x0, &(0x7f0000005380)={0x0, 0x0}) openat(r0, &(0x7f0000001e40)='.\x00', 0x400100, 0x44) recvmmsg(r1, &(0x7f0000005180)=[{{&(0x7f0000000040)=@pptp={0x18, 0x2, {0x0, @loopback}}, 0x80, &(0x7f0000001800)=[{&(0x7f0000000140)=""/156, 0x9c}, {&(0x7f0000000580)=""/180, 0xb4}, {&(0x7f0000000640)=""/88, 0x58}, {&(0x7f00000006c0)=""/176, 0xb0}, {&(0x7f0000000780)=""/106, 0x6a}, {&(0x7f0000000800)=""/4096, 0x1000}], 0x6, &(0x7f0000001880)=""/70, 0x46}, 0x40}, {{&(0x7f0000001900)=@ethernet={0x0, @local}, 0x80, &(0x7f0000001980)=[{&(0x7f00000000c0)=""/59, 0x3b}], 0x1, &(0x7f00000019c0)=""/116, 0x74}, 0x101}, {{&(0x7f0000001a40)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @empty}}}, 0x80, &(0x7f0000001cc0)=[{&(0x7f0000001ac0)=""/137, 0x89}, {&(0x7f0000001b80)=""/117, 0x75}, {&(0x7f0000001c00)=""/189, 0xbd}], 0x3, &(0x7f0000001d00)=""/163, 0xa3}, 0x5}, {{&(0x7f0000001dc0)=@l2tp6={0xa, 0x0, 0x0, @private1}, 0x80, &(0x7f0000002380)=[{&(0x7f0000001e40)}, {&(0x7f0000001e80)=""/197, 0xc5}, {&(0x7f0000001f80)=""/234, 0xea}, {&(0x7f0000002080)=""/209, 0xd1}, {&(0x7f0000002180)=""/67, 0x43}, {&(0x7f0000002200)=""/29, 0x1d}, {&(0x7f0000002240)=""/108, 0x6c}, {&(0x7f00000022c0)=""/163, 0xa3}], 0x8, &(0x7f0000002400)=""/252, 0xfc}, 0xffffffff}, {{&(0x7f0000002500)=@in={0x2, 0x0, @private}, 0x80, &(0x7f0000003780)=[{&(0x7f0000002580)=""/72, 0x48}, {&(0x7f0000002600)=""/103, 0x67}, {&(0x7f0000002680)=""/235, 0xeb}, {&(0x7f0000002780)=""/4096, 0x1000}], 0x4, &(0x7f00000037c0)=""/83, 0x53}, 0x7}, {{&(0x7f0000003840), 0x80, &(0x7f0000003a00)=[{&(0x7f00000038c0)=""/253, 0xfd}, {&(0x7f00000039c0)=""/51, 0x33}], 0x2}, 0xff}, {{&(0x7f0000003a40)=@hci, 0x80, &(0x7f0000003e00)=[{&(0x7f0000003ac0)=""/191, 0xbf}, {&(0x7f0000003b80)=""/32, 0x20}, {&(0x7f0000003bc0)=""/195, 0xc3}, {&(0x7f0000003cc0)}, {&(0x7f0000005400)=""/18, 0x12}, {&(0x7f0000003d40)=""/84, 0x54}, {&(0x7f0000003dc0)=""/59, 0x3b}], 0x7, &(0x7f0000003e80)=""/4096, 0x1000}, 0x9}, {{&(0x7f0000004e80)=@ax25={{0x3, @bcast}, [@bcast, @remote, @default, @null, @bcast, @netrom, @null, @null]}, 0x80, &(0x7f0000005100)=[{&(0x7f0000004f00)=""/15, 0xf}, {&(0x7f0000004f40)=""/105, 0x69}, {&(0x7f0000004fc0)=""/57, 0x39}, {&(0x7f0000005000)=""/195, 0xc3}], 0x4, &(0x7f0000005140)=""/2, 0x2}, 0x9}], 0x8, 0x100, &(0x7f00000053c0)={r2, r3+10000000}) 20:08:21 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 38) 20:08:21 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="014344303031", 0x6, 0x8000}, {&(0x7f0000000040)="ff4344303031", 0x6, 0x8800}], 0x0, &(0x7f0000000080)) syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x9, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000240)="e8ccd9d9a6b186c30094721d013f39150c1da6c6db58a4f705bea7eab7e2f75f4d89d5db41a81d511141db11c5673c32a21e19b86d0113c07f86538d2731e3c2c40e7a356e98de44e14fab94140b6cf2546e952fa9865cf48404e2ed25e1ca776945bb104fe2f541d1919f10bef55e6e52c3a661263894027555cee9fb52054e201b7407279f5c0b3d96ecd81c7e4482d9ee38c6845d9edbac598aa4c08a3d8fb8f0425ade956071c138c70834690d6065a5d087ff7285ac0e0e42e090f1573b9ead19b899ff7b1b666b5a2808b082b15fa9a2bb98", 0xd5, 0x2}, {&(0x7f0000000180)="c1a3263331ebc6cf4bd772d2dede455fdddd74df439fdaa5dc5d23c835a78ea1fba05c20f677014399bf8c94892b", 0x2e, 0x3ff0}], 0x2000, &(0x7f0000000340)={[{@rodir}], [{@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@rootcontext={'rootcontext', 0x3d, 'root'}}]}) stat(&(0x7f0000001fc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0xffffffffffffffff, r0, 0x0) syz_mount_image$vfat(&(0x7f0000000380), &(0x7f00000003c0)='./file0\x00', 0x8950, 0x6, &(0x7f0000000840)=[{&(0x7f0000000400)="c2eaaab0f7b6ee28cf14691d29ab7ec51900f752f6db595f4b614c301656cdda8bb7cc73b3d1a575f24c8b0b0028a8f8f42b3f3483b63b2cf1ec47ccad16d51668364684cda5e22c8d235a86a4a2de864d7b5e849e2396a6b7391ad3627ad1be6f59c3973013d82501d975ae22c2978154821f232e7afcd98c3979d51a8d6ea34c3d33fd11fb4e2e9b970531cde90c90b4", 0x91, 0x1}, {&(0x7f00000004c0)="31cd38e2c3d4868cd913be3a3e71626bfcc6e0c116a9b4717661ec62984ee614", 0x20, 0x4}, {&(0x7f0000000500)="df02fcef6cc0d163c0be4869e136119eb08a0f641cf49b6500f170997adbb9fb8cb19082d24cb9", 0x27, 0x100000001}, {&(0x7f0000000540)="02f82df9bebbdd7787092a8dcedba3e1a5f43e8facbf5e7a73aae259338270b62e2e8c065ca89f585c199999a1d231bc6989eee8c32cd0810ae50e61e0a334580d13a1c4ea1a7aacfe1aea524ab3eae08af05378c80a5ff8e44a43fe88a7bfdc3c539ad8659d8512e33f4da3e0d932ca106910406dffd4922e84fb1a697ff68fdd2b62ae322d5fbc5f82f55e7a910fe8794bcbeb65df3ec9dfcfce0a0b752b4c6401bb8ff7a3732287c39d0c5affb6e55f9502292949e49c7f7d3c0bcfcf9bf104d05cedac7304f6c00ad873394cbb693eae0619", 0xd4, 0x8ed0}, {&(0x7f0000000640)="ce90ec6362953c48d1d6456a57772416a29008c5ae1236ad35647c0dd604d503c2ac0f63f02c750851e6da6754b9ad129678292c5ee5858a284efadb086b133b80bf19d3822f86653bd896721801c1236c568b4e827d5dec3817e8ae22c40ca9ac77dbd7c8ac0cda9547c5bf800302c5749c0a6dab54a0e6f15de9c5011be9f11ba62ec864725a8ed1dc8905838ad09d509f27fe4bd01b8baee2f7a96bcc8c58f7e310606336495933dd90d12c31c04dd11a95f8d56103d3d4afab0d015fa33908dca48b006f1b1b6bbbcb179ab8224a42b49a473f5d9c859fafab1d24b1fddd3c33dbf487c74ddf8a53b898106d49a059615e94f41d", 0xf6, 0xc09}, {&(0x7f0000000740)="3cbec1ce2a4857a2cdb9b5eefc3b57319a1bce206074908b766c6d4a9b246131a6569915998b8616ce6632b4ef99d95b8f9cc0cd9e2e9dd7734eadba296b6261830dd9168ef7336c9fddae8ad7f6063b1a83bc093f4300ea25f92000544e1260d4f666f06b7719c3ed2a888128fd7e08355e085ea9146619c3282beb8864d8d6c86dc9042c6632176efb877793dcbecb970fe5be7423d1d5017bbee23805fb87cb7e2c2d5af46f73e8c77b914a3efe48c281d2f9248f06cb6319ecf2b1cf65185ae5bc5ae2f0dbb0d1ef99fe58b44a83c4f8301c540bce13ffb5fec99f4277ff87954f72", 0xe4}], 0x800000, &(0x7f0000000900)=ANY=[@ANYBLOB='shortname=lower,obj_role=,dont_appraise,euid=', @ANYRESDEC=0xee00, @ANYBLOB=',dont_appraise,seclabel,euid>', @ANYRESDEC=r0, @ANYBLOB=',uid>', @ANYRESDEC, @ANYBLOB='\x00\x00']) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000001e00)={{{@in=@multicast1, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in6=@empty}}, &(0x7f0000001c80)=0xe8) syz_mount_image$vfat(&(0x7f00000009c0), &(0x7f0000000a00)='./file0\x00', 0xf01, 0x4, &(0x7f0000001d80)=[{&(0x7f0000000a40)="73217fb34206cec6b2513fef5546dd540fa6041be25b1c571adfb7a02ab517851744209b6f21faaaadaf896ee29c6b4245880089581153768b599eab22374dc3cbf609022d2188acaf211ad57d601768f91d7210df7a34a494beee95494cb53dd1fdc3b475dd69c5b0bd3ec627c18d14bbe798f7240e40e3c36350bb3a0c04c7d9ba677a8bb311020fe9b79893ea9d46f3f50e87519e553b4826ae04511c0ba00ecd9615c59ccc6e0865461e680c", 0xae, 0x4}, {&(0x7f0000000b00)="ead7110da3c27439d0ad9159ab0751ce871d7c725f979dead94fb71f9d6b687174f81173612759bffe6f45417d06c914549798fd2c1e85492ec3f61b0d6c52bc5f5c1f48ef962fd15af673bf2d3a5d2580dfe1e032286a91bb08984111cc5b2adc2842b70b88a73c8af25eeb8c887ee0b326b8a30dcf764baf1c21628efde98e93b87d722a6e66df62a44d617317fba2531a1036c9ee7638933e5d1edd0de70f728c924732818bdae29b6d0fe8e564a9eb090d56b6b417e1f278905ac3ac473ac298a0a60a086354995eb3338e6aea2e97574451ba9752aa747b0020b387d3baebde1a5fc67e9a8f9c668b430c44069acdbf552a2b79078a0fab8236070aa7fc3ecf0e04748a2e940c1322850d35391f086ec588f133c938f673701fd3bbb87360b1391bc02e3e74be5b00375a0632a6dbc46faa21549625bb846a3e5788c26347c9d8c75458ec77316b24775cc1d281d2c7889292bb281ca593e4c90f00fb66107e55901711747b9599aa7267d6360b647e64e8fdd1dfaeda1a2a57191a9a5db70cdd97e57dc8e5c0bb404983741239140956e20d3d2cb52622409107b31987d57979d930e41b45ce41b17e9d914feedd393fe38622d6d1b836ab141404c8c0c64223ed0d57dfcdf9788fd47b5e1b68356c464f3078eb00c0dba43b3318c2fc810de29eef65b989f83846f729b5b4f442978e3c799cfcfba70560a8b51d2480cf72531419c0c253404c7d7ffabb808466037fcc433ab1f02121ce0a1e055a475feb3228d9ad6ed63dbe4c2a864e466b8562c023d259c12812054ff545e157d0fc170d955925a6b2305b9237d46c4e5e2fb5d23e0e72c1f9966fd1fbd97fc3bc58e3d52c5407f5f9c936ec8fd061cf82838df1b427b4fc4dcb4cb848ddcf48ab0375f1c5105791de1d1f5ba85ee22eeff54f0a09b66ac6f6a8b6d74eb6d6317296345245793d0f87ab9ae16ecc64d99966b659ac019a76d74e6783c24bf9bc2c1720f14a6c2e5f61c41722379c93e57be67ee531bd83a28ee91bda1ed264ecaf20b2df71bd96584ea50d3d18532fba16169244ab8c669d4cc85656240411c42781d5dfc0bd0476de961415498e1ac6108addc809c830a2b4cbd0a7412c41f6421c06aa89d5a68f4a4ed4555c740933f29fa33dedbf2c58e2513ddeffb25909324a9fc286a26de85e8e9d485b3a4c7c248f5241380e60b0b55eb29299427b698c2d3dba46c83c07ce0db9f5de31139ecb2b1e6cc65f1e40eb6c3a56c04b89d42f34bda8b1e36529baa9cc83124e1076236f72201319a67c4c62885db330204675b9ce175f62a3e1f861cd2e3310885704391ec6e501a259b41a8f63f16fc7cae918bc4770bd75160b70f8d9eb99820420aa7b09ee1c4bdc397bef6e3c5137f19c88c316caae8569634a29655d92e49d01b97695edaeea4b7e70e59f44cb6cb6908f906b7490a8ab6c8e79d5f3b65300a161c0b865e294d62e154129294d56da8d52adcad661a7fd9c2c5ba4229f48aa2caf6356da02c0a75026f21089753705b50081412d5379b6511a983508b5674d4ccad8dc3b229e688f63ef46fe795ecc4b96e2665af9d0b4f001dc328c55c200d090ac0afd81792c28f0dbc414e38c5afeb75e464674cdf47da9b964dc0e92f45992f4e07b0aa58e3cc0f9c2c9f4a6e0723a7c087a39c059aca7f4bf321f7f7f752b8b0c25d2239d786733c907b3d345b0e70e4a1bedf79b23eb071e34533e4a4e7609706e25b9c3e1582940b7bae12d08969c411946ad29fa58d797cc1e8026e6ec93cccd35757c121a21771b34c45633360cbc0f2abd71f61852536ba9a4061d47e93c6c0e077ff9d3113c21ed738017c2520b259341f59b453879c5bd32d1c00c38df885a0436e6b7077976878cf8cadf8fd413715a0e4c5d630a63b8304d1c47442dcd93f1c57ea771bd3919798ecf21a9999a40997dffa47838d418406e57285fec2e8b9b8580c1a91e5ecd4c051dd73a36dfa410c47bfd4538381d167ef9a1f44b0672cdb046bb88b9163518c43ff9547b82e8f3031dd90855fc1571cb70c57cb516daea75b85f398e02ae890bacb3e6d1d462d9f2aa325c11fb1a529f70ce54d5aa392ee3085d42c869bd276d7e0b1fbb54d34f746daedb3c8fc731049d7bb7b05ac0c2fa8c82b68ac7ed65f6e0b503f22e71176ddee0485588a38bc88f52fdf2beb183728c867c43c233748e1ed98e5af9e22413f0f2adfcd5a3f1932a92cb412870707a718ab474cbfdaece5a8423038e0ec46781101c650b5b258eb241757c82febdd87e31fda8d6cf6ec0dcacb3b8be763e5d53f87c65748d1a1bf08fda0f7b2f16c79240cda2852af3cdc105f3364ed68838b2db66cbbda77778b5802d15389f4c60ea6d0ecead6f23cb7e7be3219e7f291ecbdff0906e7d83648e18d6909e215183670c2007ce5be2bd61522bd7aee78fda779592c6e4c5ae5a9c59bde4534e8e01e286f671f587755057ce159a4a782eab8cc2c11ed6fcb2810073eb9ac5f9628b346670a53136a8a43f198331e91b196fa28142e9aa476dda226bc128c4520f90d511a950095be83bb09e9d18e0b54ca65e93a5b196007dc205284afd7fb3a6066b193364b7b6d1fa2ac7d3e587d69a6bd3482181934b2495baed51f039038ad781a3873799d0b159c4befe84a6406fb4f1d18568527ad68b08c6e920c7c5f5383165349e52e70d31dd439affa3bd24b20dcbb99360b7fcb4d9fae47c91520c6eefba54dc534a9f42574454418692ad98be4e777186ddbc4013c3a9b1b48f45a8c53c9c29a9e80c528538b170d1379e5027df44f4200eca39e5c13f5a624a6c0f9c20b3f19430cacb31d78f9c89631209ff27be2e8e0c066ff24b1a1c0d17287567157bd854efc0f27b55ef6e83b9fc7f653dbb6cbba2011869bbcf9a0cd390d2cedc0f459733531a8e083d958a9d45b9c23223a46a5bfb5809047447520e985504a05b0e6ebe6efcce24e39ed1cf2813b44756c32ce9bb6e76e1772ea54ad027ee8ad2e96ef841044abee08062517168b7c9f80fda259841abc1b1bc3529b3fc3a6e14479bc709f4659720e302ecd8e52bdf620a41447b38c4a985c3701438963cc13f85910f855738fcfd728a55b98d7e0c1f603878d85184ccc0d73f446b2ccabbf74d41f59e99edc77c6727f3ed99a042a111b6c403fde260472da0e8ff3191f582c91f13db8b3fd9f78d30ea821feb02ec71980ca9804c5eecc73cd5c4fd770df56b9eb2d884ead56db99b3635f35558a5ea56d8534f0a52e58d8fd43c638b854489c89d5f626b95927d819bae076760a2f30a468def734bed90e3199f273fb8a3192ce0ab52271f9fbfc081ba2517c5be320a21406f70babea997335b5d7924ec87f9d48dfa88fa136149bfb973a831747d30dcd363700be7a5d271e1467a611a016bc36048e049da917182d01190df1fab48198a0e1daf94a096a9f244ff5f4319c1133ea5ff978e0d990b7f0bde5d42d2d0b5a4404589ed3776142c3b310643b930e9d19d1082516617aff85dfd4f2449c81781a660d6e7432d1d2c1effd5e0f3f8c4f5e1407d5feaeac49a0cfc4b89e3801cc7b585235688df3d5972d940df3fbb374e01c4a09f735aea6e834bef7f7c495bf2ec4794872248e1defa30f1824fd3632bd987bbc3b7c52e256443cf79659892d74524aaeff4c8edab4a281a513624d512bfc603e876f4f6239f4ffde73125324f9e9e423bacd6e8f6213a939e1321cb13bcc45f28416293b2c09b3591a729faedf6b558941f34da91884fb7770bb083f6616cada17242172ba4799d05855d671c6a4d54912c9f0ad7d4b1ecee8e69b7165833014d6570bfbca78b552270027c82b48777c633576a326e96b146b1cb12baefff250a4f88e87de40429161edec92a7d5ec13e8690cbab32cb1297c011d20ce63d81b9ea2f060258fd61e0223773fcb98ac540d0fe225ad6cd3bd01af2067300b18396e0de99cad77ef8a017b79489d3ce8478dfb7c516393f423dc172e7f5dfb3c3fbaf16357a7f3dd1033913d6600d39cfe9639fc45fb659c6999978741e161e1c3820df4a0c964c148cea42ce555e1db2cb244bb9f39aad456986e4fdb63a740bfbd6e30cdc4b7adf7df4eb751b1d0eaaedb8169ff73d45e0bf5945885d588c48d515bae3e2f9e9f2ab81523e726aad593e858be23f6a5d1cb6326509b94389ec1451ae5a2fef9a701ef9afaa268712f1aae598cb1d36cc78dd1b4590760baf9ad810f210dddaa00a2e768d9e762afbe6caddc1692ff7451f2b82e13f110ac63953b00961dc3b12ebbde0d99be02a96d2215093224a02b7417ba1357619fb5118d2dadb7e2e39340f0ea1d09747b88a9eba0df40bd4fbdec1b1d100893199551feb908eaf231488638c05d9f38d56b59b0728cc425479541dc5fbfd08b7a18b99b9d32739d05b02e3a919b54029a43a74a5185d38bde6d62c53472291cf1affbc26250eb93c3e892cc1b2e2d6eafecefb2e43b8c2070d3dfc2f5158164ea2d9d161b2e73c033a0cbf4557ec1dcd81027b3d9e03652e0a143a28d05764fd396d95cf327baf828e68454edc64b5a75786c499ea3aa47c6a82388440c5c266eae73b330d794a8bb96b5d1f061632872c6343b90dea84992c921716dffa8300e2d89d580df5ec0da8944ba489e9fda95f5f5765f3bae1358e2800792797f0f4132be437911050cad558d9b27e1eb82ba073184c2a440eedc5eb7ac1dab38b8746dd94ee42f571efd925f4e0909b2b06905b94a67c5b3ae2ef2720249dd7e6dacbd76f85372ecf9a52db343ffd6ff9c24266cb69b8f6820f9d97d2fd9c202941db27d15583b127103bde77430bdcab649e9f779cddeb25f27b81c6ee3399d8b69dc2caaa4479334144de40354227b8248772c234007646f35d01a559becb0a34ec9d3b9b1ce810fc7b1ea0246b9fadc21bec39b91beb6f4a2fd3d2cb32da1bf01b63819b7cf716f0f64a002d6fb6e0df7495d4f44aac7088d1992ab7658f748a1374395874f1cc7d821e3d99681e6cedad3c1622e4f034576ac44b7d0992a241334b73a9134dead0cfff46fa29d2bd770705d6c9d05d2d86964d35f5f70e95c3da3b4b283e3b21e88dcf19f14e7929b5822da871afac246935f85176c1cfad35ccc9ae45afdd3776f4dae500fe39b810709ef8bf195a79d1529456d6757388f4145a39a6453725bc43ada674ce3368e1cb79e2de4a8f8623eefd904943940d45babd8a072a8d0e397bdf0eccc727272e6b38caf37787ceac9661a43c324bdf59af212c965c3947a2f540aabf0efef5ae6e614353f855a5f6d2a772e746fd6ec7c1d8125ec7d528aed35c9584ae09c419bf1791c5533ffe232ef2795185850483b946f687db86b0ab9491de82a3835cf58d8eb2d75bda1fd692bc470ef0cc1ca55b420b499e9472c3bfaf1228e1bf3afac7f7e55ee3b8c95452088387bfeb38a85e4239e3421be8e6f2f36d3c0c2a95c1261df55912c3d44d7aa4e5f9ebd2790c8e1f85b5669cbaccfd809cda60bf780c94242fa2009112c69ef4540c97ee2ecc3c55d68acf69244e2a2b46d4f42d9f29672ca663ea5324eaa7be6e812759baafbf606825d3bb7e5f49e3dd21e46e9b9ea14f640662656ffd609c04aca4ae01f305dabe012146222088cba1a1ab2b0e21c07a8be48cdf49e43ac83e46e03740d0d63fb6c6042065e1d54aea7ec3f2620d663974f04aedc8a42f9a4ac91e86bf61dc89c2d63f868142026f27bc793ea98cf57b7af6fe22790dac3aea9d4dadb74993c8", 0x1000, 0xffffffff}, {&(0x7f0000001b00)="b3ad9d8f379294fc27350edea296917b4502fdaf565e49936155faa9bf9e5236f23e9fcbac3d33378390b3a3ba801dabd3cb80b5a8365f76694adf41566cb83d4e1758bf2648a4426aa69bf3259149fea66d0301ab5808cd43efea61e2c5e5ee7dde556635d1121ea6e7fdefba9c5f213de389f17965b354e59e0b3cb1b9c1b0bdfa510f3ddc68d218d2f725b3579b5a9ff091a46768509414e49adb64d8469d02e65cbe7291fe9ad75b9a1874b4dea116153420227cf921d01cb19c8d92e13c0c7a48190b4ab81d01558a4453de66932e13d1381dcbf1409f7d592644833e6712", 0xe1, 0x6}, {&(0x7f0000001d00)="395d0d3317a4a7ac5907589759ae2111d73045c56e4d57faf99c425b26abd61c23246562a842681a28b01c65500fa4f3c4fc5dbcb2fe2b16294ec6166e6def0ee6a1541ed8b118a4bc78422284f334bb1309415e384b5f9f4e5628764237e836d2446ab5d313b3c72e1b33fe1b6954eee1fe185eb3d5a471df65a7fd", 0x7c, 0x2}], 0x20000, &(0x7f0000001f00)={[{@utf8no}, {@nonumtail}], [{@fowner_gt={'fowner>', r0}}, {@euid_gt={'euid>', r1}}, {@dont_appraise}, {@seclabel}, {@obj_type={'obj_type', 0x3d, 'defcontext'}}, {@euid_eq={'euid', 0x3d, r0}}, {@measure}, {@subj_user={'subj_user', 0x3d, '-'}}]}) r2 = getpgrp(0x0) r3 = pidfd_open(r2, 0x0) dup(r3) write$binfmt_aout(r3, &(0x7f0000002000)={{0x108, 0x4, 0x9, 0x16e, 0x108, 0x8, 0x3d2, 0x4}, "674fd057c2c03bd15265ce843ba7c1835d78ef1d2d65a07cfdb69a79e5d94880c79b1dc3da4fe4718790e4c7efe6b12d9557b56959920ca019716873d72dd0f655ebb9e38fdca96385890e27959739a4eef2cfd1e7baea5a9ce26d3617a09f41baf8b23b8422a6d585935c0f54a3cf6f444e7686e20fd5f0721e6607e341d21323438934822a8b3090087c2a0aa6e1672eb5425522c2cadea16281e008bbeb5e6e4eaf256a97c27f0013bd68eabff2e0f9ba2d5dcd78e13d1d68211da41a61c84759d206d436bec5b8381b77e6ec731a905b22df2f1c32e2632c69f7397730748d", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x901) 20:08:21 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 35) [ 1694.869649] FAULT_INJECTION: forcing a failure. [ 1694.869649] name failslab, interval 1, probability 0, space 0, times 0 [ 1694.871218] CPU: 0 PID: 13081 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1694.871998] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1694.872919] Call Trace: [ 1694.873229] dump_stack+0x107/0x167 [ 1694.873647] should_fail.cold+0x5/0xa [ 1694.874084] ? create_object.isra.0+0x3a/0xa20 [ 1694.874605] should_failslab+0x5/0x20 [ 1694.875049] kmem_cache_alloc+0x5b/0x310 [ 1694.875526] create_object.isra.0+0x3a/0xa20 [ 1694.876036] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1694.876612] __kmalloc+0x16e/0x390 [ 1694.877035] io_setup_async_rw+0x180/0x580 [ 1694.877511] ? iov_iter_restore+0x195/0x3a0 [ 1694.877990] io_read+0x775/0x11e0 [ 1694.878399] ? kiocb_done+0xc90/0xc90 [ 1694.878857] ? stack_trace_consume_entry+0x160/0x160 [ 1694.879458] ? lock_acquire+0x197/0x470 [ 1694.879919] ? __lock_acquire+0xbb1/0x5b00 [ 1694.880406] io_issue_sqe+0x2e12/0x7660 [ 1694.880872] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1694.881466] ? SOFTIRQ_verbose+0x10/0x10 [ 1694.881931] ? lock_chain_count+0x20/0x20 [ 1694.882408] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1694.882985] ? io_connect+0x610/0x610 [ 1694.883435] ? lock_acquire+0x197/0x470 [ 1694.883884] ? find_held_lock+0x2c/0x110 [ 1694.884359] ? __fget_files+0x26d/0x4c0 [ 1694.884813] ? lock_downgrade+0x6d0/0x6d0 [ 1694.885297] __io_queue_sqe+0x90/0x9d0 [ 1694.885751] ? io_issue_sqe+0x7660/0x7660 [ 1694.886237] ? io_prep_rw+0x7f5/0x1050 [ 1694.886695] io_submit_sqes+0x4461/0x85c0 [ 1694.887200] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1694.887749] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1694.888309] ? lock_downgrade+0x6d0/0x6d0 [ 1694.888790] ? find_held_lock+0x2c/0x110 [ 1694.889251] ? io_submit_sqes+0x85c0/0x85c0 [ 1694.889745] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1694.890293] ? wait_for_completion_io+0x270/0x270 [ 1694.890841] ? rcu_read_lock_any_held+0x75/0xa0 [ 1694.891370] ? vfs_write+0x354/0xa70 [ 1694.891788] ? fput_many+0x2f/0x1a0 [ 1694.892210] ? ksys_write+0x1a9/0x260 [ 1694.892379] FAULT_INJECTION: forcing a failure. [ 1694.892379] name failslab, interval 1, probability 0, space 0, times 0 [ 1694.892643] ? __ia32_sys_read+0xb0/0xb0 [ 1694.892676] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1694.895959] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1694.896545] do_syscall_64+0x33/0x40 [ 1694.896964] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1694.897541] RIP: 0033:0x7fe40cf96b19 [ 1694.897960] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1694.900067] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1694.900891] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1694.901691] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1694.902465] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1694.903271] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1694.904058] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 [ 1694.904999] CPU: 1 PID: 13078 Comm: syz-executor.1 Not tainted 5.10.180 #1 [ 1694.906418] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1694.908102] Call Trace: [ 1694.908644] dump_stack+0x107/0x167 [ 1694.909387] should_fail.cold+0x5/0xa [ 1694.910170] ? create_object.isra.0+0x3a/0xa20 [ 1694.910269] FAULT_INJECTION: forcing a failure. [ 1694.910269] name failslab, interval 1, probability 0, space 0, times 0 [ 1694.911100] should_failslab+0x5/0x20 [ 1694.911119] kmem_cache_alloc+0x5b/0x310 [ 1694.911143] create_object.isra.0+0x3a/0xa20 [ 1694.911166] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1694.915842] __kmalloc+0x16e/0x390 [ 1694.916580] io_setup_async_rw+0x180/0x580 [ 1694.917442] ? iov_iter_restore+0x195/0x3a0 [ 1694.918325] io_read+0x775/0x11e0 [ 1694.919054] ? kiocb_done+0xc90/0xc90 [ 1694.919867] ? stack_trace_consume_entry+0x160/0x160 [ 1694.920914] ? lock_acquire+0x197/0x470 [ 1694.921731] ? __lock_acquire+0xbb1/0x5b00 [ 1694.922604] io_issue_sqe+0x2e12/0x7660 [ 1694.923447] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1694.924523] ? SOFTIRQ_verbose+0x10/0x10 [ 1694.925355] ? lock_chain_count+0x20/0x20 [ 1694.926206] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1694.927273] ? io_connect+0x610/0x610 [ 1694.928064] ? lock_acquire+0x197/0x470 [ 1694.928880] ? find_held_lock+0x2c/0x110 [ 1694.929713] ? __fget_files+0x26d/0x4c0 [ 1694.930746] ? lock_downgrade+0x6d0/0x6d0 [ 1694.931854] __io_queue_sqe+0x90/0x9d0 [ 1694.932873] ? io_issue_sqe+0x7660/0x7660 [ 1694.933754] ? io_prep_rw+0x7f5/0x1050 [ 1694.934572] io_submit_sqes+0x4461/0x85c0 [ 1694.935500] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1694.936555] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1694.937598] ? lock_downgrade+0x6d0/0x6d0 [ 1694.938445] ? find_held_lock+0x2c/0x110 [ 1694.939283] ? io_submit_sqes+0x85c0/0x85c0 [ 1694.940186] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1694.941195] ? wait_for_completion_io+0x270/0x270 [ 1694.942188] ? rcu_read_lock_any_held+0x75/0xa0 [ 1694.943142] ? vfs_write+0x354/0xa70 [ 1694.943932] ? fput_many+0x2f/0x1a0 [ 1694.944679] ? ksys_write+0x1a9/0x260 [ 1694.945465] ? __ia32_sys_read+0xb0/0xb0 [ 1694.946304] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1694.947381] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1694.948468] do_syscall_64+0x33/0x40 [ 1694.949235] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1694.950286] RIP: 0033:0x7f5d818b0b19 [ 1694.951055] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1694.954921] RSP: 002b:00007f5d7ee26188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1694.956552] RAX: ffffffffffffffda RBX: 00007f5d819c3f60 RCX: 00007f5d818b0b19 [ 1694.958051] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1694.959543] RBP: 00007f5d7ee261d0 R08: 0000000000000000 R09: 0000000000000000 [ 1694.961060] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1694.962521] R13: 00007fff1ce3d42f R14: 00007f5d7ee26300 R15: 0000000000022000 [ 1694.964023] CPU: 0 PID: 13082 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1694.964765] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1694.965673] Call Trace: [ 1694.965973] dump_stack+0x107/0x167 [ 1694.966372] should_fail.cold+0x5/0xa [ 1694.966782] ? create_object.isra.0+0x3a/0xa20 [ 1694.967290] should_failslab+0x5/0x20 [ 1694.967700] kmem_cache_alloc+0x5b/0x310 [ 1694.968148] ? mark_held_locks+0x9e/0xe0 [ 1694.968601] create_object.isra.0+0x3a/0xa20 [ 1694.969092] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1694.969660] kmem_cache_alloc_bulk+0x168/0x320 [ 1694.970175] io_submit_sqes+0x6f76/0x85c0 [ 1694.970644] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1694.971200] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1694.971743] ? lock_downgrade+0x6d0/0x6d0 [ 1694.972206] ? find_held_lock+0x2c/0x110 [ 1694.972649] ? io_submit_sqes+0x85c0/0x85c0 [ 1694.973135] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1694.973658] ? wait_for_completion_io+0x270/0x270 [ 1694.974194] ? rcu_read_lock_any_held+0x75/0xa0 [ 1694.974708] ? vfs_write+0x354/0xa70 [ 1694.975127] ? fput_many+0x2f/0x1a0 [ 1694.975535] ? ksys_write+0x1a9/0x260 [ 1694.975963] ? __ia32_sys_read+0xb0/0xb0 [ 1694.976411] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1694.976989] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1694.977553] do_syscall_64+0x33/0x40 [ 1694.977968] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1694.978526] RIP: 0033:0x7fcf4787bb19 [ 1694.978946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1694.980968] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1694.981800] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1694.982580] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1694.983370] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1694.984152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1694.984927] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 20:08:22 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 23) [ 1695.067367] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue [ 1695.070119] ext4 filesystem being mounted at /syzkaller-testdir878649521/syzkaller.1qFSI1/47/file0 supports timestamps until 2038 (0x7fffffff) [ 1695.082337] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1695.083451] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1695.084246] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1695.085005] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 02 00 [ 1695.085830] blk_update_request: I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 8 prio class 0 [ 1695.086898] Buffer I/O error on dev sr0, logical block 0, async page read [ 1695.087657] Buffer I/O error on dev sr0, logical block 1, async page read [ 1695.088429] Buffer I/O error on dev sr0, logical block 2, async page read [ 1695.089192] Buffer I/O error on dev sr0, logical block 3, async page read [ 1695.089962] Buffer I/O error on dev sr0, logical block 4, async page read [ 1695.090710] Buffer I/O error on dev sr0, logical block 5, async page read [ 1695.091477] Buffer I/O error on dev sr0, logical block 6, async page read [ 1695.092247] Buffer I/O error on dev sr0, logical block 7, async page read [ 1695.106527] capability: warning: `syz-executor.4' uses deprecated v2 capabilities in a way that may be insecure [ 1695.113089] FAULT_INJECTION: forcing a failure. [ 1695.113089] name failslab, interval 1, probability 0, space 0, times 0 [ 1695.114410] CPU: 0 PID: 13095 Comm: syz-executor.1 Not tainted 5.10.180 #1 [ 1695.115179] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1695.116113] Call Trace: [ 1695.116425] dump_stack+0x107/0x167 [ 1695.116844] should_fail.cold+0x5/0xa [ 1695.117279] ? create_object.isra.0+0x3a/0xa20 [ 1695.117801] should_failslab+0x5/0x20 [ 1695.118235] kmem_cache_alloc+0x5b/0x310 [ 1695.118696] create_object.isra.0+0x3a/0xa20 [ 1695.119190] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1695.119750] __kmalloc+0x16e/0x390 [ 1695.120166] io_setup_async_rw+0x180/0x580 [ 1695.120643] ? iov_iter_restore+0x195/0x3a0 [ 1695.121139] io_read+0x775/0x11e0 [ 1695.121546] ? kiocb_done+0xc90/0xc90 [ 1695.122001] ? stack_trace_consume_entry+0x160/0x160 [ 1695.122587] ? lock_acquire+0x197/0x470 [ 1695.123030] ? __lock_acquire+0xbb1/0x5b00 [ 1695.123531] io_issue_sqe+0x2e12/0x7660 [ 1695.123994] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1695.124583] ? SOFTIRQ_verbose+0x10/0x10 [ 1695.125049] ? lock_chain_count+0x20/0x20 [ 1695.125522] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1695.126113] ? io_connect+0x610/0x610 [ 1695.126552] ? lock_acquire+0x197/0x470 [ 1695.127004] ? find_held_lock+0x2c/0x110 [ 1695.127478] ? __fget_files+0x26d/0x4c0 [ 1695.127914] ? lock_downgrade+0x6d0/0x6d0 [ 1695.128387] __io_queue_sqe+0x90/0x9d0 [ 1695.128836] ? io_issue_sqe+0x7660/0x7660 [ 1695.129310] ? io_prep_rw+0x7f5/0x1050 [ 1695.129759] io_submit_sqes+0x4461/0x85c0 [ 1695.130248] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1695.130814] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1695.131366] ? io_submit_sqes+0x85c0/0x85c0 [ 1695.131850] ? recalibrate_cpu_khz+0x10/0x10 [ 1695.132354] ? ktime_get+0x158/0x1f0 [ 1695.132783] ? setup_APIC_eilvt+0x2f0/0x2f0 [ 1695.133275] ? clockevents_program_event+0x131/0x360 [ 1695.133851] ? tick_program_event+0xa8/0x140 [ 1695.134357] ? hrtimer_interrupt+0x771/0x9b0 [ 1695.134867] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1695.135474] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1695.136062] do_syscall_64+0x33/0x40 [ 1695.136490] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1695.137066] RIP: 0033:0x7f5d818b0b19 [ 1695.137496] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1695.139549] RSP: 002b:00007f5d7ee26188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1695.140421] RAX: ffffffffffffffda RBX: 00007f5d819c3f60 RCX: 00007f5d818b0b19 [ 1695.141220] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1695.142017] RBP: 00007f5d7ee261d0 R08: 0000000000000000 R09: 0000000000000000 [ 1695.142828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1695.143634] R13: 00007fff1ce3d42f R14: 00007f5d7ee26300 R15: 0000000000022000 [ 1695.241358] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1695.242509] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1695.243304] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1695.244065] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 02 00 [ 1695.244903] blk_update_request: I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 8 prio class 0 [ 1695.245984] Buffer I/O error on dev sr0, logical block 0, async page read [ 1695.246751] Buffer I/O error on dev sr0, logical block 1, async page read 20:08:38 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[], 0x28}}, 0x0) sendmsg$AUDIT_DEL_RULE(r0, 0x0, 0x4000) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000340)="ed4100000093b200dff4655fe0f4005fe0f46500000400045539545cee00000000005d828bc5eddf078b30b24bd0971b0e68c2448777c624eb4986d19ff61213e707ed1070b97e306d9ca83779c8cfefcd3262a377672a4417845fb745da412baf4b4230a2709c527d981c08e920bc9ae5d3d4bbbc953d96a196b046990811dc90ffa7610e498967f7377546698112bb07ec2e0ea709239eb637a68288924786e9b241da0e38df90bdf0ae81d05caa0d69cca8c987f0a9e4a1fa3d4084f17f26ab1834b65cc0c7a711e2505234536816df54869f8900cc6c2ffdfb807ce50bbb35e274d87c218cca7d80a2525ee2c28a029ca0613555", 0xf6, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[]) r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x0, 0x0) syz_open_dev$mouse(&(0x7f0000000080), 0x0, 0x2c2900) signalfd(0xffffffffffffffff, 0x0, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000008c0)={0x18, 0x21, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x4}]}, 0x18}}, 0x0) syz_genetlink_get_family_id$wireguard(&(0x7f0000000440), r2) accept4$inet(0xffffffffffffffff, 0x0, &(0x7f00000001c0), 0x0) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xed, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), 0xffffffffffffffff) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) umount2(&(0x7f00000000c0)='./file0\x00', 0x0) 20:08:38 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000180)=0x1, 0x4) setsockopt$inet6_tcp_int(r0, 0x6, 0x22, &(0x7f0000000280)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1c) socket$nl_audit(0x10, 0x3, 0x9) perf_event_open(&(0x7f0000001d80)={0x3, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = dup3(r0, r1, 0x0) sendmsg$DEVLINK_CMD_TRAP_GET(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000011c0)=ANY=[], 0x14}}, 0x20000844) 20:08:38 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 24) 20:08:38 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 36) 20:08:38 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 39) 20:08:38 executing program 6: r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x18b9c956aa49bda1, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000000)={0x1, 0xc0e2, 0xfffffffffffffffe}) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000200)='netpci0\x00', 0x10) getsockopt$SO_COOKIE(0xffffffffffffffff, 0x1, 0x39, 0x0, &(0x7f0000000180)) r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1000000, 0x40010, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000100)=@IORING_OP_OPENAT={0x12, 0x2, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000080)='./file0\x00', 0x2, 0x0, 0x23456}, 0x2539) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$FITRIM(r2, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd}) r3 = getpgrp(0x0) r4 = pidfd_open(r3, 0x0) r5 = dup(r4) pidfd_send_signal(r5, 0x0, &(0x7f0000000000), 0x0) acct(&(0x7f00000001c0)='./file0\x00') r6 = socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r5, 0xc018937c, &(0x7f0000000140)={{0x1, 0x1, 0x18, r6}, './file0\x00'}) 20:08:38 executing program 4: bind$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000001340)=ANY=[@ANYBLOB="05e757", @ANYRESOCT]) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000001140)=0xa2, 0x4) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001240), 0x2}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/fib_trie\x00') ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r0, 0xf502, 0x0) preadv(r2, &(0x7f0000000580)=[{&(0x7f00000000c0)=""/213, 0xd5}, {&(0x7f00000001c0)=""/100, 0x64}], 0x2, 0x0, 0x0) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @private0}, 0x1c) r3 = dup2(r2, r2) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r1, 0xd000943e, &(0x7f0000001e00)={0x0, 0x0, "ac58bfdaef45c239849e08f9abaa701c061c11e003cbfd52078f0e30f3a6b8088e850f3d6fd79f897b9c51e2c26e81ff2df29afbb064f4c8417de097be93ec16f54d19fee32e710816c60e63750437b0c622d0a412d91197112164793d04e38e211aac4856b18e1be37d2f8ef09563efc9c859a56d204aa121567d402966b1caa77849a7859eb9b4c296e09cbf59a6728381e82357b3ad032633e789e019e0d60201adb9252bfae027b9d1cf7732b89740f70cb3efbdddbd256edd579f9d80f899ce7f5e290ecfc3377445362fed73c5a8137b30107596aadd7677144d3b76af14a0437dbe4d3cf57e553a453d39fb7b062c7745994c45d5b3270afb1a2abb8a", "daff654ce44560fece7a1cc477509b85de02587ec717b4566211cb32552a232583694cba11f301f0bb15b74ea0b35110e21c1bcb7ade89cced49c46005a21c8665466f6cf24044e8d0529e5dc8ee805de6ccf1fb9c4ef945a11e2f63a673cd6c8f42f740b1a97c0a02ec1203439477a4c0a663efbed737fc695a6e3f0b6b88a4b4cdf9b37c6699e5ca71090a45ab42bbb1042f391359f42f695cf3ea77ddc93e53c1e2de08c550922e4c60469f1a612cdbd25ccb5e1e1b78c4455f45c141e97aee00eea461557c330fd26ad5d5f987fd54c61ca6c5960604cdc403248ebc8500fef6127ef73f14701bef03c32e06097e88224fafafeaea07dc380a9e94b8a5a0fbeda1cb981fb2c3a9688c0a20d15d11677b4fe28ac51a061dfb941bab075326ac20d507e751b7cace89b60f81d560f62fd4ea2c1d28811cc083b607b1952b2191e3ceaded70c0c8fc30df7ba959caf6b5a1fb98ac45f7f5fd0154e00a20ae5b4c2b8e2a803a56f3f04c8e4b6ac384ad6f5a404a4740b7adfda9a51b91c9a3b4139846ec6a5a291abfd7dc6d6cfd05835418c2c2f4f94731a35d5d1fff92c4409fdf753850da6757a56e93a3b099ae6d502dd27af0292ac9cf3330ef67b9c7a9838d6177afdb4da9695aa84f0e8a9b8fe80f4a8fc6b8d2bc5c7583357d4e422e83f380d0695b76a3c4276b75a70fa4a958b1a315a42a279d5135cfd9c62fb4c2a4b31c2fd768bcb97e0ff0a2df8bc4598fb8ca5ff006fd0a6347e884a4ee51bb3a764a131afe0b51360b6f59c3bf83843621b680e45ec9cc17090066232119ddb57d10dfaa7362c759f97e310edd0c70bade29a361157bbce226ec69fcedc3a5f51aede0de0c43c5701ac6cb31a5a68c5da5aa55423590b904bc7ee3768ee80816bc15523d493073c2b5f746cee2da86d12f63c0cbf42716638338e11089846bcac384b50239e2188342ba250e7ff0aa0c90db1186491f0975d4d13a167d053db0486d84236c342cb6e2367483df5d8750e67d1f4fe7d8b704d799b3bb972e4f5de1c2c7f65f9d9c2d667fc9e0bf0af332b32d942a5d8be0ffb712e253714ef86b3b90acdbf4bc56eab17b6ef4275c9095007f7a4df2e181fedd54b2e4c806b3597e5c2cb46d3a0cdcce1cbe7e2ceca682571c10a92103d916392ffd1649c0817b49a0adc0f9cee5bb1acd2e6d2ca0a200042dc0ca947a3fff649812eab47d085d5ca9c1c314d925246f310c3b59ff2b2045fd78a6f81361c1043672d384cc52ac33ad92a7fa005f42bbcbffb9d68518dc01e9337abf66f0f778bda9dbf9036c69a0dd50318bbc234643fee13bda7f390dc65b31fafa2ee01ad723c446bcda3dd69bbb5c4bdd3d105503203cfd9b2b7598f192b5c4db1931d55bfdc73e2694711f96d3e77a7801978ee04406b1c11b826820a3b6c13e9041f98b857f5ba500a9d3a7eb7d6e92b4314e935ac27c02df9e253eb580d505be8c891aa0e328bbd1df1ef6772e569b9c4adba72d633c7f58eec2a40e22e4872997825f039a0cc15a6f990228856c1fc4c70181aed70dbaf319331f5f44d8e796201a8bf4935e21ee45561c330429874ef94ff007779eaf0d0dc028bb9ac8c01e3c6c0df3d5fa8c153aa16a581776b249496d315df9315709037362b392f071c618684221ee21d2b43a95ede194a6dd86c0ea76aacb87e86abe4a93433e66ad489f4932acfbcfff7f7553fba63a3e3ec09ffae0a3546aec4838e380f1fd91dc9642cdd3e696cbe5a44232ae44d0fff54edbe7cda1ccaa18ad66a083579edca18f651bc6c1548f362ce546ecd5a6f0a3561483b4b093ff4c4f0d3aafb972c78e9b2a0620cd7140814090e793c2d8ed0931746ec08f24c2864322c59b16c7152f53a021745be8fa6bcfb6cf846c0481812356fd0128e45a16b58d22c69752e3f7ffc47f136402485bb25e54c3cb3a39953d81d196fae8bbbab28345d59781f70a084dd7a3a2eb40a462668b1d54700702cdfa0b89cb7202e6339791be7a01387a8c5f839c2e7343f2d9854c1410738bbf56823236718e1bc275b43fc2aeac29211d86248389947f05f0c71af45407533fd26d0e7a3fe855ce2aa0ba50734d3251a081a3305276d8363ff46b911298f7923bd9fd98d39f6d51fd80431be1be9065e64654a5767dc5ad8516067ed3882999c4d6a819a8fc2f0e6f3aaba21ed0a01e8371eca679f750da8925a8f50b0450049ef02d265dcb0d6bf7d8817a4887b3073b06d06c87cd4a57f763b89883903f17c6e180667b0da915ee37d6733b2d4212c21de2838184895ac088350e4305e498294e58dad6e00428fad89d0944a03ff821c79b727923a48d9ad07abd04ee1d9355e3f40407df6a9992240b993f38f7309a4f5a0f23d8335d55cc9ab944e621fd428de132743c2e370b0ca4ab59e85a22df710e27c9d0b00907cbd173c6d733771b6c762bfb27438c12b1efd68e1dc7727b3e7a025039756a09cc0a1368eaff7c9b0db2012a84cde23ab3571f230309beaaa41c1e87f572228b936e25af879c1726d1bcff70fe662f6cd0a94abd393572390e08551577fcaf83c33652dc5c0e60bd7e518ffae4e498136da699f39de0e7466bc414bd28b1b1ad2a86c54b487c02e223d4713832e6f7be98e60f376032ce7ce1a841bb0a43d6fb3424ac192bd1992646d2931680d1d967fb38ee810b937fc22f6e264b166244b8e16b5fe232aa716d90872a963ca9e7af606b90841a1d7033775850ec024a3a4f62a9779ec1ba1b87975183f37defe8ea7893310c27de21c2c1a14534bd98e1955fd06fe6927d98a3b107090f858b628d4da168f4bde23bc4f21018173bcca6f39ece4447951f946c86c746745220a8029a8a8514a1648bdc1eaae1756e76a66787c76792aec26041ddda8eada2b7e7d7ca551cd1d8a9ba9d4a544693f00357f787c4fe51107907df4888483d6a46264f3e14a99f0faeafe261afa406d31b238d7efeb932eb2f1cc1440497b42b79ae32f1456784dbae624937c84aeffde06b0ec416ba9861f9f7a424fb513eea19b210a6d7427dba4a550a12ec4c8a665b5bff10f043f3d1103270ef56cbf159815a1d395cb4e69539e5783dfc0ff8e193a14b68f9ef21c432e452b3ddd35d9518387126d5e4a5e1d47d38691ad2087dd8af711f86d737f0bf076f1a9b772639e593b932681510258b9f603f23802cb3122533070ba6571251371fb9f617f781d55ecaff380e7d3ec6b9e3c795ea1ea7af76749d54ce6c369fa719bd501e1ea3a582b30c332050edd1a2d15004a45e5dacbfb3a83e1cf40450c42614764f6ed77d1608e75d521b1982f445594ad981b2d44ff25a517c949f8b49bc9562da28d4b555d6e49d21bc3ba9dac0de638c8c264d0541a016f5ef21f2d43306363949552d4c3bb80fd3f4cdd33305ad7910c93a9a9c7646f9b39e8c1a08d45ca2e6306eff6ec8a6a9e4e1d3b9569e340414f4a20b2f84a4ffa7fc63981c084caf3441ded951393277304f5392aec6fbf599dea16b136c96d3ee10767afac30bfc3153d95740aaa90e07e2cb708137de40e78e887d9d7525924b47ba97f82fe76ababcd59bc2869e988fc1748384af780ae21a42bc24c07477d6d038594e51354b89680e909aee08ce60f54b576168bb0385dbb6853be1837b19b3ce867454d8591329e9c0390c541132dad64015b6372d8d8b3a7d71b5d72ca4e83baeef7b0da0bf2ca25ad7ea7ce0661df92b67686676d7499f7b1ddc9d4c30d07f9cebb79a6c102f440e25d097bde7ce98db901f884cca294cac25d3ffb761e46dd5b27b8ef5b77b1061e9db8af098c24d3bfd698400a8ba4c928cedc75fdbcf11ef7a9ba2ccb83f6e513d20ca0c8482abc5e153d1979e32214ae81650ec0f91494a37d3c24d3484f7547cba43d850a85acc850db0578798ae3457509bec01d9f2fde1718da9324110e29bd7d1d979e180a00f352bf6629c5076e62a7f8eb953f358d6388d4c6878327a2e4b95581cb7a4b592b86b07530741be01ba74df0551b453c77c043329bec0493f6e4a998c3f3e6de6b4785885c73c0ff34117fb68452b0e60cfac4f250f60994870ede6a9e3aef592b711f8bf66dc18cf743f4a4c9cbca04524b984947bee212e290fbe9d1ea1226d3bbc3ecb6edb03c1cd0eb3b1ec1e5d02a595d7baa1a763b50c3152d37a66621b0cc667776a4f5f54442c0684384e97f792cb5e297c70a268718be81c1778ebaf58fe2f59de8d7393dd36bffba5757ff9e78a0ae0f4606d85a02624e1dd647c50e44dd2166f1e94cac3b3f777dcc362a0e1af9788f5971dfdfdf97fcdd492499b1675a19ed44c3f663fd778d6dc799ca95ce460374175a1b018a1afdd0de6a11fd12e262a09e446e6c41f846893329f799db49d5a2c5e8269aac87cc1d0c2368aa5bdebc1b13c5ebe640095e047d6369dcd1f32155a62fe9592d9a7bcdcc9afbed9d98f6967cb8559bce8c4b7e13dfc47c7029a60cdf67607d8429f4097f41e0900283e604b012a03b2a529716ba416764594d068b42e151015df418d882d331339d22362f41f18188c38d63a0f2856dd28ac85931ac5274ad02493247e63b5ff5e09a3a7c8f78d7e06bebbb99bb364a34ac50e5e9eecb2442a9a1e8d9481069e823454342da08541855887084eb217f7deda044d26d1086f54b44cbac418c0cb24e15751d487240ac45cd54fdfc40de43ee32de00c26895f304b5bfb81a25bf07af38393598b5db80005b14126571d74e11e62ab225d60002a9d6f2cc35fb7ac2af43c350961b6d20497c955b4cea4a7174fef2dd194d7358f3e7a7660e7e66cc9c482ce65d14928142092fbaf359fe84b2541089be1f9d1ef15047b5c97cfb4b2ce56a2a28bf8307cb748f1f5eabc9a0d3451fd209440984d4b3168afd98acbee9e1997a4c3225727114787b8978e02c088f732c38d67890673e2bae905ba0dee206beb6f32949b891b7030e01ea8dab9e29e1f96ea25b78ec45bd95bbd209f5f89907d3aa1ae8053de4c0aacf183ab3359eef6db90569273d72b016fb1cd23be45526e9d86254c9c5a3884085b105397830bd4c276f09595ac78ecc7ca7465e26d3c0c6e80b96796f0470170009c437a85d477f3c710fede25e78ea6a2a802c2b435d2c9b62724b422154cf02500995cc17d31cc265eb3cc84659ee7fd6aba1db8eec47911fa160c071556f0fd91425129fcc344078162cac4fda0e150557116724f4bece2c8bef0737e98aefb116c694f29830124f4a2f8f87919b42b756257f9f603397e53a499e32b783fe67657ea20b474faa358b430cecd2450685567dc50f15efe48e72471ca2ac4f7e54c8110898138e2e6396cde295c0824ff27a902f843e920c0edd85cb836c77d7134663330f145ac4fb1c36094"}) creat(&(0x7f0000000080)='./file0\x00', 0x40) write$char_usb(0xffffffffffffffff, &(0x7f0000000000)="419d63cfa5128f831183f5bfd25db7766bc060e2abe722b9c261a556d1204d353af06514abfb10b01f7cac376d140559d48922a11409116733c1038a94dc6b79492c84ef7af26c176dbf57c869fc7242375998e9df33e8f17e8094dc0e654b2a984947829bb13dc7bb0c101fbaaab790614bb458a0d2dbbec6ca5769a37d26abcc83831ddaa6bab19399fca0029d71c0ee442d728d01e2ed1bc93b4845ba5194141f5d2cc1eba023f8b66957abbd0c0c4d436e74a4c41f55a6a7be015d31d61ff7d3314242aa26e4697d80f01ef01022f038db985aaf42322f7e8991efe80d6add25d46e210088a6f8354f8fe567ce8e3a39a3452b3b3de96927d66077dd1d7181e882994e2020bdc42fa300299e5d211a721eb8c6ca5c9fa8f8793aef9edfc24e157c9313f3811fd5c08f22b6d1ecfade56527d5e6810eb73f571e6e337ab9b6ba76dd0c83b18196d6df9645a81ed7b534eaf775af7763c9c37bf8a2812e675802662b52812ffa50bbac03af195ba54bfb77a126e3053f348735e87c8c61550eb6b9f9f474adea07052fb7a60ddd24748f4d248ff64ce40e87751d9a6c10e69a73d062b688cb99067b9c8e8c51b1dcc8e66c08cd29876f319b4016ac566835864882af73d61a457890f87f25c8e2aabe4bcb8923cc109e3ff1708cd9d2fa5336bbab5d00cc99a2f6c2439069acda4f8ac00"/512, 0x8000000) r4 = ioctl$TIOCGPTPEER(r3, 0x5441, 0x400) fsetxattr$security_selinux(r4, &(0x7f0000000240), &(0x7f0000000280)='system_u:object_r:usbtty_device_t:s0\x00', 0x25, 0x2) 20:08:38 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) [ 1711.683340] FAULT_INJECTION: forcing a failure. [ 1711.683340] name failslab, interval 1, probability 0, space 0, times 0 [ 1711.687183] CPU: 1 PID: 13116 Comm: syz-executor.1 Not tainted 5.10.180 #1 [ 1711.688646] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1711.690335] Call Trace: [ 1711.690905] dump_stack+0x107/0x167 [ 1711.691672] should_fail.cold+0x5/0xa [ 1711.692451] ? io_setup_async_rw+0x180/0x580 [ 1711.693386] should_failslab+0x5/0x20 [ 1711.694167] __kmalloc+0x72/0x390 [ 1711.694917] io_setup_async_rw+0x180/0x580 [ 1711.695899] ? iov_iter_restore+0x195/0x3a0 [ 1711.696805] io_read+0x775/0x11e0 [ 1711.697557] ? kiocb_done+0xc90/0xc90 [ 1711.698407] ? stack_trace_consume_entry+0x160/0x160 [ 1711.699541] ? lock_acquire+0x197/0x470 [ 1711.700379] ? __lock_acquire+0xbb1/0x5b00 [ 1711.701351] io_issue_sqe+0x2e12/0x7660 [ 1711.702204] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1711.703296] ? SOFTIRQ_verbose+0x10/0x10 [ 1711.704197] ? lock_chain_count+0x20/0x20 [ 1711.705060] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1711.706377] ? io_connect+0x610/0x610 [ 1711.707307] ? lock_acquire+0x197/0x470 [ 1711.708360] ? find_held_lock+0x2c/0x110 [ 1711.709338] ? __fget_files+0x26d/0x4c0 [ 1711.710318] ? lock_downgrade+0x6d0/0x6d0 [ 1711.711362] __io_queue_sqe+0x90/0x9d0 [ 1711.712312] ? io_issue_sqe+0x7660/0x7660 [ 1711.713326] ? io_prep_rw+0x7f5/0x1050 [ 1711.714263] io_submit_sqes+0x4461/0x85c0 [ 1711.715345] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1711.716556] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1711.717515] ? lock_downgrade+0x6d0/0x6d0 [ 1711.718373] ? find_held_lock+0x2c/0x110 [ 1711.719191] ? io_submit_sqes+0x85c0/0x85c0 [ 1711.720088] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1711.721029] ? wait_for_completion_io+0x270/0x270 [ 1711.722054] ? rcu_read_lock_any_held+0x75/0xa0 [ 1711.722980] ? vfs_write+0x354/0xa70 [ 1711.723817] ? fput_many+0x2f/0x1a0 [ 1711.724545] ? ksys_write+0x1a9/0x260 [ 1711.725355] ? __ia32_sys_read+0xb0/0xb0 [ 1711.726172] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1711.727249] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1711.728301] do_syscall_64+0x33/0x40 [ 1711.729068] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1711.730094] RIP: 0033:0x7f5d818b0b19 [ 1711.730822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1711.734651] RSP: 002b:00007f5d7ee26188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1711.736215] RAX: ffffffffffffffda RBX: 00007f5d819c3f60 RCX: 00007f5d818b0b19 [ 1711.737665] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1711.738383] FAULT_INJECTION: forcing a failure. [ 1711.738383] name failslab, interval 1, probability 0, space 0, times 0 [ 1711.739115] RBP: 00007f5d7ee261d0 R08: 0000000000000000 R09: 0000000000000000 [ 1711.739126] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1711.739137] R13: 00007fff1ce3d42f R14: 00007f5d7ee26300 R15: 0000000000022000 [ 1711.747015] CPU: 0 PID: 13119 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1711.748421] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1711.750153] Call Trace: [ 1711.750718] dump_stack+0x107/0x167 [ 1711.751490] should_fail.cold+0x5/0xa [ 1711.752321] ? create_object.isra.0+0x3a/0xa20 [ 1711.753308] should_failslab+0x5/0x20 [ 1711.754106] kmem_cache_alloc+0x5b/0x310 [ 1711.754971] create_object.isra.0+0x3a/0xa20 [ 1711.755930] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1711.756985] __kmalloc+0x16e/0x390 [ 1711.757742] io_setup_async_rw+0x180/0x580 [ 1711.758629] ? iov_iter_restore+0x195/0x3a0 [ 1711.759523] io_read+0x775/0x11e0 [ 1711.760289] ? kiocb_done+0xc90/0xc90 [ 1711.761116] ? stack_trace_consume_entry+0x160/0x160 [ 1711.762180] ? lock_acquire+0x197/0x470 [ 1711.763035] ? __lock_acquire+0xbb1/0x5b00 [ 1711.763940] io_issue_sqe+0x2e12/0x7660 [ 1711.764806] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1711.765893] ? SOFTIRQ_verbose+0x10/0x10 [ 1711.766751] ? lock_chain_count+0x20/0x20 [ 1711.767621] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1711.768720] ? io_connect+0x610/0x610 [ 1711.769523] ? lock_acquire+0x197/0x470 [ 1711.770354] ? find_held_lock+0x2c/0x110 [ 1711.771214] ? __fget_files+0x26d/0x4c0 [ 1711.772089] ? lock_downgrade+0x6d0/0x6d0 [ 1711.772972] __io_queue_sqe+0x90/0x9d0 [ 1711.773800] ? io_issue_sqe+0x7660/0x7660 [ 1711.773845] ? io_prep_rw+0x7f5/0x1050 [ 1711.775486] io_submit_sqes+0x4461/0x85c0 [ 1711.776413] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1711.777459] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1711.778466] ? lock_downgrade+0x6d0/0x6d0 [ 1711.779326] ? find_held_lock+0x2c/0x110 [ 1711.780193] ? io_submit_sqes+0x85c0/0x85c0 [ 1711.781103] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1711.782107] ? wait_for_completion_io+0x270/0x270 [ 1711.783117] ? rcu_read_lock_any_held+0x75/0xa0 [ 1711.784136] ? vfs_write+0x354/0xa70 [ 1711.784909] ? fput_many+0x2f/0x1a0 [ 1711.785654] ? ksys_write+0x1a9/0x260 [ 1711.786432] ? __ia32_sys_read+0xb0/0xb0 [ 1711.787285] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1711.788369] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1711.789428] do_syscall_64+0x33/0x40 [ 1711.790220] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1711.791286] RIP: 0033:0x7fcf4787bb19 [ 1711.792067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1711.795745] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1711.797327] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1711.798828] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1711.800313] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1711.801778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1711.803259] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 [ 1711.839336] FAULT_INJECTION: forcing a failure. [ 1711.839336] name failslab, interval 1, probability 0, space 0, times 0 [ 1711.842035] CPU: 0 PID: 13120 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1711.843477] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1711.845217] Call Trace: [ 1711.845787] dump_stack+0x107/0x167 [ 1711.846581] should_fail.cold+0x5/0xa [ 1711.847385] ? create_object.isra.0+0x3a/0xa20 [ 1711.848355] should_failslab+0x5/0x20 [ 1711.849161] kmem_cache_alloc+0x5b/0x310 [ 1711.850015] create_object.isra.0+0x3a/0xa20 [ 1711.850954] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1711.852027] __kmalloc+0x16e/0x390 [ 1711.852803] io_setup_async_rw+0x180/0x580 [ 1711.853680] ? iov_iter_restore+0x195/0x3a0 [ 1711.854589] io_read+0x775/0x11e0 [ 1711.855355] ? kiocb_done+0xc90/0xc90 [ 1711.856198] ? stack_trace_consume_entry+0x160/0x160 [ 1711.857288] ? lock_acquire+0x197/0x470 [ 1711.858140] ? __lock_acquire+0xbb1/0x5b00 [ 1711.859049] io_issue_sqe+0x2e12/0x7660 [ 1711.859924] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1711.861019] ? SOFTIRQ_verbose+0x10/0x10 [ 1711.861880] ? lock_chain_count+0x20/0x20 [ 1711.862753] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1711.863852] ? io_connect+0x610/0x610 [ 1711.864660] ? lock_acquire+0x197/0x470 [ 1711.865502] ? find_held_lock+0x2c/0x110 [ 1711.866367] ? __fget_files+0x26d/0x4c0 [ 1711.867216] ? lock_downgrade+0x6d0/0x6d0 [ 1711.868118] __io_queue_sqe+0x90/0x9d0 [ 1711.868950] ? io_issue_sqe+0x7660/0x7660 [ 1711.869820] ? io_prep_rw+0x7f5/0x1050 [ 1711.870655] io_submit_sqes+0x4461/0x85c0 [ 1711.871567] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1711.872618] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1711.873632] ? lock_downgrade+0x6d0/0x6d0 [ 1711.874503] ? find_held_lock+0x2c/0x110 [ 1711.875364] ? io_submit_sqes+0x85c0/0x85c0 [ 1711.876302] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1711.877311] ? wait_for_completion_io+0x270/0x270 [ 1711.878338] ? rcu_read_lock_any_held+0x75/0xa0 [ 1711.879303] ? vfs_write+0x354/0xa70 [ 1711.880106] ? fput_many+0x2f/0x1a0 [ 1711.880876] ? ksys_write+0x1a9/0x260 [ 1711.881686] ? __ia32_sys_read+0xb0/0xb0 [ 1711.882554] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1711.883661] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1711.884721] do_syscall_64+0x33/0x40 [ 1711.885487] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1711.886513] RIP: 0033:0x7fe40cf96b19 [ 1711.887308] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1711.890977] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1711.892578] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1711.894033] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1711.895506] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1711.897006] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1711.898505] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 [ 1711.930664] Process accounting resumed 20:08:39 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4ea0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000080)={0x0, 0x1000}, 0x4) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8080) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd_index, 0x7ff}, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmmsg$inet6(r0, &(0x7f00000000c0), 0x0, 0x0) 20:08:39 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x8010, &(0x7f0000000280)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) ftruncate(r0, 0x3) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc142, 0x8) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000500)={{0x7f, 0x45, 0x4c, 0x46, 0x3, 0x0, 0x2, 0x7f, 0x80, 0x0, 0x6, 0x8d, 0xa8, 0x40, 0x21b, 0x5, 0x9b4e, 0x38, 0x2, 0x6, 0x1ad, 0x7ff}, [{0x7, 0x80000000, 0x0, 0x82, 0xdec6000000000000, 0x613, 0x9, 0x4}], "31833bcb2c9a21df9d23e12f86d3ce7a21652b18dfb16652058bdb128f58c3fda1abfe02ed936835f1db7cdb9e9a554c3ff934234e63ff3be7225f68c99c229be254a5fd4acc107ba4df6b35f1964a1e7ace5ef5f014f51b06f1092e74d0ff2267555e6213b277a17db12a42f2c5bb7120", ['\x00', '\x00', '\x00']}, 0x3e9) r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)) getsockname(0xffffffffffffffff, &(0x7f0000000440)=@generic, &(0x7f00000004c0)=0x80) write(r2, &(0x7f0000000240)="01", 0x1) ioctl$int_out(r2, 0x5462, &(0x7f00000000c0)) r3 = perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8000000000000000}, 0x44612}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r3) write$P9_RREADLINK(r0, &(0x7f0000000140)=ANY=[], 0x10) sendfile(r0, r1, 0x0, 0x20d315) openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0) r4 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCGPTLCK(r4, 0x80045439, &(0x7f0000000400)) ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, &(0x7f00000002c0)) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) 20:08:39 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 25) [ 1712.067392] Process accounting resumed 20:08:39 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2fe1, 0x0) fspick(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x1) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000080)={0x403f}) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0x4}, 0x6) 20:08:39 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 37) [ 1712.233385] FAULT_INJECTION: forcing a failure. [ 1712.233385] name failslab, interval 1, probability 0, space 0, times 0 [ 1712.233423] CPU: 1 PID: 13141 Comm: syz-executor.1 Not tainted 5.10.180 #1 [ 1712.233441] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1712.233449] Call Trace: [ 1712.233488] dump_stack+0x107/0x167 20:08:39 executing program 4: mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4000, 0x0, 0x0, 0x3) pkey_alloc(0x0, 0x0) r1 = pkey_alloc(0x0, 0x2) pkey_mprotect(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, r1) pkey_mprotect(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, r1) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000140)={{0x1, 0x1, 0x18, r0, {0x7}}, './file0\x00'}) perf_event_open(0x0, 0x0, 0x4, r2, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) creat(&(0x7f0000000100)='./file0\x00', 0x26) setsockopt$sock_int(r4, 0x1, 0x12, &(0x7f0000000200)=0x33e0, 0x4) r5 = pkey_alloc(0x0, 0x1) pkey_mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1, r5) setsockopt$inet6_tcp_int(r4, 0x6, 0x2, &(0x7f0000000040)=0x81, 0x4) bind$inet6(r4, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) madvise(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x67) sendfile(r4, r3, 0x0, 0x9bbb) [ 1712.233527] should_fail.cold+0x5/0xa [ 1712.233562] ? create_object.isra.0+0x3a/0xa20 [ 1712.233598] should_failslab+0x5/0x20 [ 1712.233630] kmem_cache_alloc+0x5b/0x310 [ 1712.233670] create_object.isra.0+0x3a/0xa20 [ 1712.233705] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1712.233745] __kmalloc+0x16e/0x390 [ 1712.233791] io_setup_async_rw+0x180/0x580 20:08:39 executing program 6: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @mcast2, 0x3}, 0x1c) perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) r2 = getpgrp(0x0) r3 = pidfd_open(r2, 0x0) r4 = dup(r3) pidfd_send_signal(r4, 0x0, &(0x7f0000000000), 0x0) accept4$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14, 0x80400) ioctl$int_in(r1, 0x5452, &(0x7f00000000c0)=0x87) syz_open_procfs(0x0, &(0x7f0000002e80)='timerslack_ns\x00') sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x1100, &(0x7f00000004c0)=[{&(0x7f0000000080)='K', 0x1}], 0x1}}], 0x7ffff000, 0x0) [ 1712.233818] ? iov_iter_restore+0x195/0x3a0 [ 1712.233852] io_read+0x775/0x11e0 [ 1712.233903] ? kiocb_done+0xc90/0xc90 20:08:39 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) [ 1712.233970] ? stack_trace_consume_entry+0x160/0x160 [ 1712.234020] ? lock_acquire+0x197/0x470 [ 1712.234061] ? __lock_acquire+0xbb1/0x5b00 [ 1712.234103] io_issue_sqe+0x2e12/0x7660 [ 1712.234150] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1712.234180] ? SOFTIRQ_verbose+0x10/0x10 [ 1712.234214] ? lock_chain_count+0x20/0x20 [ 1712.234255] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1712.234283] ? io_connect+0x610/0x610 [ 1712.234322] ? lock_acquire+0x197/0x470 [ 1712.234353] ? find_held_lock+0x2c/0x110 20:08:39 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) r2 = socket$inet6_udp(0xa, 0x2, 0x0) openat(r1, &(0x7f0000000180)='./file0\x00', 0x2280, 0x20) connect$inet6(r2, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) r3 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x0) r4 = syz_open_dev$evdev(&(0x7f0000000040), 0x1, 0x8802) r5 = fcntl$dupfd(r4, 0x0, r3) dup2(r5, 0xffffffffffffffff) ioctl$int_in(r2, 0x5452, &(0x7f0000000040)=0xfffffffffffffff9) r6 = signalfd(r1, &(0x7f00000001c0)={[0x7]}, 0x8) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f0000000200)={0xe6, 0x4, 0x9, "408cfdf3ba686a93fc45e3716c0390031c3346178ad6e04379f614c48a22f67ec8ba6604ab0d0cf00bc230bd99156e54a7df319068bfe56e3a0d46c51f8257db8b2369360affded30be3e17acc764247159e37efab7d3bb4965c449ff6bf9a0c87f2339a28ae4b02204fa996afdcbb47ba8209f42047333fc045ff4757739aba4c677b4a84cdfc6aa9d7657d2ee2b1f836f64021f0d3f3178809f84f34cae69d13aef1b61f45be9077973bc6e7728509b90b9f8131fea58626c41d6d0b117807594a5c5470db989d719b25de693be0001c44ffa13bf1d969a00b05f340db5a8ac7f264e948e6"}) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000000000)=0x4300, 0x4) sendmmsg$inet6(r2, &(0x7f0000004d00)=[{{0x0, 0x11, &(0x7f00000004c0)=[{&(0x7f0000000080)='K', 0x1}], 0x1}, 0x200000}], 0x7ffff000, 0x0) r7 = openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0x2000, 0x82}, 0x18) ioctl$EXT4_IOC_MOVE_EXT(r7, 0xc028660f, &(0x7f0000000140)={0x0, r3, 0x0, 0x7, 0x1000, 0x9}) 20:08:39 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 40) [ 1712.234392] ? __fget_files+0x26d/0x4c0 [ 1712.234426] ? lock_downgrade+0x6d0/0x6d0 [ 1712.234468] __io_queue_sqe+0x90/0x9d0 [ 1712.234508] ? io_issue_sqe+0x7660/0x7660 [ 1712.234548] ? io_prep_rw+0x7f5/0x1050 [ 1712.234589] io_submit_sqes+0x4461/0x85c0 [ 1712.234664] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1712.234696] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1712.234735] ? lock_downgrade+0x6d0/0x6d0 [ 1712.234764] ? find_held_lock+0x2c/0x110 [ 1712.234804] ? io_submit_sqes+0x85c0/0x85c0 [ 1712.234849] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1712.234887] ? wait_for_completion_io+0x270/0x270 [ 1712.234925] ? rcu_read_lock_any_held+0x75/0xa0 [ 1712.234954] ? vfs_write+0x354/0xa70 [ 1712.234993] ? fput_many+0x2f/0x1a0 [ 1712.235027] ? ksys_write+0x1a9/0x260 [ 1712.235061] ? __ia32_sys_read+0xb0/0xb0 [ 1712.235102] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1712.235141] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1712.235181] do_syscall_64+0x33/0x40 [ 1712.235218] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1712.235239] RIP: 0033:0x7f5d818b0b19 [ 1712.235273] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1712.235292] RSP: 002b:00007f5d7ee26188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa 20:08:39 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 26) [ 1712.235327] RAX: ffffffffffffffda RBX: 00007f5d819c3f60 RCX: 00007f5d818b0b19 [ 1712.235347] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1712.235367] RBP: 00007f5d7ee261d0 R08: 0000000000000000 R09: 0000000000000000 [ 1712.235387] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1712.235407] R13: 00007fff1ce3d42f R14: 00007f5d7ee26300 R15: 0000000000022000 [ 1712.442216] FAULT_INJECTION: forcing a failure. [ 1712.442216] name failslab, interval 1, probability 0, space 0, times 0 20:08:39 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 41) 20:08:39 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 38) [ 1712.442250] CPU: 0 PID: 13148 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1712.442269] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1712.442277] Call Trace: [ 1712.442315] dump_stack+0x107/0x167 [ 1712.442355] should_fail.cold+0x5/0xa [ 1712.442390] ? create_object.isra.0+0x3a/0xa20 [ 1712.442426] should_failslab+0x5/0x20 [ 1712.442457] kmem_cache_alloc+0x5b/0x310 [ 1712.442488] ? find_held_lock+0x2c/0x110 [ 1712.442525] create_object.isra.0+0x3a/0xa20 [ 1712.442561] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1712.442602] __kmalloc_node+0x1ae/0x420 [ 1712.442653] memcg_alloc_page_obj_cgroups+0x73/0x100 [ 1712.442690] memcg_slab_post_alloc_hook+0x1f0/0x430 [ 1712.442742] kmem_cache_alloc_bulk+0x182/0x320 [ 1712.442786] io_submit_sqes+0x6f76/0x85c0 [ 1712.442863] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1712.442895] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1712.442935] ? lock_downgrade+0x6d0/0x6d0 [ 1712.442963] ? find_held_lock+0x2c/0x110 [ 1712.443003] ? io_submit_sqes+0x85c0/0x85c0 [ 1712.443047] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1712.443086] ? wait_for_completion_io+0x270/0x270 [ 1712.443124] ? rcu_read_lock_any_held+0x75/0xa0 [ 1712.443153] ? vfs_write+0x354/0xa70 [ 1712.443192] ? fput_many+0x2f/0x1a0 [ 1712.443226] ? ksys_write+0x1a9/0x260 [ 1712.443259] ? __ia32_sys_read+0xb0/0xb0 [ 1712.443301] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1712.443340] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1712.443380] do_syscall_64+0x33/0x40 [ 1712.443417] entry_SYSCALL_64_after_hwframe+0x61/0xc6 20:08:40 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 27) [ 1712.443437] RIP: 0033:0x7fcf4787bb19 [ 1712.443471] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1712.443489] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1712.443524] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 20:08:40 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 39) [ 1712.443543] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1712.443563] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1712.443582] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1712.443602] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 [ 1712.615384] FAULT_INJECTION: forcing a failure. [ 1712.615384] name failslab, interval 1, probability 0, space 0, times 0 [ 1712.615406] CPU: 1 PID: 13159 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1712.615417] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1712.615423] Call Trace: [ 1712.615447] dump_stack+0x107/0x167 [ 1712.615469] should_fail.cold+0x5/0xa [ 1712.615488] ? create_object.isra.0+0x3a/0xa20 [ 1712.615508] should_failslab+0x5/0x20 [ 1712.615524] kmem_cache_alloc+0x5b/0x310 [ 1712.615541] ? find_held_lock+0x2c/0x110 [ 1712.615561] create_object.isra.0+0x3a/0xa20 20:08:40 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) [ 1712.615579] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1712.615601] __kmalloc_node+0x1ae/0x420 [ 1712.615658] memcg_alloc_page_obj_cgroups+0x73/0x100 [ 1712.615677] memcg_slab_post_alloc_hook+0x1f0/0x430 [ 1712.615704] kmem_cache_alloc_bulk+0x182/0x320 [ 1712.615727] io_submit_sqes+0x6f76/0x85c0 [ 1712.615777] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1712.615793] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1712.615815] ? lock_downgrade+0x6d0/0x6d0 [ 1712.615829] ? find_held_lock+0x2c/0x110 [ 1712.615851] ? io_submit_sqes+0x85c0/0x85c0 [ 1712.615877] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1712.615898] ? wait_for_completion_io+0x270/0x270 [ 1712.615918] ? rcu_read_lock_any_held+0x75/0xa0 [ 1712.615932] ? vfs_write+0x354/0xa70 [ 1712.615953] ? fput_many+0x2f/0x1a0 [ 1712.615971] ? ksys_write+0x1a9/0x260 [ 1712.615988] ? __ia32_sys_read+0xb0/0xb0 [ 1712.616010] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1712.616030] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1712.616053] do_syscall_64+0x33/0x40 [ 1712.616072] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1712.616085] RIP: 0033:0x7fe40cf96b19 [ 1712.616107] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1712.616116] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1712.616135] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1712.616145] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1712.616155] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1712.616165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1712.616176] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 [ 1712.704626] FAULT_INJECTION: forcing a failure. [ 1712.704626] name failslab, interval 1, probability 0, space 0, times 0 [ 1712.704660] CPU: 0 PID: 13163 Comm: syz-executor.1 Not tainted 5.10.180 #1 [ 1712.704679] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1712.704688] Call Trace: [ 1712.704733] dump_stack+0x107/0x167 [ 1712.704772] should_fail.cold+0x5/0xa [ 1712.704806] ? create_object.isra.0+0x3a/0xa20 [ 1712.704843] should_failslab+0x5/0x20 [ 1712.704875] kmem_cache_alloc+0x5b/0x310 [ 1712.704916] create_object.isra.0+0x3a/0xa20 [ 1712.704952] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1712.704991] __kmalloc+0x16e/0x390 [ 1712.705039] io_setup_async_rw+0x180/0x580 [ 1712.705066] ? iov_iter_restore+0x195/0x3a0 [ 1712.705100] io_read+0x775/0x11e0 [ 1712.705152] ? kiocb_done+0xc90/0xc90 [ 1712.705188] ? register_lock_class+0xbb/0x17b0 [ 1712.705218] ? arch_stack_walk+0x99/0xf0 [ 1712.705261] ? is_dynamic_key+0x1e0/0x1e0 [ 1712.705321] ? __lock_acquire+0x1657/0x5b00 [ 1712.705366] ? __lock_acquire+0xbb1/0x5b00 [ 1712.705408] io_issue_sqe+0x2e12/0x7660 [ 1712.705454] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1712.705486] ? SOFTIRQ_verbose+0x10/0x10 [ 1712.705520] ? lock_chain_count+0x20/0x20 [ 1712.705561] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1712.705590] ? io_connect+0x610/0x610 [ 1712.705630] ? lock_acquire+0x197/0x470 [ 1712.705661] ? find_held_lock+0x2c/0x110 [ 1712.705701] ? __fget_files+0x26d/0x4c0 [ 1712.705734] ? lock_downgrade+0x6d0/0x6d0 [ 1712.705776] __io_queue_sqe+0x90/0x9d0 [ 1712.705817] ? io_issue_sqe+0x7660/0x7660 [ 1712.705857] ? io_prep_rw+0x7f5/0x1050 [ 1712.705898] io_submit_sqes+0x4461/0x85c0 [ 1712.705974] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1712.706005] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1712.706044] ? lock_downgrade+0x6d0/0x6d0 [ 1712.706073] ? find_held_lock+0x2c/0x110 [ 1712.706112] ? io_submit_sqes+0x85c0/0x85c0 [ 1712.706157] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1712.706196] ? wait_for_completion_io+0x270/0x270 [ 1712.706233] ? rcu_read_lock_any_held+0x75/0xa0 [ 1712.706263] ? vfs_write+0x354/0xa70 [ 1712.706302] ? fput_many+0x2f/0x1a0 [ 1712.706336] ? ksys_write+0x1a9/0x260 [ 1712.706370] ? __ia32_sys_read+0xb0/0xb0 [ 1712.706412] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1712.706450] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1712.706491] do_syscall_64+0x33/0x40 [ 1712.706527] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1712.706548] RIP: 0033:0x7f5d818b0b19 [ 1712.706583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1712.706601] RSP: 002b:00007f5d7ee26188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1712.706636] RAX: ffffffffffffffda RBX: 00007f5d819c3f60 RCX: 00007f5d818b0b19 [ 1712.706656] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1712.706677] RBP: 00007f5d7ee261d0 R08: 0000000000000000 R09: 0000000000000000 [ 1712.706697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1712.706718] R13: 00007fff1ce3d42f R14: 00007f5d7ee26300 R15: 0000000000022000 [ 1712.875718] FAULT_INJECTION: forcing a failure. [ 1712.875718] name failslab, interval 1, probability 0, space 0, times 0 [ 1712.875927] CPU: 1 PID: 13165 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1712.875945] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1712.875954] Call Trace: [ 1712.875990] dump_stack+0x107/0x167 [ 1712.876027] should_fail.cold+0x5/0xa [ 1712.876064] ? io_setup_async_rw+0x180/0x580 [ 1712.876099] should_failslab+0x5/0x20 [ 1712.876126] __kmalloc+0x72/0x390 [ 1712.876169] io_setup_async_rw+0x180/0x580 [ 1712.876195] ? iov_iter_restore+0x195/0x3a0 [ 1712.876226] io_read+0x775/0x11e0 [ 1712.876273] ? kiocb_done+0xc90/0xc90 [ 1712.876335] ? stack_trace_consume_entry+0x160/0x160 [ 1712.876382] ? lock_acquire+0x197/0x470 [ 1712.876420] ? __lock_acquire+0xbb1/0x5b00 [ 1712.876458] io_issue_sqe+0x2e12/0x7660 [ 1712.876501] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1712.876530] ? SOFTIRQ_verbose+0x10/0x10 [ 1712.876562] ? lock_chain_count+0x20/0x20 [ 1712.876599] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1712.876625] ? io_connect+0x610/0x610 [ 1712.876661] ? lock_acquire+0x197/0x470 [ 1712.876689] ? find_held_lock+0x2c/0x110 [ 1712.876726] ? __fget_files+0x26d/0x4c0 [ 1712.876757] ? lock_downgrade+0x6d0/0x6d0 [ 1712.876799] __io_queue_sqe+0x90/0x9d0 [ 1712.876836] ? io_issue_sqe+0x7660/0x7660 [ 1712.876873] ? io_prep_rw+0x7f5/0x1050 [ 1712.876910] io_submit_sqes+0x4461/0x85c0 [ 1712.876979] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1712.877008] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1712.877044] ? lock_downgrade+0x6d0/0x6d0 [ 1712.877071] ? find_held_lock+0x2c/0x110 [ 1712.877107] ? io_submit_sqes+0x85c0/0x85c0 [ 1712.877149] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1712.877184] ? wait_for_completion_io+0x270/0x270 [ 1712.877220] ? rcu_read_lock_any_held+0x75/0xa0 [ 1712.877247] ? vfs_write+0x354/0xa70 [ 1712.877283] ? fput_many+0x2f/0x1a0 [ 1712.877315] ? ksys_write+0x1a9/0x260 [ 1712.877346] ? __ia32_sys_read+0xb0/0xb0 [ 1712.877385] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1712.877421] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1712.877458] do_syscall_64+0x33/0x40 [ 1712.877492] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1712.877511] RIP: 0033:0x7fcf4787bb19 [ 1712.877544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1712.877561] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1712.877598] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1712.877617] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1712.877636] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1712.877654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1712.877674] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 [ 1712.981282] FAULT_INJECTION: forcing a failure. [ 1712.981282] name failslab, interval 1, probability 0, space 0, times 0 [ 1712.981319] CPU: 0 PID: 13167 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1712.981340] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1712.981350] Call Trace: [ 1712.981396] dump_stack+0x107/0x167 [ 1712.981439] should_fail.cold+0x5/0xa [ 1712.981477] ? create_object.isra.0+0x3a/0xa20 [ 1712.981518] should_failslab+0x5/0x20 [ 1712.981553] kmem_cache_alloc+0x5b/0x310 [ 1712.981597] create_object.isra.0+0x3a/0xa20 [ 1712.981636] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1712.981679] __kmalloc+0x16e/0x390 [ 1712.981731] io_setup_async_rw+0x180/0x580 [ 1712.981763] ? iov_iter_restore+0x195/0x3a0 [ 1712.981802] io_read+0x775/0x11e0 [ 1712.981857] ? kiocb_done+0xc90/0xc90 [ 1712.981930] ? stack_trace_consume_entry+0x160/0x160 [ 1712.981984] ? lock_acquire+0x197/0x470 [ 1712.982028] ? __lock_acquire+0xbb1/0x5b00 [ 1712.982075] io_issue_sqe+0x2e12/0x7660 [ 1712.982125] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1712.982159] ? SOFTIRQ_verbose+0x10/0x10 [ 1712.982196] ? lock_chain_count+0x20/0x20 [ 1712.982240] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1712.982272] ? io_connect+0x610/0x610 [ 1712.982315] ? lock_acquire+0x197/0x470 [ 1712.982348] ? find_held_lock+0x2c/0x110 [ 1712.982392] ? __fget_files+0x26d/0x4c0 [ 1712.982429] ? lock_downgrade+0x6d0/0x6d0 [ 1712.982475] __io_queue_sqe+0x90/0x9d0 [ 1712.982519] ? io_issue_sqe+0x7660/0x7660 [ 1712.982562] ? io_prep_rw+0x7f5/0x1050 [ 1712.982607] io_submit_sqes+0x4461/0x85c0 [ 1712.982689] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1712.982723] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1712.982766] ? lock_downgrade+0x6d0/0x6d0 [ 1712.982797] ? find_held_lock+0x2c/0x110 [ 1712.982840] ? io_submit_sqes+0x85c0/0x85c0 [ 1712.982888] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1712.982931] ? wait_for_completion_io+0x270/0x270 [ 1712.982981] ? rcu_read_lock_any_held+0x75/0xa0 [ 1712.983014] ? vfs_write+0x354/0xa70 [ 1712.983056] ? fput_many+0x2f/0x1a0 [ 1712.983094] ? ksys_write+0x1a9/0x260 [ 1712.983131] ? __ia32_sys_read+0xb0/0xb0 [ 1712.983177] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1712.983219] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1712.983263] do_syscall_64+0x33/0x40 [ 1712.983304] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1712.983327] RIP: 0033:0x7fe40cf96b19 [ 1712.983366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1712.983386] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1712.983426] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1712.983447] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1712.983470] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1712.983492] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1712.983515] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 [ 1713.171652] FAULT_INJECTION: forcing a failure. [ 1713.171652] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1713.171692] CPU: 0 PID: 13173 Comm: syz-executor.1 Not tainted 5.10.180 #1 [ 1713.171717] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1713.171729] Call Trace: [ 1713.171772] dump_stack+0x107/0x167 [ 1713.171819] should_fail.cold+0x5/0xa [ 1713.171873] __alloc_pages_nodemask+0x182/0x600 [ 1713.171931] ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130 [ 1713.172002] alloc_pages_current+0x187/0x280 [ 1713.172046] allocate_slab+0x26f/0x380 [ 1713.172093] ___slab_alloc+0x470/0x700 [ 1713.172134] ? io_submit_sqes+0x6f76/0x85c0 [ 1713.172184] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1713.172228] ? trace_hardirqs_on+0x5b/0x180 [ 1713.172283] ? kmem_cache_alloc_bulk+0x1ec/0x320 [ 1713.172320] kmem_cache_alloc_bulk+0x1ec/0x320 [ 1713.172366] io_submit_sqes+0x6f76/0x85c0 [ 1713.172454] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1713.172490] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1713.172537] ? lock_downgrade+0x6d0/0x6d0 [ 1713.172570] ? find_held_lock+0x2c/0x110 [ 1713.172616] ? io_submit_sqes+0x85c0/0x85c0 [ 1713.172667] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1713.172712] ? wait_for_completion_io+0x270/0x270 [ 1713.172756] ? rcu_read_lock_any_held+0x75/0xa0 [ 1713.172795] ? vfs_write+0x354/0xa70 [ 1713.178056] FAULT_INJECTION: forcing a failure. [ 1713.178056] name failslab, interval 1, probability 0, space 0, times 0 [ 1713.178941] ? fput_many+0x2f/0x1a0 [ 1713.178981] ? ksys_write+0x1a9/0x260 [ 1713.179020] ? __ia32_sys_read+0xb0/0xb0 [ 1713.179069] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1713.179114] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1713.179163] do_syscall_64+0x33/0x40 [ 1713.179208] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1713.427571] RIP: 0033:0x7f5d818b0b19 [ 1713.428457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1713.432631] RSP: 002b:00007f5d7ee26188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1713.434378] RAX: ffffffffffffffda RBX: 00007f5d819c3f60 RCX: 00007f5d818b0b19 [ 1713.436004] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1713.437628] RBP: 00007f5d7ee261d0 R08: 0000000000000000 R09: 0000000000000000 [ 1713.439241] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1713.440869] R13: 00007fff1ce3d42f R14: 00007f5d7ee26300 R15: 0000000000022000 [ 1713.442511] CPU: 1 PID: 13172 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1713.443414] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1713.444503] Call Trace: [ 1713.444851] dump_stack+0x107/0x167 [ 1713.445329] should_fail.cold+0x5/0xa [ 1713.445832] ? io_setup_async_rw+0x180/0x580 [ 1713.446427] should_failslab+0x5/0x20 [ 1713.446928] __kmalloc+0x72/0x390 [ 1713.447401] io_setup_async_rw+0x180/0x580 [ 1713.447934] ? iov_iter_restore+0x195/0x3a0 [ 1713.448490] io_read+0x775/0x11e0 [ 1713.448935] ? kiocb_done+0xc90/0xc90 [ 1713.449445] ? stack_trace_consume_entry+0x160/0x160 [ 1713.450088] ? __lock_acquire+0xbb1/0x5b00 [ 1713.450639] io_issue_sqe+0x2e12/0x7660 [ 1713.451137] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1713.451816] ? SOFTIRQ_verbose+0x10/0x10 [ 1713.452327] ? lock_chain_count+0x20/0x20 [ 1713.452863] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1713.453518] ? io_connect+0x610/0x610 [ 1713.454010] ? lock_acquire+0x197/0x470 [ 1713.454494] ? find_held_lock+0x2c/0x110 [ 1713.455023] ? __fget_files+0x26d/0x4c0 [ 1713.455531] ? lock_downgrade+0x6d0/0x6d0 [ 1713.456077] __io_queue_sqe+0x90/0x9d0 [ 1713.456566] ? io_issue_sqe+0x7660/0x7660 [ 1713.457111] ? io_prep_rw+0x7f5/0x1050 [ 1713.457599] io_submit_sqes+0x4461/0x85c0 [ 1713.458149] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1713.458767] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1713.459383] ? lock_downgrade+0x6d0/0x6d0 [ 1713.459916] ? find_held_lock+0x2c/0x110 [ 1713.460434] ? io_submit_sqes+0x85c0/0x85c0 [ 1713.460986] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1713.461604] ? wait_for_completion_io+0x270/0x270 [ 1713.462219] ? rcu_read_lock_any_held+0x75/0xa0 [ 1713.462803] ? vfs_write+0x354/0xa70 [ 1713.463272] ? fput_many+0x2f/0x1a0 [ 1713.463771] ? ksys_write+0x1a9/0x260 [ 1713.464250] ? __ia32_sys_read+0xb0/0xb0 [ 1713.464774] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1713.465432] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1713.466089] do_syscall_64+0x33/0x40 [ 1713.466556] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1713.467212] RIP: 0033:0x7fcf4787bb19 [ 1713.467704] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1713.470037] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1713.471001] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1713.471918] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1713.472818] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1713.473714] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1713.474613] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 20:08:40 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 42) 20:08:40 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 28) [ 1713.624471] FAULT_INJECTION: forcing a failure. [ 1713.624471] name failslab, interval 1, probability 0, space 0, times 0 [ 1713.625758] CPU: 1 PID: 13184 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1713.626521] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1713.627423] Call Trace: [ 1713.627729] dump_stack+0x107/0x167 [ 1713.628139] should_fail.cold+0x5/0xa [ 1713.628569] ? create_object.isra.0+0x3a/0xa20 [ 1713.629071] should_failslab+0x5/0x20 [ 1713.629485] kmem_cache_alloc+0x5b/0x310 [ 1713.629939] create_object.isra.0+0x3a/0xa20 [ 1713.630419] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1713.630971] __kmalloc+0x16e/0x390 [ 1713.631364] io_setup_async_rw+0x180/0x580 [ 1713.631829] ? iov_iter_restore+0x195/0x3a0 [ 1713.632305] io_read+0x775/0x11e0 [ 1713.632691] ? kiocb_done+0xc90/0xc90 [ 1713.633119] ? stack_trace_consume_entry+0x160/0x160 [ 1713.633676] ? lock_acquire+0x197/0x470 [ 1713.634108] ? __lock_acquire+0xbb1/0x5b00 [ 1713.634574] io_issue_sqe+0x2e12/0x7660 [ 1713.635012] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1713.635584] ? SOFTIRQ_verbose+0x10/0x10 [ 1713.636051] ? lock_chain_count+0x20/0x20 [ 1713.636513] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1713.637091] ? io_connect+0x610/0x610 [ 1713.637517] ? lock_acquire+0x197/0x470 [ 1713.637956] ? find_held_lock+0x2c/0x110 [ 1713.638396] ? __fget_files+0x26d/0x4c0 [ 1713.638835] ? lock_downgrade+0x6d0/0x6d0 [ 1713.639286] __io_queue_sqe+0x90/0x9d0 [ 1713.639719] ? io_issue_sqe+0x7660/0x7660 [ 1713.640169] ? io_prep_rw+0x7f5/0x1050 [ 1713.640594] io_submit_sqes+0x4461/0x85c0 [ 1713.641061] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1713.641601] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1713.642125] ? lock_downgrade+0x6d0/0x6d0 [ 1713.642583] ? find_held_lock+0x2c/0x110 [ 1713.643027] ? io_submit_sqes+0x85c0/0x85c0 [ 1713.643500] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1713.644043] ? wait_for_completion_io+0x270/0x270 [ 1713.644574] ? rcu_read_lock_any_held+0x75/0xa0 [ 1713.645083] ? vfs_write+0x354/0xa70 [ 1713.645484] ? fput_many+0x2f/0x1a0 [ 1713.645879] ? ksys_write+0x1a9/0x260 [ 1713.646293] ? __ia32_sys_read+0xb0/0xb0 [ 1713.646745] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1713.647323] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1713.647891] do_syscall_64+0x33/0x40 [ 1713.648299] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1713.648852] RIP: 0033:0x7fe40cf96b19 [ 1713.649254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1713.651241] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1713.652071] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1713.652838] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1713.653607] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1713.654379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1713.655148] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 20:08:57 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 43) 20:08:57 executing program 2: ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) r0 = socket$netlink(0x10, 0x3, 0x10) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'lo\x00'}) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYRES16=r0, @ANYRESHEX=r0, @ANYRES64, @ANYBLOB="0d2311018c8241d968a3", @ANYRESDEC=r1], 0x14}}, 0x0) recvmmsg(r0, &(0x7f0000000580)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000040)=""/232, &(0x7f0000000180)=0xe8) 20:08:57 executing program 6: r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x9}, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x6, 0x7f, 0x40, 0x1, 0x0, 0x2, 0x21, 0xc, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x7fffffff, 0x0, @perf_bp={&(0x7f0000000000), 0x4}, 0x54100, 0xe8, 0x1, 0x3, 0x4, 0x4, 0x4, 0x0, 0x2, 0x0, 0x5}, 0xffffffffffffffff, 0xffffffffffffffff, r0, 0x0) sync() 20:08:58 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 20:08:58 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 40) 20:08:58 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, 0x0, 0x0, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:08:58 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4082, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x2480, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xff}, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x4, 0x13, r0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_WRITE={0x17, 0x2, 0x0, @fd_index, 0x3, &(0x7f0000000040)="e028a2", 0x3, 0x0, 0x1}, 0xb50f) syz_io_uring_submit(r2, 0x0, &(0x7f0000000540)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd, 0x80, 0x0, 0x7, 0x6, 0x1}, 0x6) openat(r0, &(0x7f00000000c0)='./file0\x00', 0x44a00, 0x0) truncate(&(0x7f0000000080)='./file0\x00', 0x4) syz_io_uring_complete(r2) madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x15) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000340)={0x0, 0x0, 0x12}, &(0x7f0000000400)='./file0\x00', 0x18, 0x0, 0x12345}, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) fremovexattr(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="000000000a9400c951644586229555c99383175796c7e67509b3a0210c8a19b5ae2c1fca26a0a0a7392df27b6e25914f9df2425920434c7a52e6b7a006064ccbc11f607e81c903b4b4e67e50522d47d4ca98df94ea92903ae1e35e73e8dd700dc03b12728274ada1c15134382105bd6938ae8a72de455f55e25581e0b35e10be14bfe9dd77c7ef2a1df6a5bd252f36d9e2b7a4387e76ec16d20744e9606abe74df3be510c812f11f444c5111dce065a7f7efcc516b537f1562e7facd7e5b45b7fea17e52334a07e4fe2ded74100002a63fa81591537bfb80404f775e1ac3d6f7a2c58edae38037b63ee5aecae6165032d7fd9e904c28a8c99c721a8085b06899f863d8f4d8c646505fd37b5f1a641d1053769df5e43500"/294]) r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r4, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES64=r1, @ANYRESOCT], 0xfdef) mount$bind(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0), 0x40000, 0x0) fallocate(r4, 0x3, 0x4077, 0x8000) sendfile(r3, r3, &(0x7f0000000180)=0x8, 0x3f) r5 = openat(r0, &(0x7f0000000440)='./file0\x00', 0x1adf40, 0x55) r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r6, 0x0, r5, 0x0, 0x200f5ef, 0x0) 20:08:58 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0) add_key$keyring(&(0x7f00000002c0), 0x0, 0x0, 0x0, 0xfffffffffffffffe) readv(r0, &(0x7f0000000300), 0x0) [ 1730.997735] FAULT_INJECTION: forcing a failure. [ 1730.997735] name failslab, interval 1, probability 0, space 0, times 0 [ 1731.000722] CPU: 0 PID: 13195 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1731.002202] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1731.003967] Call Trace: [ 1731.004540] dump_stack+0x107/0x167 [ 1731.005330] should_fail.cold+0x5/0xa [ 1731.006155] ? io_setup_async_rw+0x180/0x580 [ 1731.007105] should_failslab+0x5/0x20 [ 1731.007946] __kmalloc+0x72/0x390 [ 1731.008696] io_setup_async_rw+0x180/0x580 [ 1731.009590] ? iov_iter_restore+0x195/0x3a0 [ 1731.010509] io_read+0x775/0x11e0 [ 1731.011273] ? kiocb_done+0xc90/0xc90 [ 1731.012151] ? stack_trace_consume_entry+0x160/0x160 [ 1731.013234] ? lock_acquire+0x197/0x470 [ 1731.014090] ? __lock_acquire+0xbb1/0x5b00 [ 1731.015031] io_issue_sqe+0x2e12/0x7660 [ 1731.015989] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1731.017090] ? SOFTIRQ_verbose+0x10/0x10 [ 1731.017961] ? lock_chain_count+0x20/0x20 [ 1731.018854] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1731.019966] ? io_connect+0x610/0x610 [ 1731.020774] ? lock_acquire+0x197/0x470 [ 1731.021628] ? find_held_lock+0x2c/0x110 [ 1731.022498] ? __fget_files+0x26d/0x4c0 [ 1731.023349] ? lock_downgrade+0x6d0/0x6d0 [ 1731.024243] __io_queue_sqe+0x90/0x9d0 [ 1731.025094] ? io_issue_sqe+0x7660/0x7660 [ 1731.025981] ? io_prep_rw+0x7f5/0x1050 [ 1731.026814] io_submit_sqes+0x4461/0x85c0 [ 1731.027739] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1731.028820] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1731.029863] ? lock_downgrade+0x6d0/0x6d0 [ 1731.030744] ? find_held_lock+0x2c/0x110 [ 1731.031615] ? io_submit_sqes+0x85c0/0x85c0 [ 1731.032548] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1731.033581] ? wait_for_completion_io+0x270/0x270 [ 1731.034576] ? rcu_read_lock_any_held+0x75/0xa0 [ 1731.035528] ? vfs_write+0x354/0xa70 [ 1731.036310] ? fput_many+0x2f/0x1a0 [ 1731.037073] ? ksys_write+0x1a9/0x260 [ 1731.037856] ? __ia32_sys_read+0xb0/0xb0 [ 1731.038684] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1731.039756] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1731.040856] do_syscall_64+0x33/0x40 [ 1731.041618] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1731.042669] RIP: 0033:0x7fe40cf96b19 [ 1731.043443] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1731.047252] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1731.048841] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1731.050314] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1731.051786] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1731.053265] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1731.054725] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 20:08:58 executing program 4: setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) fallocate(r0, 0x0, 0x0, 0x0) getsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000100), &(0x7f0000000140)=0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) fallocate(r1, 0x0, 0x0, 0x8000008800000) [ 1731.098552] FAULT_INJECTION: forcing a failure. [ 1731.098552] name failslab, interval 1, probability 0, space 0, times 0 [ 1731.101226] CPU: 1 PID: 13201 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1731.102668] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1731.104388] Call Trace: [ 1731.104958] dump_stack+0x107/0x167 [ 1731.105743] should_fail.cold+0x5/0xa [ 1731.106558] ? create_object.isra.0+0x3a/0xa20 [ 1731.107525] should_failslab+0x5/0x20 [ 1731.108334] kmem_cache_alloc+0x5b/0x310 [ 1731.109197] create_object.isra.0+0x3a/0xa20 [ 1731.110125] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1731.111188] __kmalloc+0x16e/0x390 [ 1731.111968] io_setup_async_rw+0x180/0x580 [ 1731.112847] ? iov_iter_restore+0x195/0x3a0 [ 1731.113752] io_read+0x775/0x11e0 [ 1731.114504] ? kiocb_done+0xc90/0xc90 [ 1731.115338] ? stack_trace_consume_entry+0x160/0x160 [ 1731.116417] ? lock_acquire+0x197/0x470 [ 1731.117261] ? __lock_acquire+0xbb1/0x5b00 [ 1731.118182] io_issue_sqe+0x2e12/0x7660 [ 1731.119029] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1731.120136] ? SOFTIRQ_verbose+0x10/0x10 [ 1731.120994] ? lock_chain_count+0x20/0x20 [ 1731.121873] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1731.122965] ? io_connect+0x610/0x610 [ 1731.123775] ? lock_acquire+0x197/0x470 [ 1731.124622] ? find_held_lock+0x2c/0x110 [ 1731.125614] ? __fget_files+0x26d/0x4c0 [ 1731.126455] ? lock_downgrade+0x6d0/0x6d0 [ 1731.127331] __io_queue_sqe+0x90/0x9d0 [ 1731.128177] ? io_issue_sqe+0x7660/0x7660 [ 1731.129053] ? io_prep_rw+0x7f5/0x1050 [ 1731.129879] io_submit_sqes+0x4461/0x85c0 [ 1731.130797] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1731.131877] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1731.132898] ? lock_downgrade+0x6d0/0x6d0 [ 1731.133770] ? find_held_lock+0x2c/0x110 [ 1731.134653] ? io_submit_sqes+0x85c0/0x85c0 [ 1731.135569] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1731.136590] ? wait_for_completion_io+0x270/0x270 [ 1731.137600] ? rcu_read_lock_any_held+0x75/0xa0 [ 1731.138570] ? vfs_write+0x354/0xa70 [ 1731.139360] ? fput_many+0x2f/0x1a0 [ 1731.140143] ? ksys_write+0x1a9/0x260 [ 1731.140943] ? __ia32_sys_read+0xb0/0xb0 [ 1731.141800] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1731.142913] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1731.143999] do_syscall_64+0x33/0x40 [ 1731.144779] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1731.145856] RIP: 0033:0x7fcf4787bb19 [ 1731.146643] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1731.150442] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1731.152034] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1731.153506] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1731.154975] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1731.156450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1731.157922] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 20:08:58 executing program 4: r0 = creat(&(0x7f0000000180)='./file1\x00', 0x0) fcntl$setlease(r0, 0x400, 0x1) ioctl$TCSETSW2(r0, 0x402c542c, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0xf0) statfs(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)=""/209) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x13, r1, 0x0) r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r4, &(0x7f0000000280)=ANY=[], 0xfdef) syz_io_uring_complete(r3) pidfd_send_signal(0xffffffffffffffff, 0x0, &(0x7f0000000000), 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="ec0200002f0000042dbd7000fedbdf25070000126b674a00", @ANYRES32=0x0, @ANYBLOB="b5192d833ce3688406cb09d2d50a64f09b6fa7599c44e280cf59aaaec3e3232e2194455018da4152a5f464579a5fa20d334f3f6a51d1228ed9c9dee3d417091dadda03d4e6da4d923b9af61d8147238f390f1a1ed2decedf4c5aa73c19bfa2c0cc923e79fd3379c3e521aba7e3a35643041ab765a16a689bb1d335a37b5bad4b2bb23ea7d25bcc9fd18a020e168b8ba0ce54653e016280160067002f6465762f696e7075742f6d6f75736523000000f4db7e0092007539a65524d6f4ea087c9727501f75560bac48ed86e8be82ea039d03c9e766c61b0dfe4583e68fe2a73646be216cb2d78be30be04f259f0523bdfad678ba244e6d82f01ac26e0f83a7b402aa4c9814cf3639a4451e7081387644ee1f8987f8930c668c75a292a8d1c7ecd1adc9b4cd7dad440617b86d34ea91170000054be300ca1d9852413cfbcd04779ed087701f199f94c51de275cbb1b429084859b989b6239f96191e308ded031a600c3b1eec3231c39600ef0100f32e4ceda9f04316cd43d8f8854ab78dab98dd2666e3660602ff02387d81bb991cae19a72434ba6e8fb977da93945a300edf6347973e8f2caba4f38e637c429b7565b46445be00d115a7c419b33dc9658df9de820bcabc49ae272ebbf5edce9d43c093fb2c0000109d27835ea846dc96a43f308ad4e68f5668414a2b0909a4f0d249843d37a97f9d7fdcd631b606d6034e8543c4d3e2cedb3aeaec80814e6d2d23553d0aba092634d42a2fbb7703077b1cd41312a5696c7d6adacf539ad703c5da812c20199b6fe124c05cd8f559b5b58d5244562e0a179373fa142f53c61035d3d3805de7433349de4a66b1ae193930d4522b8e931a143a05c077ccd2cf83e9bab7eae1cf565fe52b464019da3480f2e20d48de7570500b47c4b5095fce26b7ef45c73a1e0c1caf128056a273694155411b513cb6b349b0eaaeb32c0eddbeafa23f7aa9eb4e64c021a2f640cfef289a86f165e3746ceac9336ba36acff6948f56406e00"], 0x2ec}, 0x1, 0x0, 0x0, 0x20000000}, 0x8011) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) fcntl$dupfd(0xffffffffffffffff, 0x0, r5) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x3, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r6}}, 0x1) syz_io_uring_submit(r2, 0x0, &(0x7f0000000080)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r6}}, 0xffff) syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffdfffffffffffff, 0xffffffffffffffff, 0x0) ioctl$EXT4_IOC_SWAP_BOOT(r1, 0x6611) 20:09:14 executing program 2: chdir(&(0x7f00000001c0)='./file0\x00') open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, @perf_bp={0x0, 0xffffffff81000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ptrace(0x11, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/crypto\x00', 0x0, 0x0) pread64(r1, &(0x7f00000010c0)=""/4088, 0xff8, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, r2) writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec02", 0x2e}], 0x2) r4 = inotify_init1(0x0) inotify_add_watch(r4, &(0x7f0000000040)='.\x00', 0x2000003) signalfd4(r0, &(0x7f00000001c0), 0x8, 0x0) 20:09:14 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000040), 0x4) sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x28, 0x10, 0x1, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}, @nested={0xc, 0x0, 0x0, 0x1, [@typed={0x8, 0xa, 0x0, 0x0, @fd=r0}]}]}, 0x28}}, 0x0) 20:09:14 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, 0x0, 0x0, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:09:14 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 41) 20:09:14 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 44) 20:09:14 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 20:09:14 executing program 6: gettid() r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) r2 = socket$nl_audit(0x10, 0x3, 0x9) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000000000)=0x120, 0x4) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="280000001300210c00000000000000000f00000014000000fc02000000000046d5b5355f8149154f"], 0x28}}, 0x0) dup3(0xffffffffffffffff, r0, 0x80000) 20:09:14 executing program 4: setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="af76ab0007c090c159dd198c0199665d94abc8037f802cf1b7c999f6350ca1f843e1d4df3a2990eea0cec9e88952cf134bcd918c91f0291550c53e70f7b679435c6621d865873bcad0666c2edbc61bd1e557385a7aa03076eaaed904efe8b6bf5636abc94599c5f1010b921b336b2155034dfdbc5564f2a61fe8a50f6dd1275d600c8cb01c0278f323a7f1af0b43ade7b8d5e200"/157], 0x8) perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0xeb, 0x0, 0xfd, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x40000, 0x0, 0x197}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='status\x00') creat(&(0x7f0000000100)='./file0\x00', 0x1) r1 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) fsetxattr$security_ima(r0, &(0x7f0000000080), &(0x7f00000000c0)=@sha1={0x1, "2e4d873c1ea55e84b037ba9cd74073c292f73d5f"}, 0x15, 0x2) mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x12, r1, 0x10000000) readv(r0, &(0x7f0000001540)=[{&(0x7f0000000140)=""/44, 0x2c}], 0x1) r2 = clone3(&(0x7f0000000140)={0x4000, 0x0, 0x0, 0x0, {0x2c}, 0x0, 0x0, 0x0, 0x0}, 0x58) r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) kcmp(r2, 0x0, 0x1, 0xffffffffffffffff, 0xffffffffffffffff) r4 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x21, &(0x7f0000000240)={0x0, 0xfffffffe, 0x1, 0x0, 0x1f1, 0x0, r0}, &(0x7f00000a0000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000340)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r5, 0x0, 0x0, 0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(0x0, r6, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x1, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x1, {0x3}}, 0x6df10f75) fcntl$setownex(r4, 0x409, &(0x7f0000000000)) dup2(r4, r0) connect$bt_sco(r3, &(0x7f0000000040)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f00000001c0)={'team_slave_0\x00'}) [ 1747.118641] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. [ 1747.134595] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. [ 1747.139419] FAULT_INJECTION: forcing a failure. [ 1747.139419] name failslab, interval 1, probability 0, space 0, times 0 [ 1747.142385] CPU: 0 PID: 13230 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1747.143952] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1747.145832] Call Trace: [ 1747.146433] dump_stack+0x107/0x167 [ 1747.147260] should_fail.cold+0x5/0xa [ 1747.148152] ? io_setup_async_rw+0x180/0x580 [ 1747.149146] should_failslab+0x5/0x20 [ 1747.150003] __kmalloc+0x72/0x390 [ 1747.150795] io_setup_async_rw+0x180/0x580 [ 1747.151742] ? iov_iter_restore+0x195/0x3a0 [ 1747.151930] FAULT_INJECTION: forcing a failure. [ 1747.151930] name failslab, interval 1, probability 0, space 0, times 0 [ 1747.152748] io_read+0x775/0x11e0 [ 1747.152785] ? kiocb_done+0xc90/0xc90 [ 1747.155833] ? stack_trace_consume_entry+0x160/0x160 [ 1747.156993] ? lock_acquire+0x197/0x470 [ 1747.157893] ? __lock_acquire+0xbb1/0x5b00 [ 1747.158848] io_issue_sqe+0x2e12/0x7660 [ 1747.159748] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1747.160946] ? SOFTIRQ_verbose+0x10/0x10 [ 1747.161859] ? lock_chain_count+0x20/0x20 [ 1747.162785] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1747.163945] ? io_connect+0x610/0x610 [ 1747.164805] ? lock_acquire+0x197/0x470 [ 1747.165690] ? find_held_lock+0x2c/0x110 [ 1747.166600] ? __fget_files+0x26d/0x4c0 [ 1747.167484] ? lock_downgrade+0x6d0/0x6d0 [ 1747.168434] __io_queue_sqe+0x90/0x9d0 [ 1747.169310] ? io_issue_sqe+0x7660/0x7660 [ 1747.170237] ? io_prep_rw+0x7f5/0x1050 [ 1747.171115] io_submit_sqes+0x4461/0x85c0 [ 1747.172082] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1747.173193] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1747.174272] ? lock_downgrade+0x6d0/0x6d0 [ 1747.175198] ? find_held_lock+0x2c/0x110 [ 1747.176126] ? io_submit_sqes+0x85c0/0x85c0 [ 1747.177099] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1747.178176] ? wait_for_completion_io+0x270/0x270 [ 1747.179266] ? rcu_read_lock_any_held+0x75/0xa0 [ 1747.180303] ? vfs_write+0x354/0xa70 [ 1747.181136] ? fput_many+0x2f/0x1a0 [ 1747.181941] ? ksys_write+0x1a9/0x260 [ 1747.182785] ? __ia32_sys_read+0xb0/0xb0 [ 1747.183684] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1747.184855] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1747.185994] do_syscall_64+0x33/0x40 [ 1747.186817] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1747.187957] RIP: 0033:0x7fcf4787bb19 [ 1747.188794] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1747.192836] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1747.194517] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1747.196131] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1747.197704] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1747.199273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1747.200840] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 [ 1747.202425] CPU: 1 PID: 13238 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1747.203316] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1747.204347] Call Trace: [ 1747.204671] dump_stack+0x107/0x167 [ 1747.205121] should_fail.cold+0x5/0xa [ 1747.205590] ? create_object.isra.0+0x3a/0xa20 [ 1747.206161] should_failslab+0x5/0x20 [ 1747.206636] kmem_cache_alloc+0x5b/0x310 [ 1747.207136] create_object.isra.0+0x3a/0xa20 [ 1747.207686] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1747.208328] __kmalloc+0x16e/0x390 [ 1747.208798] io_setup_async_rw+0x180/0x580 [ 1747.209320] ? iov_iter_restore+0x195/0x3a0 [ 1747.209877] io_read+0x775/0x11e0 [ 1747.210318] ? kiocb_done+0xc90/0xc90 [ 1747.210806] ? stack_trace_consume_entry+0x160/0x160 [ 1747.211445] ? lock_acquire+0x197/0x470 [ 1747.211949] ? __lock_acquire+0xbb1/0x5b00 [ 1747.212497] io_issue_sqe+0x2e12/0x7660 [ 1747.213018] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1747.213676] ? SOFTIRQ_verbose+0x10/0x10 [ 1747.214210] ? lock_chain_count+0x20/0x20 [ 1747.214734] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1747.215456] ? io_connect+0x610/0x610 [ 1747.215939] ? lock_acquire+0x197/0x470 [ 1747.216475] ? find_held_lock+0x2c/0x110 [ 1747.216991] ? __fget_files+0x26d/0x4c0 [ 1747.217524] ? lock_downgrade+0x6d0/0x6d0 [ 1747.218048] __io_queue_sqe+0x90/0x9d0 [ 1747.218566] ? io_issue_sqe+0x7660/0x7660 [ 1747.219093] ? io_prep_rw+0x7f5/0x1050 [ 1747.219604] io_submit_sqes+0x4461/0x85c0 [ 1747.220155] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1747.220809] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1747.221414] ? lock_downgrade+0x6d0/0x6d0 [ 1747.221949] ? find_held_lock+0x2c/0x110 [ 1747.222463] ? io_submit_sqes+0x85c0/0x85c0 [ 1747.223030] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1747.223635] ? wait_for_completion_io+0x270/0x270 [ 1747.224269] ? rcu_read_lock_any_held+0x75/0xa0 [ 1747.224844] ? vfs_write+0x354/0xa70 [ 1747.225331] ? fput_many+0x2f/0x1a0 [ 1747.225792] ? ksys_write+0x1a9/0x260 [ 1747.226280] ? __ia32_sys_read+0xb0/0xb0 [ 1747.226789] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1747.227473] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1747.228122] do_syscall_64+0x33/0x40 [ 1747.228610] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1747.229247] RIP: 0033:0x7fe40cf96b19 [ 1747.229735] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1747.232017] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1747.232983] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1747.233891] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1747.234793] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1747.235689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1747.236585] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 20:09:14 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) io_setup(0x5, &(0x7f0000000040)) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x7, 0x7, 0x3, 0x40, 0x416, 0x2, 0x6, 0x3ff, 0xa5, 0x40, 0xe8, 0x80000001, 0x81, 0x38, 0x2, 0x9, 0xad81, 0xff}, [{0x6, 0xf3d, 0x0, 0x231bb074, 0x7fffffff, 0x0, 0x100, 0xfffffffffffffff8}, {0x6, 0x40, 0x5, 0x8e84, 0x80000000, 0x1, 0x5, 0x3f}], "7f1c3b13a5ab75f2afe4d49ac6c17a360651fb1351b18624eb96a773c6d7df56399b0fe3b19e8c101be77e4a4d4c983a50d1f516bc9cce2642ce65d306aee03e18313f", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x7f3) io_setup(0x1, &(0x7f0000000780)=0x0) r1 = memfd_create(&(0x7f00000000c0), 0x2) fcntl$addseals(r1, 0x409, 0xd) io_submit(r0, 0x1, &(0x7f00000006c0)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000000)='\"', 0x1}]) io_pgetevents(r0, 0x3, 0x3, &(0x7f0000000280)=[{}, {}, {}], &(0x7f0000000000)={0x0, 0x989680}, 0x0) 20:09:14 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, 0x0, 0x0, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:09:14 executing program 2: openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) dup2(0xffffffffffffffff, 0xffffffffffffffff) fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000006100)=[{{&(0x7f0000000480)=@abs, 0x6e, &(0x7f00000005c0)=[{&(0x7f0000000500)=""/192, 0xc0}, {&(0x7f0000000080)=""/52, 0x34}], 0x2, &(0x7f0000000600)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x90}}, {{0x0, 0x0, &(0x7f0000000ac0)=[{&(0x7f00000006c0)=""/39, 0x27}, {&(0x7f0000000700)=""/237, 0xed}, {&(0x7f0000006480)=""/216, 0xd8}, {&(0x7f0000000800)=""/57, 0x39}, {&(0x7f00000009c0)=""/26, 0x1a}, {&(0x7f0000000a00)=""/176, 0xb0}], 0x6, &(0x7f0000000b40)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x70}}, {{&(0x7f0000000bc0)=@abs, 0x6e, &(0x7f0000000d80)=[{&(0x7f0000000c40)=""/243, 0xf3}], 0x1, &(0x7f0000000dc0)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000140000000000000099f5c8f966908181", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0x58}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{&(0x7f0000004b80), 0x6e, 0x0}}, {{0x0, 0x0, 0x0}}], 0x7, 0x40, 0x0) sendmsg$BATADV_CMD_GET_BLA_CLAIM(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000e40)=ANY=[@ANYBLOB='\b\x00\x00\x00', @ANYRESHEX=0x0, @ANYBLOB="ff0f75eb8b00000000000b00000006e5991d20b481e21386d9b6da82146de6b8826b45e05a0c8f338e1cd71949af099952b1e794c2b2a23f8f0024b2b37b244a2f9026c25c3486607b6675f75f39f384145464ac606b0a3901dcc13cc12576b8348d0a44a1a2db008df472e41aad45176a76cf276ee3605f2b2cc1de85b559d6fa68d24f334c5fa8f40eabe519d742a30b4a9d07a4481f879e8adb55b76819ab362feb5ceeb41b5fda0371709d25e7c377b44d75f3d709d59a9873fa9e97ae3b05572343da909ec959c500e8e7192514a73635dfc0d60ee575583d540993c94ca9f78c5e4221792a569362eaa458e754cae9c62e2599e5a0049fffa0944f7fcf61a2b8c699ed7eabbfaa1b2e0e7894dfa249b29f6c4e1b75e9f116bcadf10133c848d94c18c0e10085dcfce1a6"], 0x14}}, 0x0) fcntl$lock(r0, 0x25, 0x0) r2 = syz_mount_image$nfs4(0x0, &(0x7f0000005040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x8}, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) rmdir(&(0x7f0000000000)='./file0\x00') r3 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000140)={{0x1, 0x1, 0x18, r2}, './file1\x00'}) ppoll(&(0x7f0000000240)=[{r1}, {0xffffffffffffffff, 0x82}, {0xffffffffffffffff, 0x8109}, {r4, 0x4}, {0xffffffffffffffff, 0x410}], 0x5, &(0x7f00000002c0), &(0x7f0000000440)={[0xb9]}, 0x8) 20:09:14 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[]) mkdirat(0xffffffffffffffff, 0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, &(0x7f00000006c0)=ANY=[@ANYBLOB="020000000081b225bebb1968350000000000400000000000000000000000007c32197606f8ade41e85a76760c63551bcee042a5c90402cd3d68bc73af38582e681a782721fcf44630dc2124ef4bf1092c8254227d8b943bd816341161de5567caa3b7eb5e933240a94c476ee18a5bc74aa3a262ceba9da6f6d1747e41728ae5456fbbeab7433b18c37325d2c3300000000000000000065ce834e1b3917eabc538befadbebf4ced880175c495b2c6c2215b18d67cd65ec451cd8b43f0f213d3ffd0ef684869ac1110b9af9c5496ce355576c27dcb9a3be8b7baf836b3595b07e6a63e199efb48d58edbef68612beba546e5e328cb472a64c9d5f84f1ed0a562e2df6eb760c9e0fad05a0c6082b7f5ef9da19cc82cbd96330e5a6b7cddf4ddb794d5e5dd27f4076d648d1d76236a849f4046b13015e6d945ec0a9ecc15bf85e72e624f949c48bfff4bd956999a19107b0cffdd28a5ce84fe67227b3f6de2cacaeced92e758a0a0cb0e55da2140790d4f21d7176aa9754efbc395176e389f1682f2d83a5fbf9e835a6bfd49af149190f22253a1d61cce9f0344f3045418793b0b8265e0b43df0448fc34ac43caaef110168b64bfc902b24647398e5b4f8b72ce986b4920b8c220b5c89000000000000000000e7c1be01f3cb574803206251e67e690d430778913d6e4e2e2c40e6e524042b5b98384f6b663d5243467f04ccfecc1e049a87c27020ffd4497d53a9f5b63a101d0c892529bcfed3f1b9f9d6175aba09ef67a03c2038ab40182fb643822a179680967335386d918d9fbd9b523de819c96b5a2866d960a051f17cdc6f12a313bb773ac313c900b33c0d9671e130e9566e18fd7ae790f1f02a0f5bc04f2e974eb98639acfbd39844735f7a48aa51704409b14cc964d1803f3f8a281a86d8d21d7604a7b349be8af9bdd3b953282cb6067d6041288acc2446ec69451a26a093e819b57df15f58553bc62729464b5e627f2e57034490e34045689b9a2c4be70181143b3a91860fec1d5d65e58795a741f067c7c97294aaf1cf6d6156637b749a2b58f446cbf45cb0c3ae29b01814104ced90c1f1ff6dca1783f52c389c7dc747303dc3b7180fbf6d90d6acfcafbf6b0e801d78729d4ad335c76c81ca7ba2f2f8d9b17ca8eaeb58ea57f1c2f2dd"]) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) symlink(&(0x7f0000000640)='./file1\x00', &(0x7f0000000680)='./file0/file0\x00') r2 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x1, 0x40) getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f00000003c0)={{{@in6=@initdev, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@initdev}, 0x0, @in=@loopback}}, &(0x7f0000000280)=0xe8) r4 = openat$cgroup_ro(r1, &(0x7f0000000300)='blkio.bfq.dequeue\x00', 0x0, 0x0) r5 = openat(r4, &(0x7f0000000600)='./file0\x00', 0x4a6a02, 0x180) mount$9p_unix(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000240), 0x1000002, &(0x7f0000000500)=ANY=[@ANYBLOB='trans=unix,access=user,debug=0x0000000000000006,dfltuid=', @ANYRESHEX=r3, @ANYBLOB="2c70726976706f72742c6c6f6f73652c616e616d653d9d7f2c6d53c419f46163636573733d636c69656e742c646f6e745f6d6561737572652c646f6e745f61707072610073652c616f6e746578743d73797361646d5f752c666f776e65723d", @ANYRESDEC=0x0, @ANYBLOB=',rootcontext=root,\x00']) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r1, 0x40106614, &(0x7f00000002c0)) r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(r6, 0x8983, &(0x7f00000001c0)={0x6, 'ip6gretap0\x00', {0xe6}, 0x200}) openat(r5, &(0x7f0000000a00)='./file1\x00', 0x40000, 0x10) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) mkdirat(r7, &(0x7f0000000200)='./file0\x00', 0x86) 20:09:14 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x2000, 0x0, 0x0, 0x0) [ 1747.510429] 9pnet: p9_fd_create_unix (13264): problem connecting socket: ./file0: -111 [ 1747.559259] cgroup2: Unknown parameter 'kZ(fÙ` Qñ|Üo£»w:ÃÉ' [ 1747.561178] 9pnet: p9_fd_create_unix (13272): problem connecting socket: ./file0: -111 20:09:31 executing program 4: r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) ioctl$CDROM_SET_OPTIONS(r2, 0x5320, 0x5) ioctl$DVD_READ_STRUCT(r1, 0x5321, 0x0) pread64(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$DVD_READ_STRUCT(0xffffffffffffffff, 0x5321, 0x0) 20:09:31 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r0, 0xc0189374, &(0x7f00000000c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="65003100000000002e2f66696c65310066c576721d582d46d26a75fd7efd5a57a3f4e8e4e9ceb8bc1d641a2ab35b00"]) write$binfmt_elf64(r1, &(0x7f0000000140)=ANY=[@ANYRESOCT=r0, @ANYRESHEX=r0, @ANYRESHEX=r0, @ANYRESOCT=r0, @ANYRES16, @ANYBLOB="4d06006a68ca13a0c2d3d9fc1e48fbb8637f1b4aadc4de1aec487e080c2773bc36613d8584758d660b5491459b04972fc1ab23f885d5ac844bd3ada30a7e7210e927dcf1a14d8c8d447958f31f326e663f0d21daedae1d7891c8fb5308cf4878afdb8bb62930251f81f5bdcb167b7d9c57", @ANYRESDEC], 0xaf2) r2 = getpgrp(0x0) pidfd_open(r2, 0x0) dup(0xffffffffffffffff) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f0000000040)={0x8, 0x569a74c7, 0x4, 0x5}) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000200)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=0xffffffffffffffff, @ANYBLOB="2f66698f653000af0e93b0e6000000000000000000"]) r4 = syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r3, &(0x7f0000000400)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x24, r4, 0x400, 0x70bd27, 0x25dfdbfb, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x1}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x200000c0}, 0x14050880) sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0), 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x3c, r4, 0x2, 0x200, 0x25dfdbfc, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x401}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x841}, 0x40000) perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x1f, 0x8, 0x7, 0x6, 0x0, 0x2e9, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x3, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x8000, 0x4, @perf_config_ext={0x5, 0x8}, 0x200, 0x2, 0x0, 0x7, 0xcfe1, 0x73, 0x4, 0x0, 0x5, 0x0, 0xffffffffffffff49}, 0x0, 0x9, 0xffffffffffffffff, 0xa) close(r0) r5 = getpgrp(0x0) r6 = pidfd_open(r5, 0x0) r7 = dup(r6) pidfd_send_signal(r7, 0x0, &(0x7f0000000000), 0x0) openat(r7, &(0x7f0000000080)='./file1\x00', 0x200080, 0x1) execveat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0, 0x0) 20:09:31 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080), 0x0, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:09:31 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 45) 20:09:31 executing program 2: dup2(0xffffffffffffffff, 0xffffffffffffffff) r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000040), 0x20080, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000240)=0x10600000) syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_GET_MPATH(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x1c}}, 0x0) sendmsg$NL80211_CMD_GET_COALESCE(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000080), 0xc, &(0x7f0000000200)={&(0x7f0000000100)={0x28, 0x0, 0x0, 0x70bd2c, 0x25dfdbfc, {{}, {@void, @val={0x8}, @val={0xc, 0x99, {0x6, 0x39}}}}, ["", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x41) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x2, 0x1, 0x0) pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r1, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) fallocate(0xffffffffffffffff, 0x38, 0x599e, 0xc000) getsockopt$sock_buf(r1, 0x1, 0x37, 0x0, &(0x7f0000000180)=0x25) unshare(0x48020200) 20:09:31 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="280000001000010000000000000000000000000005000000000000000c00008008000300", @ANYRES32, @ANYBLOB="4bbe67780b86f75bf092ffe3f15cd99329f37569efd1d8967a29dcb9f320f4c952892db4deacdb982eb8afa85d371494b4c61936858b6efe9b9f4ff2d5bbb56afbed9cacd5e334bcf58f06e43dcfc41413f7032d85fb22238bec1b10d89d622781620c0c4414dd546ca797889a893017f536a8e0cd693705acce47eb1e155c1b3f828b2f91be1ce9fcb5a9acb055a889be1982106e6d3c1970419fc47f23f048e29b72dd6b71c58fe405131622026bef0c7a8aae3fbd14b4b00eb7a418ac42aa27821aacd1b20e82e3b7a62ea647df47c7bce4adee9d12"], 0x28}}, 0x0) 20:09:31 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 42) 20:09:31 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x800000, 0x0, 0x0, 0x0) [ 1764.824953] FAULT_INJECTION: forcing a failure. [ 1764.824953] name failslab, interval 1, probability 0, space 0, times 0 [ 1764.827360] CPU: 1 PID: 13289 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1764.828797] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1764.830497] Call Trace: [ 1764.831062] dump_stack+0x107/0x167 [ 1764.831829] should_fail.cold+0x5/0xa [ 1764.832651] ? create_object.isra.0+0x3a/0xa20 [ 1764.833600] should_failslab+0x5/0x20 [ 1764.834398] kmem_cache_alloc+0x5b/0x310 [ 1764.835275] create_object.isra.0+0x3a/0xa20 [ 1764.836204] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1764.837284] __kmalloc+0x16e/0x390 [ 1764.838050] io_setup_async_rw+0x180/0x580 [ 1764.838931] ? iov_iter_restore+0x195/0x3a0 [ 1764.839827] io_read+0x775/0x11e0 [ 1764.840591] ? kiocb_done+0xc90/0xc90 [ 1764.841393] ? register_lock_class+0xbb/0x17b0 [ 1764.842335] ? arch_stack_walk+0x99/0xf0 [ 1764.843190] ? is_dynamic_key+0x1e0/0x1e0 [ 1764.844069] ? __lock_acquire+0x1657/0x5b00 [ 1764.844999] ? __lock_acquire+0xbb1/0x5b00 [ 1764.845877] io_issue_sqe+0x2e12/0x7660 [ 1764.846720] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1764.847806] ? SOFTIRQ_verbose+0x10/0x10 [ 1764.848654] ? lock_chain_count+0x20/0x20 [ 1764.849514] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1764.850584] ? io_connect+0x610/0x610 [ 1764.851380] ? lock_acquire+0x197/0x470 [ 1764.852199] ? find_held_lock+0x2c/0x110 [ 1764.853074] ? __fget_files+0x26d/0x4c0 [ 1764.853900] ? lock_downgrade+0x6d0/0x6d0 [ 1764.854769] __io_queue_sqe+0x90/0x9d0 [ 1764.855588] ? io_issue_sqe+0x7660/0x7660 [ 1764.856463] ? io_prep_rw+0x7f5/0x1050 [ 1764.857297] io_submit_sqes+0x4461/0x85c0 [ 1764.858203] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1764.859242] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1764.860236] ? lock_downgrade+0x6d0/0x6d0 [ 1764.861094] ? find_held_lock+0x2c/0x110 [ 1764.861942] ? io_submit_sqes+0x85c0/0x85c0 [ 1764.862843] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1764.863835] ? wait_for_completion_io+0x270/0x270 [ 1764.864850] ? rcu_read_lock_any_held+0x75/0xa0 [ 1764.865830] ? vfs_write+0x354/0xa70 [ 1764.866607] ? fput_many+0x2f/0x1a0 [ 1764.867379] ? ksys_write+0x1a9/0x260 [ 1764.868175] ? __ia32_sys_read+0xb0/0xb0 [ 1764.869033] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1764.870146] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1764.871212] do_syscall_64+0x33/0x40 [ 1764.872004] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1764.873070] RIP: 0033:0x7fe40cf96b19 [ 1764.873865] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1764.877582] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1764.879136] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1764.880603] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1764.882053] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1764.883503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1764.884961] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 [ 1764.899540] FAULT_INJECTION: forcing a failure. [ 1764.899540] name failslab, interval 1, probability 0, space 0, times 0 [ 1764.902566] CPU: 1 PID: 13290 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1764.903956] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1764.905685] Call Trace: [ 1764.906263] dump_stack+0x107/0x167 [ 1764.907038] should_fail.cold+0x5/0xa [ 1764.907859] ? create_object.isra.0+0x3a/0xa20 [ 1764.908835] should_failslab+0x5/0x20 [ 1764.909642] kmem_cache_alloc+0x5b/0x310 [ 1764.910498] ? io_setup_async_rw+0x180/0x580 [ 1764.911422] create_object.isra.0+0x3a/0xa20 [ 1764.912354] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1764.913415] __kmalloc+0x16e/0x390 [ 1764.914173] io_setup_async_rw+0x180/0x580 [ 1764.915052] ? iov_iter_restore+0x195/0x3a0 [ 1764.915951] io_read+0x775/0x11e0 [ 1764.916725] ? kiocb_done+0xc90/0xc90 [ 1764.917557] ? stack_trace_consume_entry+0x160/0x160 [ 1764.918633] ? __lock_acquire+0xbb1/0x5b00 [ 1764.919524] io_issue_sqe+0x2e12/0x7660 [ 1764.920370] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1764.921464] ? SOFTIRQ_verbose+0x10/0x10 [ 1764.922305] ? lock_chain_count+0x20/0x20 [ 1764.923185] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1764.924279] ? io_connect+0x610/0x610 [ 1764.925096] ? lock_acquire+0x197/0x470 [ 1764.925921] ? find_held_lock+0x2c/0x110 [ 1764.926781] ? __fget_files+0x26d/0x4c0 [ 1764.927617] ? lock_downgrade+0x6d0/0x6d0 [ 1764.928515] __io_queue_sqe+0x90/0x9d0 [ 1764.929335] ? io_issue_sqe+0x7660/0x7660 [ 1764.930207] ? io_prep_rw+0x7f5/0x1050 [ 1764.931026] io_submit_sqes+0x4461/0x85c0 [ 1764.931941] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1764.932987] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1764.934000] ? lock_downgrade+0x6d0/0x6d0 [ 1764.934863] ? find_held_lock+0x2c/0x110 [ 1764.935725] ? io_submit_sqes+0x85c0/0x85c0 [ 1764.936663] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1764.937673] ? wait_for_completion_io+0x270/0x270 [ 1764.938684] ? rcu_read_lock_any_held+0x75/0xa0 [ 1764.939654] ? vfs_write+0x354/0xa70 [ 1764.940450] ? fput_many+0x2f/0x1a0 [ 1764.941217] ? ksys_write+0x1a9/0x260 [ 1764.942019] ? __ia32_sys_read+0xb0/0xb0 [ 1764.942869] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1764.943962] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1764.945051] do_syscall_64+0x33/0x40 [ 1764.945841] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1764.946893] RIP: 0033:0x7fcf4787bb19 [ 1764.947679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1764.951407] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1764.952992] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1764.954482] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1764.955971] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1764.957482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1764.958979] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 20:09:32 executing program 3: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$KDSKBENT(r0, 0x4b47, &(0x7f0000000000)={0x0, 0x0, 0xc23}) r1 = syz_open_dev$ttys(0xc, 0x2, 0x1) ioctl$KDGETLED(r1, 0x4b31, &(0x7f00000001c0)) ioctl$KDGKBSENT(r1, 0x4b48, &(0x7f0000000200)={0x5, "597386c5b834d809eb66cb849ca10de60d4cfe108c58c264e581b9eeb641763067c873a8cfba8667dd280625da88ca24c819518441084f2a06c7b9a159a7a4d181fcd6c2e32ec9a0e33de7b585f27dc2187369bf48864da7eec449a910e3c0ebd614c9ec1ff2640465ccdb76c0d06269517c990982bdb790a717679c51a6d6fac6cfbb9377328912773246fcab48950523378edd5a9da74035d06bcf04a570ebc8e436f52bbf79daf371f1ce89cda7935b9af3ecec5e67b76f5cc88d7c8979cd86fbd3554891d6f8918f02fb330ad67767c079281a0e1075e645a9c4e5ebbcc1dd91facfa76ea8db60f1bd580571d10a4d8e5a700eeeb5b0c5032304968f1a79bbd6b60152ae97d3dc0f57fd24753587473206afb92e9ec7dac3fc45ae795b010702155199b90ca110c019e7a766e9d3687c5d276f58f00bf34c26a1c4297ba0df7e834c71deb5250d3b84af31608be2a04611e9bae65b4f9b056072a2a00355607b9aeb22549391bbcb19b651a86c5b74072bbe22c8d3326d9cd2884407bb817ead98d98c0ded494fc4006451fb5387506e5879adfa42f880b44cb63d4a0c152914807079cd7b12b1fa5f4fd518bb93ee34d44370b56eb8980825a1dc4071bf3f9d451a6f070a39697edeab4423b81f1565429a122d3ec596a4a7a1cd2c9dc32f5ba9a67df7374f3bd246384b4831c25aa2567bb74b38e4eda11326d73343a9"}) r2 = syz_io_uring_setup(0x3d90, &(0x7f0000000040)={0x0, 0x9592, 0x0, 0x2, 0x14a}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) fsetxattr$security_selinux(r2, &(0x7f0000000140), &(0x7f0000000180)='system_u:object_r:syslogd_exec_t:s0\x00', 0x24, 0x1) 20:09:32 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000500)='ramfs\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x300b4e2, 0x0) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x8914, &(0x7f0000000140)={'lo\x00'}) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000140)={'lo\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000180)={@loopback, 0x0, r4}) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e24, 0x5, @private2, 0xfffffc01}, 0x1c) ioctl$sock_inet_SIOCGIFPFLAGS(0xffffffffffffffff, 0x8935, &(0x7f0000000000)={'wlan0\x00'}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x1004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8914, &(0x7f0000000140)={'lo\x00'}) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_COALESCE(r5, &(0x7f0000000340)={0x0, 0x74, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="010000000000000000007e00000008000300", @ANYRES32=0x0, @ANYBLOB="947d58dae728cff30461cedab6ba51036ffba7dc769ccd1e8e295ba38f2e31f19f70d54773103cab7da15409d4d8d401b757a3ab960c476e90f4b3ed844f14dd30f98656af2bfd4bd83f14c8934cebd04586b50499b133a36fdf2567aa3c59ffd7c737e3f88931343b55"], 0x1c}}, 0x0) ioctl$sock_SIOCSPGRP(r5, 0x8902, &(0x7f0000000080)) 20:09:32 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r0, 0x0, 0x0, 0x20000854, &(0x7f0000000140)={0x2, 0x0, @dev}, 0x10) setsockopt$sock_linger(r0, 0x1, 0x35, &(0x7f0000000000)={0x1}, 0x8) signalfd4(0xffffffffffffffff, &(0x7f0000000040)={[0x4]}, 0x8, 0x800) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, 0x0) ioctl$SNAPSHOT_PLATFORM_SUPPORT(0xffffffffffffffff, 0x330f, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x2000, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x10001, 0x0) dup2(r1, r2) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(r2, &(0x7f0000001140)='./file1\x00', 0x4400, 0x1e8) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) pipe2(&(0x7f0000000000)={0x0, 0x0}, 0x80800) writev(r4, &(0x7f0000001280)=[{&(0x7f0000000140)="0bfed2de67b2654681d7d567a18140474c3e8a22bd2f255d3524efa62145e791fda623e5ae3d67735e3df14aeee03d2c68958c7f970840f370262ee2950de05d868bed77c8195bf63438b0421f6a26c62382db7041e3e1c6e7847b05b6a8c6e361becd7259794cfdcfb28bef8b4201ee16039f03ffa0489ba3167b66fb5dd5af5ef44ba8a155aa1685ce6aaf885b8ba66e389cd3f10fb2c0ad8aa67c43dcbd5fa5e34db5cc7edecad2b8ef126678c3ed697962e83e69d3d97969878abe45374ff54c469616e09a56758ab7b98428d8c658c86dfd3221ed56994053ef56d58cdb21296b2da22a516765d8d53eb22023f1282d63c3484ffaeffa75cab43b79d7e74298f6b4a174f1dcab408d571f334eda00ede87c3e228ab403ec4316497c3b773a69a6c622f0ef83919e4a2ab71dcb601d4e85c046c44ddcf40a8ebedd46f816984a5e1e33f03cc4c14c7d38faba9ede8c0cd64e22825b853cb201b5cc80de3a108aabeaf121b1ea862804361f61df10c801c2bfc63efe6cd69c889b450a18347edffc51a7c9f4028cd29b60b0950c4b37a8b07b75260ff90a8e2c05cf35f66cfcd9d37f04219af0196adb18ab5792390f22301d5347b91d2ff4635f5f2effd9a9ce0a7de90398aecfd38db94659f82af7bb002d34490b03d2d7b18cdbadfb5b86e71c803de0a98014fc914182bcba8eea5518242c5bcded52ea870ffb4d8ef6ac0bbfd54795078ffcff400a6edb41032e230b2a293300715e920c3ab18a329e7388c2fd901b3225a66f2d363f0919dc9d0b78d2ed9e25a727c1ee14133fb9557fcec7eeceb00f3a219c96d7b0535b5a3c2743be1d32d5e1e010395343f98d7c463f711cd0fa57c326bdf248010a0a00f73faf08044611570bcb109534c584c4be0669361d032f495bb7dab404db9798cc871ff0c1cdf7d6989ab3f8e73c8284145003a7afaed7521875b4f228511166ade0bb9a67889ca0a6c231be796a240492896e2eed05d3a9a871f5517662cd03d84a16a520ff7efea92ca93d173aa4a1cb4d6616b202b4bb8c2e6357fa1449cf4d9699dc2ec88725c3f0baf0e7660a6f5b6833e2f7e54be053caae757875b0763516de984fb11c924d423790ffba22d81a0ebe619fb4eab9f6876bd38e79f730d094751997d06f217c7cfb09576974467ec85ce038c674645948e5df3d40a27d9ecfc8b6e9447bc4769b737e1a48490ffcb0181f695dbf2c01145f135431e2ce8c68bcb03e5aaf5ab06ad43cc53d8145699e06d1f9f3caa2f556f6c8b3ff25a21243c6affb6be02354e976b8fbfcf22fe22aa652e1fd92b92315d2aeb3851b0f90ea9f26290b331384192a8172078c21f058cbadbc187323c8abf95020587aed065548356ceb72aa45310c3b5c8e974be2d59bbe6e14020bd1448d59d32486dc4a7cc9db3dc2fbbf4ab834328df08046a921159dfdc9b8a08f9e096548799f19918b86862ab1027ad4b62a0da3784f59453f93c89be75fec65dbfb7de9f8e519941a3bf2ababb7bd91a71347808ad57d17ed15b2fa4051841e0dbe7ec512f75e9b96ed893b06b3c64ee158e12dcb374f885ea4104cf0d377c3b6a5e15a5c4c783307db42536acf1ebf0d4a109e87cf55564f654ccc708055cadda01345de191f50e271f4701e9bf264e46b09076c55a570da3294600ba502bfebc1260b57562e5725e8c384b6df72ca5c6916a74102614e02066f2180cf5ad1f7622c8b7d0784609f61cff3cd6f7eefd9412d15a41d39f36f8c66399b35cd6120e61016f42663d301c55d8b66eb9aa5843d749555a89a2d4d23798a15141434ffab5d849e562d2764bb7c269a695f62c15d83d06c7e32a200b9738cfd5aabebca08a170707b27a45ce5b4c81ae608190e1813b88d99b067fa31eef55f6743ecf4fe0d5bc95a2314b0c9447a81661575d8fea5e4d08152c7cf79e46e86e60791fd56d057dd426c6667f6f4c1698220b9fa46a49c7c346686f2697bf63e23c5a52ae0d98a95b7a0eacb69fd1c3c92fcd2c5e7f87cb92598e8adc2a9bae483f53a4ac4a84aaae9f47439911cd8dbcf1b9d3369db6e556753df6f44522044e3e0862970be4789108fc90bb345cad0db7fc5a533276a0dc2702367715ac3bd6f65d5e5a1f42d3b47307dba1f88d11abe8ab7d8d8e20d0823098e7954a75b1d200eb07832f1fab1653884cc744d84be28192e5f801e6410bf4786f211789499bd320a5b117edb4a5a8587ea36255ffea8a0ddf805653007bc5efd3f1a53c8ca26b84da668eb373e6ae32c30d66eb0f11fb2fc21268cfddb100344294ec60d3321f6b47e3e461f83e913dd4e55a3967101bbbebc0afa49a63787acfa3092dc2055e8fbb5782f9d8196c880c2e51426adfbb56cb87160645f13cf8d007e633e6ec0b00a9044ad0a7418c02ed536fdaf6dabd1d6932bf27481fa72521949de0cac5393d24215c337bbcd9b5abab297bdf063a2edd1390e4516df66de2f5780b64a26a65d65b87806842d1353945be1795eb0d44a41eea96082e0b80ab04f7f93771c7e7578fee43a63367b2e773cd95d3a90ea6b198eda33fd12b43b8a3c95ce5319f911918c0c9b6c9520e7e8c105450418ac0b4b892723f9844df5145070c194cc09c1c4091b59576a8f60c29da6bab465cb3c8a1bfe41dfd8973150a96183c50653b1a77eab2a5409376800a67561769384b711010eb39db58c1497a0e2a1f01dec86c75d7a6ac5cddbe391aef8adc2296ef714c830bd3631fec3b1b1da748ef1e8a96bc6cd2abe83277f5644f9e4a48335880936287d8cc6e08fa7baa58496753ccf2d6482d0b6ee60da480d0b478fcd0d8d19e7b1406c21548dc335a8d5e0b508ccceabc3a4fcb7ca32472c74bc4847f86c445e35322b1c15c0153e15c5fc54eb1e0fe938534a7655f19ccc275b6293b9b2de546d3aa2b716ea72c95d1d401a1713dcd7d564438cdbbfeed00766aad3de9e44b8f61a5eddb888584385c3b569ee91ad40b6626a290107149c228a801e83e19aa616247d60f908b46af8c4dac315446f7c16afa6185c64a59d2e1facdf34b232c5e2bcea9c90297a793b0e1ea89ee0c88fdd590d233d774abc20e04991fae58b2c8d822723cb1bfee576c3d37b76155fffff6e281a5e2e9a2061cc9340ee09d0f7c4a83ac2c751ce1d512d069b37b4c74f55ac679fa42ee54b5016855233f9d927ad28083e9a5a0adbea2c9c77c9c305488433d635a21673d85c56d19621c13e2f0f23b7cb44cab0aa6ae27df95288b0f169a94aec4aeaf712ee8371ce2a7e49015eba4ebcc86e3b7ad9d4aff665fcc7a28c28083d11d09d0a864d80e308e84ceb1ceb43aa6b0b166e86518c50314357bdbf7a4771304ce325bde47389b42f8056a138432233b156942f99a6ff94fce07ee17a5bf88e70458dc73254c42e2fd249af13c15a54e7a13b6c8238a6f0c53e3f614f510b8379eb7fbe3f27cab3e969f0b2d6dd5a1852c8ba7eb5ad5352beeea786e4edb7838db8a49f2a289fb701315d40df46bf4caed8fba327d2e7f295877b2219b2712ac8f7437ec8c08b5249b5d503f362f3b33befc8ed413372d9fa56549272f6e3222b090288ad550b6fdd8b3506bb65d4f954c74d4dea48b93f8d870b59cea6df4b9b0ea98f0f65b2825bbfd96ff5702b7cf2a49d9785f8ae9d58e2ccd114a8ae96117c46c168a1bc837ee378e2f94a5ccbd50645e0670289afd794108f19a20dddb2378a2bcf9984bc75a28defeb965c32458bf9ffba385ea7c319b8aaebaf9813d07d7eef922d5fb172504db9833171e3013aa2ab084d6cd80b07a7adf3a09d1a42b7a8a116551644357e3559bf2c0993dbbc704373a9155c612a1f521d00de622deeea44fed43035ec6505cb0444e6c038f8b0687aed3de3267d470ce7f8a224f24c061a5007069a245b6a370db5439ba44133529d705e6b1bd9932f10179f6afef810a837d32e586527e4d6b995c1ff201180c55b28cb21cedd8ba42ed6c30393742919e12b36c310844bb493906e3019b95fd796aa9d6649ab1485d6951459623ef5b41dd82ca7777f8ff5d9534309a1ec66725ee06a8089c768acb92eed733eae629cb1fe244aee06a33347e5e7d78d5da26da8c9eb0d6c670b363ad7e1472958797d708862dcf1c47773f8a878064e4a56529f88925c7815dd76c1c04341800bc0f02cec555424f62493f19e0ba830b13dfa2d67865a9cf23db0a0305c5677157954b6fc5d45dcb7cb58963f348fb9c11e84ebfd682c166b467f26fdd35605c6bfe3bc3f1c6db5702d5acd424c8ac52db88853f6f7ccd963bcb9891839bc862400727a672448d50b8c6a0c6b2ff132b876c6558b25ed460cadc9c371194fb7c5b1abeefadfcd522b1d6aeaee2271db8e1851ecc81dcc4b8ca7656705ba37285d37289721fde61c1fae08e7c94850492a2b36e88fb126fecb1202ebbd766f12a37413c8694f470bbfce24118e27413b8cfc4de46b3db1d2fa5f71d9263082e637edb2d35b4b47cc45d601a76554d3ecc7eff7751e26bbbfbe968c1ca73f8982950cbff35c0c1140f1f8d6c01e8b1947c6ec28f2b69c2ce834853d36ff7bbee0bbdc0d94b223fcfc29e12946fd62a1e17014348d15a4215e9561b6072f53040d38b1b1b14aaedb7d6324c9b198e0d490a872c830281727745d1e21fb6b5c8f416ecfcfde693b2c4a0ebc7be592ab1578f767731c8fc48572f45ea96aeace5ce01dfd759b86c112524cd8b20ea9315247682d2b992bdd064a993805638d1315bee2a96958f2624227b5c4b41aaaa05f785bafd498f68d19bfb04ebf1f873447495ad3630916e8164de3a2cc98adbc97809269d03b948a1e249663fdfad492bab665a5dd781a2f4e361eaef30147574a3b460e835c70c295f2e1cbac96bcbfb611e17b0dd7a1c59e3a4fb370df5fb0e075e9086aa05edc96d9a89db205ad91cac7aa629e2616018a338c68cd231dd7091c832885d67fbf906408601b0028458cf95bed85bceff196e5d5095a5f7f35a24e648b503a44a726f15ad9e68af4da61e051989eb4867d3c1e98f010bf06148d407f68fd3665c3d71e88be5dac41e8232af24c1d707ad5a13d3e4df5e99e7a881effa2e87203b3d77e99cbffafe1ff3618074cea6bb598937778f40647af17d943766bfc5f50bf3ca6e36f4dcd5366278379ce293cbd3e62254c1a5a2a4f7967ffc02128ee2f032e23fbac653db2fd745c313d57ca1a61dd4942014eec1d466e49cfb692a696e67adadd8316f8bc7e7fa8736ea6a45a57deb5a0e9b276de0c08e03d17639d89c8c46a4c519f2e56cfc384eafcd0d4f0a5e756a7ccae402cefcd56c4f7460a64c8d38492fd41f353a0bd410935fbe021c78bd53a09078155fc3153e95a63a3e3abb1547c6125019e09b8375a247fad4756e717e9319a04160d2227cc7a8b5551b36671a4d6260f3bc5f4491d8cfdaf5962c00100b1055b0ee3ca933f27d933159b33369ff555243ca288c0d0b1533321df303aa3637d9790b68fde8ad07d1382dd0df09599ef71a43e594712454a659a7c094a635e55df7969df1eebeceab90143b15784f58445f9ab5985fd35bcafb042557bfcadbb0f6e0444dd8a5dd683a821ac76814864dcff320450f2380e8409d90d309e929ec0991cf7db5848069c3173178e035f0939ab265663b3a0217985a015a70c18ea4cebed5056eeba37655f0eca7eb9a4c782d2e7a632fca1706139b3fef23385ff894a9edc03508c926ca2b7b96ca0e79fc4400b0d12cff632056981e50007ed4185", 0xffd}, {&(0x7f0000001180)='y', 0x1}], 0x2) fcntl$setpipe(r4, 0x407, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f00000000c0)=0xffffffffffffffff, 0x4) sendfile(r1, r3, 0x0, 0x20d315) 20:09:32 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 46) 20:09:32 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x20000000, 0x0, 0x0, 0x0) 20:09:32 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 43) 20:09:32 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5f, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={'\x00', 0x0, 0x408, 0x7}) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r0, 0xc0096616, &(0x7f0000000140)={0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) openat(0xffffffffffffffff, &(0x7f0000000000)='./file1\x00', 0xe01, 0x5c) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/meminfo\x00', 0x0, 0x0) rt_sigqueueinfo(0x0, 0x7, &(0x7f0000000600)) timerfd_create(0x0, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendfile(0xffffffffffffffff, r1, &(0x7f0000000240)=0x7c, 0x8) ioctl$F2FS_IOC_FLUSH_DEVICE(r0, 0x4008f50a, &(0x7f0000000180)={0x7, 0x502a30b6}) perf_event_open(&(0x7f0000001200)={0x0, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x401, 0x20000, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0xfffffbff, 0x2, @perf_bp={&(0x7f00000011c0)}, 0x1b460, 0x5, 0x4, 0x5, 0x8, 0x200, 0x108, 0x0, 0x7fff, 0x0, 0xff}, 0x0, 0xe, 0xffffffffffffffff, 0x8) ioctl$BLKTRACESTART(0xffffffffffffffff, 0x1274, 0x0) r2 = getpgrp(0x0) r3 = pidfd_open(r2, 0x0) r4 = dup(r3) pidfd_send_signal(r4, 0x0, &(0x7f0000000000), 0x0) openat(r4, &(0x7f0000000200)='./file0\x00', 0xc6edea34d7ef6bdc, 0x44) [ 1765.355344] FAULT_INJECTION: forcing a failure. [ 1765.355344] name failslab, interval 1, probability 0, space 0, times 0 [ 1765.358156] CPU: 0 PID: 13309 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1765.359558] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1765.361312] Call Trace: [ 1765.361858] dump_stack+0x107/0x167 [ 1765.362601] should_fail.cold+0x5/0xa [ 1765.363376] ? create_object.isra.0+0x3a/0xa20 [ 1765.364325] should_failslab+0x5/0x20 [ 1765.365100] kmem_cache_alloc+0x5b/0x310 [ 1765.365928] create_object.isra.0+0x3a/0xa20 [ 1765.366820] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1765.367849] __kmalloc+0x16e/0x390 [ 1765.368591] io_setup_async_rw+0x180/0x580 [ 1765.369445] ? iov_iter_restore+0x195/0x3a0 [ 1765.370320] io_read+0x775/0x11e0 [ 1765.371039] ? kiocb_done+0xc90/0xc90 [ 1765.371838] ? stack_trace_consume_entry+0x160/0x160 [ 1765.372890] ? lock_acquire+0x197/0x470 [ 1765.373701] ? __lock_acquire+0xbb1/0x5b00 [ 1765.374565] io_issue_sqe+0x2e12/0x7660 [ 1765.375379] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1765.375547] FAULT_INJECTION: forcing a failure. [ 1765.375547] name failslab, interval 1, probability 0, space 0, times 0 [ 1765.376448] ? SOFTIRQ_verbose+0x10/0x10 [ 1765.376467] ? lock_chain_count+0x20/0x20 [ 1765.376489] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1765.376505] ? io_connect+0x610/0x610 [ 1765.376528] ? lock_acquire+0x197/0x470 [ 1765.376544] ? find_held_lock+0x2c/0x110 [ 1765.376570] ? __fget_files+0x26d/0x4c0 [ 1765.376588] ? lock_downgrade+0x6d0/0x6d0 [ 1765.376614] __io_queue_sqe+0x90/0x9d0 [ 1765.376638] ? io_issue_sqe+0x7660/0x7660 [ 1765.376662] ? io_prep_rw+0x7f5/0x1050 [ 1765.376687] io_submit_sqes+0x4461/0x85c0 [ 1765.376737] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1765.376754] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1765.376777] ? lock_downgrade+0x6d0/0x6d0 [ 1765.376792] ? find_held_lock+0x2c/0x110 [ 1765.376816] ? io_submit_sqes+0x85c0/0x85c0 [ 1765.376843] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1765.376866] ? wait_for_completion_io+0x270/0x270 [ 1765.376887] ? rcu_read_lock_any_held+0x75/0xa0 [ 1765.376903] ? vfs_write+0x354/0xa70 [ 1765.376930] ? fput_many+0x2f/0x1a0 [ 1765.397584] ? ksys_write+0x1a9/0x260 [ 1765.398355] ? __ia32_sys_read+0xb0/0xb0 [ 1765.399189] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1765.400249] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1765.401330] do_syscall_64+0x33/0x40 [ 1765.402081] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1765.403106] RIP: 0033:0x7fe40cf96b19 [ 1765.403873] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1765.407613] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1765.409167] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1765.410609] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1765.412054] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1765.413499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1765.414938] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 [ 1765.416449] CPU: 1 PID: 13314 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1765.417905] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1765.419629] Call Trace: [ 1765.420199] dump_stack+0x107/0x167 [ 1765.420993] should_fail.cold+0x5/0xa [ 1765.421805] ? io_setup_async_rw+0x180/0x580 [ 1765.422732] should_failslab+0x5/0x20 [ 1765.423533] __kmalloc+0x72/0x390 [ 1765.424285] io_setup_async_rw+0x180/0x580 [ 1765.425183] ? iov_iter_restore+0x195/0x3a0 [ 1765.426089] io_read+0x775/0x11e0 [ 1765.426839] ? kiocb_done+0xc90/0xc90 [ 1765.427638] ? register_lock_class+0xbb/0x17b0 [ 1765.428593] ? arch_stack_walk+0x99/0xf0 [ 1765.429457] ? is_dynamic_key+0x1e0/0x1e0 [ 1765.430354] ? __lock_acquire+0x1657/0x5b00 [ 1765.431267] ? __lock_acquire+0xbb1/0x5b00 [ 1765.432159] io_issue_sqe+0x2e12/0x7660 [ 1765.433024] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1765.434106] ? SOFTIRQ_verbose+0x10/0x10 [ 1765.434960] ? lock_chain_count+0x20/0x20 [ 1765.435836] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1765.436924] ? io_connect+0x610/0x610 [ 1765.437738] ? lock_acquire+0x197/0x470 [ 1765.438568] ? find_held_lock+0x2c/0x110 [ 1765.439428] ? __fget_files+0x26d/0x4c0 [ 1765.440259] ? lock_downgrade+0x6d0/0x6d0 [ 1765.441146] __io_queue_sqe+0x90/0x9d0 [ 1765.441970] ? io_issue_sqe+0x7660/0x7660 [ 1765.442841] ? io_prep_rw+0x7f5/0x1050 [ 1765.443664] io_submit_sqes+0x4461/0x85c0 [ 1765.444592] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1765.445623] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1765.446627] ? lock_downgrade+0x6d0/0x6d0 [ 1765.447490] ? find_held_lock+0x2c/0x110 [ 1765.448349] ? io_submit_sqes+0x85c0/0x85c0 [ 1765.449261] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1765.450266] ? wait_for_completion_io+0x270/0x270 [ 1765.451273] ? rcu_read_lock_any_held+0x75/0xa0 [ 1765.452240] ? vfs_write+0x354/0xa70 [ 1765.453039] ? fput_many+0x2f/0x1a0 [ 1765.453817] ? ksys_write+0x1a9/0x260 [ 1765.454614] ? __ia32_sys_read+0xb0/0xb0 [ 1765.455474] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1765.456570] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1765.457650] do_syscall_64+0x33/0x40 [ 1765.458435] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1765.459484] RIP: 0033:0x7fcf4787bb19 [ 1765.460266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1765.463982] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1765.465546] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1765.466999] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1765.468460] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1765.469913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1765.471367] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 20:09:32 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080), 0x0, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) [ 1765.508578] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 1765.618337] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 20:09:50 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 47) 20:09:50 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7ffffffa}]}) r0 = getpgrp(0x0) r1 = pidfd_open(r0, 0x0) r2 = dup(r1) pidfd_send_signal(r2, 0x0, &(0x7f0000000000), 0x0) sendmsg$nl_generic(r2, &(0x7f0000001240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)={0x10d0, 0x13, 0x2, 0x70bd26, 0x25dfdbfc, {0x20}, [@generic="6c04f556c9d6e515b995b3638418943e6516aef5aabd34d734be55cabcb4c5a8c297ee92eaff74f77e70d8977e91d6ff57663ef37ac71bd77d979bcd490bc108ffe6df622c9bef2f6641006dd07195d73485588479c41bb9b9e0fbb800981d74977491a00728183754e3ec065e65a6838ed18c7dbb40732102871daaf425ca407242fe203308f7df10b4f62ab73bc7f9035544a849a62a35bbab1afa48f757e68e1daa8edb13b55a078536e7f111a0cd0a7f3d353f26e067c97bb3bfa8ae291e9d32eeca30e37cbd911f074b389a1268bbdb41daedb51ff1a99a0307e977e8144b8ea0c6c2bd0e123131e7cc8adc34750ad1d2f533bda1bcf396c105d567b211afc842a20bda0b3e3b773b0cd70a884e7548c98d7579faf82ab1ee7c813d6c2f0bc2cc47f7ea0c6f6cf066d663304f554d95653ddb4174f281f67ebf7bc82e22e18d8f86c1713e468d964aa1662ac60c1123d7d0864091eefb109481ab89d0f813a1bf7a096cf27d21858ebcfc0af031b661cf289c187f87fa41ef259a83633f0226d0794200f95a1b8cfa3b108c2c08a086ebcfde0f583b3240a19000e5e59935067988052d896392179e80a4ba2ef07459b586d4af8e4c8a3604c51e48eb3ee98adb42aa5faf710abde5673b4cff4f85830c9ecc27eca680413c55aea1cf45c9a3db2eebe191901771e745a56c6fb2cabdd9f6118ea4e2a0b0cee774851dcd0bad6e5c9e196fbf0514378f674993970e09a41f38d929a01ebe30d81db5ef3fd305ac57cd26f477b4644a12d4c0c0baa15e9192049387408f2805d41d04c8925a946d2feb678913f9d1309fa7cbbc1c26c05851baf99d123d59ff668ca3fc32100779a0a76b564a83af73189a3fc7360ec19769373e43273b77504b70c2b2b3c8a5f3b9271110fef8d2d86db67083baa641194b405dd876f1b75a4346d2942bee7fe9176ace3fbf7d33ae720196bc191e8d8bf24d21e742448ed09e19c12ec66405fabdaeece6e32f773d632ac4cc790f750797821e81b2f92768da8c068d719283a43fa7c307fd5b776bf390759ad39a0d4b25d516174d3b326c303dfc52fdd0754bb50ac6e9ac67d698c0f81453274c48e3ad827f80393ab9d3df3e916731cafcd3d503b597bbbf260969722f1eaa1a14df990cec179e11b86c338abcd40c484225544f13a5b87276f590b15179d3642c8aa1ed8c237caabbd7060759dc6ce46862642cc538d88a7965d77115f1727bda94ef1aa26380fb722bf555076fd3f8db098f5444aeaf18a24eb47bc01800482ee3cffb9c0392f476925436e593644836c7dabc7fa3660c3b58c16e0ddfa54fc5506f57fcbd3ad011b459fbd28ed0bade07955f3f9f09c8d24acca80af2e527342d96d52e74e1241f9dd8e78e03cfa0e0ef4a987b789c3ff4627966b80e2df87d53834ffffe393efc076bd9760ed0da149551535f79aa64dab311ea6becc65686fb1f64981274e36c9cb609e3533cb2288a8d0d32f18bf61f200f2c3ee0edb4d79aa0fdef5c18fcfb7bb80a4275e74df643ca7b9e7d2f0ff8fd119ff96f9fc9223836e3f4f54569405e6a15ce1f8581d28929ba5c4c2990e14b3e4f9bf1ea7589889b3e56655697ba51828c6054c477273162150f1918e44584ffb516c110328a6d0e22db853dd81d776bb844537295b65ecf3684affd632516391ff302b924a08781d45a91e1bf0ba2e5646b40efacc966f8dbad4641e943294e99c3089d9252483fd3a367da81191dbb8f5bbdbb8b1bee55a8e62c6cb3fd8d54496a48a910b92b30a870f269539a38a94bfbe4fcace294be518ebf7c6cec6e0902968f2d5d6506e3723ba1be383478ccd3183151cc5143aa0b4b7c42ec21d0c77bd55d63b2babf0dac8ee4ebb25ffaac15b9b072715916426404edb78f67ef0c2ea51510f5991c19e193ebb9627c283a0df2f63f1415d742fccca05d1c0101567e68f66bcd64800ca93b9586e264c189d0b7ccbce7495e8b51d511257ca023c4b2ab0a6fd957c13e4e2dad2ad050790ebc89230a5357debd21c794f7b4cdae28bd3217b79f20574b5c5a005ab93b2b1d93fc5fe6228705b4460c321c5a24e313fa55ddbbca41b9809a3f2e41b314387f56089701799be19c8481537f7dd0cd997ba75c05e96febe9f1ac7821e34551c43adcce90dfd794e8af4cd6fea5ab5ba6b72aa134c2fd51ecba0ec88f8d21466adc91664a0b65fa662211456a90820121d6c6fe5885fae719d87f2ca06289f9b7557fa4fd43a1045789242a24e015d8616524e6a8f0c4dc6542623d2bb497d3c8823d75f0248beb6f785b3d5093158e12a5fab94cc60f343bdb0f4184cab8b80a39d2a5a89358f28d3e9bc78ca60374edc7b1a4819382e95b7baeed0d21f8592e06279258661c223cdccc5cbd23ce6218072c28ec2c8b8dc1b1170dfd381237c3f6dcb89989284a12a8a883913b047a7bb884e7d46faa22430aab63c9d6aba770744f1a55e3fba3cf8fb35712863714ee951719c98be7a9037809bf2b9df43b86ddcf19f1bb473e226da1aadc47f97f71b73c95f33167586842412d950a4790bf12f71a4efd29f52d99004fb2d3b670e02ee42ff89c53a5cd098aecc783ae3e907d93828974734f90ff05ecdf9eefde42219d29b5b66ed1acc77b8e7dbe18bf235c4a20938a84822ef401dfaa1823a1d65e126ad3552a6e5dab1a1975850be1612bd74b859d09b9408757522da59a7f33e09735576253659f1b238779eca0b089a7772415daaac44d5f69667d75100487d31c3788f2823603d0c885bf394b086f0bfe6c3d0103ce8a8e527529ff3969b62ced4885fe0a34f44e3e2f66f6fc8d4a338541cf1ece3674191bd0e06afa6f5a1b7ebef3aca43af2fc3dde2863ff46d177b8216c206aa4cbcb0d0173f94b1df9b9f586b81213939b7c6efb63177217126d1723b77a361b9f75755d88baed5b8b15efb3e48fb6a98f6cc84103c70c35c6e9c5e6a8937df0294f5c096a975147b937d9986cf85f5c413c7727cf25efb3181ef02e088c4a5780f99e79342919bf764efd7ee390dc703c3dbc916ccc5f8d7d67c45d76384f90916ff085a9f8862db727292fd180852292c0b3f8b4b79f52d4b3859478f966aaefc34647678fc40115ae8d2014dab71006b09d941a1448d987c4480c5b13ddf2ae5e0d1818d4c85eae6ac54a324c363fa999cfd63fe1b844a388d295dbddf097728f15cad6696aea55fbd806d5510729b1220628f1d8c3287681add72410cee117be59fa01f6c6184efda0a54df8ae2b55e2d80a3986310f14d5718e10e15c253b440000376791eecf9655ec92629d79264ad93f3334615dcfda2f4496e033853943c4dbc83bdcfacbdd028e728f3d8168330e88a65fd3d8258951cb54b33781cae3e6536ec8a5616b55b4e45f70e5b399c22634847cbad8d16e684b7b0c850a0a3c8d6f65223c3fbc6296bdf9c9de1d9a1b5cb708583617aa4ba9b3a445cf162198ac9396a395e27472dc3a4ae7cb13726a52c405804ee85e60ce21ab995ce504088f48ad3db51f379a2f1c6186823b9dc977839d24b5298a85b64ae83b0676c601ebfd7cda61ec253abe2af72e438fb396168fb67719f491cd1feee07f1654881a88849d02dd4bfb92b936caa746d1b1df4418344dff35244c6adda751c639baa758010a73efe83c011ef78c1a1550747a7366f634f5db2154d8240a61981193411bb9a92da4bb784e9823f13a1a25827621ec3ec881ad7284fe6fafdc33084c75348282f17ccc911a0f09dd6747d2fe39de496be1dfb7ce82786b5e958c85290e1fafee71d745eec1214cdb32b61576d37e90367158022881483f5077b9086df725c74f5a9ff04e84e416ab03a2115299bf7cb98657ae0064a1e5c7953e4c0c11e486ed1f40c4365bdeb2b1880a9822c19afb140ccb3386fcf7a555b11713ab8e4e217c24526d51b4b587ca6e5e99377af9a0b51c2d369faace37235ed93253f9dd7e1e7b792fa21fee34c8978f1c0426afa398e6db650f449f1549a799f530bff75decfcabaea0e9979c2add916fd28a7e97e3c2b792710e96f9d57db288e0894549cf611e4bd7f95bad75118a4a34996a0d916d551a3d2625bd34bf1c31e4dc7122e304e0d0ab13294c675e0889eb24806e09b40190a203a920eb3a8d8316fe3915b1fccfaf4e246e0bcdfc0fb2d0024d52e350cfa61f1d06b72c0eb7f0593aae46cb126c24e02b10bace8ef8223b7c7fcb262232c479a04f38c9e2856cf438ed2d455ee7c203b4490055ad49d70e33456802a8f811329fa75abe379214d5af30ff1e504c87951db9f16e33ceb22f08465779b33bfcb9fb675acc9a858031e40d90434bfea1a87be5191eee724c9da6bee3fe6c63d78f71409acd247d9425946e5de14e0512ff3f60019bcbe337bfa7439581a2263634563480d830545870be87fb7245aedccd2f388e28180d661ef719fcc1e856b019f7e83b2c8b661365bd1d080f6eb951adf75cf0647b91cd1029f4a56fe33a051c15f0d09d2e97c23143268ae1f99c3d92c0fb363b008b01fd8a653049a6d8f1042648796c660ea2f3ebbbf780870c47f5b841f7f247343a677a27ed0e4dc0dfa8de9abf97029645986fff02bda3efc4df89a92da011b584a5d382580e2415b6457c20a896e13372e62de234dadaede6d354eb828c754c09e75340677177537409de5c0a69283b3ca954cf95b119a38a819d11125d6eacd719f060c6179bf9fe064960adaf5d3b7f5d812dab033e319a336e24f222d7bd9f56bf8f826aad828c0ff7e4b5b2b3df8ec50dc8bfb9d31077eae9deffef36c98bd26a5e3d179f7b4d879b665cec024b6160fc7537773a18f8d0072bb0d3bca86a391560b6eeead3c9954d0ca697fd71c18d0886e1a21b91daeeb4b11bad2f9e6a4cafdb0a4c998c0e4b28bad0b3ee896c8b42d4359168f2b0eb5fd3be8af6b0423c5df94c64d6a24a6e1b7576b60e781816d89d0bf2ef1d6bf2d12b021e9f8c816918dd08b6be3492c788aa94682d95cc82dee93355ded463dbb487eea4a69403753380c584a9810d04d90c18904465a544969a0b7add9b339f19992b98614b76b82920f5b8e3dd1d2ad1d6dbf5e3dba110071ea524ff5efdb34f4ab55bf83549b2a2e93054fb506439dac9e229b5ec924f86beaed3b63417aac9e852e981650f970c654172f5d0c9735143aa9974b7fb70dffaa288154024c86db4854a5e4ee8071edf74a3db11a76a11a2f9d55051cdffa8724205f4fdd308f64ea8727b353068d09e0784c851c53122348a4c01870f28d4ab4d4ffb75593e84b6e3e8c154a763a43e951ee7190ba7d39b0049f00a15005a6508bb1d274f41cb0bdaf147dc89410b7e0dee2cf43a81e3a1c830b661bdc590a3bf0153fcc653c2bfe595f42f9256e80e33da2ed0d98a232df354b24987ef302a014d90f176c646d0fe60c47fcc206b83a9583abc43123ad9302e2fa7e3e6b72bde99a8a8bda7d4ff76edaa67817492602dca3ab5a379d4f7e1978e6b1b7795d6c40a42e224b8255d565875bed4e68fee2f25262a3ef606d3517b24bd0e6366a2165a167f52678463a119464bd0ecd0a6113e8214466e291a63e386ddab6934cae3b3d47544168e03c4d092f0a78c8e2adcef87810dcaecab015c510afb3e319058db953f3baf0f2123c0168d59798711c2edca49fdf4a4e0a3e63422b4a4d9dbb6cf36e0ea13d3846fbdf25b442a611154f38fe6bd9c4d71a3d862086992c7ed20297f07e3ee33fe4ff8ce20ad6da09af0588d6147ef0e9373d4", @generic="d52b1da09cccdebb385ee1b7ea04f586e5e87d8fd7efda5f913cbc860dd8dd95a5bd77759876a6af143d3cf7cfbab111fbc4bfe19dcd3a6f45516967a48276ea605dc6b50b9f9e905701c29b872b91e04ff75b5b6d8b4fe6fdc43eed9bbd1b036a809b690dc05aca578f326cb3c69b7637845c5bfa3834a9233d605885f5e75cd80a76ca109c7fc896b8df765c18cf904e53641ede0339af1fdf712c7abc25402e4a3cfe93249f2bd6b33f9483c160a107a372034dac5eb28cf2ba"]}, 0x10d0}, 0x1, 0x0, 0x0, 0x20008000}, 0xc000) pipe(&(0x7f0000000100)) 20:09:50 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_TX_POWER(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)={0x28, 0x0, 0x401, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x28}}, 0x0) sendmsg$NL802154_CMD_SET_LBT_MODE(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x2c, 0x0, 0x4, 0x70bd2c, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x84854}, 0x44041) sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x40, 0x0, 0x100, 0x70bd2c, 0x25dfdbfc, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r1}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0302}}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0x707}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa0}]}, 0x40}, 0x1, 0x0, 0x0, 0x20040010}, 0x4008000) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r0) sendmsg$NLBL_UNLABEL_C_LIST(r0, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)={0x8c, r2, 0x28, 0x70bd29, 0x25dfdbfc, {}, [@NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'bridge0\x00'}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @private=0xa010102}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'vxcan1\x00'}, @NLBL_UNLABEL_A_SECCTX={0x2c, 0x7, 'system_u:object_r:load_policy_exec_t:s0\x00'}]}, 0x8c}}, 0x80) syz_emit_ethernet(0x2a, &(0x7f0000000000)={@multicast, @broadcast, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}, {0x0, 0x0, 0x0, @private=0xa010101}}}}}, 0x0) 20:09:50 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 44) 20:09:50 executing program 4: perf_event_open(&(0x7f0000000300)={0x3, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000240)}, 0x1000, 0x0, 0x6, 0x3, 0x6, 0x8001, 0xea93, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x9) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) readv(r0, &(0x7f0000000280)=[{&(0x7f0000001e00)=""/4098, 0x1002}], 0x1) ioctl$DVD_READ_STRUCT(0xffffffffffffffff, 0x6, 0x0) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x800) chown(&(0x7f00000000c0)='./file0\x00', 0xffffffffffffffff, r1) ioctl$TUNSETGROUP(0xffffffffffffffff, 0x400454ce, r1) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) mount$9p_xen(&(0x7f00000001c0), &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0), 0x5ba01d1e557fce64, &(0x7f0000000680)=ANY=[@ANYBLOB="7472616e733d78656e2c706f73697861636c2c6163636573d72ccff86572bf8156b9ec06b6463db5eb149f13b74864656275673d30783030303030303030303030303030ce170000000000007461673d2f6465762f737230002c63696368657461673d2f6465762f737230002c736d61636b66736861743d6b657972696e67002c0048ffa5d6a6be81a95ad7b43a9851ccb335ec0bd7e0fbccfd4967254812e536a59557ebddf74fa07231c66ccea2fbf18787c29ba47673eb5f161e7ecb7ae0480fa1c06a5063002e95ee76113c387fd6352900bf68c8a395dbac3737b4bf3cb4462aa1d76d571371e74742e7e4ce2f8bbeb518b2be71cc1a1d4c7e723fcc95a4b267f5b5a71e2d9bbcce0d8da00c33d4c953ed26c1e584a86a1489"]) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r2, 0x8914, &(0x7f0000000140)={'lo\x00'}) ioctl$BTRFS_IOC_GET_FEATURES(r2, 0x80189439, &(0x7f0000000400)) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) signalfd4(0xffffffffffffffff, &(0x7f0000000b80), 0x8, 0x0) setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140), &(0x7f0000000180)=@v1={0x1000000, [{0x8, 0x200}]}, 0xc, 0x2) r3 = syz_io_uring_setup(0x2a7b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f0000000480)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, {0x2}}, 0x2) 20:09:50 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080), 0x0, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:09:50 executing program 6: r0 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r0, 0x0, 0x0, 0x20000854, &(0x7f0000000140)={0x2, 0x0, @dev}, 0x10) setsockopt$sock_linger(r0, 0x1, 0x35, &(0x7f0000000000)={0x1}, 0x8) signalfd4(r0, &(0x7f0000000040), 0x8, 0x80000) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x2000, 0x0) r3 = getpgrp(0x0) r4 = pidfd_open(r3, 0x0) r5 = dup(r4) pidfd_send_signal(r5, 0x0, &(0x7f0000000000), 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3000008, 0x11, r5, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x10001, 0x0) r6 = dup2(r1, r2) r7 = getpgrp(0x0) pidfd_open(r7, 0x0) getpgrp(r7) r8 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) getsockopt$ARPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x63, &(0x7f00000000c0)={'TPROXY\x00'}, &(0x7f0000000180)=0x1e) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r6, 0x0) sendfile(r1, r8, 0x0, 0x20d315) 20:09:50 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0xffffffff, 0x0, 0x0, 0x0) [ 1783.042116] FAULT_INJECTION: forcing a failure. [ 1783.042116] name failslab, interval 1, probability 0, space 0, times 0 [ 1783.044823] CPU: 1 PID: 13337 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1783.046370] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1783.048258] Call Trace: [ 1783.048884] dump_stack+0x107/0x167 [ 1783.049275] FAULT_INJECTION: forcing a failure. [ 1783.049275] name failslab, interval 1, probability 0, space 0, times 0 [ 1783.049732] should_fail.cold+0x5/0xa [ 1783.051952] ? create_object.isra.0+0x3a/0xa20 [ 1783.053038] should_failslab+0x5/0x20 [ 1783.053902] kmem_cache_alloc+0x5b/0x310 [ 1783.054866] create_object.isra.0+0x3a/0xa20 [ 1783.055865] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1783.057060] __kmalloc+0x16e/0x390 [ 1783.057887] io_setup_async_rw+0x180/0x580 [ 1783.058847] ? iov_iter_restore+0x195/0x3a0 [ 1783.059830] io_read+0x775/0x11e0 [ 1783.060652] ? kiocb_done+0xc90/0xc90 [ 1783.061553] ? stack_trace_consume_entry+0x160/0x160 [ 1783.062701] ? lock_acquire+0x197/0x470 [ 1783.063625] ? lock_acquire+0x197/0x470 [ 1783.064556] ? __lock_acquire+0xbb1/0x5b00 [ 1783.065525] io_issue_sqe+0x2e12/0x7660 [ 1783.066438] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1783.067608] ? SOFTIRQ_verbose+0x10/0x10 [ 1783.068536] ? lock_chain_count+0x20/0x20 [ 1783.069475] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1783.070640] ? io_connect+0x610/0x610 [ 1783.071500] ? lock_acquire+0x197/0x470 [ 1783.072389] ? find_held_lock+0x2c/0x110 [ 1783.073317] ? __fget_files+0x26d/0x4c0 [ 1783.074211] ? lock_downgrade+0x6d0/0x6d0 [ 1783.075144] __io_queue_sqe+0x90/0x9d0 [ 1783.076027] ? io_issue_sqe+0x7660/0x7660 [ 1783.076976] ? io_prep_rw+0x7f5/0x1050 [ 1783.077859] io_submit_sqes+0x4461/0x85c0 [ 1783.078840] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1783.079977] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1783.081080] ? lock_downgrade+0x6d0/0x6d0 [ 1783.082009] ? find_held_lock+0x2c/0x110 [ 1783.082933] ? io_submit_sqes+0x85c0/0x85c0 [ 1783.083923] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1783.085026] ? wait_for_completion_io+0x270/0x270 [ 1783.086106] ? rcu_read_lock_any_held+0x75/0xa0 [ 1783.087137] ? vfs_write+0x354/0xa70 [ 1783.087976] ? fput_many+0x2f/0x1a0 [ 1783.088796] ? ksys_write+0x1a9/0x260 [ 1783.089646] ? __ia32_sys_read+0xb0/0xb0 [ 1783.090558] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1783.091720] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1783.092889] do_syscall_64+0x33/0x40 [ 1783.093726] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1783.094850] RIP: 0033:0x7fcf4787bb19 [ 1783.095683] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1783.099676] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1783.101372] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1783.102951] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1783.104540] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1783.106098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1783.107646] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 [ 1783.109239] CPU: 0 PID: 13341 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1783.110099] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1783.111199] Call Trace: [ 1783.111567] dump_stack+0x107/0x167 [ 1783.112078] should_fail.cold+0x5/0xa [ 1783.112616] ? io_setup_async_rw+0x180/0x580 [ 1783.113235] should_failslab+0x5/0x20 [ 1783.113771] __kmalloc+0x72/0x390 [ 1783.114270] io_setup_async_rw+0x180/0x580 [ 1783.114861] ? iov_iter_restore+0x195/0x3a0 [ 1783.115477] io_read+0x775/0x11e0 [ 1783.115985] ? kiocb_done+0xc90/0xc90 [ 1783.116566] ? stack_trace_consume_entry+0x160/0x160 [ 1783.117287] ? lock_acquire+0x197/0x470 [ 1783.117865] ? __lock_acquire+0xbb1/0x5b00 [ 1783.118466] io_issue_sqe+0x2e12/0x7660 [ 1783.119032] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1783.119761] ? SOFTIRQ_verbose+0x10/0x10 [ 1783.120348] ? lock_chain_count+0x20/0x20 [ 1783.120983] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1783.121720] ? io_connect+0x610/0x610 [ 1783.122254] ? lock_acquire+0x197/0x470 [ 1783.122807] ? find_held_lock+0x2c/0x110 [ 1783.123369] ? __fget_files+0x26d/0x4c0 [ 1783.123907] ? lock_downgrade+0x6d0/0x6d0 [ 1783.124472] __io_queue_sqe+0x90/0x9d0 [ 1783.125003] ? io_issue_sqe+0x7660/0x7660 [ 1783.125572] ? io_prep_rw+0x7f5/0x1050 [ 1783.126120] io_submit_sqes+0x4461/0x85c0 [ 1783.126733] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1783.127430] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1783.128107] ? lock_downgrade+0x6d0/0x6d0 [ 1783.128698] ? find_held_lock+0x2c/0x110 [ 1783.129279] ? io_submit_sqes+0x85c0/0x85c0 [ 1783.129890] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1783.130557] ? wait_for_completion_io+0x270/0x270 [ 1783.131228] ? rcu_read_lock_any_held+0x75/0xa0 [ 1783.131855] ? vfs_write+0x354/0xa70 [ 1783.132381] ? fput_many+0x2f/0x1a0 [ 1783.132885] ? ksys_write+0x1a9/0x260 [ 1783.133394] ? __ia32_sys_read+0xb0/0xb0 [ 1783.133954] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1783.134661] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1783.135358] do_syscall_64+0x33/0x40 [ 1783.135875] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1783.136571] RIP: 0033:0x7fe40cf96b19 [ 1783.137080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1783.139520] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1783.140544] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1783.141522] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1783.142487] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1783.143449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1783.144418] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 20:09:50 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) fdatasync(r1) r2 = openat$incfs(r1, &(0x7f0000000140)='.pending_reads\x00', 0x10200, 0x34) ftruncate(r0, 0x1000003) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000)) r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0) unlinkat(0xffffffffffffffff, &(0x7f0000000640)='./file0\x00', 0x0) openat$hpet(0xffffffffffffff9c, &(0x7f0000000100), 0x80000, 0x0) r4 = signalfd(r0, &(0x7f0000000180)={[0x80]}, 0x8) ioctl$AUTOFS_DEV_IOCTL_VERSION(r4, 0xc0189371, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000a089bfd53c3df87a000000000263ef09495bc7c65f2b1333f90e6704310a804ff23e8a86b92156cd8e00"/59, @ANYRES32, @ANYBLOB="002894e86963ac9e790c0286294857c025629ba50df056"]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r2, 0x80489439, &(0x7f0000000340)) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x81f8943c, &(0x7f00000003c0)) lseek(r3, 0x0, 0x2) r5 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0) copy_file_range(r5, 0x0, r3, 0x0, 0x200f5ef, 0x0) 20:09:50 executing program 3: ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1400000}}, './file0\x00'}) ioctl$TIOCSCTTY(r0, 0x540e, 0x81) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x34, 0x10, 0x1, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}, @nested={0x18, 0x0, 0x0, 0x1, [@typed={0x14, 0xd, 0x0, 0x0, @ipv6=@private2}]}]}, 0x34}}, 0x880) r1 = getpgrp(0x0) r2 = pidfd_open(r1, 0x0) r3 = dup(r2) pidfd_send_signal(r3, 0x0, &(0x7f0000000000), 0x0) ioctl$KDFONTOP_SET(r3, 0x4b72, &(0x7f0000000040)={0x0, 0x0, 0x12, 0xb, 0x24, &(0x7f0000000280)="1ee4997c2eed4e20af4382aecd8a73989ab0f77edbc7162d81df66fa7312e5d8dcff58c8d3c6bf51040cbd30406954a83afb0fbd35479ddbbb0b88acf7fe6726db724ac45168c79b94d309c048e49e76d79f1bab5078c68597faec051aff233221e007a7375ba78ffa9e81245164ec9365d8d7251e9995af5c9fd452707a0db7a46fb6634fd4defdbf47d97609716861db14880bcd560aa2d311fc22c87269b36f5b161cec18c30bc92e15cb029b9ea34b8910ee7453eefc8ddec8029158c1359659ce0306a3aac6b18ad6ff15b292776b9da1d6c645749a1c0b67dbb0e5ff8e2a5c7f905b6ad62366dd64fc22ebfe85be69547bc0cdbd0ff1f35b715b8d01ad517a78c27e10779ce59d0026cf06af27a00610477e58042f3f9de38e5b2d34f9bcd6677f4fe6f90ede911a88d10f906da3aba655cecb0f505c5eaa54b4cc5e372b3c2adb7c56ad437a536a05ca189a6f2d5d21412993018f0a79e9f1b0a1cb0e78098dedb3e29e7e70ec414e3ed0082e2f8dbb767c354e3149f10e27f77fe407198c050a33fde3b6c508d5b141cc3941de0baca49521846cdbb0e7ab13e7b4f6b50cbbb44628c370cd662fe2050fe7e3df89803a7f0e608ee315e4f8637ef456b0d0122a808f09fd7ad312afa997d34f8ebf315c0b3bb6dd8cb7a46bf49481e91560999097c8e82e02d7082280ce8dd62e55c14175663b4716d51dcb9a1d0d4e727151294164e6fe6adab1be86b4ea346ba39d359937eb440e7ff5c47733490da36efa71e8da337a2e80e28c2c6c6f33127e73c56fbf135b9b5c0822ea5b85d1e3252ee86295359f1de21e0244cdc362980481c4af59be9dd7c6eb4513213ab854c7d94f2f78b4b1d38d28b77c233965be6f8868b4ca0f205ed7e6b56124a8e52e87568e3c3b86533e07214f914c271f02284a3b52d1d99fc24db4ccb0a9f314b428cffd0c5cbd1840e4713090b15e8b96d1b80c2c0dad5b6aba6c49e1284209c4e730b796279e5b2c643a355c4f11592e87f630c3163f669c4f26832ab74f77bf45228030ea387525662eaedc5cf65cfd9e6b66e6a26bbc3ffff9d194ea82fd314472ae5a397104752ba01f6638c058d88360c67c306174dc33dd431747e9808d3aa6a4d944fe9dcee47e0b7609aab5aa4444c0b65c755085955c93722bfa9a90910fce3046e37939ff592a0de9e1433b38a1eeb620a4269378547990457b14dd11c700d427f5a33ad8ecbb4cc348dabe640e58a833a7f34eb61c84e4b01df63c26efd84eaed8edb1795fb8c4f2924b90d4dd245a4c8ce2b1e95bd61bf083525b2d04c691001453f22c537ee54a192071d56af9910eecc7922ad621d15cc0d69523be6beecb8c1e47ac08aa1aea5771967f5dacede558e84c3b8c31b441572be634922a2ea6cc046e7200674f64f82d836be9b7a2b45713260c1241959153ac"}) 20:09:50 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 45) 20:09:50 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{0x0}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:09:50 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x2000, 0x0, 0x0) 20:09:50 executing program 2: ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, 0x0) sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, 0x0, 0x20000001) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(0xffffffffffffffff, 0x89f7, &(0x7f00000004c0)={'ip6tnl0\x00', &(0x7f0000000400)={'sit0\x00', 0x0, 0x2f, 0x38, 0x0, 0xfffffff9, 0x5, @mcast1, @mcast2, 0x0, 0x40, 0x1, 0x8}}) close(r0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000540)={0xc4, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@nested={0x14, 0x11, 0x0, 0x1, [@generic="809801a7b0c7dba09475f251c743092f"]}, @typed={0x8, 0x31, 0x0, 0x0, @fd}, @nested={0x92, 0x1a, 0x0, 0x1, [@typed={0x4, 0x6}, @generic="11fd4b89fa85a9d9d95ba408f1ad9097c895c82a43e862c68793e352239f2067998400a69fc652d7549f5a0c4237c2f1442ecb075cbfed07677d0bf090db819175680025353750ec4120c199fd60e73a7fea9ffc20c49013e21501b6012dac481f5ec7686dcdba308d470de03d765429a675a193c40dee0ad0cbfd2c84ca9b4e3fb2", @typed={0x8, 0x80, 0x0, 0x0, @pid=0xffffffffffffffff}]}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20008880}, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0x100}}, './file0\x00'}) openat2(r2, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x80, 0x30, 0x1c}, 0x18) 20:09:50 executing program 4: setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) getsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000100), &(0x7f0000000140)=0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x4, 0x80, 0x0, 0x5, 0x0, 0x0, 0x0, 0xed9, 0x2044, 0xc, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x3, 0x2, @perf_config_ext={0x5, 0x1f}, 0x10020, 0x3, 0x3, 0x8, 0x80000000000000, 0x7, 0x7ff, 0x0, 0x5b6a, 0x0, 0xffffffffffffffc6}, 0xffffffffffffffff, 0x10, r1, 0x0) fallocate(r1, 0x0, 0x0, 0x8800000) perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x7, 0x4, 0x7d, 0x84, 0x0, 0x200000, 0x808, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x800, 0x0, @perf_bp={&(0x7f0000000180)}, 0x4000, 0x4, 0x9, 0x2, 0x80000000, 0x1, 0x9, 0x0, 0x7fff, 0x0, 0x1}, 0xffffffffffffffff, 0x8, r1, 0x8) 20:09:50 executing program 3: socket$netlink(0x10, 0x3, 0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = fcntl$getown(r0, 0x9) setpriority(0x1, r1, 0x80) r2 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x2, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x3}, 0xffffffffffffffff, 0x0, r0, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = accept(r3, &(0x7f00000001c0)=@ax25={{0x3, @null}, [@remote, @netrom, @null, @null, @null, @remote, @default, @rose]}, &(0x7f00000000c0)=0x80) setsockopt$inet6_udp_int(r4, 0x11, 0x66, &(0x7f0000000080)=0xcc, 0x1b) r5 = getpid() r6 = getpgrp(r5) r7 = pidfd_open(r6, 0x0) r8 = dup(r7) fcntl$setlease(r7, 0x400, 0x2) ioctl(r0, 0x200, &(0x7f0000000140)="1dfb74309ddb658cb487b19f69a2d645122f04a16c7418c23ab13771226efe9921193005efe72f28a2f3657e91a600a8d70f812322c412837169586af04501a9baf86914402c78aa6c36921b7cdfa49d5d22e8129f34fc95588f1f57e7150671369b5e8c250b48de1a1d86") dup(0xffffffffffffffff) sendmsg$unix(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000240)="48177221a2a4bf257cc208dddc32094cfaa900daefff06e22841e13276cb4ec7", 0x20}, {&(0x7f0000000280)="83dd2781bc021847211cf36a30b1db624666dee30c60f45e6701600ebcbf7689b185c80b38fd08d88b159ae5d7f81ac32fe688978bfc42b5dbddc7ef56ed7be1399b81a39e6d70fc0a092b06769b46bc8c3dc49a02cd84aa2f9e3b38e135cdfe736fd1649f615400bbbf3934e01596300275d87c17adace103fc37d00bdd4d5f28e43984695332d1d62f22d227511b18b98adf800108f714617f93c1e06d09ec2be76c1dd388cbbbc3ae687c0c1ac163be", 0xb1}, {&(0x7f0000000340)="c3db0b69a87d00ca0dfaf5de34f753ac97bbcf46f433e32b308f6821d50d2c7a0a29b0bb35436673fa2e7f25bc10b836940284db7733a4703f4ab88a86de2aee68d3bbd0f1259458e48f24ad7658b7ddc85adf83a2a11d146c65d2c94342d2647e7a71890728cec570857aa32f65cfb1c51f958ac7bc843015df45b8d4aadcf47195f3e852043a41cc24ea0726322e6f3253451ca9314e919c9dbb8671f21a63cf4e5dc18f9357", 0xa7}, {&(0x7f0000000400)="4ff044c01953ff90218e169e17ce5d7b550838756fae640b569e5f34161a418fe870d8e67e8deb43a9866f383f63a475467ca20b4b482aec839b93f035e3bf8a8eff5cde467d6be9a2ed31356ac8b881fcf14026b47dfb9d51827533c7a9a97e402e27523377b5b5d664b95429cb7bc1acacdf27b721fec74c319ce17bf8df85c0b2dac7e4260c171b1fe770ce93881a5ac9722e7bf6f3e6bcf6b2acf7994421588eca30db7ca4c78616c4bfb4de8230c0f8a9aa8e5f4c5a359432e17e78d151d6fa001909febe0636ce9ebaf38da0797d517648c2d54a9eaf6f368296a4792d52675b786a02", 0xe6}, {&(0x7f0000000500)="d1c4840e873c7524c4f7253910987334789375801633cf4e3e649874d766e8957edd82fd88d49449965623a426b3f4ef898f76add38dd405078d0080a7ac6de4e1b3f91aed135b531856607e098a2df88563372895501f577f1723aeeab69ae98da4bff6ac7e05471b3d2179494af094d18b6d6d4cfe867f7061128a54de509e0c41af67a7bf3fae43a3ffcf4a246196da60f12435a8c821d59018ab2175", 0x9e}, {&(0x7f00000005c0)="60bfb3a349fa9d7a3cba47e52f032b7c9e7a32ae00920686b1df4c4f7ebfa280a41a29", 0x23}], 0x6, &(0x7f0000000740)=[@rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {r6, 0xee01}}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r8]}}], 0x58, 0x8000}, 0x4) ioctl$KDDELIO(0xffffffffffffffff, 0x4b35, 0x0) dup3(r3, r2, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) [ 1783.542037] FAULT_INJECTION: forcing a failure. [ 1783.542037] name failslab, interval 1, probability 0, space 0, times 0 [ 1783.543310] CPU: 0 PID: 13369 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1783.544051] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1783.545062] Call Trace: [ 1783.545371] dump_stack+0x107/0x167 [ 1783.545772] should_fail.cold+0x5/0xa [ 1783.546194] ? io_setup_async_rw+0x180/0x580 [ 1783.546674] should_failslab+0x5/0x20 [ 1783.547086] __kmalloc+0x72/0x390 [ 1783.547475] io_setup_async_rw+0x180/0x580 [ 1783.547954] ? iov_iter_restore+0x195/0x3a0 [ 1783.548420] io_read+0x775/0x11e0 [ 1783.548828] ? kiocb_done+0xc90/0xc90 [ 1783.549263] ? mark_held_locks+0x9e/0xe0 [ 1783.549717] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1783.550289] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1783.550890] ? trace_hardirqs_on+0x5b/0x180 [ 1783.551368] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1783.551976] ? __lock_acquire+0xbb1/0x5b00 [ 1783.552447] io_issue_sqe+0x2e12/0x7660 [ 1783.552899] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1783.553468] ? SOFTIRQ_verbose+0x10/0x10 [ 1783.553922] ? lock_chain_count+0x20/0x20 [ 1783.554376] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1783.554955] ? io_connect+0x610/0x610 [ 1783.555379] ? lock_acquire+0x197/0x470 [ 1783.555806] ? find_held_lock+0x2c/0x110 [ 1783.556263] ? __fget_files+0x26d/0x4c0 [ 1783.556716] ? lock_downgrade+0x6d0/0x6d0 [ 1783.557179] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1783.557753] __io_queue_sqe+0x90/0x9d0 [ 1783.558180] ? io_issue_sqe+0x7660/0x7660 [ 1783.558641] ? io_prep_rw+0x7f5/0x1050 [ 1783.559081] io_submit_sqes+0x4461/0x85c0 [ 1783.559566] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1783.560116] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1783.560666] ? lock_downgrade+0x6d0/0x6d0 [ 1783.561129] ? find_held_lock+0x2c/0x110 [ 1783.561587] ? io_submit_sqes+0x85c0/0x85c0 [ 1783.562066] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1783.562601] ? wait_for_completion_io+0x270/0x270 [ 1783.563130] ? rcu_read_lock_any_held+0x75/0xa0 [ 1783.563650] ? vfs_write+0x354/0xa70 [ 1783.564072] ? fput_many+0x2f/0x1a0 [ 1783.564472] ? ksys_write+0x1a9/0x260 [ 1783.564910] ? __ia32_sys_read+0xb0/0xb0 [ 1783.565363] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1783.565956] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1783.566531] do_syscall_64+0x33/0x40 [ 1783.566953] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1783.567529] RIP: 0033:0x7fcf4787bb19 [ 1783.567945] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1783.569970] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1783.570799] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1783.571582] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1783.572366] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1783.573161] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1783.573951] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 20:09:50 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 48) [ 1783.697293] FAULT_INJECTION: forcing a failure. [ 1783.697293] name failslab, interval 1, probability 0, space 0, times 0 [ 1783.698989] CPU: 0 PID: 13387 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1783.699738] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1783.700644] Call Trace: [ 1783.700944] dump_stack+0x107/0x167 [ 1783.701355] should_fail.cold+0x5/0xa [ 1783.701778] ? io_setup_async_rw+0x180/0x580 [ 1783.702268] should_failslab+0x5/0x20 [ 1783.702681] __kmalloc+0x72/0x390 [ 1783.703068] io_setup_async_rw+0x180/0x580 [ 1783.703538] ? iov_iter_restore+0x195/0x3a0 [ 1783.704009] io_read+0x775/0x11e0 [ 1783.704401] ? kiocb_done+0xc90/0xc90 [ 1783.704850] ? stack_trace_consume_entry+0x160/0x160 [ 1783.705409] ? lock_acquire+0x197/0x470 [ 1783.705846] ? __lock_acquire+0xbb1/0x5b00 [ 1783.706310] io_issue_sqe+0x2e12/0x7660 [ 1783.706754] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1783.707337] ? SOFTIRQ_verbose+0x10/0x10 [ 1783.707801] ? lock_chain_count+0x20/0x20 [ 1783.708274] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1783.708877] ? io_connect+0x610/0x610 [ 1783.709342] ? lock_acquire+0x197/0x470 [ 1783.709808] ? find_held_lock+0x2c/0x110 [ 1783.710275] ? __fget_files+0x26d/0x4c0 [ 1783.710724] ? lock_downgrade+0x6d0/0x6d0 [ 1783.711197] __io_queue_sqe+0x90/0x9d0 [ 1783.711640] ? io_issue_sqe+0x7660/0x7660 [ 1783.712115] ? io_prep_rw+0x7f5/0x1050 [ 1783.712559] io_submit_sqes+0x4461/0x85c0 [ 1783.713039] ? __mutex_lock+0x4fe/0x10b0 [ 1783.713507] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1783.714059] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1783.714616] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1783.715203] ? io_submit_sqes+0x85c0/0x85c0 [ 1783.715695] ? _raw_spin_unlock_irq+0x1f/0x30 [ 1783.716205] ? finish_task_switch+0x126/0x5d0 [ 1783.716754] ? finish_task_switch+0xef/0x5d0 [ 1783.717243] ? __switch_to+0x572/0xf70 [ 1783.717681] ? __switch_to_asm+0x3a/0x60 [ 1783.718131] ? __switch_to_asm+0x34/0x60 [ 1783.718597] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1783.719190] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1783.719802] ? trace_hardirqs_on+0x5b/0x180 [ 1783.720290] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1783.720924] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1783.721506] do_syscall_64+0x33/0x40 [ 1783.721931] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1783.722493] RIP: 0033:0x7fe40cf96b19 [ 1783.722920] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1783.724965] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1783.725819] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1783.726616] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1783.727410] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1783.728211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1783.729023] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 [ 1783.868431] sysfs: cannot create duplicate filename '/class/ieee80211/€˜§°ÇÛ ”uòQÇC !' [ 1783.869375] CPU: 0 PID: 13382 Comm: syz-executor.2 Not tainted 5.10.180 #1 [ 1783.870154] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1783.871060] Call Trace: [ 1783.871362] dump_stack+0x107/0x167 [ 1783.871787] sysfs_warn_dup.cold+0x1c/0x29 [ 1783.872249] sysfs_do_create_link_sd+0x122/0x140 [ 1783.872776] sysfs_create_link+0x5f/0xc0 [ 1783.873226] device_add+0x703/0x1bc0 [ 1783.873643] ? devlink_add_symlinks+0x970/0x970 [ 1783.874154] ? ieee80211_set_bitrate_flags+0x202/0x620 [ 1783.874735] wiphy_register+0x1da6/0x2850 [ 1783.875202] ? wiphy_unregister+0xb90/0xb90 [ 1783.875683] ? ieee80211_init_rate_ctrl_alg+0x121/0x500 [ 1783.876270] ieee80211_register_hw+0x23c5/0x38b0 [ 1783.876826] ? ieee80211_ifa6_changed+0x4d0/0x4d0 [ 1783.877356] ? net_generic+0xdb/0x2b0 [ 1783.877780] ? lockdep_init_map_type+0x2c7/0x780 [ 1783.878308] ? memset+0x20/0x50 [ 1783.878673] ? __hrtimer_init+0x12c/0x270 [ 1783.879133] mac80211_hwsim_new_radio+0x1ce0/0x4250 [ 1783.879694] ? hwsim_send_nullfunc_ps+0x80/0x80 [ 1783.880206] ? hwsim_new_radio_nl+0x967/0x1080 [ 1783.880710] ? memcpy+0x39/0x60 [ 1783.881082] hwsim_new_radio_nl+0x991/0x1080 [ 1783.881574] ? mac80211_hwsim_new_radio+0x4250/0x4250 [ 1783.882154] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280 [ 1783.882866] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280 [ 1783.883573] genl_family_rcv_msg_doit+0x22d/0x330 [ 1783.884108] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 1783.884838] ? cap_capable+0x1d6/0x240 [ 1783.885279] ? ns_capable+0xe2/0x110 [ 1783.885695] genl_rcv_msg+0x33c/0x5a0 [ 1783.886121] ? genl_get_cmd+0x480/0x480 [ 1783.886560] ? mac80211_hwsim_new_radio+0x4250/0x4250 [ 1783.887126] ? lock_release+0x680/0x680 [ 1783.887570] ? netlink_deliver_tap+0xf4/0xcd0 [ 1783.888069] netlink_rcv_skb+0x14b/0x430 [ 1783.888518] ? genl_get_cmd+0x480/0x480 [ 1783.888970] ? netlink_ack+0xab0/0xab0 [ 1783.889409] ? netlink_deliver_tap+0x1c4/0xcd0 [ 1783.889908] ? is_vmalloc_addr+0x7b/0xb0 [ 1783.890360] genl_rcv+0x24/0x40 [ 1783.890725] netlink_unicast+0x549/0x7f0 [ 1783.891173] ? netlink_attachskb+0x870/0x870 [ 1783.891657] ? __virt_addr_valid+0x128/0x350 [ 1783.892147] netlink_sendmsg+0x90f/0xdf0 [ 1783.892615] ? netlink_unicast+0x7f0/0x7f0 [ 1783.893090] ? netlink_unicast+0x7f0/0x7f0 [ 1783.893556] sock_sendmsg+0x154/0x190 [ 1783.893977] ____sys_sendmsg+0x70d/0x870 [ 1783.894424] ? kernel_sendmsg+0x50/0x50 [ 1783.894859] ? do_recvmmsg+0x6d0/0x6d0 [ 1783.895290] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1783.895861] ? __lock_acquire+0xbb1/0x5b00 [ 1783.896324] ___sys_sendmsg+0xf3/0x170 [ 1783.896768] ? sendmsg_copy_msghdr+0x160/0x160 [ 1783.897271] ? lock_downgrade+0x6d0/0x6d0 [ 1783.897729] ? percpu_counter_add_batch+0x8b/0x140 [ 1783.898258] ? futex_exit_release+0x220/0x220 [ 1783.898753] ? __fget_files+0x296/0x4c0 [ 1783.899195] ? __fget_light+0xea/0x290 [ 1783.899626] __sys_sendmsg+0xe5/0x1b0 [ 1783.900042] ? __sys_sendmsg_sock+0x40/0x40 [ 1783.900516] ? __do_sys_futex+0x2bb/0x480 [ 1783.900979] ? _cond_resched+0x13/0x80 [ 1783.901415] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1783.901988] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1783.902557] do_syscall_64+0x33/0x40 [ 1783.902968] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1783.903528] RIP: 0033:0x7f8c17938b19 [ 1783.903945] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1783.905906] RSP: 002b:00007f8c14e8d188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1783.906741] RAX: ffffffffffffffda RBX: 00007f8c17a4c020 RCX: 00007f8c17938b19 [ 1783.907521] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 1783.908284] RBP: 00007f8c17992f6d R08: 0000000000000000 R09: 0000000000000000 [ 1783.909063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1783.909828] R13: 00007fff737479ef R14: 00007f8c14e8d300 R15: 0000000000022000 20:10:06 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x800000, 0x0, 0x0) 20:10:06 executing program 3: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0xa9, 0x0, 0x0, 0x0, 0x0, 0x20a21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pkey_mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x4, 0x40, 0x4, 0x4, 0x0, 0x10000, 0x50009, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0xd8, 0x101}, 0x40400, 0x7, 0x69c52149, 0x7, 0x4, 0x5, 0x1ff, 0x0, 0x3, 0x0, 0x7fffffff}, 0x0, 0x9, r0, 0x9) perf_event_open(&(0x7f00000000c0)={0x3, 0x80, 0x0, 0x2, 0x58, 0x4, 0x0, 0x7, 0xa000, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x727d4954, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x6000, 0xd1, 0x2, 0x9, 0x0, 0x1000, 0x7, 0x0, 0x4906, 0x0, 0x5}, 0x0, 0x4, r1, 0x4) sendmsg$unix(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x0) 20:10:06 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 46) 20:10:06 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 49) 20:10:06 executing program 6: write$P9_RREADDIR(0xffffffffffffffff, 0x0, 0x0) r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_config_ext={0x43c2, 0x7fff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_mreqsrc(r1, 0x0, 0x27, &(0x7f0000000080)={@multicast2, @dev={0xac, 0x14, 0x14, 0x41}, @remote}, 0xc) setsockopt$inet_mreqsrc(r1, 0x0, 0x28, &(0x7f0000001480)={@multicast2, @dev={0xac, 0x14, 0x14, 0x41}, @remote}, 0xc) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x13, r2, 0x0) setsockopt$inet_mreqsrc(r2, 0x0, 0x27, &(0x7f0000000440)={@dev, @multicast1, @private=0xa010100}, 0xc) close(r1) setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x25, &(0x7f0000000080)={@multicast2, @dev={0xac, 0x14, 0x14, 0x41}, @local}, 0xc) sendto$inet(0xffffffffffffffff, &(0x7f00000000c0)="25cbcf2584228da8e406eef1bd842fe0f6fe62756a7a201f7d0736abed3dc638791cabeaae32df190bfbac1367f54a07ff7ff95699f52c779329e74b8943a4b1c8a75123ef8f3fac938af0cab4950576b8adf03d9ee6a166d5c015a35fb708d99935dbc4643f01210ae95959f8ab0705c597d01102d5f5bc7cd10369a4d0e22c5ecaad19e404d2416f3dd980867812afa40ce63256a355cce21d759c266ed971957bebfe74f1f924de9b8d677cf10da8863d7d5f83b6b3c10be766451cfd08cfc985bcb279f658e7322f538d84b1dec6cdaf0ee5f1ab", 0xd6, 0x2048001, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10) readv(r0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000680)=ANY=[@ANYBLOB="000000000000000000172b7c4188f153ac0804e0eb898c518ad0d68f8d2110a97bfcb49688860d58f6680894e132d3582445e34bb0739c16d5a3f084ff1720bf01507fc6125f4bd1847ae72b03371ccf7b0a1f000000ca8c444e284a93e2c1528b818c5da6889d0f347f1aa49d0033bf17707b8924e5a394c10c777ef8fcce794963999e1c2b1a5bde1e6aaa3cf06fcc293ad3d24c09945fedfc74c136c540bed4bbd3ec4a9603ef3d910585dc9fea67af05ae34c7fac3d830ba23d48be58d802bee27da9905ae99f5901b956aba116fbb089858707eb8e1e6f8828130c1b5703251ec94ac2bf774d53fc540e85043b784a35462ec7f7dc8e0deb476d132b8c86993c4d849a452c74f3706f1681bf63e56ced3", @ANYRES32, @ANYBLOB="c820ad8fd8e619bd25eeca18236e587d6b5822f8a2bcddaef4456ebc112adfabdd06a3a220480db81cb38cf34e03fe93edafeb9c817e821c17"]) close(0xffffffffffffffff) ioctl$FIBMAP(0xffffffffffffffff, 0x1, &(0x7f00000001c0)=0x40c4) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r4 = accept4$inet(r2, &(0x7f0000000300)={0x2, 0x0, @initdev}, &(0x7f0000000340)=0x10, 0x80800) setsockopt$inet_mreqsrc(r4, 0x0, 0x27, &(0x7f0000000380)={@loopback, @multicast2, @private=0xa010102}, 0xc) ioctl$sock_SIOCGIFINDEX(r3, 0x8914, &(0x7f0000000140)={'lo\x00'}) ioctl$FS_IOC_FSSETXATTR(r3, 0x401c5820, &(0x7f0000000400)={0x6039, 0xc08, 0x6, 0xd, 0x7d6}) 20:10:06 executing program 2: ioctl$BTRFS_IOC_SCRUB_CANCEL(0xffffffffffffffff, 0x941c, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x400, 0x2, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000140)) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETQUEUE(r2, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) r3 = epoll_create1(0x0) dup2(r3, 0xffffffffffffffff) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)) mount(&(0x7f0000000200)=ANY=[], &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='ext2\x00', 0x0, 0x0) pkey_mprotect(&(0x7f0000ff4000/0x4000)=nil, 0x4000, 0x0, 0xffffffffffffffff) ftruncate(0xffffffffffffffff, 0x2) socket$inet_udp(0x2, 0x2, 0x0) 20:10:06 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x40) syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000001640), 0x10018c6, &(0x7f0000000200)=ANY=[]) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) syz_mount_image$vfat(&(0x7f0000000180), &(0x7f00000001c0)='./file1\x00', 0x0, 0x1, &(0x7f0000000280)=[{0x0, 0x0, 0xfffffffffffff2ca}], 0x0, &(0x7f0000000300)={[{@shortname_mixed}], [{@subj_user={'subj_user', 0x3d, '/proc/keys\x00'}}, {@seclabel}, {@obj_type={'obj_type', 0x3d, '\x8d^$(}'}}, {@smackfshat={'smackfshat', 0x3d, 'iso9660\x00'}}, {@fsmagic={'fsmagic', 0x3d, 0x6}}, {@dont_measure}]}) dup2(r0, r1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(r1, &(0x7f0000000140)=ANY=[@ANYRESDEC, @ANYRES64], 0x5c000) 20:10:06 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{0x0}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) [ 1799.484248] FAT-fs (loop4): Unrecognized mount option "subj_user=/proc/keys" or missing value [ 1799.486436] FAULT_INJECTION: forcing a failure. [ 1799.486436] name failslab, interval 1, probability 0, space 0, times 0 [ 1799.489116] CPU: 0 PID: 13407 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1799.490546] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1799.492261] Call Trace: [ 1799.492834] dump_stack+0x107/0x167 [ 1799.493592] should_fail.cold+0x5/0xa [ 1799.494385] ? io_setup_async_rw+0x180/0x580 [ 1799.495315] should_failslab+0x5/0x20 [ 1799.496099] __kmalloc+0x72/0x390 [ 1799.496848] io_setup_async_rw+0x180/0x580 [ 1799.497731] ? iov_iter_restore+0x195/0x3a0 [ 1799.498624] io_read+0x775/0x11e0 [ 1799.499369] ? kiocb_done+0xc90/0xc90 [ 1799.500203] ? stack_trace_consume_entry+0x160/0x160 [ 1799.501297] ? lock_acquire+0x197/0x470 [ 1799.502137] ? __lock_acquire+0xbb1/0x5b00 [ 1799.503034] io_issue_sqe+0x2e12/0x7660 [ 1799.503871] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1799.504968] ? SOFTIRQ_verbose+0x10/0x10 [ 1799.505805] ? lock_chain_count+0x20/0x20 [ 1799.506678] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1799.507746] ? io_connect+0x610/0x610 [ 1799.508553] ? lock_acquire+0x197/0x470 [ 1799.509380] ? find_held_lock+0x2c/0x110 [ 1799.510245] ? __fget_files+0x26d/0x4c0 [ 1799.511068] ? lock_downgrade+0x6d0/0x6d0 [ 1799.511946] __io_queue_sqe+0x90/0x9d0 [ 1799.512781] ? io_issue_sqe+0x7660/0x7660 [ 1799.513658] ? io_prep_rw+0x7f5/0x1050 [ 1799.514469] io_submit_sqes+0x4461/0x85c0 [ 1799.515370] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1799.516386] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1799.517405] ? lock_downgrade+0x6d0/0x6d0 [ 1799.518255] ? find_held_lock+0x2c/0x110 [ 1799.519108] ? io_submit_sqes+0x85c0/0x85c0 [ 1799.520005] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1799.521015] ? wait_for_completion_io+0x270/0x270 [ 1799.522004] ? rcu_read_lock_any_held+0x75/0xa0 [ 1799.522959] ? vfs_write+0x354/0xa70 [ 1799.523734] ? fput_many+0x2f/0x1a0 [ 1799.524495] ? ksys_write+0x1a9/0x260 [ 1799.525295] ? __ia32_sys_read+0xb0/0xb0 [ 1799.526146] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1799.527222] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1799.528294] do_syscall_64+0x33/0x40 [ 1799.529074] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1799.530137] RIP: 0033:0x7fe40cf96b19 [ 1799.530908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1799.534668] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1799.536223] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1799.537699] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1799.539177] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1799.540639] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1799.542128] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 [ 1799.572582] FAULT_INJECTION: forcing a failure. [ 1799.572582] name failslab, interval 1, probability 0, space 0, times 0 [ 1799.576191] CPU: 0 PID: 13412 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1799.577867] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1799.579852] Call Trace: [ 1799.580509] dump_stack+0x107/0x167 [ 1799.581379] should_fail.cold+0x5/0xa [ 1799.582174] ? create_object.isra.0+0x3a/0xa20 [ 1799.583124] should_failslab+0x5/0x20 [ 1799.583913] kmem_cache_alloc+0x5b/0x310 [ 1799.584777] create_object.isra.0+0x3a/0xa20 [ 1799.585689] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1799.586753] __kmalloc+0x16e/0x390 [ 1799.587509] io_setup_async_rw+0x180/0x580 [ 1799.588384] ? iov_iter_restore+0x195/0x3a0 [ 1799.589314] io_read+0x775/0x11e0 [ 1799.590064] ? kiocb_done+0xc90/0xc90 [ 1799.590901] ? stack_trace_consume_entry+0x160/0x160 [ 1799.591978] ? lock_acquire+0x197/0x470 [ 1799.592855] ? __lock_acquire+0xbb1/0x5b00 [ 1799.593748] io_issue_sqe+0x2e12/0x7660 [ 1799.594592] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1799.595672] ? SOFTIRQ_verbose+0x10/0x10 [ 1799.596518] ? lock_chain_count+0x20/0x20 [ 1799.597401] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1799.598484] ? io_connect+0x610/0x610 [ 1799.599286] ? lock_acquire+0x197/0x470 [ 1799.600116] ? find_held_lock+0x2c/0x110 [ 1799.600986] ? __fget_files+0x26d/0x4c0 [ 1799.601822] ? lock_downgrade+0x6d0/0x6d0 [ 1799.602700] __io_queue_sqe+0x90/0x9d0 [ 1799.603523] ? io_issue_sqe+0x7660/0x7660 [ 1799.604395] ? io_prep_rw+0x7f5/0x1050 [ 1799.605226] io_submit_sqes+0x4461/0x85c0 [ 1799.606133] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1799.607166] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1799.608170] ? lock_downgrade+0x6d0/0x6d0 [ 1799.609043] ? find_held_lock+0x2c/0x110 [ 1799.609896] ? io_submit_sqes+0x85c0/0x85c0 [ 1799.610805] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1799.611808] ? wait_for_completion_io+0x270/0x270 [ 1799.612826] ? rcu_read_lock_any_held+0x75/0xa0 [ 1799.613789] ? vfs_write+0x354/0xa70 [ 1799.614576] ? fput_many+0x2f/0x1a0 [ 1799.615340] ? ksys_write+0x1a9/0x260 [ 1799.616139] ? __ia32_sys_read+0xb0/0xb0 [ 1799.617000] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1799.618121] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1799.619199] do_syscall_64+0x33/0x40 [ 1799.619983] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1799.621056] RIP: 0033:0x7fcf4787bb19 [ 1799.621838] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1799.625592] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1799.627161] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1799.628625] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1799.630107] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1799.631570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1799.633060] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 20:10:06 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x20000000, 0x0, 0x0) 20:10:06 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0xa0, 0x10, 0x1, 0x4, 0x0, {}, [@typed={0x4, 0x0, 0x0, 0x0, @str}, @nested={0x85, 0x0, 0x0, 0x1, [@generic="e88b0a7d62836491c9745c9c367f55c2cc60e95760649921cbce1f5e2585e06ca5d96efcbd4874ce326f7553ef3d68e0f500fb7617364357806e5b8a4576ad0ac374f54c18523c71288d4f76484c117ffe87c35fccb893d5c5187b22380ff1f9ebe22cda2719cc3a5845272f907475300c9859b72967c127fbfc68b303fc9c1817"]}]}, 0xa0}}, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d) sendmsg$nl_generic(r1, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000280)=ANY=[@ANYBLOB="20000000120011cd00000000000000008000e9"], 0x20}}, 0x0) sendmsg$GTP_CMD_DELPDP(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x14, 0x0, 0x400, 0x70bd2b, 0x25dfdbff}, 0x14}}, 0x20004004) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r2, 0x0, 0x0) r3 = socket$netlink(0x10, 0x3, 0x13) syz_genetlink_get_family_id$wireguard(&(0x7f00000003c0), r3) unshare(0x48020200) r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0x8400, 0x0) sendmsg$NL80211_CMD_STOP_AP(r4, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, 0x0, 0x108, 0x70bd2c, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x4, 0x78}}}}, ["", "", "", "", "", ""]}, 0x20}}, 0x8000) 20:10:06 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) openat(0xffffffffffffffff, &(0x7f0000000140)='./file1\x00', 0x800, 0x40) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000640)={0x0, 0xfdfdffff, 0x2, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00', '\x00']}) execveat(r0, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000440)=[0x0, &(0x7f0000000280)='\x00', &(0x7f0000000380)='{\x00', &(0x7f00000003c0)='@[{./\x00', &(0x7f0000000400)='\x00'], &(0x7f00000005c0)=[&(0x7f0000000480)='/dev/ptmx\x00', &(0x7f00000004c0)=':[/,+,!]}$!\x00', &(0x7f0000000540)='/dev/ptmx\x00', &(0x7f0000000580)='\x9d.\x00'], 0x800) r1 = open_tree(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x1800) perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x6, 0xda, 0x0, 0x3f, 0x0, 0x468b14a8, 0x90004, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x3, @perf_config_ext={0x7, 0xd0b}, 0x2000, 0xd961, 0x2, 0x5, 0x8, 0x8, 0xe6, 0x0, 0xfb, 0x0, 0x5}, 0xffffffffffffffff, 0x5, r1, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x107142, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x20d315) ioctl$TIOCVHANGUP(r3, 0x5437, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) ftruncate(r4, 0x1000003) ioctl$FS_IOC_FSSETXATTR(r4, 0x40086602, &(0x7f0000000000)) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000600)={0x81, 0x0, 0xffff, 0x1, 0xf, "61d79f3081ecd5448e4290f837645ede7ae6f5"}) unshare(0x48020200) 20:10:06 executing program 6: perf_event_open(0x0, 0x0, 0xe, 0xffffffffffffffff, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100), 0x8c81c0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0xa) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0xc) write(r0, &(0x7f00000001c0)="0b36c31abd7810483e1bca46db0dc2994281a9eec72847675b2eb70d99e7dba5e0ee6d6cf83c327387a9ef60f45516ed2e5a4f4d746d5aae016372bd6071f58e849512160492a2bd86a6876a1641466a4f4516e0cd55c1b238840d5389e4fdd3f1c8cb57c510f9d24d9a7aedf9c5fa162ec0b21a26ceaa299192749b96db21152b38cb88333c72af355672a088da6442c57c3995616f0de6be58fb721114d036b079af9ca0865647af63635be6c4423c03b780590595051a1e4a24684e5b88c28cb7dd993da646ece9644737f30489b7338e04cfa896ffa35231a6030c", 0xdd) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ftruncate(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0x100000000, 0x13}, 0x40000, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4fb9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff) pidfd_getfd(0xffffffffffffffff, r1, 0x0) io_setup(0x8001, &(0x7f00000190c0)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x100000b, 0x10010, 0xffffffffffffffff, 0x0) r2 = pidfd_open(0x0, 0x0) r3 = dup(r2) pidfd_send_signal(r3, 0x0, &(0x7f0000000000), 0x0) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8914, &(0x7f00000000c0)={'veth0_virt_wifi\x00'}) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x3800000, &(0x7f0000000340)=ANY=[@ANYBLOB="74e67fd3893d66642c0f6627426f7266646e6f3dae08ecabe4c1", @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r0, @ANYBLOB="f733b7"]) 20:10:06 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x10000000000, 0x0, 0x0) [ 1799.829517] netlink: 128 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1799.833629] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13434 comm=syz-executor.3 20:10:06 executing program 2: r0 = getpgrp(0x0) r1 = getpgrp(0x0) pidfd_open(r1, 0x0) fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000000)={0x1, r1}) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f00000002c0)={0x1, 0x2, 0x0, 0x0, r0}) syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/ipc\x00') pkey_mprotect(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1000009, 0xffffffffffffffff) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x3}, 0x1c) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8001, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x40004, 0xfffffffffffffffc, 0x0, 0x8, 0x40, 0x4, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = epoll_create(0xff) fcntl$getownex(r3, 0x10, &(0x7f0000000040)) keyctl$set_timeout(0xf, 0x0, 0x7) sendmmsg$inet6(r2, &(0x7f0000004d00)=[{{0x0, 0x1100, &(0x7f00000004c0)=[{&(0x7f0000000080)='K', 0x1}], 0x1}}], 0x7ffff000, 0x0) ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000100)={0x0, {0x2, 0x4e22, @remote}, {0x2, 0x4e24, @private=0xa010100}, {0x2, 0x4e23, @empty}, 0x34d, 0x0, 0x0, 0x0, 0x909c, &(0x7f00000000c0)='ip6_vti0\x00', 0x929f, 0x373, 0x8001}) 20:10:07 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 47) [ 1800.139137] FAULT_INJECTION: forcing a failure. [ 1800.139137] name failslab, interval 1, probability 0, space 0, times 0 [ 1800.142020] CPU: 1 PID: 13449 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1800.143404] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1800.145086] Call Trace: [ 1800.145634] dump_stack+0x107/0x167 [ 1800.146381] should_fail.cold+0x5/0xa [ 1800.147170] ? io_setup_async_rw+0x180/0x580 [ 1800.148082] should_failslab+0x5/0x20 [ 1800.148855] __kmalloc+0x72/0x390 [ 1800.149565] io_setup_async_rw+0x180/0x580 [ 1800.150411] ? iov_iter_restore+0x195/0x3a0 [ 1800.151289] io_read+0x775/0x11e0 [ 1800.152001] ? kiocb_done+0xc90/0xc90 [ 1800.152795] ? register_lock_class+0xbb/0x17b0 [ 1800.153710] ? arch_stack_walk+0x99/0xf0 [ 1800.154543] ? is_dynamic_key+0x1e0/0x1e0 [ 1800.155395] ? __lock_acquire+0x1657/0x5b00 [ 1800.156276] ? __lock_acquire+0xbb1/0x5b00 [ 1800.157141] io_issue_sqe+0x2e12/0x7660 [ 1800.157955] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1800.159009] ? SOFTIRQ_verbose+0x10/0x10 [ 1800.159840] ? lock_chain_count+0x20/0x20 [ 1800.160687] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1800.161751] ? io_connect+0x610/0x610 [ 1800.162532] ? lock_acquire+0x197/0x470 [ 1800.163335] ? find_held_lock+0x2c/0x110 [ 1800.164163] ? __fget_files+0x26d/0x4c0 [ 1800.164988] ? lock_downgrade+0x6d0/0x6d0 [ 1800.165832] __io_queue_sqe+0x90/0x9d0 [ 1800.166622] ? io_issue_sqe+0x7660/0x7660 [ 1800.167460] ? io_prep_rw+0x7f5/0x1050 [ 1800.168246] io_submit_sqes+0x4461/0x85c0 [ 1800.169117] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1800.170122] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1800.171092] ? lock_downgrade+0x6d0/0x6d0 [ 1800.171924] ? find_held_lock+0x2c/0x110 [ 1800.172763] ? io_submit_sqes+0x85c0/0x85c0 [ 1800.173641] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1800.174625] ? wait_for_completion_io+0x270/0x270 [ 1800.175600] ? rcu_read_lock_any_held+0x75/0xa0 [ 1800.176540] ? vfs_write+0x354/0xa70 [ 1800.177300] ? fput_many+0x2f/0x1a0 [ 1800.178039] ? ksys_write+0x1a9/0x260 [ 1800.178812] ? __ia32_sys_read+0xb0/0xb0 [ 1800.179635] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1800.180689] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1800.181751] do_syscall_64+0x33/0x40 [ 1800.182505] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1800.183536] RIP: 0033:0x7fcf4787bb19 [ 1800.184294] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1800.188125] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1800.189672] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1800.191152] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1800.192593] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1800.194047] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1800.195500] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 20:10:07 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 50) [ 1800.281914] FAULT_INJECTION: forcing a failure. [ 1800.281914] name failslab, interval 1, probability 0, space 0, times 0 [ 1800.284254] CPU: 1 PID: 13454 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1800.285660] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1800.287324] Call Trace: [ 1800.287857] dump_stack+0x107/0x167 [ 1800.288595] should_fail.cold+0x5/0xa [ 1800.289377] ? io_setup_async_rw+0x180/0x580 [ 1800.290270] should_failslab+0x5/0x20 [ 1800.291038] __kmalloc+0x72/0x390 [ 1800.291750] io_setup_async_rw+0x180/0x580 [ 1800.292600] ? iov_iter_restore+0x195/0x3a0 [ 1800.293495] io_read+0x775/0x11e0 [ 1800.294212] ? kiocb_done+0xc90/0xc90 [ 1800.295005] ? stack_trace_consume_entry+0x160/0x160 [ 1800.296041] ? lock_acquire+0x197/0x470 [ 1800.296860] ? __lock_acquire+0xbb1/0x5b00 [ 1800.297719] io_issue_sqe+0x2e12/0x7660 [ 1800.298530] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1800.299589] ? SOFTIRQ_verbose+0x10/0x10 [ 1800.300412] ? lock_chain_count+0x20/0x20 [ 1800.301271] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1800.302327] ? io_connect+0x610/0x610 [ 1800.303102] ? lock_acquire+0x197/0x470 [ 1800.303903] ? find_held_lock+0x2c/0x110 [ 1800.304742] ? __fget_files+0x26d/0x4c0 [ 1800.305542] ? lock_downgrade+0x6d0/0x6d0 [ 1800.306381] ? mark_held_locks+0x9e/0xe0 [ 1800.307202] __io_queue_sqe+0x90/0x9d0 [ 1800.308002] ? io_issue_sqe+0x7660/0x7660 [ 1800.308855] ? io_prep_rw+0x7f5/0x1050 [ 1800.309653] io_submit_sqes+0x4461/0x85c0 [ 1800.310516] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1800.311522] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1800.312493] ? lock_downgrade+0x6d0/0x6d0 [ 1800.313340] ? find_held_lock+0x2c/0x110 [ 1800.314164] ? io_submit_sqes+0x85c0/0x85c0 [ 1800.315052] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1800.316030] ? wait_for_completion_io+0x270/0x270 [ 1800.317029] ? rcu_read_lock_any_held+0x75/0xa0 [ 1800.317962] ? vfs_write+0x354/0xa70 [ 1800.318716] ? fput_many+0x2f/0x1a0 [ 1800.319451] ? ksys_write+0x1a9/0x260 [ 1800.320221] ? __ia32_sys_read+0xb0/0xb0 [ 1800.321066] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1800.322134] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1800.323174] do_syscall_64+0x33/0x40 [ 1800.323932] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1800.324968] RIP: 0033:0x7fe40cf96b19 [ 1800.325729] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1800.329447] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1800.330988] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1800.332419] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1800.333856] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1800.335288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1800.336759] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 [ 1800.352681] netlink: 128 bytes leftover after parsing attributes in process `syz-executor.3'. 20:10:07 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{0x0}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) [ 1800.378665] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13434 comm=syz-executor.3 20:10:07 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x80000000000000, 0x0, 0x0) 20:10:23 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:10:23 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x2000000000000000, 0x0, 0x0) 20:10:23 executing program 6: r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x40a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x80, 0x5, 0x2, 0x7, 0x0, 0x4cc4, 0x29400, 0xb, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x401, 0x0, @perf_config_ext={0x7, 0x7}, 0x8104, 0x5, 0x9, 0x8, 0x3c1, 0x5, 0x1f, 0x0, 0x9, 0x0, 0x8}, 0xffffffffffffffff, 0xa, r0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$NL80211_CMD_STOP_AP(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4c801}, 0x4004) sendmsg$nl_generic(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000002a00274e0000000000000000000000000400000009000080999e00009c0000001a0420fc17c3a71721c64697f820f0498f0266cc798ece62e5d9a6397c517e3224648f5bba8b6e9814623d4ee386860b6f8babf9a3003c528af13d68808842def45022a2b533469eaa47822f6411a1cb394af663cd44f00e3b13197ef192872be9e375dc8ab6a46da354dcaf928c0d6da55987175d8312c606cb7cd2ddbaa6a70ef1acb835ee0e6e5a8a71dc2f43f71d6fc8afcdb466ef3b72e8881acae9284c811546a319ce71860d5725b40e"], 0x24}}, 0x0) readv(r1, &(0x7f0000000140)=[{&(0x7f0000000000)=""/29, 0x1d}, {&(0x7f0000000040)=""/193, 0xc1}], 0x2) syz_io_uring_setup(0x203, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000100), 0x0) r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f00000001c0)={0x0, r2, 0x0, 0x20}) bind$802154_dgram(r2, &(0x7f00000001c0)={0x24, @short={0x2, 0x1, 0xaaa3}}, 0x14) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r3, 0x0, 0x0, 0x3d}, 0x0) setsockopt$sock_int(r3, 0x1, 0x10, &(0x7f0000000040)=0x4, 0x4) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000340)=0x100, 0x4) ftruncate(0xffffffffffffffff, 0x1000003) 20:10:23 executing program 2: r0 = getpgrp(0x0) r1 = pidfd_open(r0, 0x0) r2 = dup(r1) pidfd_send_signal(r2, 0x0, &(0x7f0000000000), 0x0) sendmsg$NFT_MSG_GETGEN(r2, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x14, 0x10, 0xa, 0x201, 0x0, 0x0, {0xa, 0x0, 0x6}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x8044}, 0x1) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r3, 0x8914, &(0x7f0000000140)={'lo\x00'}) r4 = getpgrp(0x0) pidfd_open(r4, 0x0) fcntl$setown(r3, 0x8, r4) syz_mount_image$ext4(&(0x7f0000001800)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000440)=[{&(0x7f0000000040)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {0x0, 0x0, 0xffffffffdffffff8}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000011600)="ed41000000080000dff46552e0f4655fe0f4655f000000000000040004", 0x1d, 0x2100}], 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="6e795f25d74e5d23b95fc7fbd78932c16d6263616368655f232eb4ec8527a8a456b9ea42273458a2c906e2564a032f8e3763d4f0426bcc8ef0b9d657663651ce14c2def89fc6f48ac144e2f282904ebc505ef7839725460f1d20aaa3e649037c693f92f96295fd9695417a54d5f69bd799071f33fb2ebb9fd639e33afd1db103d8302becde899e70e3c0f3341d9ed0c191f3065b07e61a18a25bf77d7e1420ea9290a94b5e33baf935020091128fe679d5c8ffdf1c7c5ead8f2fca0000a6715ecd0e3596752a8ce1880000000000"]) 20:10:23 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 48) 20:10:23 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, 0x0, &(0x7f0000000500)='ramfs\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0xc}, 0x448, 0x0, 0x200000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x200000, 0x8e) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='smaps\x00') pread64(r0, &(0x7f0000001100)=""/4095, 0xae3, 0x6800) r1 = openat2(r0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x450000, 0x4}, 0x18) fsetxattr$security_selinux(r1, &(0x7f00000001c0), &(0x7f0000000200)='system_u:object_r:hwclock_exec_t:s0\x00', 0x24, 0x1) openat(r1, &(0x7f00000000c0)='./file0\x00', 0x80042, 0x80) clone3(&(0x7f0000000ac0)={0x17412c500, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) openat(r0, &(0x7f0000000240)='./file0\x00', 0x200400, 0x7) syz_open_dev$mouse(&(0x7f0000000080), 0x0, 0x2000) umount2(&(0x7f0000000040)='./file0\x00', 0x6) 20:10:23 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), r1) sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)={0x20, r2, 0x1, 0x0, 0x0, {0x22}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}]}, 0x20}}, 0x0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f00000002c0), r3) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000080)={'wpan0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f00000000c0)={'wpan4\x00', 0x0}) sendmsg$NL802154_CMD_NEW_SEC_DEV(r3, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)={0xd4, 0x0, 0x0, 0x70bd2d, 0x25dfdbfb, {}, [@NL802154_ATTR_SEC_DEVICE={0x14, 0x23, 0x0, 0x1, [@NL802154_DEV_ATTR_FRAME_COUNTER={0x6, 0x1, 0x5e8b}, @NL802154_DEV_ATTR_SECLEVEL_EXEMPT={0x5, 0x5, 0x1}]}, @NL802154_ATTR_SEC_DEVICE={0x4c, 0x23, 0x0, 0x1, [@NL802154_DEV_ATTR_SHORT_ADDR={0x6, 0x3, 0xffff}, @NL802154_DEV_ATTR_KEY_MODE={0x8, 0x6, 0x2}, @NL802154_DEV_ATTR_SECLEVEL_EXEMPT={0x5}, @NL802154_DEV_ATTR_PAN_ID={0x6, 0x2, 0x2}, @NL802154_DEV_ATTR_SHORT_ADDR={0x6, 0x3, 0xaaa2}, @NL802154_DEV_ATTR_KEY_MODE={0x8, 0x6, 0x1}, @NL802154_DEV_ATTR_KEY_MODE={0x8, 0x6, 0x1}, @NL802154_DEV_ATTR_SHORT_ADDR={0x6, 0x3, 0xaaa1}, @NL802154_DEV_ATTR_PAN_ID={0x6, 0x2, 0x1}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_SEC_DEVICE={0x28, 0x23, 0x0, 0x1, [@NL802154_DEV_ATTR_EXTENDED_ADDR={0xc, 0x4, {0xd4c1d7f0ea7947ff}}, @NL802154_DEV_ATTR_PAN_ID={0x6, 0x2, 0x1}, @NL802154_DEV_ATTR_KEY_MODE={0x8, 0x6, 0x2}, @NL802154_DEV_ATTR_SECLEVEL_EXEMPT={0x5, 0x5, 0x8}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_SEC_DEVICE={0x14, 0x23, 0x0, 0x1, [@NL802154_DEV_ATTR_PAN_ID={0x6, 0x2, 0x2}, @NL802154_DEV_ATTR_PAN_ID={0x6, 0x2, 0x2}]}]}, 0xd4}, 0x1, 0x0, 0x0, 0x20010000}, 0x10) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000140), r6) sendmsg$NLBL_MGMT_C_ADDDEF(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x88, r7, 0x1, 0x0, 0x0, {0x2}, [@NLBL_MGMT_A_DOMAIN={0x71, 0x1, '\x00\x00\xee\x93\xcaq6\xa8\xd0\x99\x87\xd3\x03\x94\xeb\xc6/}3\xb4 G\xe8\x91\xfd\xf7Q9\x10\xd7\xb9b\xbf\x94\xc7\xdbC\x1a\bv6\x1cWV\fP\x1a(o^y1\x01\x89\xdfY\xf1\xeeFD`E\x80\xe6\xd9\"\x0e\xe7\xa0\x7fH\x12?\x95\xee9\x19\xf5uP+\x94\xd25\xdaL\xd0\xac-\xd4]\x01\xce\x01\x88\x98\xe4G\xf7t>\x18\xed1l\xba\x15\x9eN'}]}, 0x88}}, 0x0) sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x58, r7, 0x200, 0x70bd2d, 0x25dfdbff, {}, [@NLBL_MGMT_A_DOMAIN={0xc, 0x1, '^.@^\xaf^[\x00'}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @loopback}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @dev={0xac, 0x14, 0x14, 0x26}}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x2a}]}, 0x58}, 0x1, 0x0, 0x0, 0x8011}, 0x8800) 20:10:23 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 51) [ 1816.783125] FAULT_INJECTION: forcing a failure. [ 1816.783125] name failslab, interval 1, probability 0, space 0, times 0 [ 1816.786035] CPU: 1 PID: 13484 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1816.787482] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1816.789253] Call Trace: [ 1816.789828] dump_stack+0x107/0x167 [ 1816.790616] should_fail.cold+0x5/0xa [ 1816.791427] ? create_object.isra.0+0x3a/0xa20 [ 1816.792407] should_failslab+0x5/0x20 [ 1816.793249] kmem_cache_alloc+0x5b/0x310 [ 1816.794133] create_object.isra.0+0x3a/0xa20 [ 1816.795072] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1816.796173] __kmalloc+0x16e/0x390 [ 1816.796978] io_setup_async_rw+0x180/0x580 [ 1816.797885] ? iov_iter_restore+0x195/0x3a0 [ 1816.798804] io_read+0x775/0x11e0 [ 1816.799560] ? kiocb_done+0xc90/0xc90 [ 1816.800319] FAULT_INJECTION: forcing a failure. [ 1816.800319] name failslab, interval 1, probability 0, space 0, times 0 [ 1816.800417] ? stack_trace_consume_entry+0x160/0x160 [ 1816.803737] ? lock_acquire+0x197/0x470 [ 1816.804584] ? __lock_acquire+0xbb1/0x5b00 [ 1816.805514] io_issue_sqe+0x2e12/0x7660 [ 1816.806383] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1816.807490] ? SOFTIRQ_verbose+0x10/0x10 [ 1816.808370] ? lock_chain_count+0x20/0x20 [ 1816.809271] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1816.810368] ? io_connect+0x610/0x610 [ 1816.811193] ? lock_acquire+0x197/0x470 [ 1816.812035] ? find_held_lock+0x2c/0x110 [ 1816.812878] ? __fget_files+0x26d/0x4c0 [ 1816.813715] ? lock_downgrade+0x6d0/0x6d0 [ 1816.814576] __io_queue_sqe+0x90/0x9d0 [ 1816.815394] ? io_issue_sqe+0x7660/0x7660 [ 1816.816263] ? io_prep_rw+0x7f5/0x1050 [ 1816.817087] io_submit_sqes+0x4461/0x85c0 [ 1816.817965] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1816.818988] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1816.820025] ? lock_downgrade+0x6d0/0x6d0 [ 1816.821098] ? find_held_lock+0x2c/0x110 [ 1816.822164] ? io_submit_sqes+0x85c0/0x85c0 [ 1816.823117] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1816.824125] ? wait_for_completion_io+0x270/0x270 [ 1816.825144] ? rcu_read_lock_any_held+0x75/0xa0 [ 1816.826089] ? vfs_write+0x354/0xa70 [ 1816.826857] ? fput_many+0x2f/0x1a0 [ 1816.827589] ? ksys_write+0x1a9/0x260 [ 1816.828386] ? __ia32_sys_read+0xb0/0xb0 [ 1816.829244] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1816.830316] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1816.831375] do_syscall_64+0x33/0x40 [ 1816.832169] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1816.833227] RIP: 0033:0x7fcf4787bb19 [ 1816.834007] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1816.837759] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1816.839315] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1816.840782] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1816.842250] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1816.843719] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1816.845226] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 [ 1816.846732] CPU: 0 PID: 13488 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1816.848191] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1816.849919] Call Trace: [ 1816.850495] dump_stack+0x107/0x167 [ 1816.851287] should_fail.cold+0x5/0xa [ 1816.852107] should_failslab+0x5/0x20 [ 1816.852915] kmem_cache_alloc_bulk+0x4b/0x320 [ 1816.853874] io_submit_sqes+0x6f76/0x85c0 [ 1816.854791] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1816.855829] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1816.856852] ? lock_downgrade+0x6d0/0x6d0 [ 1816.857734] ? find_held_lock+0x2c/0x110 [ 1816.858594] ? io_submit_sqes+0x85c0/0x85c0 [ 1816.859518] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1816.860533] ? wait_for_completion_io+0x270/0x270 [ 1816.861560] ? rcu_read_lock_any_held+0x75/0xa0 [ 1816.862541] ? vfs_write+0x354/0xa70 [ 1816.863338] ? fput_many+0x2f/0x1a0 [ 1816.864111] ? ksys_write+0x1a9/0x260 [ 1816.864918] ? __ia32_sys_read+0xb0/0xb0 [ 1816.865814] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1816.866924] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1816.868034] do_syscall_64+0x33/0x40 [ 1816.868835] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1816.869916] RIP: 0033:0x7fe40cf96b19 [ 1816.870718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1816.874509] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1816.876086] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1816.877568] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1816.879044] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1816.880513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1816.881990] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 20:10:24 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) r1 = getpgrp(0x0) r2 = pidfd_open(r1, 0x0) r3 = dup(r2) pidfd_send_signal(r3, 0x0, &(0x7f0000000000), 0x0) bind$bt_l2cap(r3, &(0x7f0000000900)={0x1f, 0xfffe, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x4, 0x1}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000040), 0x6e, &(0x7f0000000480)=[{&(0x7f00000000c0)=""/244, 0xf4}, {&(0x7f00000001c0)=""/139, 0x8b}, {&(0x7f0000000280)=""/198, 0xc6}, {&(0x7f0000000380)=""/12, 0xc}, {&(0x7f00000003c0)=""/131, 0x83}, {&(0x7f0000000540)=""/212, 0xd4}, {&(0x7f0000000640)=""/244, 0xf4}, {&(0x7f0000000740)=""/232, 0xe8}], 0x8, &(0x7f0000000840)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x60) openat(r4, &(0x7f00000008c0)='./file0\x00', 0x101140, 0x10) 20:10:24 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:10:24 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 52) 20:10:24 executing program 2: r0 = fsopen(&(0x7f0000001300)='sysfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x2, 0xfde0, 0x0, 0x0, 0x80, 0x1f, 0x0, 0x4307, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x1}, 0x0, 0x0, 0x0, 0x4, 0x1, 0x0, 0x2, 0x0, 0x56c, 0x0, 0x800}, 0x0, 0x3, 0xffffffffffffffff, 0x8) r1 = syz_io_uring_setup(0x3ac8, &(0x7f0000000140)={0x0, 0x5506}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000001c0)=0x0) r4 = socket$inet_tcp(0x2, 0x1, 0x0) r5 = syz_open_dev$loop(&(0x7f00000004c0), 0x0, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x4, 0x0, r4, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002900)=""/158, 0x9e}, 0x0, 0x2203, 0x1}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0) close(r4) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_WRITE={0x17, 0x2, 0x0, @fd_index, 0x3, &(0x7f0000000040)="e028a2", 0x3, 0x0, 0x1, {0x0, r6}}, 0xb50f) syz_io_uring_submit(0x0, r3, &(0x7f00000002c0)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000280), 0x1, 0x1, 0x0, {0x0, r6}}, 0x401) r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/cgroups\x00', 0x0, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_SPLICE={0x1e, 0x5, 0x0, @fd=r5, 0xffffffff00000000, {0x0, r0}, 0x8, 0x3, 0x1, {0x0, 0x0, r1}}, 0x4) io_submit(0x0, 0x1, &(0x7f0000000840)=[&(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, r7, 0x0}]) fsconfig$FSCONFIG_CMD_RECONFIGURE(r7, 0x7, 0x0, 0x0, 0x0) fchdir(r5) creat(&(0x7f0000000080)='./file0\x00', 0x1) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) 20:10:24 executing program 3: openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x40, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8000}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendfile(r1, r0, 0x0, 0xf88c) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) close(0xffffffffffffffff) perf_event_open(0x0, 0x0, 0xe, 0xffffffffffffffff, 0x0) r2 = creat(0x0, 0x17c0ba75be9b2547) fcntl$setlease(r2, 0x400, 0x0) close(r2) 20:10:24 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0xffffffffffffffff, 0x0, 0x0) 20:10:24 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x7f02, &(0x7f0000000240), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000000c0)=0x0) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000180)=@sco}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r5, 0x8914, &(0x7f0000000140)={'lo\x00'}) syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) syz_io_uring_submit(0x0, r6, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r6, &(0x7f0000000100)=@IORING_OP_WRITE={0x17, 0x2, 0x0, @fd_index, 0x3, &(0x7f0000000040)="e028a2", 0x3, 0x0, 0x1, {0x0, r7}}, 0xb50f) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x4004, @fd=r5, 0x80000000, 0x0, 0x0, 0x1, 0x0, {0x1, r7}}, 0x3) syz_emit_ethernet(0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa000800450000280000000000069078ac1e0001ac1414bb00000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="4600000090151ef4"], 0x0) 20:10:24 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 49) [ 1817.267408] FAULT_INJECTION: forcing a failure. [ 1817.267408] name failslab, interval 1, probability 0, space 0, times 0 [ 1817.269881] CPU: 1 PID: 13509 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1817.271300] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1817.272993] Call Trace: [ 1817.273532] dump_stack+0x107/0x167 [ 1817.274274] should_fail.cold+0x5/0xa [ 1817.275051] ? create_object.isra.0+0x3a/0xa20 [ 1817.275971] should_failslab+0x5/0x20 [ 1817.276749] kmem_cache_alloc+0x5b/0x310 [ 1817.277577] create_object.isra.0+0x3a/0xa20 [ 1817.278468] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1817.279509] kmem_cache_alloc_bulk+0x168/0x320 [ 1817.280454] io_submit_sqes+0x6f76/0x85c0 [ 1817.281349] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1817.282348] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1817.283324] ? lock_downgrade+0x6d0/0x6d0 [ 1817.284155] ? find_held_lock+0x2c/0x110 [ 1817.284986] ? io_submit_sqes+0x85c0/0x85c0 [ 1817.285862] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1817.286833] ? wait_for_completion_io+0x270/0x270 [ 1817.287811] ? rcu_read_lock_any_held+0x75/0xa0 [ 1817.288743] ? vfs_write+0x354/0xa70 [ 1817.289505] ? fput_many+0x2f/0x1a0 [ 1817.290238] ? ksys_write+0x1a9/0x260 [ 1817.291011] ? __ia32_sys_read+0xb0/0xb0 [ 1817.291836] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1817.292910] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1817.293988] do_syscall_64+0x33/0x40 [ 1817.294744] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1817.295774] RIP: 0033:0x7fe40cf96b19 [ 1817.296524] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1817.300222] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1817.301765] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1817.303199] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1817.304628] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1817.306076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1817.307506] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 20:10:24 executing program 4: setsockopt$inet6_IPV6_PKTINFO(0xffffffffffffffff, 0x29, 0x32, &(0x7f0000000040)={@private0}, 0x14) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x28}}, 0x0) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) fstat(0xffffffffffffffff, &(0x7f0000000200)) ioctl$sock_SIOCGIFINDEX(r0, 0x8914, &(0x7f0000000100)={'lo\x00'}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'lo\x00'}) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_open_dev$mouse(&(0x7f00000000c0), 0xef, 0x12000) r3 = accept$inet6(r2, 0x0, &(0x7f0000000080)) fstat(0xffffffffffffffff, &(0x7f0000000a00)) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x8}, 0x2, 0x0, 0x1004, 0x7, 0x1, 0xfffdffff, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8914, &(0x7f0000000140)={'lo\x00'}) [ 1817.369722] FAULT_INJECTION: forcing a failure. [ 1817.369722] name failslab, interval 1, probability 0, space 0, times 0 [ 1817.372445] CPU: 0 PID: 13515 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1817.373799] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1817.375384] Call Trace: [ 1817.375901] dump_stack+0x107/0x167 [ 1817.376607] should_fail.cold+0x5/0xa [ 1817.377359] ? io_setup_async_rw+0x180/0x580 [ 1817.378209] should_failslab+0x5/0x20 [ 1817.378945] __kmalloc+0x72/0x390 [ 1817.379618] io_setup_async_rw+0x180/0x580 [ 1817.380439] ? iov_iter_restore+0x195/0x3a0 [ 1817.381271] io_read+0x775/0x11e0 [ 1817.381952] ? kiocb_done+0xc90/0xc90 [ 1817.382713] ? stack_trace_consume_entry+0x160/0x160 [ 1817.383706] ? lock_acquire+0x197/0x470 [ 1817.384433] ? __lock_acquire+0xbb1/0x5b00 [ 1817.385253] io_issue_sqe+0x2e12/0x7660 [ 1817.386031] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1817.387028] ? SOFTIRQ_verbose+0x10/0x10 [ 1817.387805] ? lock_chain_count+0x20/0x20 [ 1817.388583] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1817.389592] ? io_connect+0x610/0x610 [ 1817.390331] ? lock_acquire+0x197/0x470 [ 1817.391063] ? find_held_lock+0x2c/0x110 [ 1817.391855] ? __fget_files+0x26d/0x4c0 [ 1817.392596] ? lock_downgrade+0x6d0/0x6d0 [ 1817.393431] __io_queue_sqe+0x90/0x9d0 [ 1817.394181] ? io_issue_sqe+0x7660/0x7660 [ 1817.394977] ? io_prep_rw+0x7f5/0x1050 [ 1817.395715] io_submit_sqes+0x4461/0x85c0 [ 1817.396522] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1817.397465] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1817.398391] ? lock_downgrade+0x6d0/0x6d0 [ 1817.399173] ? find_held_lock+0x2c/0x110 [ 1817.399948] ? io_submit_sqes+0x85c0/0x85c0 [ 1817.400768] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1817.401678] ? wait_for_completion_io+0x270/0x270 [ 1817.402581] ? rcu_read_lock_any_held+0x75/0xa0 [ 1817.403445] ? vfs_write+0x354/0xa70 [ 1817.404150] ? fput_many+0x2f/0x1a0 [ 1817.404838] ? ksys_write+0x1a9/0x260 [ 1817.405566] ? __ia32_sys_read+0xb0/0xb0 [ 1817.406335] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1817.407318] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1817.408289] do_syscall_64+0x33/0x40 [ 1817.408993] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1817.409961] RIP: 0033:0x7fcf4787bb19 [ 1817.410665] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1817.414135] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1817.415567] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1817.416916] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1817.418279] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1817.419616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1817.420971] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 20:10:41 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 50) 20:10:41 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = openat$incfs(0xffffffffffffffff, &(0x7f0000000140)='.pending_reads\x00', 0x0, 0x0) ftruncate(r0, 0x1000003) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000)) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0) unlinkat(0xffffffffffffffff, 0x0, 0x0) r3 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000100), 0x80000, 0x0) r4 = getpgrp(0x0) r5 = pidfd_open(r4, 0x0) dup(r5) r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x9) dup2(r3, r6) sendfile(r5, r2, &(0x7f0000000180)=0xffffffff, 0xd9f6) signalfd(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r1, 0x80489439, &(0x7f0000000340)) lseek(0xffffffffffffffff, 0x4, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0) copy_file_range(r7, 0x0, r2, 0x0, 0x200f5ef, 0x0) 20:10:41 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:10:41 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000002c0), r1) sendmsg$IEEE802154_LIST_PHY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x14, r2, 0x731}, 0x14}}, 0x0) syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), r1) syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), 0xffffffffffffffff) 20:10:41 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x2000) 20:10:41 executing program 3: ptrace$setregset(0x4205, 0x0, 0x0, 0x0) r0 = gettid() kcmp(0x0, r0, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setregset(0x4205, r0, 0x200, &(0x7f0000000000)={&(0x7f0000000280)="d54bc010eee658359d1e57032c5e2a9e978a83c1be1394110eb6ed5ff99f54c4b47e57e24798a4a73b2b50dbcfcca1f53c50bdc52865982bd571355b10e68a1c81c3f459a4d850c1474d332c2810ab426d0948c0bf424be49dd6e672bcfef7796f74c1a24c0bfb630ab6b90aaa08946691a018b60e653df407aadb459d8acc97554b99c5e246bcfdf40ce6c8d2bf15a2358cabb8f6d5b3f78f278e09f2207fb51dea8e4c3c5e9e21c6cef32c7565f658a3fe491a379ebcbf15acb5b69d71fd9c9844ae8a86d2da2e56431320249a5b20181bd7c2a5b6fec6c22dcae9f8c759a6e3970c329f3d85990b7c7fd81c10fb22d46ad6047179c39febb2ad60fa6722a59b01c836b00d64626023b1b79b784dc3ca464a2be5d044bd86171bff072868eaaecf215f26f7d5660511656917023ecd73b77ba3928f216ac1e747a1f7dbbaa613125e07ca0a351c0512c3a2a054ed2b2427694e7883bb05199343132db714a695de1e218135f795510e01906cbeea0681cc088279d4dbf37faec2df4acde07c317a39a9bb1b6582bcc77ccd17015f071638a1c99f5d1f185ad312274f5d25eae6b82023ad6924f0be4a0c94dc3e8c954fad1e25367cee29525b5c6a717d8210650d1b85b8e7e7c185fdb152aa51cef0db968e6ffdc06f05d593702698c51107d5b3654b7037b3f0873681ee54ac9f08026a8429ea4d0b772ce126923af9f29eb7ba6d4b2a8aa75d30d577bd2f4fad6c3fb360a2eb74a47f7e66630f2064cb70d6efb2861f55e483288ec4bde2e159caf961eb0b881176e869ccfb544e60901acb134daece1aced65190b1687385971f2ae3ec9944863213120588a88b451ac277e4375834d1b8582471966f725756ac3119a0dc351546054b3e6efb30c1829f85d8af501a1e7c171ecf8a92acecc31cccee40610f54463bf3f2228db4a21de0ca0b9146a2ef1e66658d003a37faa093f32f79df65f94dc1c6a4bcc992d4b8fb09104f6b3132e0f9e00c65077305e314b07ec42aebf6dcee6b61434fdd76e8233b745c71b6b9be6312bc5b43e6ad684794816c5b20242e42171640730ed361bdf391b6c188896fd245200d9bf83151969d01d5a4e9e74abd09e58b142f2ceb46b1ed3ee775c5a2fbc2918687a97c85e38caeb2583c1d1ca7b1f278bd843b883d6106938a480daa8164e8a5186449836484a217be2791b9b989fef1acd0962a3320f3199da7a8e89237c4bd2321d809e509c10f1d29798e3f6f3f709e97db42057c5279c7d40a7c4c17b1a785fd6e8ef656017c41e03c893eff6670816d6693d72e2bf60a6c44714c4eb695c3e1a1ce420834590ac95df538faa8a12ef24ca036721251fb145c8e9ed0c73529887dda3ac71292c9400d255fa7a2ecafd45382158fe9287f45507899b6e72f5b503c7eff5bdc3efbced5d1183725e4aaa10c974effb4a41ac44414ed8c24aa1db29a69b16a12b6ed3e76b2c12da28a7f197b41b7a3b8878e8cd1a8cfbbbb383566fe1cc7dc405d3ba8e4ca788e33b81e4dbb835a96f1fa228fef0da3de32e1cc6924448aa7e6307ed75485d7628b7be01157e83b1ff2ed4149cfeeea8e01bc20fb7e026ae7819604114b2766f89bd3de87ec49e0d5bc472e720dfdb7cd34fd527ff0a53c66675e01d84af2e5181305f5e68d885a09a4af4a5cae13daceb1cee4070486bdba1bc53b919e588451d65e2008fc644526408c8edc82b61aaa9118148649f8d24f12ef86115a62dadd3ec365ea0a1c60137662ade8bc24442e3234989b976f4f04cf4b37d48c8c6b8cd974e4fe6e1d490aed22e0ebed3c37a6385f1ca4419f8b7e79930a131206da9249ed3cf16b9673c1ba7de81f1e7093ce92a9fd84fc90f13567e3728569c01331ff0a16ac4f21573c38b214f46648dc35e9779ecbb50218dc034c1b47be3225b91fa5ef9fcbe1371c5ea8b8074627caf77027741163ee853cf497d728938df8cf1a16ec4de6c4b45725680bc9b447eaf87f227d5a0dcfd68f8714844c8eb5aeaa45f1818e082e0742faf2a70f82cc57cebe2b6a3f6af10dfc2062d7db16689dd8bf5d9e7a3137a6b1d3b86de37a318f480ffa80f912e26e06365db5076bc226591b2fafefc84e7524c8d9c3918da67a8b84c4c0d3780173618fb842ea71fa23aa9fb4a1ff2f6f9e7afadab87b46d8da22219c5686ccb0267d63f7ec3de12637e0476652684577119dd075a767a1b0d6a2c77275b9cca55e855483bef5457d1835ba427e5007121fdb5de728c3fd0276fb615b5b532b4e7c347a3481eac67f8002199418aa630402cc811d115f5babbe49633c588a097c4c49d34be62fba08546d81ef40ef521a913ec48324a8d16248b308507dea69ada1f4b56010f0942cd51eb09d7038de6766c789aaa474593293e08b115ba6d292d5ee7278c9fc94592fe2499e3cc128a51000ea62aba6ca00f69f95e0581d7d9c1e2847d7cab90be1292a1bed826c42f3b82b4e65cfc304228f5a566eafa09505b5dd83cab20e8473bf8d917aaa4e5cd20a1710d914f1fd4bc9d57984bba585ed29b93f356b56d4ca2ab18142a453ea11d7660af1d46ff4fbd0c9f85cec9b6117c7238d568602c97c8e15662c5c80d52cb9d5e8026c7a1989ab4a6953dd16c05616ef2695bcb44f698e4f704559ca70745869575a206e26fe25b86135395949ee827c608b312366363e0737a02ec3217c3e06c7bb6a059f4dd7e6167f743d7f434ff92136088d68e59448be1efccc0bc1e9daa6c95577387162be954f69263af6446a14a4f163a67febb3867bb1278809af34972b7f10235e519f0abdaf9fb0ade20598c18b3e33c3d011b5812d3fe131f4449052a17e00f5d9a84d98488f3c18823f3fd2b15e78b3ccd54cd8fcb7cf9d47afcf2ad935dbdc417eb8fcba15406acf2b79e8b52a599b24893217ffeddd2c9efc72ac19e587631239ab013bb73559180ec4c0f93f311a55ebf8a84bb5ead63c8ffd51e814a9440812d92700d581488e488e2becdd753d334bfe0b520d855ed110c9df11028d2a8bb0ebc6cb257a97f2bc61449801955ede6d1eb49e7ed15a8c53f108f2d3d43cd9057aac5afa697f01938a85b0af82b782912894d07c4f9f1fade14af90690dfe0f5a31971271a88f6640f28b31cf6b9737b52adf9cd2a3dc3c58826044d0e64c84fefdf05baa3d453827f7d5a391977ccd28f4aad02b941eca688bc695ca17c76d861326c97ed8326a9a5a14235abd5138a46bed126f6a3e00beae4460b900c9457e7a87fce4aa58bba2899276d8e0abf8a1cf5bee2ba516ab98d258e802b503aba698a357c89fc54e5d43c6524c6b18e2e272d6e7eaaed8466739483fe61c175ac59a848e0ba9fb3c059af5f6d8769d1998d84755da88c609f22a21cea293f12accfbab1d8faae1810463535e5ccb7db0df2901ab63752fdfcae36b38cfd6527d6ca0b50ff96987e19aa770abc4f62523f31d62d30272255e995f600ca392e02ece506ab90d2658e46429dff496f1f2e503afde3e29c73f24ebe2f96da1a1c72d5b18b0743bcadb92350b9496a844d6c00ef1da22736e2da1a3dea83fa87f05ee25204872d45093b0edd914ad24136c535f65dff7858d65dcd73fa187ba70d93a8dab0e40c1d3b0df5b0dc47ec8a7cc01ad298cf07d8f9d922e5a8aa4acce0aac948cc956e909d56037a1864c243fb61ef3b96ca16ae7d40e53875ba651aa05adcc76fbcaa962c2dc43925f2fcb12e96c1855560187d024f83eb33e43b49c9e78a964799b5c777b7d987d7cd76854ec845c4cea78f0498ab8abd601bbd49dff0860e2d484f0f4f60c2bca775e4a752501f7f15c03ad6d3287c6b928cb40057752b6632acaf79b56ae31582d476076c7901f8371330eea376582553a08c73fbcf1a1706235e798e30549257302b38f98a91894f0ad89e4800aa2b428c1ea75d52e6ac49180ca6387564a0ed9a05b20a8287772280d7cc65b71d58d697dbb1222b694e68851a004f3b6cf526170f341a89e656d37d0e49e000951bb52a565153cbaff9d85372db2c7c59a040e2c4c198b33a13f6ce4fb07c44dfc0e475063fb9d3c222a82db79ad527e5877aab663b2d2ba19a9895b34d773817a88030830945857d690424aabd09bc771c12a073450854047f542a5407323144ff1557f8c6bf0831d0f94b318b597e7fc62385e26fd80d18b47cacf23d93b5d45640a6d7a61cffaac8c7f67bd98a93822ccaff141ed1f103afdc8f543bd9548c86316cfdb51a1949bba90f0edf07b4bd8e5a386c444e08c1ab31bc5ab1778ade8a45e42e915fd0549cda4ea1711d62aa2236fedc81f99d84bdda793f2ffc220b5ba1b8d334b4f6688d23b2533c5babf9bb582006fae0726666324a218ef39dfa9c8c01322ca6f03a725d1739bc0204514e651faea3be53bbcd9cff8a55b546b943233a69b51f7b053e9b231458ec8a21700bb6b73c04eeca202220868ef8a29ae09ff65273ced605517ea5b3ee5a6ce9f4f06dbbffc9605816380bfda4962ca21fc75c6c54efd29cd014c2baf15d35ab5d64d89af428af44c89a10faaecb3eb6f581899f82cab4d5877027431f6b57eff9493d57053cdd840028df747d290d7eb5110549dd055c874b499256ccf2b3db6454a8f14b7e5fde17633814a68a91721da918824c35d517eff381cba912394786ff2a8b80e27f4f6a5c1425749999cd3dafebff33f62503b66a89f2f499df378e2f17bf40adb6efa0a153a1f7b2b4d04d5be59302c9fa8a6c8991c4b0be472f51cdb8392bb7387a897d35b581bcad2f94db83c70bf5a50005e5a9a6c3cb1ae7a7de29ec7338a6f327bf73f0790f09e3f808e667d9676d3d32a63c21d5c96598c1f8af2b6dfcb52cd8ce8dee93eff0889e1e46bf0ecb795a306aabe72920efcce2018b1d05072ae6929f637237353df68fd36a1754c7ead2ecf651aacfd5b1c530a1e8c4cdad6b4f6e1d2474ba588300702acc469d8bb9478824d39d7d3aa02a9056854b523109dbdb759d9989fd37b2f1bb4d6eb053af2fd76394c46d24095896a28b875a5a4d89939be6be5f5fe690882dd7d0a77f8c481660d8eeaf071cc6983dc309d125f9d5df45bfc4cc48266569fa2dccda5af77198b0af32a8ac70432b86c829e20a8aa6bb28e3423b3b9dd17536fb4999fb0cd454d81ea6d2e467cf6693b704c1a87962da7f25d8a2e5d676885fb25da16aa03416da13af4c2509c43c180fe0484bcdd3707dc7cb1472c30125c22adcd25d37288af00749f198403fedbeccea7d618647f62ff4019d70da33f01d6b403d800c6881b6b3bc5ec256ae01468aa61c43910af40d7cdfa2726f926527f35b93a4b2bcce13d012cf274177f0dde5cc10fde3d08094227833a9dcc0f1ecc2d93b24cedaf09e2f8ef7bfa99516c9564197609778cae85d4390acdaffda1f420e510e2fd4fabbde062ab74ee0d9c584dc0c85038d70f6d45517bd86d2d79e86a00f2dac451e719c8bb77f238bba11ec784a3a380ed5d1c456bc391e8dec4308155eb7227a9a3cf48c55758224d19fc17b2b194a763169fd93406cb2a47e5292ebfbe6ac30cc63721972821d64a59f1ff30b575940d6697b0a6201f5572021ab11a943d63a5d014178895ca215ceddfc56940ad8c1a6bfa589069ec8d41a7185d8e022618b2ca0d6b8ccb7578212190ade78e4743328f4a62dcc68a54eb6e7ad630e8981c4b0312e51a8070a318a1552615849d18b8a5b016402c0afe095379df3978958133a2c7b4b992376bfc17d0ac8e0650a6179541066c334b5", 0x1000}) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x4) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) sendmsg$NL80211_CMD_STOP_P2P_DEVICE(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="000027bd7000fedbdfe6cd00000008000300", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x20004884) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2}, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xfbffffff, 0x4022812, 0xffffffffffffffff, 0x0) syz_read_part_table(0x2, 0x1, &(0x7f0000001900)=[{0x0, 0x0, 0x7fff}]) 20:10:41 executing program 4: r0 = fsopen(&(0x7f0000000000)='tracefs\x00', 0x0) r1 = dup(r0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000280)='^\x00', &(0x7f00000002c0)=',.@\x00', 0x0) r2 = socket$inet_icmp(0x2, 0x2, 0x1) close(r2) 20:10:41 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 53) [ 1834.311245] FAULT_INJECTION: forcing a failure. [ 1834.311245] name failslab, interval 1, probability 0, space 0, times 0 [ 1834.314146] CPU: 0 PID: 13538 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1834.315557] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1834.317244] Call Trace: [ 1834.317806] dump_stack+0x107/0x167 [ 1834.318567] should_fail.cold+0x5/0xa [ 1834.319359] ? create_object.isra.0+0x3a/0xa20 [ 1834.320330] should_failslab+0x5/0x20 [ 1834.321130] kmem_cache_alloc+0x5b/0x310 [ 1834.322003] create_object.isra.0+0x3a/0xa20 [ 1834.322913] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1834.323955] __kmalloc+0x16e/0x390 [ 1834.324713] io_setup_async_rw+0x180/0x580 [ 1834.325600] ? iov_iter_restore+0x195/0x3a0 [ 1834.326490] io_read+0x775/0x11e0 [ 1834.327225] ? kiocb_done+0xc90/0xc90 [ 1834.328050] ? stack_trace_consume_entry+0x160/0x160 [ 1834.329106] ? lock_acquire+0x197/0x470 [ 1834.329941] ? __lock_acquire+0xbb1/0x5b00 [ 1834.330817] io_issue_sqe+0x2e12/0x7660 [ 1834.331650] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1834.332726] ? SOFTIRQ_verbose+0x10/0x10 [ 1834.333572] ? lock_chain_count+0x20/0x20 [ 1834.334442] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1834.335510] ? io_connect+0x610/0x610 [ 1834.336309] ? lock_acquire+0x197/0x470 [ 1834.337143] ? find_held_lock+0x2c/0x110 [ 1834.338023] FAULT_INJECTION: forcing a failure. [ 1834.338023] name failslab, interval 1, probability 0, space 0, times 0 [ 1834.338306] ? __fget_files+0x26d/0x4c0 [ 1834.341484] ? lock_downgrade+0x6d0/0x6d0 [ 1834.342475] __io_queue_sqe+0x90/0x9d0 [ 1834.343409] ? io_issue_sqe+0x7660/0x7660 [ 1834.344399] ? io_prep_rw+0x7f5/0x1050 [ 1834.345336] io_submit_sqes+0x4461/0x85c0 [ 1834.346353] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1834.347524] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1834.348660] ? lock_downgrade+0x6d0/0x6d0 [ 1834.349644] ? find_held_lock+0x2c/0x110 [ 1834.350605] ? io_submit_sqes+0x85c0/0x85c0 [ 1834.351627] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1834.352770] ? wait_for_completion_io+0x270/0x270 [ 1834.353875] ? rcu_read_lock_any_held+0x75/0xa0 [ 1834.354794] ? vfs_write+0x354/0xa70 [ 1834.355544] ? fput_many+0x2f/0x1a0 [ 1834.356267] ? ksys_write+0x1a9/0x260 [ 1834.357025] ? __ia32_sys_read+0xb0/0xb0 [ 1834.357844] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1834.358884] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1834.359922] do_syscall_64+0x33/0x40 [ 1834.360662] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1834.361701] RIP: 0033:0x7fcf4787bb19 [ 1834.362447] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1834.366161] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1834.367697] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1834.369135] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1834.370581] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1834.372025] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1834.373464] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 [ 1834.374930] CPU: 1 PID: 13553 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1834.376379] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1834.378075] Call Trace: [ 1834.378643] dump_stack+0x107/0x167 [ 1834.379417] should_fail.cold+0x5/0xa [ 1834.380213] ? create_object.isra.0+0x3a/0xa20 [ 1834.381175] should_failslab+0x5/0x20 [ 1834.381989] kmem_cache_alloc+0x5b/0x310 [ 1834.382858] create_object.isra.0+0x3a/0xa20 [ 1834.383792] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1834.384886] kmem_cache_alloc_bulk+0x168/0x320 [ 1834.385863] io_submit_sqes+0x6f76/0x85c0 [ 1834.386781] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1834.387829] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1834.388847] ? lock_downgrade+0x6d0/0x6d0 [ 1834.389738] ? find_held_lock+0x2c/0x110 [ 1834.390606] ? io_submit_sqes+0x85c0/0x85c0 [ 1834.391526] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1834.392551] ? wait_for_completion_io+0x270/0x270 [ 1834.393585] ? rcu_read_lock_any_held+0x75/0xa0 [ 1834.394564] ? vfs_write+0x354/0xa70 [ 1834.395367] ? fput_many+0x2f/0x1a0 [ 1834.396152] ? ksys_write+0x1a9/0x260 [ 1834.396977] ? __ia32_sys_read+0xb0/0xb0 [ 1834.397869] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1834.398990] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1834.400081] do_syscall_64+0x33/0x40 [ 1834.400881] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1834.401946] RIP: 0033:0x7fe40cf96b19 [ 1834.402744] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1834.406559] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1834.408155] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1834.409662] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1834.411128] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1834.412624] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1834.414107] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 20:10:41 executing program 3: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000000)={0x0, 0x4, 0x8, 0x2}) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)={0x30, 0x18, 0x1, 0x0, 0x0, {0xa}, [@typed={0x8, 0x0, 0x0, 0x0, @pid}, @nested={0x14, 0x5, 0x0, 0x1, [@generic="6cb264fd00bebbb353ec4c92ce19bf00"]}]}, 0x30}}, 0x0) 20:10:41 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000200)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvfrom$inet6(r0, &(0x7f0000000040)=""/4, 0x4, 0x40002002, 0x0, 0x0) fcntl$setstatus(r0, 0x4, 0xc00) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendmsg$inet6(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000001c0)="cf", 0xfffffdef}], 0x1}, 0x10044008) 20:10:41 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) r1 = signalfd4(r0, &(0x7f0000000000)={[0x9]}, 0x8, 0x80000) r2 = dup2(r0, r0) stat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f0000000100)={{0x1, 0x1, 0x18, r2, {0xee01, r3}}, './file0\x00'}) chown(&(0x7f00000001c0)='./file0\x00', 0x0, 0xee00) r4 = openat$random(0xffffffffffffff9c, &(0x7f0000000280), 0x200, 0x0) fremovexattr(r4, &(0x7f00000002c0)=@random={'trusted.', '\x00'}) 20:10:41 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, 0x0, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:10:41 executing program 6: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'lo\x00', 0x0}) ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000000)={0x1, 0x5, 0x5}) r2 = socket$netlink(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f00000000c0)={'team0\x00', 0x0}) sendmsg$ETHTOOL_MSG_FEATURES_GET(r2, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0xac, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}]}, @HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_virt_wifi\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}]}, 0xac}, 0x1, 0x0, 0x0, 0x20000015}, 0x4005) sendmsg$nl_generic(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)={0x28, 0x10, 0x1, 0x10000, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}, @nested={0xc, 0x0, 0x0, 0x1, [@typed={0x8, 0x1b, 0x0, 0x0, @pid=0xffffffffffffffff}]}]}, 0x28}}, 0x0) 20:10:41 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x800000) 20:10:41 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x94, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0) r0 = inotify_init1(0x0) inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0x82000003) r1 = inotify_init1(0x0) r2 = inotify_add_watch(r1, &(0x7f0000000000)='./file0\x00', 0xa4000004) inotify_rm_watch(r0, r2) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000140)={'lo\x00'}) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r3, 0x660c) 20:10:41 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, 0x0, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) [ 1834.777228] audit: type=1400 audit(1685736641.860:33): avc: denied { watch_reads } for pid=13579 comm="syz-executor.2" path="/syzkaller-testdir311535030/syzkaller.BRDIk0/195/file0" dev="sda" ino=16012 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1 20:10:57 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xde, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000440)=[{&(0x7f0000000040)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {0x0, 0x0, 0xffffffffdffffff8}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000011600)="ed41000000080000dff46552e0f4655fe0f4655f000000000000040004", 0x1d, 0x2100}], 0x0, &(0x7f0000000180)) r0 = open_tree(0xffffffffffffffff, 0x0, 0xc01) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x101) unlinkat(r0, &(0x7f00000001c0)='./file1\x00', 0x0) ioctl$SG_GET_PACK_ID(r1, 0x227c, 0x0) openat(0xffffffffffffffff, &(0x7f0000000140)='./file1\x00', 0x80, 0x0) socket(0x0, 0x0, 0x5) r2 = syz_io_uring_complete(0x0) ioctl$SG_GET_NUM_WAITING(r2, 0x227d, &(0x7f00000000c0)) 20:10:57 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, 0x0, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:10:57 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x20000000) 20:10:57 executing program 2: syz_open_dev$tty20(0xc, 0x4, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) ftruncate(r0, 0x1000004) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) sendfile(r1, r0, 0x0, 0xb052) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, &(0x7f00000000c0)) fsetxattr$security_capability(0xffffffffffffffff, &(0x7f0000000140), &(0x7f0000000180)=@v1={0x1000000, [{0x4bf, 0x2}]}, 0xc, 0x3) openat(r0, &(0x7f0000000000)='./file0\x00', 0x800, 0x0) read(0xffffffffffffffff, &(0x7f0000000380)=""/215, 0xd7) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$EXT4_IOC_GROUP_ADD(r3, 0x40286608, &(0x7f0000000080)={0x6, 0x7, 0x80000001, 0xfffffffffffffffb, 0x501efe0b, 0x6}) setsockopt$inet6_MCAST_MSFILTER(r2, 0x29, 0x30, &(0x7f00000015c0)={0x0, {{0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}}, 0x0, 0x2, [{{0xa, 0x4e24, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}, 0x6}}, {{0xa, 0x4e23, 0x5, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x68}}]}, 0x190) ioctl$AUTOFS_IOC_FAIL(r2, 0x9361, 0x66) 20:10:57 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0) unshare(0x28020600) acct(&(0x7f0000000040)='./file0\x00') ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x10) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0) r2 = fcntl$getown(r0, 0x9) [ 1850.078387] FAULT_INJECTION: forcing a failure. [ 1850.078387] name failslab, interval 1, probability 0, space 0, times 0 [ 1850.079667] CPU: 0 PID: 13604 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1850.080412] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1850.081295] Call Trace: [ 1850.081600] dump_stack+0x107/0x167 [ 1850.082001] should_fail.cold+0x5/0xa [ 1850.082426] should_failslab+0x5/0x20 [ 1850.082845] kmem_cache_alloc_bulk+0x4b/0x320 [ 1850.083341] io_submit_sqes+0x6f76/0x85c0 [ 1850.083821] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1850.084369] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1850.084904] ? lock_downgrade+0x6d0/0x6d0 [ 1850.085381] ? find_held_lock+0x2c/0x110 [ 1850.085839] ? io_submit_sqes+0x85c0/0x85c0 [ 1850.086320] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1850.086858] ? wait_for_completion_io+0x270/0x270 [ 1850.087398] ? rcu_read_lock_any_held+0x75/0xa0 [ 1850.087900] ? vfs_write+0x354/0xa70 [ 1850.088322] ? fput_many+0x2f/0x1a0 [ 1850.088728] ? ksys_write+0x1a9/0x260 [ 1850.089148] ? __ia32_sys_read+0xb0/0xb0 [ 1850.089623] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1850.090192] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1850.090765] do_syscall_64+0x33/0x40 [ 1850.091273] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1850.091871] RIP: 0033:0x7fcf4787bb19 [ 1850.092291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1850.094287] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1850.095117] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1850.095894] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1850.096666] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1850.097442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1850.098222] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 sendmsg$nl_generic(r1, &(0x7f0000000140)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000100)={&(0x7f00000002c0)={0x3364, 0xd78, 0x4, 0x70bd2c, 0x25dfdbfe, {0x1f}, [@typed={0x8, 0x16, 0x0, 0x0, @pid=r2}, @nested={0xf4, 0x46, 0x0, 0x1, [@typed={0x4, 0x26}, @typed={0x8, 0x94, 0x0, 0x0, @pid}, @typed={0xce, 0x6a, 0x0, 0x0, @binary="b25fd7272be57c9c992a4711fe4d77375e2e57997b5c6231fdc601ca8103876ac33499e381fac8609a9f137c9f92d49bf8b259a53123251644c78cee2858d42dbe41ca331bb5b21c2becce4d259c2fee6ab369d00ef1ee0389a021cf05e6571e6a2f82806d04abe60ce33c9c7edc5972c718ed3919fd33871e055f008e82c4dc84928e589a40cbeb0b027ff320ba1cc76c2b5d22a37c20d64d28ed98f352c852962c74b0275b33cef8b6300a987e995d5a7250178c71111efa5be31ac2ae3dbcc3088c08936a3a9ce2bf"}, @typed={0x14, 0x1d, 0x0, 0x0, @ipv6=@private0}]}, @nested={0x18, 0x1, 0x0, 0x1, [@typed={0x14, 0x68, 0x0, 0x0, @ipv6=@remote}]}, @nested={0x1112, 0x4, 0x0, 0x1, [@typed={0x14, 0x61, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00'}, @typed={0x14, 0x17, 0x0, 0x0, @ipv6=@local}, @generic="be8274b78eb19301e0a10b3e1b0c0bc661cee7bc4bd55626", @generic="3f8cea9f185e6cd4fd9d9054bd41c4196dfa51ea4d34a3f2a775dd4e342e8ccf5849528e156a770a3faf2e4dcfb88c883112bef21128cf556fe35678528ed741333af85461651c57eccb76429e201477489c83efd1c43fc9c9fe703ccefae84375bcfceefc854b3b5ecd384d5bd427b2c97eb84a38ff46322f8ccb8c09c0065e59b593b87302d1953a9529079f0c24c0cf60ff5ddd4515d8f42f8cdedd184ab03b279a161caf0b5665218f64203631d71ffed1871732663e8fadb6508a3cc262c74651911e8f85f66c8a4b2cefb13c7fd58cd2412b6b5deb502bbad49ff0887386770e3ca6b91d5b4994cd6ca198b067a8d5bedcac34eb18b11e87d71ad8c097ff87fa72c34952c523858e65a20f4dae2eb6d9d216d946ebe7c74fef2ce46ca9950a937b325e32f069dfd30ba5cda9e9318947188fdfeb7b91aa7262e6b339875092ad5d068ec861290adc08d2f7c0fb674a7fbfe04f8d742c198ab80dd23bca2a65c86fbd1feadbf8b86824a69f08d93279469c10cb8a31937c3768d0dc422b5daf8a9c86d47e228ba154e47942da0491e1d39817739053591619bb96f7a6658cbb6c01dcd166d0f5bc9cb73bffbcc7d11175c204b5a35e1fb8b7bcd9d05e8c0beef788b822cae4d7ed0828a1a1c83474e541ac7538523333294e54b9f845a7ba726f918e90b48fe7f9c0fae15cc5c2aa9a4f8ac3e2552014504f468581768837f2ca825e925da708825baae0b58e337a505bebbb9ac287e154e7bfbdc870a46336c06cc225850fa0e17772e3264a113bf4f7017bbcc41aa4cee75c776f16fd00108f60d71254a30a433d744288be78a25c9e73bfd57584adff610385dc55ff8752e9971e4c248b12bd6e47f9d1eca8c47c5015a361119150d5069c52326e602384075c0787d5cae1c1ca07205c64733e1ca19cc45629ed06e21aa67250840e3f893635fe33cb7d1fd059b8dbab6fef010fab3dc61b9a30ce65f86ab224433184cd0071484ff0012b570513910183270bc4382f87fe55f971a27911e8a70022e9079eb4ae47cd8cc85d31ed61ddb81507b9cf4cd7a468a9be74d89d132c0d00e945b06b39cf38bb41a4b56f7db65896870879e2b5c4d1ed54bed3e5e7a318567acbe27a7b40912f112d81d770f94846303578ebd82010d53a5ab517636c9ad0884a319dba98180daf713b88f428d6bfd3beed3c94c32a05c1911a584d0320bdff9dcf61bc119a99093c640312d38b84b56124007164380b5362ac9a2c657a82b258f88273d6527a7024e1ac69fc1ba0ea6a9d973bf30367745423b0ba5ae3b406eb7aa72a8cb852f8e3eaec9d324bec58be4916858ba8f796aa88668b16759954ca7e685cb0f792e836899e0abbfd76aacb6a103cd381837e62bfd5efd32ce0d79661bf030621e09bc687f253c3ab9104bda0b6283f9a26a2e218c7e5084244d073bbab1d3e745e665b2c149dcff3de125e08b521dd2e5873f8608f40db4364847e9131057fa9a8da5ce67487afd78c3bbb7757b2cd74c5585f823acfb6a002b89fc7077b8caff8cffb559774282e446ad8d4f58010b92c5effb8c00a6bb00eb19e414bcff26a32871c3cfb0edc379a0d5b898afc7f997cedf1fb21cc8377eeba75cee725f674d8eccbd590c17677b676aa59733e38f1f6495781591b80f91cb07acb75a98f960eabb2c8663978d28611a45e397ca01165515ae670c9f331d33e41566763a917bbb505f2813777bf3a16a4df22ca6e414868eed3dcd1781b20fab2277198129d6245486ae03253476afd783325152cf428c3b56cf943d8d1ea1b3af29ee9f3bcbaf6fc9af47255f744547cb181c7b76e42c35fc6de38e10178ac12d0500511de59af780cf290c3034e28bdae19305a791a4b536dcf1c87d2c193d96f269f7f593d22894de31887cba8bc87ec9eabe4366e6ca79868c48129188a1b440ec4b9cbfad0136f3576630137162b81f70fa0dfbef05b02239e2732b166efd504cb8eaeabaa6fc86c1a14c9a8243361a60835cbaf32a2e238fd5b470000a747140c5646a16884e07581f23fccdb9db65f38d39457a0c60b156a5936d223e0061b4a17391aa2b55ef9435477e7356342c7cc9bb56a1e62a01ee7b1f972920e2653f81ce8b26d499b3dd8ec18068b984a62649c7a11b668f9243a15084d5577205db2cd7fec0baea20a2b8fc42aa86450782992eb53647f62250be8ef4b0fd2e50d31be4a56794dfed0993657ac4316230c2386955dbc6e4efbc5bca4dae4897cb21f513b14e0d246c092c719d67e348f98663aa6fc1f3b5133eb5bcc9c1c773209dd1f429cc998bc3638b7603b7692d165ebf3113ef331a2af10b9c786b6a75c8677b849ba1ad7d08ad375b36d6cde4787d14053070b2ca99822bb168148eb3adc33b82d9aaa883a57612ba0b2d9d59cc824c582a4a02045eae03100f16b1de98552a2061c74ddc11af1a1f4432dad6b029ae494270b9dd72a7cbb43325d034b67bd4074a235f3f261955f686f1ceb81648cea13320aeea3b6bed109c980560df3f2fbaa26c47fcf329d0d9c19f1b4b09dfec333d047f21e6bfe5d62026bfeccb421414ea0595601999cca2205f0eff4af7b7306b2454d29cf48b556525f6a88bb1fc0e9daa6264e804f0c27a15217af91de1379ffca4dcc8a9864b2351171d2798b23f49df8b92fc388e39f2018cdf8f9c14b6206fb8f77f4173a300c4e46e2d676ca4cc0b7ff2332731408ef4364c08ce1f0d3940e88a6ec12a6374747dc05e6072b7d75915810c220ed64d208348ae5c069279a4243f1fed88a432ace1de36181f0bf53b80f55bc4de269171cec14f8253261f67877005f4124525b3302b13791498f3e96d409f23e46646765bea9539d88f0a745182cefbcdd60691764008dbbd28c7bb7eb6424a9fe9ee46737b646c787534beccf95398cd3dfc0faf7cffbb538ded586a5eb61bf75459865aec59950d7ab6d02f975e84b963db4131642edcb642573fce08a01bc61bbe2eaa9cded579ad2a0439f4b8996585a7d187375625f5e0085ad6c57f8195d8e5b9962e9fc0c7777591d5adf3bac772eaff3fddb29b80ba2db53f960102a6ee673227153055d0c28082e05fbe9ef17eeed79c016e0de1d05b367554939b42b7db67bd7746b20ae279cb0e28cfc1dec8a804a3b3e67040305f032fe7929b639c5babca082cf54922fb2845bbf667615681fbf79738bb16eec7ccd4801d4d5f592bf397b8a8377e4519a6b406c2cae55c8ac53a09bdc0bcb239a2f80708d1b5c90393eb42c24523e772c9bfcd64456aaef0a0150bc09e9cda4c728ade986db80170c6d66fa6ae04a60ea735dcf681d03a8a29bb01583dac47ae161f55b0a48b40559a0947bcfd8de9630629f9748d3c52b3c38f89cbfe802c0962013d2e89632714b31c9117426922f4777cbd756567c5ffa5a66160b3d5b18d0b01ef47c05ce7c1e9ee8ad579dbebde7287dc9a8c681c046ddaa2c73c647e7ce2e7d864bf617b940052952f5f4581cd00133dfe19d66608e274e50008f154b2056e0a614dfbd0da24d4235ffb366090180aaf29164e64514019f76f99aa053e6b2a88e327a7e05ac848005557c8403fb047434137a0c3dd99b3e6291aff459e2f37b038c1a1228d0e1de855b45336565dd207f48175f875e562215ad141191303cf1b82327c0c10cf61649e23b4ac31c3e280d2bab2ddc4b0f1f9d8bb46f88f6be7d4f0eaf816b0e614504b20bca6cbffa8de518e7a81d1dbda02237a2645a4e1bc6c4404672a99273ef3f63473b4dad66b54d5fbc76f26c4201c5c6ac0467b5ed632d97cb9b14c4a820ff67e3e9c81bca2507401242829035e1d678bbc232bac7b37f850a8263abefab98840e98e72a6e7a061ca35094d2b47b8bb153f4ddc93d592cf93f2cc2faf0114a5d77066e697b361b528c0d6c00a0286ced0a55425dfbe0bb1dff4a59688555a4d405c2a982ecad917e4a696c7e6c9a61e47382386b504dade93ff8c2b9b110aa833fd79109c580772079a492720c1f468a5f4b239863574a3582dd1a43fed9f26a4043c4158bfb582f398fdf818569a2fa5128c6916540fde2203ded15c699a2146f050af4372aa9fd64772ebeaefc210f7d2f649b406a1a017578e25bd1e9c574751a91f64af10b1beb367cabe32ff82831eb03755a503c28dfd4825fd33d6ca5110ceeda13bccb4a9a743eaf75bea3d92c5dca291025304ff4179c2324b1b0ae5752f394595efc534a35be9ca48c6b8087cf2f073d40629d4f159bc69bc5efb143823c559514af82759e261c61071d87b88fd71e8770b22120092c0ae94d7f09abc83d6bdac489819ec0913713b2c96b1bed90d8ff73f9879504a971a7be90553c8f53399f2f2f4b50a086ea07021039988bf7e8ea6b9456de8647dfb5411ef9f1684ca44256e8ae1cc7f11ce275d28c0b932a76bd1a2ed3ad3e3c63028bbf1e7f5523ca069a5478ef5d178954292a5209c8e7fe6f3ab7c3108c480f9c34586743e39441bcbfb33261fcd6387ee797da86064acde7031532dbad4273c12c123473f508429e677be756bc20917f70c820149a03ad5763cb7acb05829ff57970afa3981dc5b6f63d17f8113559c346e85212b2a00e5a1e9f43c5f4c8318ce3f0b2bcd57c95bc8a9f1f134181dec7618c9bb6ab3829b8c2ac7b1d8963cf3c606e017081aaa1448eb0c464a39962ebbfc63bccde82041e5a4a9403026c80e2ab36d7040217fe52068f9cd729d65eec3370e3491a599092cb286e77129a77fc515f884007f4731e05be21644a87e708212e294f33c64885fd74e8f9752f76718749d84eb41517244f98793c1abca9fe636f32a1b7c07318b4839370b117c899feac6a299bd2ac7ee75b3068a2ff542fe2bfb7b3667bf89806f4350f7b3fd5117051d71e4a1cd6c940324ec2bb2ec7dd6327635c3a876d829c4a9b2543d1e72b218538251f8e3bd801612ff1fac4319b1789eede08335d30d1f7b28fda6d064388bb5d6ca4a8eb0066398a79429fab61840c219ebf4ad7e5f8b37ff496a1541b34069da8a5864be6840c47ef5c39d88ddf3a9a5e3baabbc774dea4dc00c6be139c6d1d8ebf73dc631bad95cac19e100c4d2cbea7330a553fb5a3dfb173f07224dbe4b4668670efa5424d9e0c9e2efb7f19d9181817257ce3d026df2a91557034872bdaf18c9fa10c0f7e12a88aad42293bf264c5df8c148a1dd62d7de68b64688eb8acc2f5f15fa347ffd333f79c1ecbaa3844f62083bd18123e39b7af82b4954edcb020000bbd4f81b510fc0097224be4fc5c6a48c0d9f0f814e08cfe1f30529c82a7b97f058d07d61439f93ccc261056738f010d1dfe768fc571bc3a096065f37eccd1734af01de30359af6612ebeeda634164b7718fef16981537bcb560d873b97f16a601e93f61e0093b142820c5e4541b37ac52deafb1ffd84d71fb2e51fd8ede337c0161b2048cd6b5115a8a04fcee80cf2fcecdfa035e728993f32af4fd00e89323c9c7e0dfd4b6213351b7d3b0779b5f9faf28b152bd6b286f6d6a5cee1a4999c3b9690a93948a82c3f3412ffac3f7b87491befb57a48215150a90ed5f13f667ddddde1b1ab9ae5754447797d87202c71c85842bccb577e5ce6e98702a33794beb93a1c2d634a2843e968ad6c3772be4e64891bbc369ae862c7709aa94bc4a117f60e429897150fa49a81d93c2ce235f79f31d418b6a84eb11056624bcc19d2ad3ba9be5d1c02d13bb8e394324ab32334d6be3f6111913d4ef3c245b3fb1818b808e3ad021645ad0668492", @typed={0x7, 0x5e, 0x0, 0x0, @str='(,\x00'}, @generic="e72adf10e1f1d211a29745daec6de666da3133aab71cb022189d13c05a5b24781bcf33348dd8b5283f54af001e9ea8defaafc0935fc94cc2886debda4e2040e6eb95adbe99acc86248fa4a96887985447f80dde837708b498107dd9d1852b72b50f5d9a8ec6e44b32517de191dba2a72321d93bef96b2147c768537c8cd988370b2bc6796ac11514caeeb249434c9171677772e9b65e33d9afca12029d69b8838755a03ad51238346ea0459cf9822a9d94ea02ffb7ef3786ad10ab4c6f911850d99764405e9e"]}, @nested={0x211f, 0x49, 0x0, 0x1, [@generic="0b77dc957023871fd5cb323e0bba64ac2216146c118708579c1cca4c5a7f33e402f159", @typed={0x5, 0x5f, 0x0, 0x0, @str='\x00'}, @typed={0x1004, 0x4a, 0x0, 0x0, @binary="c45db9a4819d2bdc72088ac4a6bee03057f71537036682c30e06777601be1296070ae5cc49c5946b8917c868803544aac73a10a09c9bdd74e34e5140f685cc92c49a47ac97e71ec39099f8d975bbf686a531856abfed82e5d48603cc1ee88185f94af8381b750237de1a14de02b1def33913fc68751a9f73ff9b19cb17ec783760bd7d83e49331837f26dccd93dd0f4ada720a07743921271bdfc5d5fa56dd4a4283ac45bcea2743c45c005893615f077caf04bbae0e447cfe45e81e4e36ad9ed404641ab8446dea20a0fb44d74ba3514f53a9e2c68fb6722047e7ff4bb9b27bd0c67dcd5aa9428b76bb1bc5a2ae9c2a308308a435fd3a020c2a99fe69060a89dd6ca7c61fae08478058c76a5305f141f4a92f7ad29558b915b52d36f7da0c4c144e092e4ad855bfe8694629f88c3ea0d1d82b49271a2b18fe4d18a07e3bd2582e4dc30da6e9a8d9c826996dba314bb3bca4aa289d6af9c15ad674e5465b22d0b7d9db3d8670109b82e7465d2743609c542d7f8610d09e418b8e1b337caa8fd8a3faa65c31c2dd27e1eb7567eb58d263cd0d7c1730adf5797ec9bd654618218ecbb85a4278ff82a32ef87cde28b1822d401b2b99b4009e4d5ba3761e12bdd39225106efe27d0560be551c275f7d76eb8c99b7dcfdcce5837d9d3ea3f9068bd0ac8c23d5f41f969653d32498568043d3ad0710053df93deb12cbb581547cc4c30143383bf946c83e812b877088f8257e32041ad05649b36381891b6c82211b38214a2cd3af1ae2bc9dc9cd502022918170778fa2c455e446746f1c1e345c2d9991f04bd2e3b8109c2ef2d93c03113fafd748ae88604e803dce571dc748b4289101076492cc6c8466bcae59b1ba4268c7ac7cc10dfa409341ea1fa5e471b3ad968a63af9c84ba43b285954f79c68c1545713b39b43f70f36c175322b6cedb7ea97fd14b913fe4f70861377a232213c9ec7c051221a2ffae5572931c59bc6a9377b783853460fb6377d67708178cff0b10da52278e318c64455a6fe1dda616f0fce76471f62620d52d75eb5a07d1ca0b3977cd3c9b19862218545030843db464e7fbd7db6bd3e07d7a30e2c13ec76a6d4c8e019ee31ced8e8812efad7c63f3c212ce7855b654ad28557d913d68d14c56302d6be8593caa7214b10c49c20bbb4a4e8de844655d688e9bb2362b66391e1ec0a1c28a9f22b768316ec892bfdc73c9dd86a1b5007350c2f8334addc30797c847eb940f01bc21f815c21f71c92f5b073a0c8d1fb5ab7fac81c88e82456d45adbaa41d28321e276bd397571f575d73b1983a5d6c1412da0e9ffe70fa0e69d396ba73ca83d567df710cb5d875ce88e440d55a09b8fa98a4095673f708eecde27468ca8f7be6417aef7c30b83a3fe225ec954074c7eaaa5f6ee25411c65083233d3dcdbf25e4f0f5787d0a11c1ae6963d2e7f50d71541b11b064f7dc1e130f55d738e9be9166abddd543346844a26aa4939f9d94f17160224e3cdd3f06fce9dadf5ebc764543734a30a5f2ac35366f5d1d02cc5131ec68d330d5f7e59490424f9ef7559ded826e8b43a15767b77fe30dd12003d9fe73d5fae5f95cf6492ba801e1fbd191721b5a26b454714eb75fe422cff9820877ae2caede85ef9f7f91ebc0ec77a18c2fd40b8fc610e0e49cc6a18adf3fbaffe01bfa2ec38ad6709312689d2398e0d8d5dc529317cce70c4842c2827497b1e85d4031ec463dab1f8a2010f1abed422b07a33b2be5f37629db8aa27b790edc6a2c00a0953d65018031f0cbf77b5dc08a29076badcb764576c8853c01dcbd0f195055d9f7fde9a47434f3c233404efd073f2453c96733080435ca8da2cd9ecc7ef2f2520f55abca3c8fd1a165b57de1c523330dc467989ccf0cbd13eac7b6b32e7c6b645867b6914ca416f06a8694dff8ec5b629aeb85262869d244a7378adf3109b172dc05848428a68eea504a6f31a2cd1b51547308d90a62ad1f7a14a0743757c6b8728c21e5bea7889c4a52fd557a61a448aeb39f8229517b5d361f7a5ff5f17d3c8a2b78571c4ac5d4b05b80f2358f02c35250225369206f86226aaa3a95e9592d258b4b17b4df5fda8ada503bc0fa19722a02185d2cd8b98b183bb86a61d0a322d7adbe72087f48c040262d1c04ac3a380c68d4cc10d78f747d9fa5ab3c9e4be16a3dc9f73f853258c2bc407792feb8355af4b3b22a42cdd80308aa48b601c7c86d2feb2a00f303bd021b982e4865347d417b8663f47c62078e0b05f2b9afdd926ca6bbaa532f9fd051189575d9137d50ecc561c852fb1d7ac3528ba2515d076d22ffe361444b69282be021396097a59f482f39ecd8db11238defe80423142d3daf815037e0075c87fec8d126b97adb10f9287ede1ae516d5b94d2f5e9756da878984ab7526b9a3caec2d75084d785008802b82e00e9c3dc3b5e06f5af0b954fdb94bbd289c84d861782e4c4bacb1337fe18a0c99cf14b372aa846c68a36f16b850bfe1a7ccbeb48a679fdd348a35ec32e8f89e930ecf10d3af8fe11cfc109668fb873f455f33401c9806708e8108f0def93714c63f7247c4cd6a7e38d4e330a48b88afc33c5a53cf83e05ac540693cf3be509615058ba57f2600e7f25a4905c9baa68d1695f5386972ebdb902bb10b7b6de2ec3272d85ba1ad0e27bed63efd655ec679e60d46bd40bb125f82d175b0c0d455f7f7a71ec91bf5caac903c62f9b4e4f3e9766caa7c76d8fbd1ad275611f195482e1f449d1b374fb57bffa324ef2378afb9cb7221e5816c4e2d283ae2c965631ebad3df090e4b0276fca6120efb2c1e04bfab869d768e1e251202181c0ab970b224b78b39a44286289273937379b60c136fcb4147b10dc5a7d9d6ca57b7c57be0320b09481bea99d1ffc3360772666e514faaedd4a3d12f2082169c0ed3f8b92deaa875cec9728742311667da36266a345ed9958f5cd29f1d963f22ee555aa693e5cc9bf5d57bfb3c4abca5f38c14917cd2ae844e5bf5a5431cecae848102328f72adee2569a5f92897083e679275a927da2bb7b5312e5dfd75babd9e64486a02889428cb2eb059555b0584a94e1de0bf8008eaaacbdb278de8f50560d03b207b67ede2dea20a81eeee8b5cf4e88ea850f2813ee47d6c5fe52b55131085cbf8da780cb68f9ca8e3f7e07e75325fec65568fff1f48313a3b23b06d4db79e434b47f1888697b0f46df62945163559aa3ad0fa14bee7b1930b575f5bee7e8462de7ae18ab0582d6a5af4f6712d94df414a175568b4ad1308181eea3d4b86100291e1315e371ba869b19e8b82cff10c9d446656772d4e303190c38dedc7ab4a17a066ce1dfe59020756fb7649ae49a6a60a884ba28b50703d0bc870d4f28236651d301fd17d95220b75866018fd44fd7c9971d4c1d13e4201bc79a718012f368bbccdee19ae0f79fe88dc265aadee32ffd109d5c4ee8c9aa2a0b42aab6ec1ad0c6e86c485849019f1dc0f80333e0b3a8ae1bd820dd31b3824f65d7f0a4c68604661948365699a861a6a77a401841075e49272b0755363d057bb337ac1e4260324425d4e271de86426f4e7c3ecc0377c733734ce6e32f31e99f03fa340ab3836eef268f04eb1da1f01488756f270cd91fd12883653ac95e999b8781d3153e70a426004fb3471c2f8157f14b4fc3c36b22e07419cc7ebbd99b68ed390939edaaa7d5f692dd1b0d180b65a334721614161462b00320f65af56d7af30c24091560f22964c9344faa74b1a0efb9ba6ec64f894c65cdb0db61166512bf7ad0c17d13da6aa742a4a909ab0c953fd901ee2375590c00ba783a8fae2091c2f0b4948f348d983c6d671bac3f885eeeb70c0aeeae63e79313548d3d085cf44f8fc2ec7bf1d7d1a545b70234cb1315d8d55ad61dede196e4bb04b2a9ab8d407e032519ff858dfe71b06e940822439bd16390f7b3243f3e3d25628c1e9b38bb4dddcc94da072aceeaf12a13ce50da078eebaf04583b6df4fe4ea3f232f366ef673ec7a0306999ad78a94fce3493ecd8198e68273b3d36f98e0040a8ca2fd23492f71f2b3da7a0d7608da136facb207bca818a6d8e884e55e498ddcc972649c1da98f359fe5a43fc10c8ae2679319a1cca5a1efe560a75949fbb547e20daf5328e928d73cfc678a75f7bb12295e7b27efb77a7cfd247e721cf0fb5788c0dc419ce1db67ca3c5ef6079e1995ecab0239049268b992ffa95361df6961c23af0f45e5fc06352d55ff36e9912a2edf5ebfb55a501f973b53ba6eeef262cbe755e7dbaf49566dca86a8ad75c556e5a948941b02e4ad04fc2e839e9ccdff575db24c4ede7b1a7d1183eb28aa857eac8ebdb9f9b45111ad4883b545a70acf5bc7509f3fdf7e8f758b5da2863c34a53c9a939a0e6aa75708a78eb3c0d980ff860b3a0fa010c6adab876e825bcd71711f2f0d9e20b1d1c423a204db13234671d168e36a2376ff8c3ef0fd7774e4e883fa6d883ad23649c000331e2c6c807603778413cc229d9d705d6efb3076e3530271ada231e77dde5650def2a7edc12cfa6cfc3150a0b704b1947a7a1cdeb3ad2bc2919872684d4034ca92b827a0639ad8f454372a179d6d2fa0fa2123f9ff51464091d450fffe9f6bcd84b6a16504996c8b4544717f2f2b129daa16be62b1929b6c76f3ea26b5b1387ae22492a968ee00e693cada560cb7783d388ac7bf0b03e9ab97e5103b06ea86082b746b7f3bff12bcb4eab10889773e8d9e1f545b8a5e0d0427db6578153a55ad636cf4864240e64ee828d4181290c0568e348d2571481407a84fd5e004a1bd61cfc6acbf8130fe90ba67c8ecfe7d659e2accd3c5054e593f2242ebf80f2503e4795df175c387dbb5eed478a110fde9f069cccba416cf44380b71ece6b105c4ab9aa4f4bf7623fbcca07fd7c4de9d0993f77eca077a6362f4371cad1a2242713f1dc8cf01769179c2e8da594d00409a3225d5b4386911c05225ef53f571bb6c86aa6fb5c2b554cf671a8607df928b123b94fc5e00e0b5bb0273f8c26cf7d6fae4e491378e72660b28793b0db8446b2ddb3fd2840c8b014cca96b75a237c9750a738cdc1e4b6a1200c5ba72bf6380d20b35e2bab5410652ef21a74a00c59a80e79e1598e434ded29f4590eb615c26ba820340c1a6a4c982590977c43d7fdc094bd8511d229f2709f72baf59eb35c1e1fcee4baee5645ffdc8d4d74617c3d0f2bae21e0117bd0d5a92190c282cb779f9b8e421ce42daa69c3754988e3e2496705917e1d8da525155650721a11fdac5eb14c191d00c130e8432ad93fa08895a2c0ac98d392ee4dec34cbd7a240231aae80623c953db3e9f98ce74b23ad8f97c140ce51514235ae6d894565f211f092e119da81dbe69815b7c57c094c6e84bde9dcf12d3cea202ddb22b733c3987a70a86b745f0070eb3b9d289cc0eca35af97836bf936773e8a663f6a002c1cef791ac374ac85bc7c035fde2b1e0aba62996a3daa46aff90b0ee7df173378bf4cf376c46b8909fbc3fd6e85a9fe844356bc7fae68b44c7b582584d7eb95a71d34f8e75fecd474dd1de2ddc1c3758cb30a49ee2274b434f392a5658bc9078ff7cebf37c9cc9ce763b9cd9dddad1fcf63a9805cd4dfefb37a3276e91b7ac9e1da1f57309be94c60c42feed3a1dfe9f48fb169f69bf8013c6dc82f22f78fd92a22b9e06fb41eb786c98983ca72b570ec29b50481e93fac02d0b013bc5ae7bbcc3c5bd8d80b1aa9a1df65805f3a594b752d9c2f6578db37f759a5cbc118466fce1104c22c77cd370f844658390cf5ad4e0debabce2e8"}, @typed={0x8, 0x24, 0x0, 0x0, @u32=0x3ff}, @generic="b61c8f55b63fb3fd32e2ba7e1e7d150564fc38e88a38b4a9de6fa1c9007166aa7f646cfaf7eba632512a4ac82d2ea5e110d3dbf5fd79d7f5d5255dc9d34084a5171570b5954fe6df1d369b083288804ee877de83c168b1be968576efa44a8f844ad605180cd693", @generic="235db9888903d233e0b30cfc04aeed810a15a1f0bf94224e28e1f59eb607c644a69935356f8dacd7f33dfc5834be37a43a021d2282cebcc671f41f69ae31a962cb8ae7696ee5c9bb19918e12f0e3add516a55bb56afe3af7039fa60e25931230c728c21b6d5b4318afc94f8521a7a3a7d07f37cb44ff3c5ea59d69a6ef", @generic="a703e69251b85ba6fc1403f8693d44241e7ae2ebdf0a9dac3424a9d165dc62fcacd77d4e4a83ac1b0ea1464921ccd8b3bda0163434db826e49a66c4721909a0cac8be92d4c8861b3280474689411a7b02bbab369ccce7ed1c07e50f7f20db4688dd1b17aa47a4619d63ead27fb1e29e59263c9688562ffc92384ac580c8c630085079f92c780f88261f9e74442daba861ddf9d9071e3a3ba78151fd3f6ea393249bf98fa3d3e4d7dc0fb318314b4d50e91777763118cc404a324e29a3b5c0a7bf4742c737a3e5f34c6eedf13e54afb78d90626c14748b7c5b2532993e03de2a80cb9ccca4721abd815a5951918e327d83d0a26af568a5ae360abdfeeefe127b66dad0229fabdfdcf00d13c70a130cdeb81409b22397c0f6a6997654c16fc370552297b1db08e855970f9e237521787fd1aa3308242f018646ee7633ca0ae80572958fdd245b9417f4f5af38f0e9e640a04f0f06cbd1ce3369306bf314a7c9ae4de2ca1311f2ddef6ebfa22eb8b9d694ab12dadace15a96d66f8d7d61242e01e463b0e0df6de95f38b1adbd6101eafc04c98579053c47e5647c59e48e769304054e4b0e437282b77eaf758ff6c8cc1097fb1cff1d9f5554bd32564b186331ea7017c300f8b1fa04a288658d9359d1e2816a98bebbf8c515644cd2c47315dbc71ed5938fb0c4197c9778be502d42cebfecbeaeaa8b5e6970d3ba0a434b21df27ce71723f963d02624e205d0314ad278562b88acf84f8b7836fc31f3beaa24b93997669a90a08023828fbf7aa5530c4d24daaaedfe51ceb8688f8160708ca64484f25dcbf9dde8608c82dbd6d85e3435651d7602342d28217e71db900e27282b40c0dea82422519c2df4b97ff286e8fa1b95ec118803bbcd9121b94cc88c8ed9a16212e7cf82f8e75a577b5d69f2efde1bf857ae515baf058a9df1ef5def29bf6a890b2b2c68e9efa0d69f1c1799f1d442fbf02b4db11f05378fd006c81047d359d68ad96a397e66e2afce07d47378d167dd4e12c855ab1c3272734bd9920bdd26789092a863cf147765d3416074dcf61e5fe7323019468d4f5ac979247177b0008ac56a8e7caace631cfec8e57fff7edb945e9d651220107057203f73f70b7a279d7e4fe4ac357eb495da23220359dc46ca09c2af053c0c8ea7c248b8a92126cdf0776782707c7c49b2d8e3020ebf23d85594c8c1528386969730cac5c660bfac4ffda8a1dffcf5118b95929a2133f6d364ca90dbcbe34832c77b0e41524a595f3e3dadec80fc015490cfecb1ea04feab4b952b1bee848f2e48ddbf1764eaf550b17824d2acefc6fa703d3ad047d57a6fb99811f70e272d48e1329220cf53a02225c6033d408f0e73e7320ebf81f6ec7e6ca165978fd2ebcdeb87941a27538717a2eb4c0996fbaea74d5e496be841dc19bec020f67cd2156c4d042c28d9b51d4b0300db695844ce7846b3c8e5a132812fc25ab73483c1e6919871a04f188ea68047d46e1874b26a4906a0096511052390c1195a0f60fd8bc381c221648fcfdbc9900304def0acf5741a8cd52cd5952ff2a8db102d690789b7ea671d952ff13c0aef899e2c9188b868ac677215a83ec6eb24ece5e82d4823e1438f444cbeda6d9e39ff5b416bff75d7e24220515daf7f33fa2c2c0fab395480e6013069682e99e109178f08f44f1101fa1fb60d5baa4002d6b3ac41fade5e48c6103b61f863163b4e61bc3448aa55220261251919b96f460e374e16e91e10303d33fa8b3e5ba84e915460e890673d434938e18709f57f7f6f513c97b8ac763c993cac3885a7bc5514e9fc99e05c72fbfb591bb62abdf8194b2e4e8c786d8c4e484d8bd92d849c57aaabc4f0b2eab4965fa04623b7f9f683ce6a9cc3c390e4dcbc42799b70ee3b9c2163c1bdce8564f1a6d322963175ee2bb0d2331e158dec503d83b146a49595aab813598cc8277a96a6a34c8d949eccc0698ceea04cb1f91f98dbeb69212256545964d1922d9c0cc9cb76a147969b2137980cae607d687e1daa3b0ad982846d6fab51aeac7c27831769c9033f288bf6ff75c1e8d19c8ae5a832c4e58c7e0b4680007f557c3eefefe9de68aa6c95ff467af5ef4d782790dd2c9d00a287636308ad73bc23cf12ea62b0f019f5d4903d06f3e3bc605f6d2f85762108505671ff5620e79423e9878f96f669c41cf40df00765fd36e0fac11da5643e8d89eb19dad02ddf5e5b9f0b86e17380470d0dd01a02f8f9004344d3aeb8901df3ba7d774f01a96f1a6423cf6238323af5be61dd4d07fa6c426a3e9fe3e1a1f5c30bfc5b5ec0e12c8c3b9b52d3f633040669628925b568057f57ed5ebec9131856f2651c4b1f1494c7a56362b6fb0fbf92410c7e44b3277db374328fa95f9e8becdb21176264c13a9ceb9f0d72ec88aa7f57e06ea277163acb8f17a405df6d7e776e33305496e67913ee8a5a44e3821fb4da9dbb34f67b7cf66782c462d1336912b56946f38d807a4120a9679d68cf7ecd520026d2a702c9afbbdf08677b58b230735e032a1e000b72b564ae7e218f95d715ac00b2022ce483d61eb7e5d86d06a5360557242b55c7a96b2995163fa7c553a693947910ee652d7544ad2bb71ea77ad24b697858a44d69e8e3ac10f1f1d90f8ac472f6ce70fa9ba22cd045aec17ed72e340989a22cd458ec5a9b12dfdd0b118926ba43681c0f6b08b3f8ef224e708fdf96e7157d5013da601ac8034528b36e7aba5f12ceed7f319b68f44783a742392db1faa9e0d49b4f6132c7f49af661be830ca6f58e15936dbaf11cf9c32a1c5bc60c76045d3f399448474f2e9c8610cb04f2c1fd24f07367b43b3c53548c5e0b1dfbb011995fe04e88851ec12c9caa1a6a4c04683b159d18b1ae11e5bb030a7996e48494324264684c37f68b8ee521c57f9be9fa1983d1f44441ef842654548b5383b75742029c4a00150ea7cfa6d5b101cc049daf1135052182ba7242dcb877eb1a06ad26849a88fc883f1fdca728ad4f7278606c3c60bdc956033197130a2965fcb3c927a6052e8539ac773c18958bdb3c2410ff9f53c553ad6840770e6a84fca2f18a61476a6b0a143aea52a2858d8dafa0fa1e7660571f43b980a3532c7ddbf1f960bc2df7e3555adb2c89bead00ab0b0ef2944d26f58e0126a99690c96dbade6b77e6aa91cf090dd5133cc72085ce4f223b7c52ae9171a7061831b4dd1330213de111c9c818db26e23753141e9f079c40634907035481082e7e5fb879854b71be692965b278a7bf20fe7e6582626a05870bba7d0de38ff03dd5f90d6c8ff8aff080e092a7c07eae96d30646092f191eb8adc2bef903ccd477dfdb28c98b1a48cf822e196265be99202331b19a1a7811ecadbfe024465804ffaa689ee7ac0b52ac867077af261267c424c13cfa1fc566beb5e60c39eb3d3d1f74d442bdcb8122505f66b748cefee8c397f84c620118911c1268c664dfafa73fe1f8fa2d67c8e728099e6be0493acb54ab827c62b7324ef8c7e1b6c99a00359079fdf895cb34a494b12f78a6034029140676a1a252946511d383e615aa7301ed0751ad56f01ca5649f9b802d1eac49ba4b30f51357cd8f340cce80fb5371df7e75eea55d4c5102463147d456748748fcc974c1670c81e2774c7ebcd36d69c4b8f4188ac1486ee009d43ae401563acf1eda5c19c86182caad1571540a5bfbbb01fb5f5441272ad93041fda2fd7188eba5a46c753323d71ea0faa7bb221413d07edb363c3b30ff0ca62ef01458708e5e807e9f9a545737e55cb61a526bf367f1ebfa8915b84d937cbdf0b882564a004bd4df2bb9f3cf9795cfff70abcc6a41a96b0664a0b45d1b1f3e42a6f34f5157deb71c9911976cda41578445ff19a9af4e0cebce8ca5c8b3e608106df6d54ec3bcaccc829374610768b59450734df9b0b8698b14e1269ef595ef832afe511fbebdec4fa9e73ad4afcd9f8315fbd74c5265ca5dae6d62ef49c6fff03ab66450ae4d0bf8348ba5f8475004da8e6ec9d475bde2935a4e2f11dafd6a5de7108bdc7b4ed7e5cb39008f97811b7636e975830d30d7508f292cf892c0abbeef496cd572edf2650f6de358b37b3c7958f0f78e79b769f56ce5fa7ea59587ca605a23d9d334ceed30b8ae9536760850ac0df7d860bc24897bfc1a5cf738763d58b212daa20ed4f2309234d16c5c2a70afb186131e881ba007e5451e086727ee18e3118b0361dc9cb80ebb3c6f07ccfe22db49a75647892fab70bda2cf86c7d7fbf5152c016362ce18b89c6b2f62abfe2ca7d2128be331810f406f059357c82c5b99323ce2745051d786f24f3011a848498fcdf0c6feafd539d75ef3cbd7d73deef6451217a7115cda0124952e428ed1b6f45074864ec6f9f0da56eaacec11245324721a0d89b46934fca0c376fcc0ee440cbb0ede6846399312392d34fc10a70653f821dcb78c18459280fa87d6cd7a3fda9ceeb4e153d11a6cba345af9ac745dbf758ec77670eec6c3e28c611cd1f68733c79dae9c38e767f2010d85404a4344ad6432978f9670a3446dad17a45df791531e1e95b3fa244681b96faa9c9e2813ad231f0eb42c88253b192c3cb951cf994b07355b724d12d8f33faa391536bd028b4bc805e6c618ca0fd7f5981c3ce22a67f88d2dfd6dfbd3d1062fe7ed53648072f1d25e50b25d3b030006ab635738d8180383e64d7ac5028bd41d6e7e544f4b98e125df8e0b38e6d1443945135c1d3cf89fe4501492dfd98fd9d88b3652fcc89c432421230b599d753b5e43627061a7912e22d26714c94a5b9b9659567febdc952c69bcbaa7f010ddf6e8fac47f26a2dda05a87a7153a75b881cac177c6f830a43b4b2bb0e9886cc06501945fd43ae31793eb3cba09db2ce5e5cd79cb6ac907030032dc8681f4107881988e90c6812cca3061736ed015a9c04cf06dc3533d30fe3890fc8829099239da7ceae715f7291b2bacc668b9996e2fb9beb1b483c229cd24da7a1a6f7dcb879876203175d2bb0a53ac842a704204d45cdf2e0e4995a43d32aa9c02efae8e18a2628c126e03161696005a7a00ba428011186dc351601be9a306f5b2ea32c3bdb843252b6c871a8540477d58bda6b9a47403b00ceb58024224a157c2d2ab8865eb093b37348fa4aabecf1752a41a9a0c8adeb60b8ecc0ae9ce009722c8ec504c9adbb7f1aec97baa85e3585c9fd1d76fd1b2b0c2026e2ce7ffb80198f3ff4b9a4db00d50598dfc9118b189f2baea52c3ab01eda584375f55319174f1133ed7cdb95cca4aa9aec5c201ee9b22b025065995b694af47cce524ec0d18ff8725b82acad4c72b4d8317dddced82405943764c7e3576976b63a69e99f3134747705d50bc1acb93ab0af5e15ac376a2f1d77fdc851dc67a74ca801f3cfb2c1aab1386727174738bf5daf8b25bd85e8637362037884d0f1a3a81b0392594c486f235f55bac4dc1cf92eaab131efe8932c5c3360367f1685be86f02565d463e337177b681aa1c1fecff15c00adf52aeb5beb67c8e95d2e69e9bb502968d0d2fc9bfef2d9a0326320d4456e41e6da44e11e7cb78245a094a0c40ea626cd06571639586b31b9916c61cdf3f66bccc4fcc9468cd7f1572d8f6605d121a4fc549e4954c485f9e21fe646e072bd88d88140889ca6d9a736402b34a268633f22bbea93322d0f2fd32808b13d5faaa857f73a43e29fcde39f59c4c9e237e37432908ae7bd8c603db4e02955ac24e8b4a89d6ad2d127466331e35d6365cb21e06143759f897124ff17503be8cfba184c080a06a0c2054e3c362ef37c6b926d9315"]}, @typed={0x8, 0x4e, 0x0, 0x0, @u32=0x7f}]}, 0x3364}, 0x1, 0x0, 0x0, 0x4004010}, 0x40000) unshare(0x48020200) 20:10:57 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 54) 20:10:57 executing program 6: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x2) shmctl$IPC_INFO(0x0, 0x3, &(0x7f0000000080)=""/147) 20:10:57 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 51) [ 1850.112408] FAULT_INJECTION: forcing a failure. [ 1850.112408] name failslab, interval 1, probability 0, space 0, times 0 [ 1850.114982] CPU: 1 PID: 13602 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1850.116474] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1850.118270] Call Trace: [ 1850.118860] dump_stack+0x107/0x167 [ 1850.119666] should_fail.cold+0x5/0xa [ 1850.120501] ? create_object.isra.0+0x3a/0xa20 [ 1850.121522] should_failslab+0x5/0x20 [ 1850.122356] kmem_cache_alloc+0x5b/0x310 [ 1850.123246] ? mark_held_locks+0x9e/0xe0 [ 1850.124141] create_object.isra.0+0x3a/0xa20 [ 1850.125106] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1850.126249] kmem_cache_alloc_bulk+0x168/0x320 [ 1850.127255] io_submit_sqes+0x6f76/0x85c0 [ 1850.128229] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1850.129343] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1850.130431] ? lock_downgrade+0x6d0/0x6d0 [ 1850.131359] ? find_held_lock+0x2c/0x110 [ 1850.132293] ? io_submit_sqes+0x85c0/0x85c0 [ 1850.133256] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1850.134366] ? wait_for_completion_io+0x270/0x270 [ 1850.135432] ? rcu_read_lock_any_held+0x75/0xa0 [ 1850.136447] ? vfs_write+0x354/0xa70 [ 1850.137275] ? fput_many+0x2f/0x1a0 [ 1850.138098] ? ksys_write+0x1a9/0x260 [ 1850.138937] ? __ia32_sys_read+0xb0/0xb0 [ 1850.139846] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1850.139889] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1850.139933] do_syscall_64+0x33/0x40 [ 1850.142423] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1850.143550] RIP: 0033:0x7fe40cf96b19 [ 1850.144393] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 20:10:57 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) syz_emit_ethernet(0x86, &(0x7f0000000080)={@local, @random="31f52699464f", @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x4e20, 0x64, 0x0, @wg=@response={0x2, 0x0, 0x0, "6bd60e8c561d4bbfed48726363582d54c82fee2b995254fa2817997b3828a500", "7d60fa6d1c0779e6cb3d5656f3959461", {"9e6946ecbd671680e02dce79b473ee4c", "ea9e52a8c1613f41ebf64e747375bc12"}}}}}}}, 0x0) recvmmsg(r0, &(0x7f00000068c0)=[{{0x0, 0x0, 0x0}}], 0x300, 0x102, 0x0) pipe(0x0) r1 = getpgrp(0x0) r2 = pidfd_open(r1, 0x0) dup(r2) mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@access_user}, {@cache_mmap}, {@fscache}, {@mmap}, {@mmap}, {@loose}, {@access_user}], [{@func={'func', 0x3d, 'FILE_MMAP'}}, {@smackfsdef={'smackfsdef', 0x3d, '.)'}}, {@audit}, {@fowner_lt={'fowner<', 0xee00}}]}}) pipe2$9p(&(0x7f0000000000), 0x800) syz_mount_image$vfat(&(0x7f0000000000), 0x0, 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0) [ 1850.144414] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1850.144451] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1850.144473] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1850.144495] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1850.144517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1850.144539] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 20:10:57 executing program 2: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pwrite64(r0, &(0x7f0000000300)="fe", 0x1, 0x0) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) write$binfmt_script(r1, &(0x7f0000000000)={'#! ', './file0', [{0x20, 'lo\x00'}], 0xa, "d5eec7f1c11e72c58fa1a168e947954b9d2463573991d2e32901"}, 0x29) ioctl$sock_SIOCGIFINDEX(r2, 0x8914, &(0x7f0000000140)={'lo\x00'}) stat(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)) r3 = getpgrp(0x0) r4 = pidfd_open(r3, 0x0) r5 = dup(r4) pidfd_send_signal(r5, 0x0, &(0x7f0000000000), 0x0) ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000340)={0x74, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x1}, @reply_sg={0x40486312, {0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000180)={@ptr={0x70742a85, 0x0, &(0x7f00000000c0)=""/74, 0x4a, 0x0, 0xa}, @fda={0x66646185, 0x1, 0x0, 0x3c}, @fd={0x66642a85, 0x0, r0}}, &(0x7f0000000200)={0x0, 0x28, 0x48}}, 0x1000}, @request_death, @decrefs={0x40046307, 0x3}], 0x4, 0x0, &(0x7f00000002c0)="4cc728a1"}) fadvise64(r2, 0x0, 0x0, 0x4) 20:10:57 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) [ 1850.302068] Process accounting resumed 20:11:11 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 55) 20:11:11 executing program 6: r0 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_SET_FEATURE(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) r1 = getpgrp(0x0) r2 = pidfd_open(r1, 0x0) r3 = dup(r2) pidfd_send_signal(r3, 0x0, &(0x7f0000000000), 0x0) r4 = getpgrp(0x0) r5 = pidfd_open(r4, 0x0) r6 = dup(r5) pidfd_send_signal(r6, 0x0, &(0x7f0000000000), 0x0) ioctl$F2FS_IOC_RESIZE_FS(r3, 0x4008f510, &(0x7f0000000280)=0x8) r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), r6) sendmsg$TIPC_CMD_GET_BEARER_NAMES(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r7, 0x10, 0x70bd29, 0x25dfdbfb, {}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40010}, 0x24000000) r8 = getpgrp(0x0) r9 = pidfd_open(r8, 0x0) r10 = dup(r9) pidfd_send_signal(r10, 0x0, &(0x7f0000000000), 0x0) sendmsg$AUDIT_MAKE_EQUIV(r10, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="28000000f702000229bd7000ffdbdf2507000000070001002e2f66696c65302e2f66696c653000007a9c15db413a0db80250ed063f8604f3b8c9dd085f836fd2f5812f9f07ebd38e1a4ec1057833a623cc62f80a54ee243d8a32e291ad6f948587f5315c90787c498ef84da9f2b851902ab8a3fdafc590bee02e49b72c789c29f2d9607b9e4ebd8813b37d4874a381ba8ea57897e318497a9331920bd35826c84a391776f5da1e102b2cf08d65ae2fc41de6fcd81dbbdc50220f2e7d690189df8c6d70970fb8bfb0a5d77f67c9d7841bda6b67a8602a7bffa1ddc569b6d7f1c7fcf6f9522c00d50f8c5d5380ed4eed41d9d51a9b8e758ef3bcd2c4c531"], 0x28}, 0x1, 0x0, 0x0, 0x4000041}, 0x840) 20:11:11 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:11:11 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x10000000000) 20:11:11 executing program 3: rename(&(0x7f00000006c0)='./file0\x00', 0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) accept4$inet(r1, 0x0, &(0x7f0000000140), 0x81800) bind$inet(r1, &(0x7f00000001c0)={0x2, 0x4e21, @local}, 0x10) fcntl$getflags(r1, 0x40a) setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000380)={{{@in6=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0xfffffffe}, {{@in6=@private1, 0x0, 0x6c}}}, 0xe8) bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) sendto$inet(r1, &(0x7f0000000080)="a8bb77a50c50feb39cfa2b2796a1e7150d911823fb47f4c65e583986b4f103cae377c6b2b3c37974a8ebc67cae319f1d13787b48650bf14a6484d876c662c8c0f98ccbaed6c1e31c2107e51a302d7746acd7", 0x52, 0x40081, 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x3, 0x80, 0x0, 0xca, 0xff, 0x1, 0x0, 0x8, 0x1000, 0x6, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x3, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x69e, 0x0, @perf_bp={&(0x7f0000000000), 0x6}, 0x240b, 0x8, 0x2, 0x5, 0x3ff, 0x1c52, 0x7, 0x0, 0x1f, 0x0, 0x5}, 0xffffffffffffffff, 0xffffffffffffffff, r0, 0x2) ftruncate(0xffffffffffffffff, 0x1000003) r2 = syz_mount_image$tmpfs(&(0x7f0000000080), &(0x7f00000000c0)='./mnt\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="000000000000000766dee1f02865722c00"]) mknodat$loop(r2, &(0x7f0000000240)='./mnt\x00', 0x0, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r2, 0x4040942c, &(0x7f0000000100)={0x0, 0x9, [0x4, 0x81, 0x9, 0x1b35, 0x5, 0x4]}) r3 = syz_open_procfs(0x0, &(0x7f0000000040)='cgroup\x00') preadv2(r3, &(0x7f0000000580), 0x0, 0x0, 0x0, 0x17) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000600)={0x1}) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='blkio.throttle.io_service_bytes_recursive\x00', 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000700)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="00000000000000002e2f66696c653000aa2bbe8503e9f6d11e464ba7a05fe93bc216ff8c8aac6b8b14f951aabab8aa3fab82bbd8d0201ce914a5c78c56ceb7b9c61662495201933eba771d10307ca70966ee9001aca38af753360a939a0988b11c65e285c4308a391e4b03437228959f887f247be04ebc7fd250a1f347a396a5ba18241430856a57a61578d791e859e00dfad83ca35428a37e89be21bcc1a6d18a419e44a0aedfbfcbeb367afc7d9793b59d74b02248661c2e5d4c11fe1901eeaa4ffc0d63a3e829677405a773d29c83975a55863a841396e84f8bec106369f5b52f760c999a757f2bd71d573a2c6166054dee3521d3c87d5b657fd3e0093a58e57479b87a4c6df5807ba6ef1081175ee1b7ef5f66bd8ea7badc0dc0633b58b9fb92169a91fa41525099c22ab5d13e4097cf59cb43f3c9401a0f7fb8220af4f826c798a80833e6cf4eb3e0bd2552e2e950b16625ef8b5d3f3bd3b28616c141381a11653c9bd739a8431692e4766f5bc33b6a6235dcde0bcf189ec6c93cfa886d95fc14dbe2933ee4da099622ed4e86bbe98ae423b67f54a88e4a132bedf5fb58147b5bbf3a80d301a03b35075eda4ad95f3ee266da783f80ba5536283c35660712172c755b5ad4fd196aebc68656b8e5bf9a1c57a07727561039fc1b0545e5e327d8a5ee6f4df0154c2d61bffe8a10f3db8373f45277fdccd6c8242c6b69ccf12f7843f8429f6265a0ad38ae1755aa22c9c88ec44d9e6297cdc6489d38a859e9cb6df72c4612a5c46e38a6ba338fd311fc4d4b7f9fe839dec141708023cecf6f7e3e709a871a5199da153a185e838b4074f4edc49f69fb745ae99f4f425c"]) unshare(0x48020200) 20:11:11 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 52) 20:11:11 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000000140)="200000000002000019000000800100000f000000000000000100000005000000000004000040000020000000d9f4655fd9f4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b000000e8d1f1059aac0abc86bdb3f50004000008000000d2c201001203", 0x72, 0x400}, {&(0x7f0000010100)="00000000000000000000000085f42d27379e44ba9a8dcb77402e9f71010040", 0x1f, 0x4e0}, {0x0, 0x0, 0x2}, {&(0x7f0000010400)="02000000030000000400000018000f000300040000000000000000000f00c2b4", 0x20, 0x800}, {&(0x7f0000011600)="ed41000000080000d9f4655fd9f4655fd9f4655f000000000000040040", 0x1d, 0x2400}], 0x0, &(0x7f0000000080)={[{@usrquota}], [{@smackfshat={'smackfshat', 0x3d, '+*/{\x8c]]&,'}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}]}) 20:11:11 executing program 4: accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000140), 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) ftruncate(r0, 0x1000003) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, r1) r3 = openat$full(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) r5 = openat(0xffffffffffffffff, 0x0, 0x119a00, 0x48) ioctl$EXT4_IOC_CLEAR_ES_CACHE(r2, 0x6628) getpeername$packet(r3, &(0x7f00000016c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000001700)=0x14) sendto$packet(r4, &(0x7f0000000340)="58e543ccf2ef111f54491a1cb98a6e7873083f26f3eb260e9937d6040872563673854ab8930777f24a6836b7fa2a44dce2f0a4f2b371f4913b174e1819b6e2402af4ff1336a1eae002afff1bcd91edc9c88bfd644da7cd809f33a1205a68e1f36c1761aaa354f1c046203a230c9e5841b3914fa40c4bfe3428d71f2e29a3d711c982d65972bfa02ec962c200f4004b2fb59563b89bedd3bb8198221a3ccdbfec7c06bea321f9fe8708fe522741ff4bf5a0a1dad6be5a", 0xb6, 0x8011, &(0x7f0000001740)={0x11, 0x10, r6, 0x1, 0x4, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0x14) copy_file_range(r5, &(0x7f0000000100)=0x5, r4, &(0x7f0000000300)=0xeec, 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000)) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000180)={{{@in6=@empty}}, {{@in=@broadcast}, 0x0, @in=@local}}, &(0x7f00000000c0)=0xe8) fsetxattr$security_capability(r0, &(0x7f0000000040), &(0x7f0000000080)=@v2={0x2000000, [{0x3f, 0x1}, {0x8000000, 0x3}]}, 0x14, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(r0, &(0x7f00000001c0)=ANY=[], 0xfdef) ftruncate(r0, 0x7ff) [ 1864.680325] FAULT_INJECTION: forcing a failure. [ 1864.680325] name failslab, interval 1, probability 0, space 0, times 0 [ 1864.682086] CPU: 1 PID: 13641 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1864.683046] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1864.684199] Call Trace: [ 1864.684583] dump_stack+0x107/0x167 [ 1864.685108] should_fail.cold+0x5/0xa [ 1864.685664] should_failslab+0x5/0x20 [ 1864.686210] kmem_cache_alloc_bulk+0x4b/0x320 [ 1864.686847] io_submit_sqes+0x6f76/0x85c0 [ 1864.687469] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1864.688181] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1864.688868] ? lock_downgrade+0x6d0/0x6d0 [ 1864.689446] ? find_held_lock+0x2c/0x110 [ 1864.690037] ? io_submit_sqes+0x85c0/0x85c0 [ 1864.690651] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1864.691322] ? wait_for_completion_io+0x270/0x270 [ 1864.691995] ? rcu_read_lock_any_held+0x75/0xa0 [ 1864.692655] ? vfs_write+0x354/0xa70 [ 1864.693201] ? fput_many+0x2f/0x1a0 [ 1864.693726] ? ksys_write+0x1a9/0x260 [ 1864.694268] ? __ia32_sys_read+0xb0/0xb0 [ 1864.694847] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1864.695584] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1864.696312] do_syscall_64+0x33/0x40 [ 1864.696844] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1864.697571] RIP: 0033:0x7fcf4787bb19 [ 1864.698107] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1864.700655] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1864.701731] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1864.702715] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1864.703698] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1864.704685] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1864.705683] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 [ 1864.741571] FAULT_INJECTION: forcing a failure. [ 1864.741571] name failslab, interval 1, probability 0, space 0, times 0 [ 1864.744204] CPU: 0 PID: 13649 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1864.745612] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1864.747298] Call Trace: [ 1864.747839] dump_stack+0x107/0x167 [ 1864.748593] should_fail.cold+0x5/0xa [ 1864.749377] ? create_object.isra.0+0x3a/0xa20 [ 1864.750330] should_failslab+0x5/0x20 [ 1864.751109] kmem_cache_alloc+0x5b/0x310 [ 1864.751941] ? mark_held_locks+0x9e/0xe0 [ 1864.752790] create_object.isra.0+0x3a/0xa20 [ 1864.753710] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1864.754760] kmem_cache_alloc_bulk+0x168/0x320 [ 1864.755708] io_submit_sqes+0x6f76/0x85c0 [ 1864.756601] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1864.757649] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1864.758651] ? lock_downgrade+0x6d0/0x6d0 [ 1864.759503] ? find_held_lock+0x2c/0x110 [ 1864.760350] ? io_submit_sqes+0x85c0/0x85c0 [ 1864.761255] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1864.762263] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1864.763343] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1864.764462] ? trace_hardirqs_on+0x5b/0x180 [ 1864.765359] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1864.766511] do_syscall_64+0x33/0x40 [ 1864.767280] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1864.768341] RIP: 0033:0x7fe40cf96b19 [ 1864.769109] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1864.772920] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1864.774502] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1864.775970] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1864.777449] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1864.778929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1864.780407] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 20:11:11 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:11:11 executing program 6: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e680325132510000e680325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020201000ace670325132510000e670325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c4531", 0x85, 0x600}], 0x0, &(0x7f00000002c0)={[{@utf8}, {@uni_xlateno}]}) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) syz_io_uring_complete(0x0) 20:11:11 executing program 2: r0 = syz_open_dev$vcsu(0x0, 0x0, 0x0) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24000000}, 0x8c0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x300000}, 0xc, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x89c}, 0x4000000) r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0xe}, 0x0, 0x0, 0x1, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$ETHTOOL_MSG_RINGS_GET(r0, &(0x7f0000000580)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000540)={&(0x7f0000000840)=ANY=[@ANYBLOB="3401e700", @ANYRES16=0x0, @ANYBLOB="01082abd7000fedbdf250f000000740001801400020076657468315f746f5f68737200000000140002006d6163766c616e3000000000000000000800030001000000080003000000000014000200626f6e645f736c6176655f31000000000800030002000000080003000000000014000200626174616476300000000000000000004400018014000200766c616e30000000000000000000000008000100", @ANYRES32=0x0, @ANYBLOB="08000300010000001400020076657468305f746f5f6873720000000008000100", @ANYRES32=0x0, @ANYBLOB="5c0001801400020076657468305f746f5f687372000000000800030000000000000002007465616d5f736c6176655f300000000014000200626f6e645f736c6176655f310000000008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB, @ANYRES32=0x0, @ANYBLOB="0c00018008000100", @ANYRES32=0x0, @ANYBLOB="a9e3fb18b9e08952c17f66bf94b0076042e1cee862da135dd9465a0118eefc867aad9eb1428a226458bc683d54d3a2e919a064be39507e6e7ceb9e6fd5132a68fe0b6f32c63243ce676d55628f4b72fcd784746029c9c867cfc7f460f1401568f737001ac268b658e131a93c6f869967a3a3a7df83b8349b12762e14af0d302a20c4271737f4e9e346b9c1f385600e6b3d7cab8fe09bae2ffefbe03819dc0b0e9d597300000000000000041d39ad3fef84e49202865755b8893d56a74c5f4aab06335281f147036bf636a9516fd3f9a5aca974fa916b06330b0a83784d7d4f23b03462fd8e16b004bfc2a04d3572b6"], 0x134}, 0x1, 0x0, 0x0, 0xc5}, 0x8000) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000180)={0x10001, 0x6, 0xffff, 0x40, 0x101}) r3 = openat$pidfd(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r4 = dup(r3) getdents64(r4, &(0x7f0000001d00)=""/4085, 0xff5) getdents(r4, 0x0, 0x0) r5 = socket$inet(0x2, 0xa, 0x0) syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x1, 0x0, 0x3cc}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000340)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r6, 0x0, 0x0, 0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(0x0, r7, &(0x7f0000000140)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x3, 0x6004, @fd_index=0x9, 0x1ff, 0x0, 0x0, 0xa, 0x8498aabd44ea6357, {0x1}}, 0x800) ioctl$sock_inet_SIOCADDRT(r5, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @empty}, {0x2, 0x0, @loopback}, {0x2, 0x0, @empty}, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)='sit0\x00'}) 20:11:11 executing program 4: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) r4 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = syz_io_uring_setup(0x55db, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r5, 0x8000000) dup2(r5, r0) dup2(0xffffffffffffffff, r4) write(r3, &(0x7f0000000240)="01", 0x1) syz_io_uring_submit(r6, r7, &(0x7f0000000140)=@IORING_OP_TEE={0x21, 0x4, 0x0, @fd=r0, 0x0, 0x0, 0x0, 0x2, 0x0, {0x0, 0x0, r1}}, 0xb0c) write$P9_RREADLINK(r1, &(0x7f0000000140)=ANY=[], 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8914, &(0x7f0000000140)={'lo\x00'}) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000400)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x7}}, './file0\x00'}) r8 = socket$inet6_udp(0xa, 0x2, 0x0) readv(r8, &(0x7f0000000380)=[{&(0x7f0000000180)=""/78, 0x4e}, {&(0x7f00000002c0)=""/155, 0x9b}], 0x2) sendfile(r1, r2, 0x0, 0x20d315) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xfdef) 20:11:12 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:11:12 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 53) [ 1864.988536] FAULT_INJECTION: forcing a failure. [ 1864.988536] name failslab, interval 1, probability 0, space 0, times 0 [ 1864.990208] CPU: 1 PID: 13673 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1864.990988] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1864.991918] Call Trace: [ 1864.992237] dump_stack+0x107/0x167 [ 1864.992660] should_fail.cold+0x5/0xa [ 1864.993096] ? create_object.isra.0+0x3a/0xa20 [ 1864.993630] should_failslab+0x5/0x20 [ 1864.994060] kmem_cache_alloc+0x5b/0x310 [ 1864.994542] create_object.isra.0+0x3a/0xa20 [ 1864.995042] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1864.995617] __kmalloc+0x16e/0x390 [ 1864.996027] io_setup_async_rw+0x180/0x580 [ 1864.996508] ? iov_iter_restore+0x195/0x3a0 [ 1864.997004] io_read+0x775/0x11e0 [ 1864.997422] ? kiocb_done+0xc90/0xc90 [ 1864.997899] ? register_lock_class+0xbb/0x17b0 [ 1864.998461] ? arch_stack_walk+0x99/0xf0 [ 1864.998973] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1864.999613] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1865.000269] ? trace_hardirqs_on+0x5b/0x180 [ 1865.000778] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1865.001445] ? __lock_acquire+0xbb1/0x5b00 [ 1865.001979] io_issue_sqe+0x2e12/0x7660 [ 1865.002460] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1865.003103] ? SOFTIRQ_verbose+0x10/0x10 [ 1865.003595] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1865.004242] ? trace_hardirqs_on+0x5b/0x180 [ 1865.004768] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1865.005418] ? io_connect+0x610/0x610 [ 1865.005890] ? lock_acquire+0x197/0x470 [ 1865.006377] ? find_held_lock+0x2c/0x110 [ 1865.006870] ? __fget_files+0x26d/0x4c0 [ 1865.007352] ? lock_downgrade+0x6d0/0x6d0 [ 1865.007832] __io_queue_sqe+0x90/0x9d0 [ 1865.008314] ? io_issue_sqe+0x7660/0x7660 [ 1865.008808] ? io_prep_rw+0x7f5/0x1050 [ 1865.009276] io_submit_sqes+0x4461/0x85c0 [ 1865.009789] ? __do_sys_io_uring_enter+0x1f2/0x1730 [ 1865.010401] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1865.011003] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1865.011606] ? io_submit_sqes+0x85c0/0x85c0 [ 1865.012129] ? recalibrate_cpu_khz+0x10/0x10 [ 1865.012683] ? ktime_get+0x158/0x1f0 [ 1865.013127] ? setup_APIC_eilvt+0x2f0/0x2f0 [ 1865.013646] ? clockevents_program_event+0x131/0x360 [ 1865.014246] ? tick_program_event+0xa8/0x140 [ 1865.014767] ? hrtimer_interrupt+0x771/0x9b0 [ 1865.015296] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1865.015919] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1865.016541] do_syscall_64+0x33/0x40 [ 1865.017000] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1865.017610] RIP: 0033:0x7fcf4787bb19 [ 1865.018059] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1865.020242] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1865.021141] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1865.021960] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1865.022805] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1865.023601] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1865.024449] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 [ 1865.028272] FAT-fs (loop6): Directory bread(block 6) failed 20:11:12 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x80000000000000) 20:11:12 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4082, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x2480, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xff}, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x4, 0x13, r0, 0x0) openat(r0, &(0x7f00000000c0)='./file0\x00', 0x44a00, 0x0) truncate(&(0x7f0000000080)='./file0\x00', 0x4) syz_io_uring_complete(r1) madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x15) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000340)={0x0, 0x0, 0x12}, &(0x7f0000000400)='./file0\x00', 0x18, 0x0, 0x12345}, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) fremovexattr(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="000000000a9400c951644586229555c99383175796c7e67509b3a0210c8a19b5ae2c1fca26a0a0a7392df27b6e25914f9df2425920434c7a52e6b7a006064ccbc11f607e81c903b4b4e67e50522d47d4ca98df94ea92903ae1e35e73e8dd700dc03b12728274ada1c15134382105bd6938ae8a72de455f55e25581e0b35e10be14bfe9dd77c7ef2a1df6a5bd252f36d9e2b7a4387e76ec16d20744e9606abe74df3be510c8120220444c5111dce065a7f7efcc516b537f1562e7facd7e5b45b7fea17e52334a07e4fe2ded74100002a63fa81591537bfb80404f775e1ac3d6f7a2c58edae38037b63ee5ae274fcb7fe3b6c9f7c046aef281f3b225cae6165032d7fd9e904c28a8c99c721a8085b06899f863d8f4d8c646505fd37b5f1a641d1053769df5e435"]) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r3, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRESDEC, @ANYRESOCT], 0xfdef) fallocate(r3, 0x3, 0x4077, 0x8000) r4 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r5, 0x0, r4, 0x0, 0x200f5ef, 0x0) [ 1865.086665] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1865.088636] FAT-fs (loop6): Filesystem has been set read-only [ 1865.186665] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue 20:11:12 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 56) 20:11:12 executing program 2: r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_MAX_FRAME_RETRIES(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x48, r0, 0x4, 0x70bd25, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0x1}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0x3}]}, 0x48}}, 0x20000010) sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x38, r0, 0x200, 0x70bd25, 0x25dfdbff, {}, [@NL802154_ATTR_MAX_BE={0x5, 0x10, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_MAX_BE={0x5, 0x10, 0x1}, @NL802154_ATTR_MIN_BE={0x5}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000000}, 0x10004) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_LBT_MODE(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x40, r0, 0x400, 0x70bd2d, 0x25dfdbfb, {}, [@NL802154_ATTR_LBT_MODE={0x5}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_LBT_MODE={0x5}, @NL802154_ATTR_LBT_MODE={0x5}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}]}, 0x40}, 0x1, 0x0, 0x0, 0x840}, 0x4000004) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$TIPC_NL_PUBL_GET(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000640)={&(0x7f0000000480)={0x18c, r3, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x2}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x2}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}]}, @TIPC_NLA_MON={0x14, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x9}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xfffffffb}]}, @TIPC_NLA_NODE={0xc8, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x80}, @TIPC_NLA_NODE_ID={0x5, 0x3, "a5"}, @TIPC_NLA_NODE_ID={0xb2, 0x3, "aba7ba82803726dcd066f4e548072336b1c4fd49f1536a003836076705fcd1b6273de2ad2d56de48163bad0eca18acc85ff761dce9eda68e6e581d0072fea13b9fb46948ca0f09c29ab2593947873b308f5e5ca619c816dd473b01fc6b30016f635e6af314a319d07f536cb9b1c9ba763409bed991e3865cfd9f0a85d38f4e29aaadea6e7fb05b3d3e489cb946b555fc7c9816e060d6923a528e3f31227296a99d26c8ff53e5fd914c22976c549c"}]}, @TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x1}]}, @TIPC_NLA_BEARER={0x6c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @l2={'ib', 0x3a, 'vlan0\x00'}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xbad6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @private=0xa010101}}, {0x14, 0x2, @in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x2b}}}}}]}]}, 0x18c}, 0x1, 0x0, 0x0, 0x4000881}, 0x8040) sendmsg$NL802154_CMD_NEW_SEC_DEV(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x30, r0, 0x800, 0x70bd28, 0x25dfdbfc, {}, [@NL802154_ATTR_SEC_DEVICE={0x1c, 0x23, 0x0, 0x1, [@NL802154_DEV_ATTR_PAN_ID={0x6}, @NL802154_DEV_ATTR_PAN_ID={0x6}, @NL802154_DEV_ATTR_SHORT_ADDR={0x6, 0x3, 0xaaac}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x4040}, 0x8000) sendmsg$TIPC_NL_BEARER_SET(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000840)={&(0x7f0000000800)={0x24, r3, 0x800, 0x70bd26, 0x25dfdbfc, {}, [@TIPC_NLA_LINK={0x10, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}]}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x80) sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, &(0x7f0000000980)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000940)={&(0x7f0000000900)={0x14, 0x0, 0x400, 0x70bd25, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4004}, 0x20008040) sendmsg$NL802154_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f0000000a80)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000a40)={&(0x7f0000000a00)={0x28, r0, 0x300, 0x70bd26, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r1}]}, 0x28}, 0x1, 0x0, 0x0, 0x10}, 0x0) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_MAX_FRAME_RETRIES(r4, &(0x7f0000000b80)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000b40)={&(0x7f0000000b00)={0x38, 0x0, 0x800, 0x70bd2d, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0x10}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0x1}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r1}]}, 0x38}, 0x1, 0x0, 0x0, 0x40}, 0x4000010) r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000c00), r4) sendmsg$IEEE802154_SET_MACPARAMS(r4, &(0x7f0000000cc0)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000c80)={&(0x7f0000000c40)={0x40, r5, 0x400, 0x70bd2c, 0x25dfdbfc, {}, [@IEEE802154_ATTR_CSMA_MAX_BE={0x5, 0x27, 0x80}, @IEEE802154_ATTR_LBT_ENABLED={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r1}, @IEEE802154_ATTR_CCA_ED_LEVEL={0x8, 0x24, 0x3ae}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}]}, 0x40}}, 0x8011) sendmsg$NL802154_CMD_GET_INTERFACE(r4, &(0x7f0000000e00)={&(0x7f0000000d00)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000dc0)={&(0x7f0000000d40)={0x70, r0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x70}, 0x1, 0x0, 0x0, 0x4040800}, 0x800) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000000e80)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_SHORT_ADDR(r6, &(0x7f0000000f80)={&(0x7f0000000e40)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000f40)={&(0x7f0000000ec0)={0x50, r0, 0x800, 0x70bd2c, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0x15546}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0xaaa1}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x50}, 0x1, 0x0, 0x0, 0x80c0}, 0x4000000) 20:11:12 executing program 6: r0 = msgget$private(0x0, 0x200) msgsnd(r0, &(0x7f0000000540)={0x3}, 0x8, 0x0) msgrcv(r0, &(0x7f0000000000)={0x0, ""/31}, 0x27, 0x3, 0x1000) 20:11:12 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:11:12 executing program 6: r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x80, 0x0) ioctl$LOOP_SET_STATUS(r0, 0x4c02, &(0x7f00000000c0)={0x0, {}, 0x0, {}, 0x8cbf, 0x5, 0xe, 0x9, "9687db4e53961f52dfbe3023aa87a922797cdf8b7aa74f13efd0d21646798533d692ce51677104a9520855e2edf7b0fd5749e045d6ee76c0759ccc9462be52cc", "170c3ea40f0f6d66fb9a6da5f82853787e0eb382d4fcf35420f8b1b5e430ba5d", [0x1, 0xcf0]}) syz_io_uring_setup(0x7c0, &(0x7f0000000000)={0x0, 0xfdce}, &(0x7f0000001000/0x3000)=nil, &(0x7f0000001000/0x4000)=nil, 0x0, 0x0) mbind(&(0x7f0000003000/0x3000)=nil, 0x3000, 0x1, 0x0, 0x0, 0x3) [ 1865.390484] FAULT_INJECTION: forcing a failure. [ 1865.390484] name failslab, interval 1, probability 0, space 0, times 0 [ 1865.391858] CPU: 1 PID: 13698 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1865.392621] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1865.393554] Call Trace: [ 1865.393866] dump_stack+0x107/0x167 [ 1865.394284] should_fail.cold+0x5/0xa [ 1865.394710] ? create_object.isra.0+0x3a/0xa20 [ 1865.395222] should_failslab+0x5/0x20 [ 1865.395644] kmem_cache_alloc+0x5b/0x310 [ 1865.396096] create_object.isra.0+0x3a/0xa20 [ 1865.396589] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1865.397158] __kmalloc+0x16e/0x390 [ 1865.397589] io_setup_async_rw+0x180/0x580 [ 1865.398060] ? iov_iter_restore+0x195/0x3a0 [ 1865.398533] io_read+0x775/0x11e0 [ 1865.398933] ? kiocb_done+0xc90/0xc90 [ 1865.399365] ? register_lock_class+0xbb/0x17b0 [ 1865.399877] ? arch_stack_walk+0x99/0xf0 [ 1865.400350] ? is_dynamic_key+0x1e0/0x1e0 [ 1865.400843] ? __lock_acquire+0x1657/0x5b00 [ 1865.401346] ? __lock_acquire+0xbb1/0x5b00 [ 1865.401846] io_issue_sqe+0x2e12/0x7660 [ 1865.402308] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1865.402917] ? SOFTIRQ_verbose+0x10/0x10 [ 1865.403378] ? lock_chain_count+0x20/0x20 [ 1865.403862] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1865.404458] ? io_connect+0x610/0x610 [ 1865.404902] ? lock_acquire+0x197/0x470 [ 1865.405360] ? find_held_lock+0x2c/0x110 [ 1865.405848] ? __fget_files+0x26d/0x4c0 [ 1865.406307] ? lock_downgrade+0x6d0/0x6d0 [ 1865.406790] __io_queue_sqe+0x90/0x9d0 [ 1865.407246] ? io_issue_sqe+0x7660/0x7660 [ 1865.407730] ? io_prep_rw+0x7f5/0x1050 [ 1865.408187] io_submit_sqes+0x4461/0x85c0 [ 1865.408683] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1865.409260] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1865.409819] ? lock_downgrade+0x6d0/0x6d0 [ 1865.410294] ? find_held_lock+0x2c/0x110 [ 1865.410760] ? io_submit_sqes+0x85c0/0x85c0 [ 1865.411263] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1865.411822] ? wait_for_completion_io+0x270/0x270 [ 1865.412392] ? rcu_read_lock_any_held+0x75/0xa0 [ 1865.412928] ? vfs_write+0x354/0xa70 [ 1865.413362] ? fput_many+0x2f/0x1a0 [ 1865.413793] ? ksys_write+0x1a9/0x260 [ 1865.414231] ? __ia32_sys_read+0xb0/0xb0 [ 1865.414707] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1865.415318] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1865.415912] do_syscall_64+0x33/0x40 [ 1865.416344] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1865.416929] RIP: 0033:0x7fe40cf96b19 [ 1865.417360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1865.419460] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1865.420326] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1865.421141] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1865.421966] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1865.422782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1865.423592] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 [ 1882.825183] audit: type=1400 audit(1685736689.908:34): avc: denied { execute } for pid=13711 comm="syz-executor.2" path="pipe:[41614]" dev="pipefs" ino=41614 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=fifo_file permissive=1 20:11:29 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 54) 20:11:29 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:11:29 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x1f}, 0x1c) r1 = syz_io_uring_complete(0x0) ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(r1, 0x8008f513, &(0x7f0000000140)) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4ea0, 0xfffffffe, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f00000000c0)=ANY=[@ANYBLOB="010900000100000018000000", @ANYRES32=r2, @ANYBLOB="0edb964c5b2d02da42950f6d85e62c53"]) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000080)={0x0, 0x1000}, 0x4) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r3, &(0x7f0000000040), 0x163, 0x8080) sendmsg$inet6(r3, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) ioctl$sock_inet6_udp_SIOCINQ(r0, 0x541b, &(0x7f0000000100)) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_SPLICE={0x1e, 0x3, 0x0, @fd_index=0x4, 0x7ff, {0x0, r2}, 0x3, 0xc}, 0x49) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffd}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) r4 = pidfd_open(0x0, 0x0) r5 = dup(r4) pidfd_send_signal(r5, 0x0, &(0x7f0000000000), 0x0) setsockopt$inet6_opts(r5, 0x29, 0x36, &(0x7f0000000180)=@fragment={0x73, 0x0, 0xa6, 0x1, 0x0, 0x8, 0x64}, 0x8) 20:11:29 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 57) 20:11:29 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)={0x14, 0x69, 0xc21}, 0x14}}, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x300000c, 0x10, r1, 0x0) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r3, 0x8914, &(0x7f0000000140)={'lo\x00', 0x0}) close(r3) r5 = getpgrp(0x0) r6 = pidfd_open(r5, 0x0) r7 = dup(r6) pidfd_send_signal(r7, 0x0, &(0x7f0000000000), 0x0) r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r1) getsockopt$inet6_IPV6_IPSEC_POLICY(r3, 0x29, 0x22, &(0x7f0000000340)={{{@in6=@dev, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}}}, &(0x7f0000000440)=0xe8) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f0000000580)={'syztnl2\x00', &(0x7f00000004c0)={'ip6gre0\x00', r4, 0x29, 0x40, 0x2, 0x6, 0x6, @private1, @empty, 0x10, 0x8000, 0x0, 0x65c}}) sendmsg$ETHTOOL_MSG_RINGS_GET(r7, &(0x7f0000000680)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x433ecef8fa3302cb}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x6c, r8, 0x100, 0x81, 0x25dfdbfe, {}, [@HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bridge\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}]}, @HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4040050}, 0x24040001) 20:11:29 executing program 6: r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x5c, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup2(r0, r0) fsetxattr$security_selinux(r0, &(0x7f0000000000), &(0x7f00000000c0)='system_u:object_r:systemd_passwd_agent_exec_t:s0\x00', 0x31, 0x2) r1 = gettid() r2 = perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x81, 0x1f, 0x9, 0xb3, 0x0, 0xfffffffffffffff7, 0x5000, 0x5, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x6, 0x4, @perf_config_ext={0xe, 0x6}, 0x20, 0xfffffffffffffc00, 0x10000, 0x5, 0xffff, 0x7ff, 0x6, 0x0, 0xdd, 0x0, 0x9b9}, r1, 0x1, 0xffffffffffffffff, 0x2) unshare(0x8000000) r3 = semget$private(0x0, 0x4000, 0x0) semctl$SETALL(r3, 0x0, 0x11, &(0x7f0000000140)) unshare(0x20000000) r4 = getpgrp(0x0) r5 = pidfd_open(r4, 0x0) dup(r5) kcmp(r1, r1, 0x2, r2, r5) 20:11:29 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)={0x2c, r2, 0x5, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r3}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x16c1}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x6}]]}, 0x2c}}, 0x0) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)={0x64, 0x0, 0x214, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_DURATION={0x8, 0x57, 0xcd73}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x11a}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}], @NL80211_ATTR_DURATION={0x8, 0x57, 0xb274}, @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xa}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x21}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xb}]]}, 0x64}, 0x1, 0x0, 0x0, 0x4000040}, 0xd0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000580)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000100)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r5, @ANYBLOB="1400040076657468205f746f5f626f6e640000000800050004"], 0x38}}, 0x0) 20:11:29 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x2000000000000000) [ 1882.883894] FAULT_INJECTION: forcing a failure. [ 1882.883894] name failslab, interval 1, probability 0, space 0, times 0 [ 1882.885505] CPU: 1 PID: 13718 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1882.886473] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1882.887590] Call Trace: [ 1882.887961] dump_stack+0x107/0x167 [ 1882.888469] should_fail.cold+0x5/0xa [ 1882.888985] ? create_object.isra.0+0x3a/0xa20 [ 1882.889629] should_failslab+0x5/0x20 [ 1882.890164] kmem_cache_alloc+0x5b/0x310 [ 1882.890721] ? mark_held_locks+0x9e/0xe0 [ 1882.891283] create_object.isra.0+0x3a/0xa20 [ 1882.891890] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1882.892592] kmem_cache_alloc_bulk+0x168/0x320 [ 1882.893214] io_submit_sqes+0x6f76/0x85c0 [ 1882.893810] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1882.894494] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1882.895190] ? lock_downgrade+0x6d0/0x6d0 [ 1882.895778] ? find_held_lock+0x2c/0x110 [ 1882.896354] ? io_submit_sqes+0x85c0/0x85c0 [ 1882.896970] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1882.897635] ? wait_for_completion_io+0x270/0x270 [ 1882.898313] ? rcu_read_lock_any_held+0x75/0xa0 [ 1882.898955] ? vfs_write+0x354/0xa70 [ 1882.899479] ? fput_many+0x2f/0x1a0 [ 1882.899989] ? ksys_write+0x1a9/0x260 [ 1882.900521] ? __ia32_sys_read+0xb0/0xb0 [ 1882.901092] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1882.901188] FAULT_INJECTION: forcing a failure. [ 1882.901188] name failslab, interval 1, probability 0, space 0, times 0 [ 1882.901812] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1882.901838] do_syscall_64+0x33/0x40 [ 1882.901863] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1882.901889] RIP: 0033:0x7fe40cf96b19 [ 1882.906705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1882.909139] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1882.910165] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1882.911121] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1882.912085] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1882.913048] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1882.914016] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 [ 1882.915081] CPU: 0 PID: 13723 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1882.916661] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1882.918554] Call Trace: [ 1882.919169] dump_stack+0x107/0x167 [ 1882.920011] should_fail.cold+0x5/0xa [ 1882.920892] should_failslab+0x5/0x20 [ 1882.921781] kmem_cache_alloc_bulk+0x4b/0x320 [ 1882.922816] io_submit_sqes+0x6f76/0x85c0 [ 1882.923810] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1882.924951] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1882.926074] ? lock_downgrade+0x6d0/0x6d0 [ 1882.927016] ? find_held_lock+0x2c/0x110 [ 1882.927954] ? io_submit_sqes+0x85c0/0x85c0 [ 1882.928957] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1882.930081] ? wait_for_completion_io+0x270/0x270 [ 1882.931189] ? rcu_read_lock_any_held+0x75/0xa0 [ 1882.932244] ? vfs_write+0x354/0xa70 [ 1882.933105] ? fput_many+0x2f/0x1a0 [ 1882.933969] ? ksys_write+0x1a9/0x260 [ 1882.934848] ? __ia32_sys_read+0xb0/0xb0 [ 1882.935788] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1882.936988] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1882.938176] do_syscall_64+0x33/0x40 [ 1882.939034] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1882.940184] RIP: 0033:0x7fcf4787bb19 [ 1882.941033] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1882.945134] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1882.946852] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1882.948456] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1882.950056] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1882.951657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1882.953247] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 20:11:30 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xffffffffffffffff) 20:11:30 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, &(0x7f00000001c0), 0x0) write(0xffffffffffffffff, &(0x7f0000000240), 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0) close(r1) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$BINDER_GET_FROZEN_INFO(r0, 0xc00c620f, &(0x7f0000000040)={0xffffffffffffffff}) execveat(r2, &(0x7f0000000540)='\x00', 0x0, 0x0, 0x1000) execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x0, 0x0, 0x0) 20:11:30 executing program 3: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x2403, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='configfs\x00', 0x0, 0x0) chmod(&(0x7f0000000040)='./file0\x00', 0x150) 20:11:30 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x55db, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) r4 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) r5 = getpgrp(0x0) r6 = pidfd_open(r5, 0x0) r7 = dup(r6) pidfd_send_signal(r7, 0x0, &(0x7f0000000000), 0x0) sendmsg$NFT_MSG_GETGEN(r4, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x14, 0x10, 0xa, 0x301, 0x0, 0x0, {0xc, 0x0, 0x5}, [""]}, 0xfffffffffffffe14}}, 0x4004180) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000300)='./file0\x00', 0x0, 0xa0040, 0x12345}, 0x0) r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x4010, r4, 0x0) syz_io_uring_submit(r8, r2, &(0x7f0000000140)=@IORING_OP_ASYNC_CANCEL={0xe, 0x2}, 0x8) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r4, 0x330f, 0x6) r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) getsockopt$inet6_buf(r3, 0x29, 0xd3, 0x0, &(0x7f0000000040)) syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_TEE={0x21, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x1, 0x1}, 0x8) syz_io_uring_submit(r9, r2, &(0x7f00000002c0)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x2, 0x2000, @fd, 0x3ff, 0x0, 0x0, 0x1}, 0x80000005) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000100)='syz_tun\x00', 0x10) 20:11:30 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 58) 20:11:30 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x0, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:11:30 executing program 6: setresuid(0xee00, 0xee00, 0xee01) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCDELRT(r0, 0x890c, &(0x7f0000000140)={0x0, @hci={0x1f, 0x0, 0x1}, @sco, @xdp}) 20:11:30 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 55) [ 1883.273534] FAULT_INJECTION: forcing a failure. [ 1883.273534] name failslab, interval 1, probability 0, space 0, times 0 [ 1883.276451] CPU: 0 PID: 13742 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1883.277969] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1883.279752] Call Trace: [ 1883.280345] dump_stack+0x107/0x167 [ 1883.281139] should_fail.cold+0x5/0xa [ 1883.281984] ? create_object.isra.0+0x3a/0xa20 [ 1883.282980] should_failslab+0x5/0x20 [ 1883.283800] kmem_cache_alloc+0x5b/0x310 [ 1883.284674] ? mark_held_locks+0x9e/0xe0 [ 1883.285557] create_object.isra.0+0x3a/0xa20 [ 1883.286512] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1883.287599] kmem_cache_alloc_bulk+0x168/0x320 [ 1883.288591] io_submit_sqes+0x6f76/0x85c0 [ 1883.289519] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1883.290598] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1883.291624] ? lock_downgrade+0x6d0/0x6d0 [ 1883.292503] ? find_held_lock+0x2c/0x110 [ 1883.293376] ? io_submit_sqes+0x85c0/0x85c0 [ 1883.294331] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1883.295387] ? wait_for_completion_io+0x270/0x270 [ 1883.296452] ? rcu_read_lock_any_held+0x75/0xa0 [ 1883.297454] ? vfs_write+0x354/0xa70 [ 1883.298273] ? fput_many+0x2f/0x1a0 [ 1883.299058] ? ksys_write+0x1a9/0x260 [ 1883.299878] ? __ia32_sys_read+0xb0/0xb0 [ 1883.300760] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1883.301886] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1883.302983] do_syscall_64+0x33/0x40 [ 1883.303779] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1883.304859] RIP: 0033:0x7fe40cf96b19 [ 1883.305652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1883.309516] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1883.311142] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1883.312632] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1883.314147] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1883.315665] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1883.317190] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 [ 1883.400149] FAULT_INJECTION: forcing a failure. [ 1883.400149] name failslab, interval 1, probability 0, space 0, times 0 [ 1883.402945] CPU: 0 PID: 13756 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1883.404539] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1883.406452] Call Trace: [ 1883.407073] dump_stack+0x107/0x167 [ 1883.407918] should_fail.cold+0x5/0xa [ 1883.408800] ? create_object.isra.0+0x3a/0xa20 [ 1883.409881] should_failslab+0x5/0x20 [ 1883.410760] kmem_cache_alloc+0x5b/0x310 [ 1883.411690] ? mark_held_locks+0x9e/0xe0 [ 1883.412612] create_object.isra.0+0x3a/0xa20 [ 1883.413606] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1883.414767] kmem_cache_alloc_bulk+0x168/0x320 [ 1883.415807] io_submit_sqes+0x6f76/0x85c0 [ 1883.416775] ? __mutex_lock+0x4fe/0x10b0 [ 1883.417711] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1883.418864] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1883.419963] ? lock_downgrade+0x6d0/0x6d0 [ 1883.420912] ? find_held_lock+0x2c/0x110 [ 1883.421867] ? io_submit_sqes+0x85c0/0x85c0 [ 1883.422864] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1883.423959] ? wait_for_completion_io+0x270/0x270 [ 1883.425050] ? rcu_read_lock_any_held+0x75/0xa0 [ 1883.426106] ? vfs_write+0x354/0xa70 [ 1883.426962] ? fput_many+0x2f/0x1a0 [ 1883.427781] ? ksys_write+0x1a9/0x260 [ 1883.428636] ? __ia32_sys_read+0xb0/0xb0 [ 1883.429555] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1883.430751] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1883.431910] do_syscall_64+0x33/0x40 [ 1883.432756] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1883.433930] RIP: 0033:0x7fcf4787bb19 [ 1883.434768] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1883.438920] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1883.440656] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1883.442272] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1883.443863] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1883.445450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1883.447062] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 20:11:47 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 56) 20:11:47 executing program 4: r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0xc, 0x2010, r0, 0xeadc4000) r2 = getpgrp(0x0) r3 = pidfd_open(r2, 0x0) r4 = dup(r3) r5 = getpgrp(0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r4, 0xc0189373, &(0x7f0000000000)={{0x1, 0x1, 0x18, r4, {0x3}}, './file0\x00'}) r7 = getpgrp(0x0) r8 = creat(&(0x7f00000000c0)='./file0\x00', 0x83) setsockopt$bt_hci_HCI_DATA_DIR(r8, 0x0, 0x1, &(0x7f00000002c0)=0x3f, 0x4) pidfd_open(r7, 0x0) ioctl$BLKTRACESETUP(r6, 0xc0481273, &(0x7f0000000240)={'\x00', 0x7, 0x8000, 0x4, 0xffff, 0x100000001, r7}) r9 = pidfd_open(r5, 0x0) dup(r9) pidfd_getfd(r3, r9, 0x0) r10 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$EXT4_IOC_SWAP_BOOT(r10, 0x6611) setsockopt$inet_group_source_req(r1, 0x0, 0x2e, &(0x7f0000000100)={0x1, {{0x2, 0x0, @local}}, {{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x108) 20:11:47 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x2d88, 0x0, 0x0, 0x1}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) pwrite64(r3, &(0x7f0000000240)="1258f145c92d0e9ffb0e06f1a56da58b01109efe9d2fe778e081fcf63aa9d869352aed5ed994c85dc736827023564088ad291b66441a9d4c83a8a6c054791b8a2e3ea83434a670710cf08d204b0178df113aa35282874beb4d374d8a73c625a4a3faab265cc8e412d8f7ecce2d12", 0x6e, 0x7) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 20:11:47 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x10000000000, 0x0, 0x0, 0x84800, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) rmdir(&(0x7f0000000900)='./file0\x00') r0 = getpgrp(0x0) r1 = pidfd_open(r0, 0x0) r2 = dup(r1) pidfd_send_signal(r2, 0x0, &(0x7f0000000000), 0x0) sendmsg$nl_generic(r2, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, 0x2, 0x200, 0x70bd2d, 0x25dfdbfc, {0x1b}}, 0x14}, 0x1, 0x0, 0x0, 0x20000804}, 0x4040) rmdir(&(0x7f0000000040)='./file0\x00') 20:11:47 executing program 6: r0 = perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xff, 0x6234}, 0x10800, 0x0, 0xfffffff8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x40140, 0x0) r2 = socket$netlink(0x10, 0x3, 0x6) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000140)={'lo\x00'}) sendfile(r3, r0, 0x0, 0x9) sendfile(r2, r1, 0x0, 0x4000007ffffffc) 20:11:47 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x0, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:11:47 executing program 2: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000000000b8000000000000b80000000000000000000000000000000000000000000000000000000000000000010000010100000100080800180000000000001813000000000000000000001500000000220017", 0x9f, 0x8000}, {&(0x7f0000010600)="ff4344303031", 0x6, 0x8800}, {&(0x7f0000010900)="8800170000000000001700080000000008007809140b2a3a0802000001000001010053500701beef005252050181505824016d41", 0x34, 0xb800}], 0x0, &(0x7f00000002c0)={[{}, {@cruft}, {@nocompress}]}) 20:11:47 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 59) [ 1900.036653] FAULT_INJECTION: forcing a failure. [ 1900.036653] name failslab, interval 1, probability 0, space 0, times 0 [ 1900.039332] CPU: 0 PID: 13769 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1900.040794] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1900.042556] Call Trace: [ 1900.043134] dump_stack+0x107/0x167 [ 1900.043921] should_fail.cold+0x5/0xa [ 1900.044734] ? create_object.isra.0+0x3a/0xa20 [ 1900.045712] should_failslab+0x5/0x20 [ 1900.046535] kmem_cache_alloc+0x5b/0x310 [ 1900.047395] ? mark_held_locks+0x9e/0xe0 [ 1900.048260] create_object.isra.0+0x3a/0xa20 [ 1900.049187] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1900.050276] kmem_cache_alloc_bulk+0x168/0x320 [ 1900.051240] io_submit_sqes+0x6f76/0x85c0 [ 1900.052152] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1900.053188] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1900.054203] ? lock_downgrade+0x6d0/0x6d0 [ 1900.055070] ? find_held_lock+0x2c/0x110 [ 1900.055931] ? io_submit_sqes+0x85c0/0x85c0 [ 1900.056840] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1900.057845] ? wait_for_completion_io+0x270/0x270 [ 1900.058856] ? rcu_read_lock_any_held+0x75/0xa0 [ 1900.059817] ? vfs_write+0x354/0xa70 [ 1900.060204] FAULT_INJECTION: forcing a failure. [ 1900.060204] name failslab, interval 1, probability 0, space 0, times 0 [ 1900.060600] ? fput_many+0x2f/0x1a0 [ 1900.063577] ? ksys_write+0x1a9/0x260 [ 1900.064375] ? __ia32_sys_read+0xb0/0xb0 [ 1900.065232] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1900.066335] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1900.067410] do_syscall_64+0x33/0x40 [ 1900.068191] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1900.069244] RIP: 0033:0x7fcf4787bb19 [ 1900.070032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1900.073778] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1900.075359] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1900.076824] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1900.078296] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1900.079762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1900.081228] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 [ 1900.082752] CPU: 1 PID: 13782 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1900.084182] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1900.085872] Call Trace: [ 1900.086453] dump_stack+0x107/0x167 [ 1900.087228] should_fail.cold+0x5/0xa [ 1900.088024] ? create_object.isra.0+0x3a/0xa20 [ 1900.088981] should_failslab+0x5/0x20 [ 1900.089782] kmem_cache_alloc+0x5b/0x310 [ 1900.090641] ? mark_held_locks+0x9e/0xe0 [ 1900.091495] create_object.isra.0+0x3a/0xa20 [ 1900.092427] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1900.093489] kmem_cache_alloc_bulk+0x168/0x320 [ 1900.094453] io_submit_sqes+0x6f76/0x85c0 [ 1900.095363] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1900.096397] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1900.097414] ? lock_downgrade+0x6d0/0x6d0 [ 1900.098290] ? find_held_lock+0x2c/0x110 [ 1900.099147] ? io_submit_sqes+0x85c0/0x85c0 [ 1900.100056] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1900.101065] ? wait_for_completion_io+0x270/0x270 [ 1900.102075] ? rcu_read_lock_any_held+0x75/0xa0 [ 1900.103032] ? vfs_write+0x354/0xa70 [ 1900.103821] ? fput_many+0x2f/0x1a0 [ 1900.104582] ? ksys_write+0x1a9/0x260 [ 1900.105379] ? __ia32_sys_read+0xb0/0xb0 [ 1900.106251] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1900.107339] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1900.108409] do_syscall_64+0x33/0x40 [ 1900.109188] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1900.110249] RIP: 0033:0x7fe40cf96b19 [ 1900.111031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1900.114781] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1900.116346] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1900.117805] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1900.119280] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1900.120740] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1900.122206] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 [ 1900.154736] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=13783 comm=syz-executor.6 [ 1900.179898] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=13783 comm=syz-executor.6 [ 1900.189099] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53893 sclass=netlink_xfrm_socket pid=13783 comm=syz-executor.6 [ 1900.196449] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53481 sclass=netlink_xfrm_socket pid=13783 comm=syz-executor.6 20:11:47 executing program 4: r0 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000800100000f000000000000000100000005000000000004000040000020000000d9f4655fd9f4655f0100ffff53ef010001000000d9f4655f000000000000000b0000000004f0ff07000000d2c201001203", 0x5d, 0x400}, {&(0x7f0000010100)="00000000000000000000000085f42d27379e44ba9a8dcb77402e9f71010040", 0x1f, 0x4e0}, {0x0, 0x0, 0x200000000000540}, {&(0x7f0000010400)="0200000003a39115cf1d000400000400003112e67577930cf155887e14", 0x1d, 0x800}, {&(0x7f0000011600)="ed41000000080000d9f4655fd9f4655fd9f4655f000000000000040040", 0x1d, 0x2400}], 0x8000, &(0x7f0000000300)=ANY=[@ANYBLOB="6e6f62682c00514e4b192bb0088cdd81fc45e84fc7f148e1ae44b2ba9c69575ff84c08e9867e5574436f6c70c0ad0c4db29469ed78851098c3b226417e9acea5e7bb4ed65b0f7d00"/87]) mount(&(0x7f0000000640)=ANY=[@ANYBLOB="2f0900000000583e4e85c639f7af16b00000008a4d79670d5b75d45c778c7bbd5f157e647a516a9b61b1249c85838f2c8dfe088c6e82ae3aa559a8114a27f3089a32adeed571a62e4add1a1cdca9b206dd0a69c5e19abaddc9b793a42b3cb6986bd8e9b4bacf3d6b2fd1d4e7d7532faa51ecc97772345de8fd5828b3b9245fb99f9b18e46aa18c9d2b927110d63efabf124a"], &(0x7f0000000500)='./file0/file0\x00', &(0x7f0000000540)='ext2\x00', 0x1800, 0x0) r1 = getpgrp(0x0) r2 = pidfd_open(r1, 0x0) r3 = dup(r2) pidfd_send_signal(r3, 0x0, &(0x7f0000000000), 0x0) mkdirat(r3, &(0x7f00000001c0)='./file0/file1\x00', 0x2) lstat(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f00000004c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0xffffffffffffffff, r6, 0x0) setresuid(0xffffffffffffffff, r4, 0x0) getresgid(&(0x7f00000002c0), &(0x7f0000000400), &(0x7f0000000440)=0x0) chown(&(0x7f00000000c0)='./file0\x00', r5, r7) r8 = fcntl$getown(r0, 0x9) pidfd_send_signal(0xffffffffffffffff, 0x0, &(0x7f0000000000), 0x0) faccessat2(0xffffffffffffffff, &(0x7f0000000580)='./file0\x00', 0x12b, 0x1180) getpgid(r8) stat(&(0x7f0000000280)='./file0/file1\x00', &(0x7f00000005c0)) mkdir(&(0x7f0000000000)='./file0\x00', 0x108) 20:11:47 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5f, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0) ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000080)={'\x00', 0x0, 0x408, 0x7}) ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0x0) openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x12f142, 0x15c) readv(r0, &(0x7f0000001300), 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/timers\x00', 0x0, 0x0) r3 = gettid() ioctl$BTRFS_IOC_SUBVOL_CREATE(r1, 0x5000940e, &(0x7f0000000680)={{}, "bd143b9c789209536472b6353b8a84acca0e0af39777cd1eae99066a3c64722413a4c75354ff71aa0100c3b1144ce022be56aa2bc267f552255c1ada5e4b5be6fc6e84f3fa0d8143550793c1dc05b063ac1bf4735aa96d88f6ebd85374b24261153588b80130d51a2e245cf15c59c84ad2d024a7f81a13d1900185caf67bee5e17f1f99ed7e0ab30f11f5dd9bddd103a8a08beaebbb214aefa9f3fb914e7ffff638a962f997ebcfbd433fd8c418b6017f70125dc1c3adcafd53bc2ef971f47ee6b4cc2740abfefea02564adddd041b848dc6066f06f9584b7befc3940e9948605c5181c7191dc651f1028dedd03802c89959568e04bde8b851b9143b4d05d273d7abb279a16e0308ca43d2fa97e7f132f02760f4f5ef6fd0229711f6d440faa09c31698921831a2441b37015822f5954e801663686f1feee4994064fe4c7ab360c9b90528282fac4f0f5c799e36d30ce9774abf3ab5d1e9689f52ce109a6d4010749331a94036b0c970200756f5fbab6f34dad16ad3d7028faeebcec3b822af837484be8ef8c3b4b3dedc0071723eadba8bf565db7d0d9c8e5f8b52b33c921ec02e262fd9009a0146d796969af4218279ff3a75666bad5da3da18628feaf2983c544ae961f8b119eb146905e653660adc7eff511a37f32072bb03bc1bb1cbe024ce15f69c41ea047284ce24fc9861385d2424a9015b37a6ce10cb2898e6eb42bab429a5590d5b4cf6f4c1b65d6c814370bfe5eaef5e1ca71d5fbec4c01223efe1f904aecd7bd5d8a673a10712cd848ae057c6097f80c505413cc5b8428987c544ce1e25579b673ba3e2ca3f2713b1807eda886cd0deb19df2e69d6442b1afcede2d2112485b4b18208402b676c8e529e10123cca91612119a59e6c3cd9e283cd5abaa002151fe87228bda0d0391ca5e84ee2730e50e4df60a757c71f52730ae74a2cb3506a39142fcf79ba9131e42dce08f656bda7fd92970045cddd1cf1a42e5d27aca9873bd503fe9992e381c7fafb54eaeca7b0325da1a0371086da5495789ec18dcdf24faf24278989f99fcb56480b0a901a1bd8cc9be76705f736c986770f6871e30ed2ae4ea0df99f315ef85ab2dd01eb68f6c858a0a323cb3851eb68083ce73696de5ccccc71fd8c9511ca6ccc525ff50e63008d9792ace1e0b7538a500864379b5be5d4156a0ba2bbd2a6015aea270e712626fc5745267f0f743aeefb29f21283b10f3e32301636e2c1c4dec1542c60613f585d31a1a3600a8672eefd0799b5d4dac8663cc16b4ee6c33366bcfc0f027f4130e31072f0d8598e452b183df35f6914aa8cf556ef0aa8c8342a15bf6205fad88cf9d25fc5ac43705e535173b11eac0120a2a9900ba3c3dd6a8987c0b3d59e7f864d0f2bb86cd66acbf3144a0d3db33ec7d9a8e613e28aac52f3d38f41e459dcb17951ddcb4bdc2c1b8592b6e072024bced391551d0b53a4ff1256bb7bfd89ee3acebef270797a33e724bf0db673e42a00a36d09a91a1e9e6cb7e6f79e016e89fedf77c02e194e60f1ff3ae248ec46f877830255c7998a51efa0ae74a17592c302b3e4d082a489a71560c5848f700bcc731de1190b83eb90c7abaee114e17090681c9de0f4d64916b1b6c7d5f2f9ec4717fec0d2a8c62d8f116336b301194699d00992f289adc87e887824db2166ade67ce4d5eab217ec0b0eb3f5a0aac42e1ab29d6382cb31bc5887124736d1aa6135e0ad8de5163c7528aa4f5475306a34ce12bb0c8063d941ec1a403521d0d5379d06a8c8e938bc0e90b940e14b8ae23bf134d25f25580919cb4ac7a6aeb45887eb2fbe60ed76de5a1f08fc14f822bae1eb754ed7fe32eeca6de7e4f4c1761461373e7ab85820a895e9d3ac636dc821870a041ab6de1216bf67e5e6a40fd46d26598c4148006fb815f3d572afd3e3faa9d3b235f982b53af622b960973592e262bdb7ecb1de6fb3f371f1d83dd77ff876d42513c114e433d5c6f8dfe89617abbfdd6d249e8b7d99e813837e0927db016cfcd4af817dc4997d8109616baafa9c752c7df573ae9545707e7fd3625be9928cd4d2c43a0c69c19c26fa09edf7c32e853d58e4cd79c9bdf38137586663a742e9b993125f214510c2e8079746fe3b1534fd345f8c67df4a9c8552d74c443450266880172bc9b1923a53cbd18ed4aae3f6d67e2a294e3000c15de5508718a4af2114e5020e3699ba5ea8725a7fd606decc129e1edee3a206cc34f76fa5a8a71483e7844da660c4f70361ecf7f670ab8b604ee3ad00cac0acb3126bc975f5e42e49e7d2ee1f035c3be4218968399055f64678b7538b068e08eff535101c13231cc0ad7c76ef2257e9f7eaa6b0e5f45b54128787822d7a2f02d2428eefc776978635beace4f4bca4bbfada02be5042141209d47fe70549074efb5d21b7e61d108d6f77e052d5f6532eec95df4567e1cbf56f0fe2c3ed3580455263d2a8eaf2d933ceed59e6d5c24012c4b5380f2e696d9389f1a853f507e772afd44b4e5a481771bf14f6c752161597c9150d77a26daae236935d5601dde1ad9d3917c1722998d8fea973e1bcf47fec5948603c9758b315e511c262e724730ee308e7c6dfb0304b9ceedd9a9f42bce3f2d6852c91768ddea19a904d26ef1cd397cca2ce337152d77c951142c258d3ea77fdda02683a4e7c09799633cb95e1b65afd2d9e505c5b47d1bbb78f41cdf55876d7da29e1822794540f1834cf0fdafdd3cb871a1eae25d26e26a23e604f80ee6ac83922ef9bd3bddfc20fe4f55474babfc05cb282444ccdf5bc1a7969ba840d71b4bdc8ed78ff734b1764923145ba4690ee7e1d2cd7da42c98423b3d8d179661c5b33bb3ef29e99012c11e872535c382648233126f96aca805ea139c1b9a164f3b945b6f944e49cae2d0a7a75e75b960648f86fc39bf037b7196787526b9f7dd49742f5c935581e06579e316b86a2737d9090d6903eab9ccf783411943c3535f6faa03ec51ad56538d13e5a026e8d497945adc160d5d6a44721b1bc06e8715727639e3192ee6559bdfacf4a80f25995386d4e611b1ce96f80fe7ba47a6550405ecd57ad64673b175a7fca9672f3c4c19d6e377fd28896bb8bd84cce959406ee5fc0b38d8aca29962151c3a30930ec33f0c681af18d3ca2da5a2a01ef8418068ec49288652d83a8336ad1fa58ff7c373f2b6c4d9dc1095b010b78e53c4992fa231479f5411782bfcda4106412e07d44ba89b3b0b31d678d457be0106a5171f470238f683833b1b64af0035a682d9089cc225612bc419d244048e8fd060c916483be58e50419f816f37a9dd54cce2b0f1e1a7302df8a279170b503e73f3ab996728a59fcf300dc2259e77dc29198baee50a4238fa76dc8c847a3f9880701806566e76bd502f0bb81d479487b399e8861e903f25106b3bb7640331dc8c4f00eeb2eda899d5c9de22ce71436162c8ed7433494684275d94b2d7f6280a69d92fd7b798128ad8f6506748461c2573bda267aeab028ee70edd91a63b429495fbdd1b6431dad8f9d9674fd3973be67bb4e9f7db5609d788e2ae101c4efe3c516385503a4bcce0b65c03a4e9cf38fc5d53af87036dc851be02374a9a137c7f7690bee63f13d1ce1aa71594589657a2f65b29d1cf175efb78c7cff90120b989af6116d67a418fee5ea4c39d1d6b7910c1262b1fb726a9f2ab382be25ae35b5da6264658cd4d25627f20873b7a431d48a0c75fe3cfbf5be6b6b8aac852843fb1ade2bae0a29e4ff9324f5b692ab184aa1e77cbae1c9f56d680ec2f337f26af2bea1f29665aa5d334ee45b359bdbba1633802f1745c438e7f2a14657af246a565059f0e136b2df97559422309eba934820cd8667940fd45e3fbaeccf4ae79f7d83c5c2ef98f02493421d564375f90fa8d1598456253c1804bf406b2c6d0c212d050d1052a56a8adb74bf01db56a8c0984af452846eda8734cb33ee2cf30c20c0781e16a8de6c41145dc783bcd6bebe72f78a78cf2e6f59580e6ee61333a0b36769b47eb82be183fe55e5102533fae305f0997248ad9311659ca6f3a73bdd4f9cce56a55dd40feb5fe04135418bc9bf9ac8bbdfa92016878209445996b83284413edb7e696e608a5df69f1d41f6762b9e63486eb57b2c80f7bcd4c11af7db941651ae78e03d9f22da718207d8e6b18f403e8dcc01b5801e5f12d80beda551dea1566e39c68ad01d34daf37e69b096a22de7e814de32dbd66f3fc35ceb7841b41c4f224debcd7b7ba9602f766da3c42f1bb6224e23d89ce2759af5d8cc83a817d86dc1677085ffc5b6605c2398148142385994e553873ad2cd504e0a2e5bb9296736dcf2cdfdef0335c3303a63b154ce78fb534590928e9530844ba19d1f8ae707d1b55b2e124c1de8f5a4e3e44da65f1b22b853fc6e8c7efb8d7fc612e922dda91b28ee75ec69611cca5ce142432e6c1472084e1594b094074004b6dfe3c291b603d3aa439a5e32692c7a9e9f1f1eadb4a7f0799b5ae45042ea739ead54010ec59475b6d65a932b65e2080d92f0af6da128b45f7453a83f4c8df3402d871c676aa3a3f259d687d646511b4cc391d72668aecc6c76c1808e89a0659f0491f491bd0b13971f0717da6993357aef97918c5503ccdd2fb5c2e8e3b82323ae600eb6eebca9b9b4ce36cf3159f62b74a73dbf4a589cd9ad34bde7b857a6b4d2bc7fd7929249761c0566d22862737ea9e9ee014a34bc4387dcd14d42efb000844a50d2513dbd43dd80b622d74dda8e17972f33b961560b816a2b50dc2961d150f16ed46529330af966f967f3bb8f5b1dbaaaba279e6dad5c50749d2c50b989d44e64efe43388b12d81d6c4f2cec3c08d9da13489417ba2d8b3f3b640d8138dd13fd385176825a9a47cdee3a528fb99d2a73806ff5f06bd63696bf8c70cd5b0486f3f4b3bf7cd1134833e08208ec335cbf646b62f25834c126f5e09df8babb105f6161964442c36dbd64cde8428bda6957abd92f5057ac9124c870f963e544f71ca2ba7de047cad1aced79d5a65c0fc0a60ef4ff57b89ab6e34ed95e20965e3d1c686df16b99262647e52f1c1abd61065695eacbf7ba727a8f7dcd511ebbf5ff7ea9d0a516c82a81103587bae71661ea448796c88738ce11c7a632bbccd26a712bfae07a07bc9c691802fe1b1384cf9e6d233a62ef90e86923339c7b841c5beb6d7e411f104913bab4c53a9615d8a1c3a291ddcea37781843bc1606493e6f61e01884a9063e9ca9b525d0dcace5bbf8db789feea8cfbc211831fbda7024ef0d83f485e122284d7caacdca88c224ed18f377db54bd4446e3a5e41845482445a3188e88fdba03cfc6e671a1c73659294ad123a3cac055bdc790c0278ec9f8c76afa978983266bbb5123a578edf19e4ce7402037ccd09263f000c30e242b4ea5ed8326c75af2986de281f50b33e6fd552874a8ecef8ee2260823e50cdb91274adaa159fb1cb8d313c62fc0d145684765aff78877f20e1d49b15dd4ec3b33d295147eb3ff6828322c41b0524a9485b3f89a4f507ff95f3d5477fb4e67e73958ec1fb565aac639776f2a8cf80561292cc06ea7a5d82e46ad4819187d9a9599125d0f678bfb6e1aa87b5698fadeee5424cd86f90f4b3e0a5d4a1e13e076ac050db60ce94a4c0417dbdab5881299ee95ff800cc82dafac8090d5aacc1e6af7d97caec2675867c08745f573647ba90a140ce5d240bac3123e36a5a879da27e2a04ae7fa8aa4a9ba32e5ff62446fa3ccb7c4919912329d88e22d291fba8f9d40f9c74e9557806c73c49ea3"}) rt_sigqueueinfo(r3, 0x7, &(0x7f0000000600)) 20:11:47 executing program 2: r0 = getpgrp(0x0) r1 = pidfd_open(r0, 0x0) r2 = dup(r1) pidfd_send_signal(r2, 0x0, &(0x7f0000000000), 0x0) ioctl$TIOCSWINSZ(r2, 0x5414, &(0x7f0000000180)={0x7, 0x5, 0x1000}) r3 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_setup(0x523b, &(0x7f0000000080)={0x0, 0xb44a, 0x4, 0x3, 0x274}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000000)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000005, 0x10, r3, 0x0) syz_io_uring_submit(r6, r5, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x2, 0x2004, @fd_index=0xa, 0x2, &(0x7f0000000340)=""/173, 0xad, 0x1, 0x1}, 0x4) syz_io_uring_submit(r4, r5, &(0x7f0000000240)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x450400}, 0x2a7) dup(0xffffffffffffffff) r7 = getpgrp(0x0) r8 = pidfd_open(r7, 0x0) r9 = dup(r8) pidfd_send_signal(r9, 0x0, &(0x7f0000000000), 0x0) dup2(0xffffffffffffffff, r9) io_uring_enter(r3, 0x58ab, 0x0, 0x0, 0x0, 0x0) syz_open_procfs$userns(r0, &(0x7f0000000400)) r10 = openat$zero(0xffffffffffffff9c, &(0x7f0000000280), 0x40200, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x100010, r10, 0x8000000) [ 1900.243186] EXT4-fs (loop4): Ignoring removed nobh option [ 1900.244495] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 1900.252113] EXT4-fs (loop4): fragment/cluster size (32768) != block size (2048) [ 1900.263232] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35656 sclass=netlink_xfrm_socket pid=13783 comm=syz-executor.6 20:11:47 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x0, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) [ 1900.282824] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=0 sclass=netlink_xfrm_socket pid=13783 comm=syz-executor.6 [ 1900.292048] EXT4-fs (loop4): Ignoring removed nobh option [ 1900.293367] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 1900.303195] EXT4-fs (loop4): fragment/cluster size (32768) != block size (2048) [ 1900.307716] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=33608 sclass=netlink_xfrm_socket pid=13783 comm=syz-executor.6 [ 1900.321901] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35140 sclass=netlink_xfrm_socket pid=13783 comm=syz-executor.6 20:11:47 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x674142, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x200000c, 0x50, r4, 0x8000000) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = getpgrp(0x0) r6 = pidfd_open(r5, 0x0) r7 = dup(r6) pidfd_send_signal(r7, 0x0, &(0x7f0000000000), 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x50, r7, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1900.393853] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=41 sclass=netlink_xfrm_socket pid=13783 comm=syz-executor.6 [ 1900.396409] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=51 sclass=netlink_xfrm_socket pid=13783 comm=syz-executor.6 20:11:47 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f0000002dc0)={&(0x7f0000000000)=ANY=[@ANYBLOB="580100001a0001000000000000000000e0000002000000000000000000000000fe80000000000000000000000000000000000000000000008900000000000000", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fc0200000000000000000000000000000000000033000000ac1414bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000000000004c0014007368613235360000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c0017004200"/272], 0x158}}, 0x0) 20:12:05 executing program 6: ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) fcntl$F_GET_FILE_RW_HINT(r0, 0x40d, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x9) fsetxattr$security_capability(r0, &(0x7f0000000080), &(0x7f00000000c0)=@v2={0x2000000, [{0x8, 0xffffffff}, {0xfff, 0x3ff}]}, 0x14, 0x3) fork() 20:12:05 executing program 4: socket$netlink(0x10, 0x3, 0x0) r0 = syz_io_uring_setup(0x0, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) sendfile(r0, 0xffffffffffffffff, 0x0, 0x1) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r2 = clone3(&(0x7f0000000ac0)={0x134124500, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) syz_io_uring_setup(0x76e, &(0x7f0000000000)={0x0, 0xa793, 0x8, 0x2, 0x26f, 0x0, r0}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) perf_event_open(&(0x7f0000000180)={0x4, 0x80, 0x1, 0x20, 0x8, 0x92, 0x0, 0x400, 0x40000, 0x5, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x66d, 0x2, @perf_config_ext={0x3, 0xffffffffffff6de0}, 0x220, 0x8, 0x1, 0x0, 0x20, 0x1, 0xfffe, 0x0, 0x3}, r2, 0xa, r1, 0x0) r3 = getpgrp(0x0) r4 = pidfd_open(r3, 0x0) r5 = dup(r4) pidfd_send_signal(r5, 0x0, &(0x7f0000000000), 0x0) ioctl$EXT4_IOC_MIGRATE(r5, 0x6609) 20:12:05 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000100)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x3938700}, 0x1, 0x1, 0x1}, 0x9) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 20:12:05 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 60) 20:12:05 executing program 3: r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x2, 0x0, 0x0, 0x5e, 0x108a0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000280)}, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x8000, 0x0) sendmsg$nl_xfrm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="98010000130001000000000000000000ffffffff000000000000000000000000ff02000000000000000000000000000100000000000000000a00403c00000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRESDEC], 0x198}}, 0x0) setresuid(0xffffffffffffffff, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000200)={0x0, &(0x7f0000000040)}, 0x10) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="58ce000000000004963d57b274dd83e28f00", @ANYRES32=0x0, @ANYBLOB="000000001c00040000004e224e210000ac1414bb00000000000000000000000014000e000a0101020000000000000000000000000800160003000000000000"], 0x58}, 0x1, 0x0, 0x0, 0x22040050}, 0x40001) creat(0x0, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r2, 0x400454ca, &(0x7f0000000000)={'veth1\x00'}) ioctl$TUNGETVNETHDRSZ(r2, 0x400454d4, &(0x7f0000000080)) dup(r2) r3 = creat(&(0x7f0000000000)='./file0\x00', 0x0) flock(r3, 0x8) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="b800000013000100000000000000000000000000000000000000000000000000ff02000000000000000000000000000100000000000000000a00003c00000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ac1fc0c70000000000000000000000000000000000000000000000000000000000000000000000000000e500"/116], 0xb8}}, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r3, 0xc018937d, &(0x7f0000000280)=ANY=[]) fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, &(0x7f0000000100)) 20:12:05 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 57) 20:12:05 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0x0, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:12:05 executing program 2: fsetxattr$security_ima(0xffffffffffffffff, &(0x7f0000000280), &(0x7f0000000300)=@sha1={0x1, "cfab7613c06e74e63c7ba4258cdcedbfb16b6050"}, 0x15, 0x1) openat$vcs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) pread64(0xffffffffffffffff, 0x0, 0x0, 0x2) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x840, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x49a8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000080)={0x20071026}, &(0x7f0000000100)) r0 = syz_open_dev$vcsn(&(0x7f0000000a40), 0x1, 0x601) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ip_mr_vif\x00') fcntl$addseals(r1, 0x409, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x6c0400, 0x80) ioctl$int_in(r2, 0x9ae56969e66ea82f, &(0x7f0000000140)=0x2) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0) epoll_ctl$EPOLL_CTL_MOD(r3, 0x3, r3, &(0x7f0000000440)={0x60000019}) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140), r3) sendmsg$TIPC_CMD_GET_NETID(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x1c, r4, 0x4, 0x70bd25, 0x25dfd9ff, {}, ["", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000001}, 0x8000) sendmsg$TIPC_CMD_GET_MAX_PORTS(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r4, 0x400, 0x70bd28, 0x25dfdbfb, {}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000044}, 0x8000) write$tcp_mem(r0, &(0x7f0000002040), 0x48) socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4, @rand_addr=0x64010100}, 0x10) [ 1918.309653] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1918.322567] FAULT_INJECTION: forcing a failure. [ 1918.322567] name failslab, interval 1, probability 0, space 0, times 0 [ 1918.325345] CPU: 0 PID: 13814 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1918.326891] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1918.328717] Call Trace: [ 1918.329325] dump_stack+0x107/0x167 [ 1918.330152] should_fail.cold+0x5/0xa [ 1918.331040] ? io_setup_async_rw+0x180/0x580 [ 1918.332025] should_failslab+0x5/0x20 [ 1918.332885] __kmalloc+0x72/0x390 [ 1918.333673] io_setup_async_rw+0x180/0x580 [ 1918.334619] ? iov_iter_restore+0x195/0x3a0 [ 1918.335597] io_read+0x775/0x11e0 [ 1918.336400] ? kiocb_done+0xc90/0xc90 [ 1918.337300] ? stack_trace_consume_entry+0x160/0x160 [ 1918.338453] ? lock_acquire+0x197/0x470 [ 1918.339354] ? __lock_acquire+0xbb1/0x5b00 [ 1918.340308] io_issue_sqe+0x2e12/0x7660 [ 1918.341210] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1918.342387] ? SOFTIRQ_verbose+0x10/0x10 [ 1918.343304] ? lock_chain_count+0x20/0x20 [ 1918.344240] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1918.345396] ? io_connect+0x610/0x610 [ 1918.346262] ? lock_acquire+0x197/0x470 [ 1918.347152] ? find_held_lock+0x2c/0x110 [ 1918.348072] ? __fget_files+0x26d/0x4c0 [ 1918.348965] ? lock_downgrade+0x6d0/0x6d0 [ 1918.349913] __io_queue_sqe+0x90/0x9d0 [ 1918.349934] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1918.350843] ? io_issue_sqe+0x7660/0x7660 [ 1918.350889] ? io_prep_rw+0x7f5/0x1050 [ 1918.354367] io_submit_sqes+0x4461/0x85c0 [ 1918.355343] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1918.356384] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1918.357407] ? lock_downgrade+0x6d0/0x6d0 [ 1918.358269] ? find_held_lock+0x2c/0x110 [ 1918.359134] ? io_submit_sqes+0x85c0/0x85c0 [ 1918.360042] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1918.361067] ? wait_for_completion_io+0x270/0x270 [ 1918.362074] ? rcu_read_lock_any_held+0x75/0xa0 [ 1918.363058] ? vfs_write+0x354/0xa70 [ 1918.363842] ? fput_many+0x2f/0x1a0 [ 1918.364618] ? ksys_write+0x1a9/0x260 [ 1918.365432] ? __ia32_sys_read+0xb0/0xb0 [ 1918.366287] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1918.367399] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1918.368476] do_syscall_64+0x33/0x40 [ 1918.369266] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1918.370334] RIP: 0033:0x7fe40cf96b19 [ 1918.371125] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1918.374872] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1918.376446] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1918.377931] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1918.379442] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1918.380938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1918.382438] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 20:12:05 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0x0, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:12:05 executing program 6: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x18, 0x1f, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@nested={0x4, 0x0, 0x0, 0x1, [@generic]}]}, 0x18}}, 0x0) sendmsg$DEVLINK_CMD_GET(r0, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0xc0, 0x0, 0x20, 0x70bd27, 0x25dfdbfd, {}, [@pci={{0x8}, {0x11}}, @nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @pci={{0x8}, {0x11}}, @pci={{0x8}, {0x11}}, @pci={{0x8}, {0x11}}, @pci={{0x8}, {0x11}}]}, 0xc0}, 0x1, 0x0, 0x0, 0x24008844}, 0x8800) [ 1918.482619] FAULT_INJECTION: forcing a failure. [ 1918.482619] name failslab, interval 1, probability 0, space 0, times 0 [ 1918.485293] CPU: 1 PID: 13827 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1918.486766] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1918.488479] Call Trace: [ 1918.489055] dump_stack+0x107/0x167 [ 1918.489832] should_fail.cold+0x5/0xa [ 1918.490664] ? create_object.isra.0+0x3a/0xa20 [ 1918.491655] should_failslab+0x5/0x20 [ 1918.492459] kmem_cache_alloc+0x5b/0x310 [ 1918.493325] ? mark_held_locks+0x9e/0xe0 [ 1918.494196] create_object.isra.0+0x3a/0xa20 [ 1918.495157] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1918.496225] kmem_cache_alloc_bulk+0x168/0x320 [ 1918.497196] io_submit_sqes+0x6f76/0x85c0 [ 1918.498111] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1918.499154] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1918.500169] ? lock_downgrade+0x6d0/0x6d0 [ 1918.501043] ? find_held_lock+0x2c/0x110 [ 1918.501895] ? io_submit_sqes+0x85c0/0x85c0 [ 1918.502827] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1918.503838] ? wait_for_completion_io+0x270/0x270 [ 1918.504836] ? rcu_read_lock_any_held+0x75/0xa0 [ 1918.505814] ? vfs_write+0x354/0xa70 [ 1918.506622] ? fput_many+0x2f/0x1a0 [ 1918.507394] ? ksys_write+0x1a9/0x260 [ 1918.508203] ? __ia32_sys_read+0xb0/0xb0 [ 1918.509069] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1918.510170] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1918.511261] do_syscall_64+0x33/0x40 [ 1918.512052] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1918.513115] RIP: 0033:0x7fcf4787bb19 [ 1918.513903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1918.517693] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1918.519275] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1918.520747] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1918.522233] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1918.523703] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1918.525173] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 20:12:05 executing program 3: prlimit64(0x0, 0x8, &(0x7f00000017c0), 0x0) setreuid(0xee00, 0xee01) mlock(&(0x7f0000ffb000/0x3000)=nil, 0x3000) stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0xffffffffffffffff, r0, 0x0) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000100bd000018000000", @ANYRES32, @ANYRES32=0xffffffffffffffff, @ANYRES32=0x0, @ANYBLOB='./file0\x00']) setresuid(0x0, r0, r1) 20:12:05 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x40, 0x0) r2 = syz_mount_image$nfs4(&(0x7f0000000080), &(0x7f0000000140)='./file1\x00', 0x6, 0x2, &(0x7f0000000180)=[{&(0x7f0000000300)="803dae5bfbe9a54a800a2018beddfc05e087ac012e353a9afb7a142af122af138ce9fa26766ea6ecc54f0f87fe4af2194c03f8cca3f057fc4bcaabd5803f732c3bee56db80381f21fd6fc368addcb936ac76181886ea1c8357426ea776f8f4308145a24ae282e993dcef2f5086552379eb14a5be77f8477d4f9e80366329781f5dbe3b8064fff48b2f01deda62cb559fba56241fe06fe2043b58afad7db9c499a7e3f8a73e2761e5935ce9ab31ebb61f040c130c38e36654e88d0368cad37dd434ed2587bf11e206cf5eef041b5a86a82bebf129a3a6982cee1d83383a9b8a6b3b4d8c90d34330f5377c88ed4ba37ea21b1b164263fc290fdbd5745594a1e11226e82e01c94d2f0f1b56cf5773eea2e251ca7b5e7318c1c29981aad439ff839142546516f5939364bf2be2aac8fed0096ee28cbbe65dacf823bb91bf95d760a549ea2e02a8b08e371eb66bcfcfb1e224d482cef002861c8c63bc784092c5803a3d435777ef3ecc4ead67247f1fc9cfbc74f3b106afdd07afaeb8e1774b897e0b5ed65e97980ac30fab843327c8781db6e7fdb45db3db627f116d8655df001f7a5278b6fe510bc2c00c458cd32df807cd332a6108c13699b30c863f6cd31b667cb2f5b4265eb738956b0e9023bf67cf5fb71e26e666565cd804506ed001d7fa3194fbd286e816d6ec2b4cfd937ab5b953c70a2fa432858a513455f49b26aa47d83e0004117d99973b5c27548d8885ebd3647d1e156a6716721c840cf7bb5445ffa1e7b0db7d01d967c0df846b48c1768c028b7e3d003a7bfd36217a41e8eff3c19646d50ff7debfd6d9a45c254aea1fc0eb4d954ef966e00d7c41ca962df9f0626282ddcadaa8d09d9684d5371e8fcb60c2ea4485ac29d8c7c9c29215a1cedd5ba66e1a277456cacdffbd3fe0c13ea3ca0f57a20188f0060ed9565ab3663ca558a43ed83496d3fd60eed4d534319837cbf06a913de86e8e19027aed03cb22288812d575438babca76a23bd6c5c1f794519057b42c1fa5348734eb45f44d37862c1df29e8be55be28cdae22bd09b5676b587b81bb3f6cb1a1145daf97a4c3e4f6036c0b26ecb936b1eae1d012586dcca4ce5510d3df4e3ee80c8608f1e6006591fc08a05de264c6de5d00b88275241fc70ea92105482152ec8844418bf07d22cb2da8f1b52813130b379bf0ec6e467910fddac89380b20ed9aab4df9f1c72cfc45a8194e5f9b2875fb644b983d84d0dc412ddde151e39b6a6a1e40580f36a1200db527013a19408e98f2ab6d5a1372d84b3e322a0085214eed88907cd5b721e3ecb53e5a4bb1162825c545262965496079db722fdabbb260601d671568f9b2d3740f47e1807bb4bd3c8126fa0ccc9bde9d7cc3db2521925b782f84b2224f4002f328eeee4c37e2b5df0c67130d6d6aed6e29d250526648daf3f961380ad1bad0c92d3eb76dbeb98b2657d2ad2772540c828b98c974a5654677a4ed8ad541ec587c4199786cf42d79598e59844e862f66113ee7706c35822572363edc89fe4c73916cbd19f96a5802591581d79275c025f4bc09334ed80b8364096e5a34702b3fcf10e2bd07d2a35b4ac1ffdb8276b2ff60c3c72eb9c6b29a927f70425492cacf7d29ddb95e52bc022b49a3aca0d0ad2e229834650275943dc4b96dec554a07336f92134121df44f82891e5b6c7bfd7e2ce394a8c53b29224a4678fdb532355abc3fcb93d09828c50f6e4f29e33f7c413955e54cc8eaa537c86fe133b9cdbaaf7840c96eb507ceb5f5a366f647460f20a124bcbf0773c3ef18f36671a794913c391ac0207e72664a9c9c8cf9669a20886c033bf7ba0dc4dd38ea144d579499bdc1e5700dc541f6fdbe9b27bb34cccd63ee9d3f5c6971229b4ae45d34ed1850c5c8304dc7255c7170f0055610f77e07501fb4a88700fc5846947330ffc24d1c4215cb56f78ffe1432a31820a93e0113a7725211d1fb2ebc02324aa511e3c88d0d2bfebc8a6550534976b9d089794968f3bba103a313b73808586706262b372fd5f08b2b487e633a548b683c834d1bcdc16111b1c4c4d41ccdfa3758bd67df3bc1d8be787a9287c288d88ef00cc6023ff97d8a0dd0a20a4edf66e373c01d4d418d2c8bd5f8ee6ce38eb6f316b6e4f0eb4f635b736977072cad9e8ebb2441c9644dfbf50a517a28e6464b6d55c9080c2aa8d9f04dbdcc29986c5c630dd388f1b767c9608153ff655998954b49c51a214283858e13325fee77ae80b6e649e038ccfca67d7c242fd7ac808c11558e0bb3c727b8656552ed99ea20b08618d6be032b03e2f3a01f52fc950abc01ae1366f78dd46acf57fe31d6428bace1f0cdfd4cd6ab6b9bf998a13df651ab17d2e9fa56beee110a75b34dbd82ba7cdaa7a9295e10a20a77729349b9376da9a0847f4d77498f11c11e5035ff2b6095124defca4fdfcab26f3d9231ef09d17a1a3500d4c30f21de052164070da17ba0df832555f2bf37cc0b65a3c5ddda7194012e3ddd281023b6bfc2261047b0bfda4dc1ec0b85642238949f95876b56af36acea27a04f47813180adcf8c934b209cb46b1afb3d56e6d895941e55f4eea7ca9b9ce112f542e0cdbead4a3ea4ad11f8768f0382c4c0cad45efcd83a1ea47d51e7ad3d9fff697e11532c7397f3b6b573e2830d22ace000427885d3c543d476bd3d8f7f70ee9b97171eeb5a1d17c9cde4d04ef5b800a55fb9dacd1d4038d40126c4ad359acaa0b538aaf85319c3c94136084cc0025b2c872e5ed19b1fcf3e72bfc2fbaf2720ae2056a2fe839f91ffdbe0ea9056cc69b95f4a68b89e4e4a31ce88b5cb8be0edf7421cd44128b0fdf13c1c1f2c28c961d03b208a9f86b46a57283571690c6ebee66ad8dfbe796b0de622d89a2749750cfe00bed20840995a9c3c2816c11ef7c946d543fa595469a43940e68f5a5206dc01103fba0b40574f1c23bf8cc1311d2b36d470e676461894c4459b4e6bba3e54827f7c93b79bb7123364050f3d73f47e14341647b873df66cc32fc1d1beef6f43d55731ba4a69c7e49f222d9ab9b095d45c9f0903651fd6db020e9cb110871384664f79862eacf76a05f093e9559170a843aeddd0d2cfbb7e754b80d1e8d7e57b74722b4cf182ab64455528b965873c982d4fc83b1cf34f9efef08d8a9a9a242348123f6c25170249cbbdd8efe075e5a4e141ea266ea7480d5deb08983c8d8b79962ee067ce256a74f9c53ff09267f884fe145963ded443724c402dd2a825a8f60f0e25b62f822a26b8fd36d1974c0be8c0fc1cd223e3fb4cb314e75f69b6ec7940944718c9b437375a35b1b903f25160ddf25611e125df8cabd0332b21723dc6302efd68a4c13f3065846b97c48d24e88393f4ec9d7d367d20da1d6eb490968a05cc8b5dd4fef2605f2dfe644bc2e3e757ee610eb3139e7aed6a68de4a6d850341e6f84be8c46dc057acc86ac240dc419141394e2a18f7c8898d59832182de7c56889eaa5474ba025494c653aae7cd7d5c8aa5f38671bd17bc847e588b8f563c9c55d826777031970ad2c88582a984de95ba01f50ef6949e2818c2c74b60803aa07feebbfa72348920ca35dcf1e83897cd21dd66986b62fe875a4a0bf0b719c1f7e4017315dac72a9e496fe8c41a308afb7a3e0def28a227e4c6a63c3d5de8a0dd6788a6b7088618343e709f1d7895619a0ed859a3d8934bf91c287446990f5413e69b4e7c28ca510f03e6c3f20d61a373bd29e5fe54a0a15eee27e02f145c05f370b478f63227f940a1472e5e312403de447121a46e41876ec823a384b983f5eb528e1614270561b5e6377bf01d20f34b4f4d5dad7211b2190c93830da88804395b7db2099c3c2d09da8030c2686421beba0425e84ae17d3215658543192ba3d48e44ef5d4e555d3ae91f38082064b2dca6593d454d4c34a5a684d80c952eea2d0e412fa20561998fbb011858bb09c3e87d50c08bb5f0aad4a19b1db3d763ad09f86dcfe844d0a754b013af932d4f4711c01f1d676478c51a2bd40a82e93e799d3be66325f2716ee5bcb686b12202cae1c78df74e0016e4033dd7ac2da9f22c8f7b75a77f0e4c8d10390cbadc3f1e0d686c4a7923c09a17923dd58ee99a0370b298735868297a599e95bfbe2c3afc1d021043d85cf17eda0d2700b1e54aaa6597255c3ad5dba59cbd20822695d51961e741636f3cf3b3b131e91158ee2de3502149b8f11eeca3773685a4571032910c972d471a303f195c08264935c059f269ed4918d823dbab41aa307ab04827018291369df702fbc943c8a3c869a58e24a698d5f14202b30da3e16e104619e9d6bf2b675d6b4899cdeb27e83f239b36375f4c8628a53545b8443e9bf546058054c037aeebf441a65b8c2cd3099e3fe96aec9ce9e6968e98fb8298e3b056b306c7d3339e31f45ab9909a86a88401e7315ca249d0838769828937ae3919c8946540bf4d6de10e13e20cd4e75a44fd71f50115f26ae05f53eaea3860012599a91925feeaf0a663800a505f1f45d1fd1c15dbd9848bb7fbe1e20ab3197ec71e2a7bab4474707f001268269eb8e594c9bfa42a2c488290e0980645c3b417ad04654fd1560e4a2eb746bf8e01655e65d36c6c38857d4ca53d4d573859fd5055a766e55cd0ae5f6abc4664621909ced4fe69cb1cedd41f4cb11f085c7e2aff1fb986c68270f6e6329eb4136527b074f11eefa2ed0f1aa91a670784c7d6c6a818028cff58f51951ac11ef16c3eb5aa32038603023284f7b9d4843960396764b0b12bfa49c4792f6272be4dacca1281cbcbdebe1f1f5e174cdd4fabb53205688c0dcbdf0f545209a900f3d5a2c5ed84a57cc9ff8124ab7bb3cca52e38a6184fa0ad82bc13d12d6118747c3ccb00564350ba883e792c23ad153cb56f279361cd6cc831f1edfbda1128205fbf8c70ef1f02af4c81ca73ac0ea18fe0e5ff636d8c59f7008deb2939992fcb3a1321ed7008aa6969e68c083ef81a296e0c1182c97251c920e688a3a96c024012fcb314681fe013af2104bf4f60b9a4098ec0020398cf469d4832d042f388f88a5d3b98d683c570de66a17a3b9aed8518b578a9cad54cc015080ae853d62c34aa721e1cffd0fddd95b7e68463f322acfec9a576d1cd454686061b2b45eed73a0440cdacc393fb5b1a1e44a351c843829dff17ead0f3963d5a6c2a11d5c3fdf166dc8a67a0895ac5b13f54f42cc493fc655f69e6bf9cd905c4df3b949f9a3b07d70ae6fb6358d994ac295addafbbca816e0bf4f49e8158bbfaf4abac6606cc6ae85e68c00dea0d8b3b57cc0298d249aec88852f76470ab9bf5908dbf5a7a1f82be11b33dd911dc2116609f4a4fd7af1509e8b6b7ed925244fafc367aa7396e523a131203872692338a7e9420fc54dbb05e43a7f4bc4481c2cb59d55bf64750bada9be8bb905ce55b40efeaf7587c018278feb966ea51540bc5db7c025eee7661e101959f0fa1227386e89062bd1e2a010a1e07ade1f52b743beb74f17a5aaef70344fb4613cf0d3bd337c4f86d4ab9f93a9a08b04cb58f83c772355401c4f23ec3d44192e220158527794d2bcc677a6e79b359f6c222197385b6bea6993785a2fdc18e1f90e1906f08c701c08c597ebf3147444e602409f59ee5fdd40d023e88cf0ac617865a4d276a0a03f9c3a2e40c069d807e2899f7d95a3aac2e1c31d34d846b5e307c09ed758b86b5393b0e46b4b0e6b7db8d89cf5edd2a41ccab685c2b51d4f91d0b4e4cda7364286a27bc7613b151a673d0e3eec435786a6e4214853b7feac48703bef3ce4485dd815a97d74", 0x1000, 0x3}, {&(0x7f0000001300)="3f5e93c09249078373b95aadc296f94babdf251d3bb0a7917e46df2946f01616a535a1f8c39cecf6e4d0dcd326fcdc218da95309ab452240ea875d356feeed315aa84161817ebf64344466622ef3412366dfa68fc70eeef4a1ae44c8e0c682ee03a9d326190f1f89c14d087c049c7cfffaf2b6c3b12a9bbd4746ca3386fdce628266523e257bf638372fffef407e26b7f2403d3894f9c5084cc77e6f5971b2c87a793942bd9cdb1a45ae8810520f7735fa908af2ec8e2a03e389cee520ddd551fa244c71b54c366162dcfa7e21b24571e6b783807e18865e9ba2756c987ae53fa37cf2f108e60e4176e622a11a46dde7f1a1bf18b03309bc34dc3c2d228f7bf5af95ed245280b6a2a85536407d878041b6a568876590c3f9d41245c62c9bbb1e9a5ba28cc8af468cb41f780061b859394f4c1fe40789eaa8fcc80b5c1feb44f94d4246a8c910bb2dee9345e8ee75bc43e669a7f1d6083ed88bc430fdd1d30881dfc39767b4b5f65513b2c79db9dbd9aa277232da52eaf1c09a632d835b24ef3343b9aa06da57d48b2e7b967e94c2eea220b6e3a1c5fa2695cbe1d08af40bd61ef36a649278b149e8f58a0c979d7b720a1bf20d0bfe83138201e0e3277d75310f6d55fc755c80068432c0a1b0de2ff7db42879569797ae3225477503f6524f3e5cad51660c04f3b6fea8c4ed7e5fd1eb7b6441c328d43154e02dfbf2984a3e55a7c954c82f974513d957a922034e32e524d670140b7036522edb7c0b3f85523762f894984511b1586aff161d796e08088c5d19e292e4376a8c8ca39df3d70f6467da6d3c5c829d13e5ffa7553cd5bdb80de96a01fbe728d2f48fb323b4b6c1bfca17929393add8bb292e672f393ca1fb46005e0d2175c46749bf2db0d8dcff17ee0c96af6763ee0d6917737547f37457cdd96c3564cfd98be128bb1066c82f3484a61176420845e5bda3244fe7d352e3cfd99f92ba167a5ea963952ec5e206a76b3ef18261a1e0dd5d0095ce7c4fa752c012419ae9ff83e4ecbfcf328adad91794295c6bbe470b31b52546691bd8bdbe526080dab5a8657873668fba84898c69931ef87d9ce695d5afc8af01139fcd8dfeb07883910237735c6635fb3fe0a3429779ad8b68ded64c7fee735e2663ec70a2db209c89cd879b128255ef9517c202405b8c2a60f3d85ec8feb6b54251b57e8e73dbf83f9d1e6061b9c2797e349508a16cbbaf2a0751436857e3bafc2ccaed1a109008fc9fed760c4d7ad9e8f4fe8ba0f0392a8815ee9fb9414f33cc5e60941cbffad728061e6dc9f9cd35640c33193bf243f8c67072b865258739f7b29c5d9b1f152ed6c5e5cea1f0a2f15d286b70e009401aee097bcb99c5ed60bc738ca92e8e6c96b110cdea738fd8db70bb32db8e5ac2af40674836cca617b88ea9b4fb23025378cb50b057ffc22de5a9d94a9ce508a9b865ca36e4d1243009924bba2e28b3efa865ce2eb5f3adfb26e866a0b4635e77ce4b917a8a9f568133ee2f5e577b00c0352317010b83e4f269b06592392df4413ca17d747643e76fc43f77034d66921ea50e9258b87cc4e14f0f80a75d37e34bfb8f84a0e7b80adbc5c7a129b9ef1180c72f6059702ed46323405e542dd5beb8e52aadf84865126af447f0fd8ae8cad2cc1ecf807b1c5cef431acbc2c86e89fc5759c52a046d714efa1b21b440f295f43fefff43773818493bf0c96256653db2b8dcbf811eed091fdc3e0f23a1814e166180a270c58ac786c64dbb9b7aa5b53dc40a9f2e26f1e70520cef51300b4fa90277f19e3395f87b68e70adee49a14478a57101366e0b140215c90ccd1a76849b53cee028e0586652f5fba8e3156d1a46415a46ab7bb6997c77668fb960c6a4f961cdcf86574a6e990c1ec746f280c77c7e7c2e48b620ca5e0e426e23f499aedef6e506f5f7ecd391e45dcbe0a65c6f0fbb9b9477f8812bd604decd1ea60da066dcfdc6f80d5dfe060ba66af3b1238c9cf995f5acd96ea23299873ccef709064b42b2a2490acacaf2001c09f34dd664e543cfe72e5969c3122194c03a514c3a723be468258bbe2feabd3ea02a55bdbe452e373142bbdf2bd34568cba68c770536af48ca258d6c67d308c13c9ac4a1ca68ae877f323a06c9fb4324be5fb82aa09c65ca190cf810bf2c692d020e5ef2f8e35697f1c2585ee6c1ae311cfb7958b6634f7b66dfd86eae156f4e347dad13b69f796d4abbb2b645d71f79885211a3d9b0f76218311f0b9f64fd32a96b47cb895439c9160642fd621727b5d3b269f4e43037cf3c8638885eb007d78d0b18fd436734c12bfbc72c1ced342007ea095a3c176589ba4a6ba68c52be6b8f717204857eb27e68519753ef21f43b04c26ec1f3c1c000970130be610be30f1975ecfb4a32fcb027288ce23a8f31771f4769dff509e3e6189fab2e5b1211b24c1d7234983601b0955fed9689f5a26e585a09673e75648e90b16180324f2393bce97c3b3fea515d31029aafc76c1af9ceb7838f8496777e07fa4e86f60d061ee786ce4226f7e62ae41d7a696fb9379ad14300f4f728d355eb790a70a822b277a36360b71b7f400f0c75cce18e8a537e61d60efb3a28201bde10367a3d0c14cb14f307d6d19dcb96804f230600b023e245aa10325bb0c353bc4f65caa3e097d5941d63ae6d89b149059a815c9a64890494a771ad88973624ea0c543d7f12d8ed132d5723908d61bc2536010512f3c93e24f04816fdf73c81f4cf9c05fceb40bb720743363e624dee595d220b1c7f5e41230e0f9bca4117f3a62f1550842edcfd67b593d8efa095886e1120d6f45ff0eec0f22b129b6523d8a892addb9c959c1d52198d9604280b6a3b6a2003b2cbc65052b3e27286729d03964bdd5591d77824fd0c9df874c8665e9c615411a917a1c65948c308c452dc5e507fdb9a441cf7d7b536f0bf3a2560049897482653fd8b7e1e2fea65edcab80a2499d234b4875b80193677c953d8afaf5e182700658020d32add2da8633767d4a3786fe22279ed25f0a49d0925b248b52614ae4c8c5211a4d11d761a11bd051818de093f7209b2bd8241bb383d01f470d0acc29a048e9c613f34c120e497ef89ed3431906a003662a97cbbd17b37c0428847bcfe1d14a1147debfc277666317a6481e570cb1446eb5c3c0b42f30f1243ff7d4b323dc85ee4e7611fdfe0552a5fc2d9b7ad29b2cb706032f6b0815de39c2a4ff68d0d90c0a0dfc0db7167c438a26b6c28811f95cadfd64faf3cb57322c42c233e07e4d35e976c66ec82f268be7efe478fbf23cad9fde3cb7d6b3ec60361ae4e06658ff67b5031ce9e3f24aea3f0b60a177a65878138679a6b1a504f17f90ccf39a990df811a379cb5fc5fdb46b7999caf1d1d7b9f1859e91f449059625bf21dd1cfab5a04be7901999431f908243e2095466f4ec9b51831c4818951bc118de5bf87b9c5781493813ce5506d2dd2811716ff962959b154370ba2cea02e7fd9103a42509df28c0cb9af07923e9b8c91ee1260eeb4ea3531d18a69b127af3714f5ee7fe54428eb82cdd983ea2923fc4043aaca5516a562124e94b05d52014f85c3decaa0e2e0f060b859f4a7cddfd85bb645e3784e4c42a822f719e3a5b2820f8d7734f06de6edede5db697ddd76d8f34173b236c1c0b65d003fcc2397e11c901f1e840f24b99ae01ede18c0629ebc044c19a2fb2c03dd79bf64a2673008ef6ad60dda462be7e3fc4a0ce18cfd52be44ea24db7119048e26c5852ac4b629e328fdbe4834bf41e8512ce1d3a77ca7c2cbddb825eca321c9e579b0c3b9a1fd90cb7656e933eaccd7e4f2a7b25c416be0ab502a741f1545814b1b4a90ce000c7beab8178c8fc6fc749e81df7eda3684d1e839026cbc3db3e320a9c2c4b9daf3b191302aaeb30059bb52a7fbac26c63fc8151e2550799801ab3d3e061695dea9f4a912ddbf58e177d4a6e36f79484cebfe83c76438dad7558a6d1c99c52c7800582018b453081962ca2ea45a6d7025102713e50e325947493329e928ce78801166464e73b17a85b6b8276cd020114df7b3e647cc4836da9519dde6cf6f76b3feb8fbfad91733cbcce39e4530cc76afe2744b83672d60010bbe23ab86c264bfc17ed172f209becfa060e5135887937335282aa8ace2130ebd25b3de8820a9baee5600d233481c57f3538883b8e5626da2b39ae2f0bc60c5233472400cf7f1644a78afe4f9cb53a03f8d2e0117aa7c04c7a61889c525082edf466dadd67fc84c9286efc9f8adb6c0ec3cf4ba3df4cdb20f21e2267689ed7cc571fd1739850de2d7bdbdd4a5df15f1bca53c7a235673b3a12b0bb01273d8a2a2dc0ba2863e1976bcb50ebe09b4d6cd5352440c242c03b7f492363279a307f24e949bb91e1b852f5c351d0254e3867222dc01037d12f79c8c61b9f108c8d82ff7c8f6bc2d3d72229d8d77b5126d3b27cb05c237db773d469c5a7f41ee4165700e7506856f24622921e201c2b8579b56fef9940f14f49fdb88b4c0552528db8f85fd7114df7c2f748fc547392cbc06cca9ad3481f758834866e2a21a752e6410256d12ed3610257b4d0d89a8bd36e858a92f8e8f3199f544128f52d4b07ad4582e5642a33bdc5095e7e093c6d1f9e44a1730735f817dfc700f5e54a7efe540e88ad1a6a57df7a6bb52daa8391fba74ba54aa6494d985c669c3731dd858c4e45b7307b0870ae166802f9be3234c923ad527316deb1160649e48a4fe012ac5e28ab073fc06d0ee07077985d260d12ca361bda14c975544d1c4f771433252de8b882d500a071a12e19191257497a061ba5ff49eac6625757a6e111144dbfded3480b228226c0d07ef4d9ebc633394e66ac84a3d2950f2ef49825045c70ff5119ee49a28e2ccdd8d84a141df033406afae8237ad6a5134f0ca1728661d037163869be6779403f16e0c81f162ed7b31a8fa30f3c3b253b9acb007ef9880e0c62d37f406dccb05419649b6c2e3f244ee6f4a84c91369ab3acf5f85ce128930b8e508a17fcb1efb803b38eac6003087effc3d444c13655f8ae065496efdbd98f5807fa7fec6fa719cdafa10d273681793bc6513e8a108c82176f62e264815a85844b11a2b94ef346ae9acf715386ef6aed196dec7a52e3a0b9e9006396bbc48facea968e3aab8761c6327a972a545e91178c0383d69da3d6d9dc692ccace5870b89045d3c003132944eec37231fdf5e90c4ba87d2f634468800cfe3efd4eeecd6acd8b96cd5e6376c880ea5b76d482bf37b83c1b09b2c5fdfc52a01130bc00c0ceedf965b2e59978eb7135794a02b2f60ac8b41a1a8bf7f8b2ea498ec70a4cbcca72908b5fa4921882bd5e1e9e15b4948517436ed9adbdff9e171d27b9339277db9eec0724a2849175a33df5b054bb5ecbfa1a24ea45d06440373afdd682aa5b6540c62b16f00ab7fb06ba246f8966acfedd928c77d462c1b922f1c90355828826814937a3b4434a4721cee0eba1ef7924c9ec85a9ee460b26759bc5569d04edbffca21b06e5aac31a259f2e0d1a4cbf36f790e03484f820be2ccfb2c807d9ebe05d4433fede0d52ec42df62eafd03229466e3b8e99fb529308dd34dc1120fa24735f7afbdefd15248f184979b235b0197a1e965aa96d4b8c4e4d06170aafaafa7f03b121baa24662c156bb368793706db73ec43507948f0d09153468e98c191c952d3d79c414bc776a7c43555fb449a2277f6335df5b4c00c1ae2637b0f1505ae7460e5fc067b96d8e82c3b17ec74fc72c4c266dec9b6d49d1716c456808cd19635b8819d2b84e745", 0x1000, 0x20}], 0x20000, &(0x7f0000002300)={[{}, {'\x00'}], [{@euid_eq={'euid', 0x3d, 0xffffffffffffffff}}, {@uid_eq={'uid', 0x3d, 0xffffffffffffffff}}, {@uid_lt={'uid<', 0xee01}}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@func={'func', 0x3d, 'FILE_CHECK'}}, {@appraise_type}, {@smackfsfloor={'smackfsfloor', 0x3d, '\x00'}}, {@fowner_eq={'fowner', 0x3d, 0xffffffffffffffff}}, {@smackfshat={'smackfshat', 0x3d, '*/@&-'}}, {@appraise}]}) openat(r2, &(0x7f00000001c0)='./file1\x00', 0x20001, 0x6) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000200)="af", 0x1}], 0x1) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000040)={0x0, 0x4, 0x3, 0x4000006}) write$binfmt_aout(r1, &(0x7f0000003740)=ANY=[], 0x1920) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000040)={0x4838f, r1, 0x2}) r4 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) syz_open_dev$vcsn(&(0x7f0000000240), 0x4, 0x400) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r4, r5, 0x0, 0x100000001) 20:12:05 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 61) 20:12:05 executing program 2: ioctl$CDROM_TIMED_MEDIA_CHANGE(0xffffffffffffffff, 0x5396, &(0x7f0000000100)={0xffffffff, 0x1}) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) pidfd_getfd(0xffffffffffffffff, r0, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) fallocate(r1, 0x0, 0x0, 0x8800000) sendmsg$AUDIT_MAKE_EQUIV(r1, 0x0, 0x450745c43858c858) ioctl$EXT4_IOC_PRECACHE_EXTENTS(r0, 0x6612) signalfd(r0, &(0x7f00000000c0)={[0x5]}, 0x8) syz_open_dev$vcsa(&(0x7f0000000140), 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'wg2\x00'}) fsetxattr$security_capability(0xffffffffffffffff, &(0x7f0000000300), &(0x7f0000000340)=@v2={0x2000000, [{0x0, 0x5}, {0x6e1, 0x1}]}, 0x14, 0x3) bind$unix(r1, &(0x7f0000000380)=@abs={0x1, 0x0, 0x4e24}, 0x6e) fcntl$notify(0xffffffffffffffff, 0x402, 0x40) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0xfffffffc, 0x0, 0x4c2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_ASYNC_CANCEL={0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, {0x0, r2}}, 0x5) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)=ANY=[@ANYBLOB="ad7d000000001f5c47ab8d0184001a0004000200"], 0x14}}, 0x0) 20:12:05 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = getpgrp(0x0) r5 = pidfd_open(r4, 0x0) r6 = dup(r5) pidfd_send_signal(r6, 0x0, &(0x7f0000000000), 0x0) ioctl$TCSETAF(r6, 0x5408, &(0x7f0000000100)={0x2, 0xa410, 0x3, 0x9, 0x9, "7b4d337dce25b5a0"}) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xa00}, 0x0, 0x2, 0xffffffffffffffff, 0x2) io_uring_enter(0xffffffffffffffff, 0x2e73, 0x1b3, 0x2, &(0x7f0000000080)={[0x1f]}, 0x8) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 20:12:05 executing program 6: openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x2d3043, 0x1f1) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='auxv\x00') pread64(r0, 0x0, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup2(0xffffffffffffffff, 0xffffffffffffffff) setsockopt$inet6_tcp_int(r1, 0x6, 0x2, &(0x7f0000000080)=0x90, 0x4) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000002ec0), 0x4) r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000300)={@in={{0x2, 0x4e23, @local}}, 0x0, 0x0, 0x4e, 0x0, "15bb6949bc674ed64133723aa6453b9d292123bebbcd37c509750000002c01e266166394afb8d0aca105da30931d140a11973acb9dcc0d8da3a4f6f42444a1948f422c8d8d2d8bba069588783e32b713"}, 0xd8) socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$IP_VS_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x481, &(0x7f0000000100), &(0x7f0000000140)=0xc) write$binfmt_elf64(r2, &(0x7f0000000700)=ANY=[@ANYBLOB="7f454c3205092697c5514d5a913ad9caf64609f80601fcffffffffffffff03000300480000003c02000000000000400000000000000093030000000600000000010000003800020000000900000151e574640a000000020000000000000000000000000000001b0000000000000000000000010000000900000000005fc5b709a34a409500007e5ed67bbc952dd0f056d568d7673f38e6741c6c0a7dd87cf2212de9d3f823bfc05251e01e2d28dddbf78fb12f39f4cc3279709ca5934efb466a5180c512b82ae05acaea06fdcaff4d9ae99a91541bd70ee0df9af2f849c38aee3b5e5425fe2a52542e4d4088b95bf27a3f32db934b2a21bd0d4399d2a083bf99d77c0a7bc6980c5936281954eb2a59acae0997f9d77a14f221ffe7b858864e9a2bca90f88055e54ffef1de9bc98f674aa2257e45825abfe213d5507a8df45f3ee61bc863f7eafaf2b3a284919db4a191b8857d55f162724f2f694e057dfb1027f2460b90be7b03373d18561ec5a6a739ee43b0bb957abc67c1b7b4fa2614b6f16691f9"], 0x95) setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000440)={@in={{0x2, 0x4e21, @multicast2}}, 0x0, 0x0, 0x30, 0x0, "7f9720aa60a3e89ee7f08b02240212c597ed7843b8a08b2a0d571875878b4df84f7d4fa4915109075eaabcb7ab9935f5a1ddbc3b65b3e074053ad8decf9e91023630670c2482b59640c44afa4d61a1dd"}, 0xd8) r4 = syz_open_dev$hidraw(&(0x7f0000000040), 0x4, 0x44200) ioctl$FS_IOC_FSSETXATTR(r4, 0x401c5820, &(0x7f0000000180)={0x7f, 0x1, 0x700a, 0x7fff, 0x7}) sendmsg$inet6(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000001c0)="cf", 0xfffffdef}], 0x1}, 0x10044001) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffdffffffffffff, 0xffffffffffffffff, 0x0) recvfrom$inet6(r1, &(0x7f0000001e00)=""/4096, 0x1000, 0xcd08, 0x0, 0x0) 20:12:05 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0x0, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) [ 1918.847807] FAULT_INJECTION: forcing a failure. [ 1918.847807] name failslab, interval 1, probability 0, space 0, times 0 [ 1918.850090] CPU: 1 PID: 13854 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1918.851540] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1918.853201] Call Trace: [ 1918.853785] dump_stack+0x107/0x167 [ 1918.854562] should_fail.cold+0x5/0xa [ 1918.855363] ? create_object.isra.0+0x3a/0xa20 [ 1918.856324] should_failslab+0x5/0x20 [ 1918.857136] kmem_cache_alloc+0x5b/0x310 [ 1918.857982] create_object.isra.0+0x3a/0xa20 [ 1918.858927] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1918.859990] __kmalloc+0x16e/0x390 [ 1918.860753] io_setup_async_rw+0x180/0x580 [ 1918.861623] ? iov_iter_restore+0x195/0x3a0 [ 1918.862543] io_read+0x775/0x11e0 [ 1918.863283] ? kiocb_done+0xc90/0xc90 [ 1918.864125] ? stack_trace_consume_entry+0x160/0x160 [ 1918.865180] ? lock_acquire+0x197/0x470 [ 1918.866030] ? __lock_acquire+0xbb1/0x5b00 [ 1918.866909] io_issue_sqe+0x2e12/0x7660 [ 1918.867760] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1918.868836] ? SOFTIRQ_verbose+0x10/0x10 [ 1918.869692] ? lock_chain_count+0x20/0x20 [ 1918.870582] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1918.871669] ? io_connect+0x610/0x610 [ 1918.872469] ? lock_acquire+0x197/0x470 [ 1918.873303] ? find_held_lock+0x2c/0x110 [ 1918.874170] ? __fget_files+0x26d/0x4c0 [ 1918.875017] ? lock_downgrade+0x6d0/0x6d0 [ 1918.875897] __io_queue_sqe+0x90/0x9d0 [ 1918.876732] ? io_issue_sqe+0x7660/0x7660 [ 1918.877602] ? io_prep_rw+0x7f5/0x1050 [ 1918.878447] io_submit_sqes+0x4461/0x85c0 [ 1918.879343] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1918.880397] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1918.881397] ? lock_downgrade+0x6d0/0x6d0 [ 1918.882264] ? find_held_lock+0x2c/0x110 [ 1918.883130] ? io_submit_sqes+0x85c0/0x85c0 [ 1918.884040] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1918.885068] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1918.886160] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1918.887318] ? trace_hardirqs_on+0x5b/0x180 [ 1918.888231] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1918.889386] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1918.890485] do_syscall_64+0x33/0x40 [ 1918.891272] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1918.892340] RIP: 0033:0x7fe40cf96b19 [ 1918.893125] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1918.896904] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1918.898503] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1918.899980] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1918.901457] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1918.902935] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1918.904404] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 20:12:22 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 58) 20:12:22 executing program 6: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/consoles\x00', 0x0, 0x0) r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f0000000240)=0x6) ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r2) r3 = clone3(&(0x7f0000000000)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) execveat(0xffffffffffffffff, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1100) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) r4 = dup2(r2, r0) mknodat$loop(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0, 0x1) clone3(&(0x7f00000016c0)={0xb94d200, &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600), {0x14}, &(0x7f0000000640)=""/18, 0x12, &(0x7f0000000680)=""/4096, &(0x7f0000001680)=[0x0, r3, r3, 0x0, r3, 0x0, 0x0], 0x7}, 0x58) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000300)={0x7, &(0x7f00000002c0)=[{0x0, 0x4, 0x80, 0x2}, {0x40, 0x3, 0x9, 0xf3}, {0x4, 0x4, 0x9, 0x4}, {0x100, 0x7, 0x5, 0x7}, {0x800, 0x40, 0xd, 0xf32d}, {0xfff8, 0x3, 0x9, 0x7}, {0x9a00, 0x4, 0xff, 0x46fb}]}, 0x10) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x4, 0x110, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000400)=@IORING_OP_WRITE={0x17, 0x1, 0x2000, @fd_index=0xa, 0x44e, &(0x7f0000000340)="c8b63e72edf9ad0bf6af703333083230c7b95c4b2bc3c7da6b50668adf99b7ddd47c9e8e5eb63b82ac5d3dcf63dd15672ac9f617c5b7e449448b93fa065daf6968c92656fbbda4b7772bbf941ce45a03ba8780dfd42e34352d60cdca628a80f44a0244209546d05a510a0596aaa455b3d842f64490ca3ac97d308c01e412543425e8d94cfa0f0c1c70f2a3d27327e044a1", 0x91, 0x3}, 0x10000) mount$cgroup2(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000480), 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="8857bf039be57bcd787565c4a91cef350cdc1751ec7fd882581cc9cc9f81f8293ffc448e951399cbe8c1aff726d3fc64bcd4227e539f44cb2970918d0d79cd439054adb7f886c9447ee0df1933d57844df0781ac62fc8cd2e7b29f"]) stat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0xffffffffffffffff, r6, 0x0) llistxattr(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) 20:12:22 executing program 4: syz_emit_ethernet(0xc8, &(0x7f0000000000)={@random="26d3b07dfdbb", @local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x3e, 0xba, 0x0, 0x0, 0x0, 0x6, 0x0, @private=0xa010101, @private=0xa010102}, {0x0, 0x0, 0xa6, 0x0, @opaque="f89aea3f7cfab5cf3b113cab7311afbf80fe4395423681c1eaef972046ad4663a38cde940484438381cddd72d0023ae0a9ccd475e5c18443c8af68ad0dc491c16c7d41f6765938fece4cbeea8f6a98c20377e878fa5cf718ac29754b7742a246d29160c60877969a4b4fd30c942337d18f971e5b776b01377a94b0a7f953ad62e21a23c961131ce0c3ebf7ae1627c792437c47539b9f7f0768d6f27df3ce"}}}}}, 0x0) syz_emit_ethernet(0x5a, &(0x7f0000000100)={@random="5c13d95f8392", @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1f}, @val={@void, {0x8100, 0x4, 0x1}}, {@canfd={0xd, {{0x1, 0x1}, 0x19, 0x0, 0x0, 0x0, "4022f82c3384e37f557bd9304dfc8dd31ab2e1c5965226c802d4228df20b33f2bd580c80e4e04460515113b85b657930611158e60332ae763df9fdab15bc292f"}}}}, &(0x7f0000000180)={0x0, 0x1, [0x602, 0x6d4, 0x307, 0xb0b]}) 20:12:22 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x0, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:12:22 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x4}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 20:12:22 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 62) 20:12:22 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) ftruncate(r0, 0x1000003) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000)={0x0, 0x0, 0x5}) r1 = openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x911802, 0x140) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0) unlinkat(0xffffffffffffffff, &(0x7f0000000640)='./file0\x00', 0x0) r3 = openat$hpet(0xffffffffffffff9c, 0x0, 0x80000, 0x0) r4 = signalfd(r0, &(0x7f0000000180)={[0x80]}, 0x8) ioctl$AUTOFS_DEV_IOCTL_VERSION(r4, 0xc0189371, &(0x7f0000001680)=ANY=[@ANYBLOB="010000a08e7fa99889bfd53c3df87a000000000263ef09495be3c65f2b1333975b00b7b7e13f020000006ee27b33f90e6704310a804ff23e8a86b92157cd8e13cba761d386cc8eab48ad19a7264921678fd36186bbdb05deb694c40cb39385040705ab8e016ff16180655b2437a147d0baf84ce1ebbcaaaa771f4d44e4bbde60187f77d972ce45f866ab89fad0057bddf2a7002ea80c2d55928c7c800300f8624bfcfdedbd341959376e5bb45a75318b97d8c54a40f3e0f285520d77d358b49c42d55fb38313992100df763a9943338ecfdfecad1e28732e2ca7adc705b189a58f863028328606000000000000000319517adeef5e1bdb03795129182f222318bb10820d98b9e191a9b4ef0aeb8331ea3f988c280be0450f404e82e8b17faa068234389171c66389cbe43321217488c2de6ab099714cf26b77652e736d73b158c70abef39a442c51dcce4ce517b4793709be17bd3641ab74afaea8ef4112229d75435328f762a4c7ed5c38919f5615d194bd48c3620e1002ba887e3b2abffe400f2ffd9ae925faca97df66de891154be154af3dd9c2cd60f1e75ee48c903265cde427b1453cfc40b6e632eef810465566d0c560e46aecb50a74ec5b5b5916f06d46f77f7378cfef4aa5be32c1808eafab519b2693ceb53616ecde90939dc6c88bb90f0122f01ff7f252e74430000000000000000000000000000000000e3e483a9b9ce9eddb73ba94adbca311fd66ae6067954ce712d072056925e37e7d84356d8de657971dbffff0d3d39a4a43488c4a912a61c11d3ec5fb1cbbfda98ed87abbd0572e49d9f2119bb4c854c66c5096bdb6435a1874e22000000", @ANYRES32, @ANYBLOB="f91730991a37cca1ba7d22e314c2545c6bed2cf07501604b78dd992e93ce0078df5f719aee7ba70f05661724c9ce233b4f92fcc0176bdda6870d8000e4e8bd2defdac8597094c026a5249a3a8ee31dd5931e633e02fe6be4f0b46ef852665e46b951e418cf329fd1a8f53b2ae8311843e4dcbeba253e904cf12968db7217aff3672ffd39c6ecbf2c2a3e667b510e6b19de57be8e928a050330586d9781515b76ff204ca1dc009b6b7944b142c7e4dd9e732a6f2a148cdb5d228ab29d069310884f086816e308140f312fcfcf5f78876f9fdb19bac5810c55fd6c4469f30c8fc51bd76a908e8b0f18d03e87eab5d308c48bdcd0580a948774407a67820e71dc5b8cc0fa9047a8a221a320c9f91a4208eb192454ee05a978d16c842b7270a6742972426718cd1d5f31cf8b03ca1b4d6ec981cfb256c4771b74a1acb298e1d6a91ba6120385d7b6790fdfb98d98a5ff0cd8d3a265d1fe21a34c8dbbef32157514cda2ac34ff84a8dd0ab6f5e7cba423ea0802e859672a568282a1b86d34fff1b6403352d0913cff238398484de49a78e90fe8ef47ae021e4707882944125e811a706f6e03836e7ed6f460b8700c4622a90c5273f7fb731c485680eb50dcb5ba16164c5011ad55920a9004c7817d7ca14f0a0dcbf635cf5fe59987633eb8dcb8bc6b1b7319e1cf2170386643c96730790c4c064c0ef6ecfeb81e784584c53db69a033eac472fef1773f6f4178bcabec304f6865623be96242b1726a85b22746d95e8a95bf9eb50e81df66c5a98b2e7552bd2890925ae2f10c225edbcde0611d7ff3d2c45cf8957d709671ff09cb36b853514667ce1d9c86c4950b302d66bed9ca3a0b171981a660500"/630]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r2, 0xd000943d, &(0x7f0000000680)={0x9, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}], 0x8, "900449a9dd3999"}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000200)) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f000000aa40)={0x0, 0x0, "c009b39830e4109622d7a29d0bd42e6d365c8384f665a2104b6faaa5427626b93311e77f0de4211e1217bc355a5246327eb7ba126bf7e4adb45535a4d9757c77f555e42c9254e9f9089be590271f821f5f6b632da2dabf1d6e618629da57a34a33f5e913338e628f32d84f60dbb9f94b70f1828e7d652bb2443c02901738d15cd72d14288f0d47dfe96e49988d0402f96628f97be361723e018daf71ab695fa4726664c00ec9aa53b8c092760da4cd088f03fad6504eceb8949dc35abc6c9f51916777bc38aa3669fb220546dbd1024eb87da205b46ec35180a8fcb898160855b5044023da75f2b1f285c1462a8afa95492a14be3f42052ff535612d226506a0", "7374bf600a2dbb0a10a4446998c60bc654676f080ecee8672b9b990319e9f34b4c45be9b1cbb8fbe1f4541599e2a8deeedad6067575d671432b4ba4028542704ab850b2cd326bd5a16431e3e06cbefba068d34f999e863befaed31fe2f898bdfe4043148f4d1cc27af274cc202dd9cd92b1891ba85c4048baa5cf0aa7a3d5dbef19adb89a7123a5c5cf1f42650df4c63aa25c0c5f606a072b8c1910206999409a39439cacd824f129adb4177e14f533050e77cfd6b9e760c12899b047feb4c8e5b746e5570db48fc8fafeccf98bad6d99a585091b403666ded97ce43cdf6dd1791052bc149861ea2585dfb28b538cc9fe6ffc5e07182615951fd668085ed124af574a07e3495491f19b1aa2a3b69028ccacd78524d988b224ab17ed905da0b840b4a9939e2af6efdf4221126075a8964d904883db014031e0924681a4ef3795071b256b75002a7df298c87c565b1d8a331e7d0c1000e1d707100917dfe107f87ebea9dca1b708b01cacf1c9f348c0d0fd64aa64193637c7169264d06f613c41be60f39b0cc9d813ae5fca2222832f86f2ae87e883efd48df36d16e6c1ca5c378f6ff0fbace91eb3099d744b16171fcc1ab7d5456392f0878ecf27e8caad7386663de490c3044eed7e7cb83e675716eda0cc09f219aadddd814c88048a7c6cefe69a79f2f7a234cfffbf19ac7a9f6ef59faf2776ac3d636904ec1bda09b1c9d8caeafa918983215d866f5cb6f1088e7e99a43425913d258a3dc8550fcbca3e0bec47503e24d709dd1fd1bb3cd92837d10387a0eebb98aab27950a2a66dc0b9bad3e4ef6393036d64949931ffe6479073790b3b885ac8563d4018e9227d644864c17f048daefbb192d15b56a2a440ad6d4ef5af2ac9904d8b69c64d2368928d7595594e6c3fd23229cb6aa80ec308301b1c94777900d34b1b3eea03dca765036a3f5351551affb585f22541074380b60ca062bf8a8a2324fe61ecad5733aec51e0c5ddc648280556b8a038b5816947b1637ef598cfd134cf9833d875fd23d22f5f74e74a4634d50a3ac908eed128f4297924296d95361b9504c08df4a0603eff93ee34bd45ed12e8d06b8f399fefef4ced732aad15b70f3e276101fa4b5a5c17435d0999b3345ccfe853c955e8b7927c7a171506b8e5b4de8a68cb5e80c3709a0e15643b5772d82d04859133e09fa8ab81ac042e67bc918f2847af14a4eb77c3fcac3132ec1af5a57d85acb9ce91d9d15019904396737ade63df938e6f054f8ee21e8994d45b0801ccd8ae8bda90128cb05eddd297d800412bc01fc5cfdfa9d473641fffc793b513da3f7565a27c4ff3678ac6f71560cc6cc95fb4d20f85b7934cb4a4f614182d331ab53b6a09ff47fc272b6c1f5aaca477bfdfed3fac942d639773b7a5656c526eb595d6fa9d301c425947f37088447cb4400c37750b76eb6c1f7933e43b27224c2fdc053e55125d00ab11428af674f58bd5c3ea1ce4762856afccbd37dd59a5e726f2e5e770bcc8372304fc2a33611234e3b0d411fcae8691e621b64581dc32b3d97c02920877b2c995018dcfff2da8687bc64332cffc3d355931561dc799d169f61d121f242dd3605e3fef8a46bf73998202d6a87671719896c61d729006104bdb7e926020f28260c75c2c754e5f073097d7031567e62cbfcbff541702cdaf498bbfe01e2948e6e164271ca4ab4df68a1569d29d3ce7029c0b58d2a1e6d179fa817ec9df17195c8b83a7a7508f18f0e3d07e8871f331d7a151bc11301c7dce402e6a5fda6f3096df2ddfeb48b3991e055c55d2a071ed66bf378e5c451f849cdbd7951cacad16d6b5734b71db866e77086bfab1797942633ec688d78bb2fccaae2b0e796b852b278bd4a4648d0811293e1bfe68e30b42eb27ac0a4e435e086b4cfeeb9fa539f0d800b6108e4c7b9d7237746770a3f3477646b7c9bfd2bc111679d40bffe221be492ba984df6cd4d7d8f9cbf7185e79804416be68d8a2bfa28e5bec4b57bf5f08eeecafabccd55744e49bb4a7dd1324908d91762b9884e7268d0bb6290be3b51091ae6ccf2ebbd4945dd7913bd38509a00ce38d955909bfa1f3740fc123a12e15b853b59b9b691460afdcda150d39e566a83eaa0c3b7bac9819bdbc7e0a620206be87ff2f8ea8091dbffa014d2f2eb919040a434cdeb3db68adf845d2ba751dc0e1ce4afd8672a5ecf0653b8c672c3265aa236a174185f4b4a291bda664bb79c13f8b6932a831385773898d194d2500b38fbfff8c4acafa5a80dfd3f1f906132885446f9f7ad787dbbdab593661ab1c255df879eaf4ca739deaa11379a5c6b650472257fa54b646b29ceb3dbe27e3584914f9f766bbbcc67abeffebb0df881a42b8671bba930b04d1d7710cc15d546ee69ad40e66f04eb28af8bd17b739e68ad75a239303fb97b18f8f08d2f95bdae0f245ebdfc3ecf555a6fd53f5a35af8b2dd016b227d209fc8323a7576e66a9913a0ad4f19d30d2b6f25ac8b5b6c762e2c68c76f9bd7818adbb3c9b194c09471482ec6898754469076b8674ab9e26b5977a0fa693160f18a01d2f2c362186ff75c205cec261d9e6c431ee672e4056b7e458ef02dca1167d09de5977210461758ed506290477a63c5af0698a1f4edf3bc569692bc9febd5fd641860dd34a6926af47ae7bdd3cce59a5b24b6944075e30ec2f2dbd043ebc57a39eaa5559bc4f21f08198e0daa2e8506b21160c8f9b629ad0e80d5e99e5cf4c4ceefb8d9fe5493ebcb066a647269fef2146f1ed55dac66974446e650e49db26ceb24c16c24885a2d2d011d11ec52d5b7a9c8096314d1dc7c992a1dee70be2fc0cc2d9fc94b0d02d479f6f4bfd3fa20df42568e27c0cea6caa1028d5dfbe6a9657053c06132387f9abfbaf93d9b335b69b168bf7fdaa0a44981dadc3358b50f1b24d390f8858d6775fa838388ff8a69b02bf446028485ba9e0c15731288c186b3cdf2fbc088f13f50e5eecc9b3a058d1369b7a254f11aa81a5fabd862bfd5226ce26e0199ef241badd55ba0d6087e9eb1661111a6afef1caf2bd54832bb5a3e8b864c8af220a8a115746c1646e78471ba2edb7c63fcff7f6be047a5f740525fbe5e259beee146dc2a609d3fd576e826ee1e4fce8ccbf75aa713514bda04ed4086cdd11a770cbe5782bca23f5f3ad8682609d5c5d4e5ca4e117d7423740b41081c6945b446223bb435c6ae2314552b7bf53a8b2c8a7a2a961d17315e0f7a660624b119c89ae81d2214b03cd79bc3eb355bf06811d7186b1f0a7219dd8d4096cb0df940719279357b853bc7c5bcf645aa65c12227859ce0851953fcefa6051f2a31e3666abde9ef1ece3eba658de696edf5d87a7d562dfe1f6bb9ac5e6773bc9069c732683715868cf14825345fb60665982549b9bb7c5b7d934ed0c4d136fa089f8459d473bf1ee678cf88c26f4f5ac681aa6dbe6ef78c26e7a3649ae0574f550f9fc64e8caa14586cbc43d8ec72a3170fc4f6c78fdbd40332c1f35adfc04be68a067f2c03325d624e21fa0e1fa6ea879caa84665bedefcd19759872824a0053a110af2b6099d8ea572b0c81cea39147bb2dca0eaefd4be8c3b59b98c27049f04ae5f3652ade0e1561238296d17979581b93d0ee26464fb5675b968cbc397558207fb1d5365f73994c0c8f2bcae0164e74d602a4856355b214af58b6357b2505779260ec73929eb4fe1047bbc2a125ff6c88718d2b8b8fb9c0d1cb1760748ffc5e4998dbaf8fad99df26b2eaf99bce2541d287b243d7b9cf0ecb25588d14c6228a6cb5413f48e3d07817d258c45ca0ab3494ca5b59f87abdf38e439b4a31d60d9474a52e465f36dd0cd56f00d4e5e563bfc6421b40a7522eb71894a698c19510fa7dc690b6b3f782d88e61ca635d5efd4c9c1725dbf24e0c8e246a2dc979e4750de8347687038f0441858bdf5a06bcba827d8d1327601943ca9fd004c121034fa6e1c8b9eff5da764961f5700eab97380e99b37f302239b528b36f5c9bbebaff25edae48fbe59dd272099af5c695a19b62f64485ba01ae8416c02f04360be933b8ba8a49c6c1188a78c3d36d0c61f61b4002bfeb669e29bbcb306f573528a749b085500c7649aea469fca867da4ca9eaecc75a70f41baeb80bf803402a9066dc1e8243192b78533e0ad590e14fd2bf2ce3ac943ade1fcefd247406785ee387d18e9afe8845481748fbadf4d081e01ecce50ef1fc5b457fa296b833d77390764e2af12f7930c6334476dc4cf45d9f272e364336810c11318bd0a95233005d66fe81a5708ae5fad8c7db17e6d97d2340651f7aa7a36e132a77a7a6206b36a95ccb5a48cb19bd3bb886ff0e77bc76653912149ca85895c4f80c373cbbd4305a91213e8ec5b7b18d8587d723c18f02854556aaaa540935eab2b7470a7c1c40c7e843ac1221a51e92eb05af2342fea7c853a46182c8384612aadb40145b95de565140003468eaca74b38bdf4dc640d0af80c3dd81747652c5fe15ffff8965a150a4ca6a9d9c91d067b4fac49b23cd2041dfdab22126c97d812b67ed638cc65d75d836bf439807cd7cd3cd0e6b30c81983e3f45a00282a14d401d81ac7c5544510dc7d157eeaa18b09df5ec949a22d7342b5b720b2a47251e995410f9b35d90824c1b19beb8575c9efe2aaa2a2011790a1099a924c01ca835fb7cc561eb2310a5331d4d9c4a9ee03a5f1364c17a7f4511c0c1b929c630cc110696f9e94b4107d0b75338fda2c5e0b8d46d19b98071e328f57debd56b4a0a9009913ac41518a08e6fa533edf20db0dc5eff43cd3ead623fc826ac03925490537d6b6a47f27031faa17f9852a3cb72d2088f33d35846a40758e60dab4b3980d032adc3e4faa61ff8aaea6b08bc9705cf097701e9af550fa43ec06c0ae2257927eebcbbbf4a05ad8097597943d6aed8a950ba32bc0d19827539019397e2fffa5f7379ffd7ec266f0c1cd947aab0c9e73c2796bd4c32fa0a0effbc84570efdebd3ac1eb57cc89cdbed91ed43a64cccfeba427a017a07d84acc850a45e2f26639598ed061ea81b60fb1873983591d446129ba8b27a4aef3311292017e3cbc00533824888ef80ef1a85c86a370dc11694d2f455e04ceb8811afa53aac77c65b38703d18167aedcc077c988dd9832ee1999a82c8752b921bceae484c19cee6828eef373c979b5c3f208080c8dcb38c53e384bebed6c41c3b9d6958bd2b952d82d17b262dbf30f90ab5c5d197ccee9f6b6525928b0100ffdeace644e159500495ff5a0ea7df7b9ab63617e3879818e25341e97d839beefdf248222cadd61a5d76b1ff34704bb78656afef7994904da269f973598217edc3be93157185aa15ef225f6471d7786a5e28d0f145b96566e101bf46723486867b9aa90f9eb4d1f5612d4950160c1504a367daf984"}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f0000001300)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005cb80)={0xfffffffffffffffd, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r10}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}], 0x7f, "9656c75f04ba4d"}) lseek(r2, 0x0, 0x2) r11 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0) openat(r3, &(0x7f0000000140)='./file0\x00', 0x480c1, 0x186) ioctl$HIDIOCGUSAGE(r4, 0xc018480b, &(0x7f00000001c0)={0x2, 0x2, 0x3, 0x10000, 0x2, 0x6}) copy_file_range(r11, 0x0, r2, 0x0, 0x200f5ef, 0x0) [ 1935.061470] FAULT_INJECTION: forcing a failure. [ 1935.061470] name failslab, interval 1, probability 0, space 0, times 0 [ 1935.064098] CPU: 1 PID: 13875 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1935.065514] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1935.067206] Call Trace: [ 1935.067774] dump_stack+0x107/0x167 [ 1935.068549] should_fail.cold+0x5/0xa [ 1935.069351] ? create_object.isra.0+0x3a/0xa20 [ 1935.070305] should_failslab+0x5/0x20 [ 1935.071116] kmem_cache_alloc+0x5b/0x310 [ 1935.071956] ? mark_held_locks+0x9e/0xe0 [ 1935.072798] create_object.isra.0+0x3a/0xa20 [ 1935.073709] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1935.074768] kmem_cache_alloc_bulk+0x168/0x320 [ 1935.075695] io_submit_sqes+0x6f76/0x85c0 [ 1935.076585] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1935.077611] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1935.078620] ? lock_downgrade+0x6d0/0x6d0 [ 1935.079472] ? find_held_lock+0x2c/0x110 [ 1935.080320] ? io_submit_sqes+0x85c0/0x85c0 [ 1935.081220] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1935.082215] ? wait_for_completion_io+0x270/0x270 [ 1935.083218] ? rcu_read_lock_any_held+0x75/0xa0 [ 1935.084175] ? vfs_write+0x354/0xa70 [ 1935.084949] ? fput_many+0x2f/0x1a0 [ 1935.085705] ? ksys_write+0x1a9/0x260 [ 1935.086505] ? __ia32_sys_read+0xb0/0xb0 [ 1935.087356] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1935.088437] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1935.089503] do_syscall_64+0x33/0x40 [ 1935.090277] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1935.091325] RIP: 0033:0x7fcf4787bb19 [ 1935.092105] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1935.095865] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1935.097423] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1935.098878] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1935.100326] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1935.101775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1935.103239] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 [ 1935.126397] FAULT_INJECTION: forcing a failure. [ 1935.126397] name failslab, interval 1, probability 0, space 0, times 0 [ 1935.127530] cgroup2: Unknown parameter 'ˆW¿›å{ÍxueÄ©ï5 ÜQìØ‚XÉÌŸø)?üDŽ•™ËèÁ¯÷&Óüd¼Ô"~SŸDË)p‘yÍCT­·ø†ÉD~àß3ÕxD߬büŒÒ粟' [ 1935.128765] CPU: 1 PID: 13884 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1935.128786] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1935.128796] Call Trace: [ 1935.128833] dump_stack+0x107/0x167 [ 1935.128874] should_fail.cold+0x5/0xa [ 1935.128914] ? io_setup_async_rw+0x180/0x580 [ 1935.128951] should_failslab+0x5/0x20 [ 1935.128982] __kmalloc+0x72/0x390 [ 1935.129029] io_setup_async_rw+0x180/0x580 [ 1935.139616] ? iov_iter_restore+0x195/0x3a0 [ 1935.140515] io_read+0x775/0x11e0 [ 1935.141258] ? kiocb_done+0xc90/0xc90 [ 1935.142081] ? stack_trace_consume_entry+0x160/0x160 [ 1935.143143] ? lock_acquire+0x197/0x470 [ 1935.143975] ? __lock_acquire+0xbb1/0x5b00 [ 1935.144855] io_issue_sqe+0x2e12/0x7660 [ 1935.145688] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1935.146779] ? SOFTIRQ_verbose+0x10/0x10 [ 1935.147626] ? lock_chain_count+0x20/0x20 [ 1935.148504] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1935.149586] ? io_connect+0x610/0x610 [ 1935.150383] ? lock_acquire+0x197/0x470 [ 1935.151215] ? find_held_lock+0x2c/0x110 [ 1935.152061] ? __fget_files+0x26d/0x4c0 [ 1935.152892] ? lock_downgrade+0x6d0/0x6d0 [ 1935.153756] __io_queue_sqe+0x90/0x9d0 [ 1935.154589] ? io_issue_sqe+0x7660/0x7660 [ 1935.155450] ? io_prep_rw+0x7f5/0x1050 [ 1935.156267] io_submit_sqes+0x4461/0x85c0 [ 1935.157163] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1935.158184] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1935.159188] ? lock_downgrade+0x6d0/0x6d0 [ 1935.160037] ? find_held_lock+0x2c/0x110 [ 1935.160880] ? io_submit_sqes+0x85c0/0x85c0 [ 1935.161782] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1935.162781] ? wait_for_completion_io+0x270/0x270 [ 1935.163781] ? rcu_read_lock_any_held+0x75/0xa0 [ 1935.164738] ? vfs_write+0x354/0xa70 [ 1935.165515] ? fput_many+0x2f/0x1a0 [ 1935.166269] ? ksys_write+0x1a9/0x260 [ 1935.167071] ? __ia32_sys_read+0xb0/0xb0 [ 1935.167921] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1935.169013] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1935.170076] do_syscall_64+0x33/0x40 [ 1935.170859] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1935.171904] RIP: 0033:0x7fe40cf96b19 [ 1935.172681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1935.176404] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1935.177960] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1935.179441] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1935.180901] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1935.182353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1935.183835] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 [ 1935.189080] cgroup2: Unknown parameter 'ˆW¿›å{ÍxueÄ©ï5 ÜQìØ‚XÉÌŸø)?üDŽ•™ËèÁ¯÷&Óüd¼Ô"~SŸDË)p‘yÍCT­·ø†ÉD~àß3ÕxD߬büŒÒ粟' 20:12:22 executing program 3: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x26600, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) readv(0xffffffffffffffff, &(0x7f0000000280)=[{0x0}], 0x1) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0) sendmsg$nl_xfrm(r1, &(0x7f0000001700)={&(0x7f0000001600)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000016c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="400000001f0020002cbd0000000000000001000004d20a0061002d245ec72ab9e0ba00000000000000000300"/64], 0x40}, 0x1, 0x0, 0x0, 0x80}, 0x4000040) sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f0000002dc0)={&(0x7f00000007c0)=ANY=[@ANYBLOB="840100001000010000000000000004000a010100000000000000000000000000fe800000000000000000de7e61d33f3d9b9d02b210dde4000000aa00"/75, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000001010000000032000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff7f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00040000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a008001800fd00000028001a00e0000001000000000000000000000000ac1414bb0000000000000000000000000a0008800c000f000000000000000000"], 0x184}}, 0x0) sendmsg$DEVLINK_CMD_SB_GET(r1, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="425b52ee81368fcbc5ba1c2285c55336e616917a96d4720a0a9add5c971dbdc94c4560931e89a14e8f9447b2b4ae73f0f94058ec45d6ef7242dd345c0ddd2ba5f4f908db0aae86c3391a0091737b41f03b8a4259372118576143ad9f0ce7abbf1aefd60c20211ddbf3e3540a3b412e005fa59afb877794f5b6a6a68b", @ANYRES16=0x0, @ANYBLOB="00022dbd7000fedbdf250b000000080001007063690011000200303030303a30303a31302e300000000008000b000100696d0000000f0002006e6574646576736d6d30000008000b0080000000080001007063690011000200303030303a30303a31302e300000000008000b00aeffffff"], 0x84}}, 0x24000091) statfs(&(0x7f0000000000)='./file0\x00', &(0x7f0000000180)=""/48) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r2, &(0x7f0000000440)={0x60000019}) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140), r2) sendmsg$TIPC_CMD_GET_NETID(r1, &(0x7f0000000480)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x1c, r3, 0x4, 0x70bd25, 0x25dfd9ff, {}, ["", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000001}, 0x8000) pidfd_send_signal(0xffffffffffffffff, 0x0, &(0x7f0000000000), 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)={0x2c, r5, 0x5, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r6}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x16c1}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x6}]]}, 0x2c}}, 0x0) sendmsg$NL80211_CMD_STOP_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x40, 0x0, 0x10, 0x70bd2c, 0x25dfdbff, {{}, {@val={0x8, 0x3, r6}, @val={0xc, 0x99, {0x4, 0x27}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x67}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x49}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x4) creat(&(0x7f0000000040)='./file0\x00', 0x0) write$P9_RREADLINK(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="1000000017010007002e2f664169"], 0x10) 20:12:22 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x0, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:12:22 executing program 4: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f0000011500)="ed41000000080000d9f4655fdaf4655fdaf4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000000280)=ANY=[]) chroot(&(0x7f0000000180)='./file0\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) umount2(&(0x7f0000000140)='./file0\x00', 0x0) r0 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000003c40)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) write$tcp_mem(r0, 0x0, 0x0) ftruncate(0xffffffffffffffff, 0xffff) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'wg1\x00'}) r1 = syz_io_uring_setup(0x44ae, &(0x7f0000000100), &(0x7f0000000000/0x12000)=nil, &(0x7f000000f000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000000)=0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, 0xffffffffffffffff, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000003c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x5, 0x0, 0x0, 0x0, &(0x7f0000000380), 0x1, 0x1, 0x1, {0x0, r4}}, 0x5) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="04000000000300005d2f664b6c653000"]) mmap$IORING_OFF_SQ_RING(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x2, 0x12, r5, 0x0) syz_io_uring_submit(0x0, r3, &(0x7f0000000180)=@IORING_OP_POLL_ADD, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f00000000c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x2, 0x0, @fd, 0xffffffffffff0001, 0x0, 0x2, 0x3}, 0x57) openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x82) [ 1935.240183] netlink: 148 bytes leftover after parsing attributes in process `syz-executor.3'. 20:12:22 executing program 1: r0 = syz_io_uring_setup(0x5772, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x200a02, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1935.322519] netlink: 148 bytes leftover after parsing attributes in process `syz-executor.3'. 20:12:22 executing program 6: setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ftruncate(r0, 0x1000003) ioctl$AUTOFS_DEV_IOCTL_FAIL(r0, 0xc0189377, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r1, {0x3}}, './file0/file0\x00'}) r2 = dup2(r0, r1) sendmsg$NL80211_CMD_AUTHENTICATE(r0, &(0x7f0000001200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000011c0)={&(0x7f0000001140)={0x58, 0x0, 0x100, 0x70bd26, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x3, 0x1e}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @key_params=[@NL80211_ATTR_KEY_DEFAULT={0x4}, @NL80211_ATTR_KEY_DEFAULT={0x4}], @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x4}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x800}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}], @NL80211_ATTR_SSID={0x4}]}, 0x58}, 0x1, 0x0, 0x0, 0xd0}, 0x8000) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000)) fsetxattr$security_capability(r0, &(0x7f0000000040), &(0x7f0000000080)=@v2, 0x14, 0x0) r3 = syz_open_dev$vcsa(&(0x7f0000000140), 0x80000001, 0x212801) pread64(0xffffffffffffffff, &(0x7f0000000140)=""/4096, 0x1000, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00') pread64(r2, &(0x7f0000001e00)=""/4082, 0xff2, 0x0) ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(0xffffffffffffffff, 0x80089419, 0x0) fcntl$notify(0xffffffffffffffff, 0x402, 0x10) lseek(r3, 0x10001, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_script(r1, &(0x7f0000000300)={'#! ', './file0', [], 0xd}, 0xb) [ 1935.357059] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue [ 1935.372046] EXT4-fs (loop4): re-mounted. Opts: (null) 20:12:22 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x100000e, 0x13, r0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$F2FS_IOC_FLUSH_DEVICE(r0, 0x4008f50a, &(0x7f00000003c0)={0xffff0000, 0x7}) sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000380)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f00000001c0)=ANY=[@ANYBLOB="040100000906030000000000000000000000000614000780060005404e20000008000b407fffffff0900020073797a3000000000680008800c00078006001d4001ff0000100007800c001b400000000000000006180007801400170076657468305f746f5f627269646765000a8307000c001940fffffffffffffffb100007800900120073797a3100000000100007800c0018400000000000000000680008800c0007800500150006000000100007800000018000000240fc020000000000000000000000000000100007800900120073797a32000000001c0007801800018014000240fe8800000000000000000000000001010c00078008000b4000005372100007800c001b400000000000000070"], 0x104}, 0x1, 0x0, 0x0, 0x8110}, 0x20044041) r3 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8914, &(0x7f0000000140)={'lo\x00'}) ioctl$INCFS_IOC_PERMIT_FILL(r3, 0x40046721, &(0x7f00000000c0)={r4}) ioctl$BTRFS_IOC_DEFRAG_RANGE(r2, 0x40309410, &(0x7f0000000000)={0x8, 0x401, 0x2, 0xdd9, 0x0, [0x4, 0x5, 0x1000, 0x8]}) syz_io_uring_setup(0x6bc1, &(0x7f0000000100), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000180), &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r5, &(0x7f0000000180)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0) 20:12:22 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x0, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:12:22 executing program 3: openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = getpgrp(0x0) r1 = pidfd_open(r0, 0x0) r2 = dup(r1) pidfd_send_signal(r2, 0x0, &(0x7f0000000000), 0x0) r3 = getpgrp(0x0) r4 = pidfd_open(r3, 0x0) r5 = dup(r4) pidfd_send_signal(r5, 0x0, &(0x7f0000000000), 0x0) r6 = getpgrp(0x0) r7 = pidfd_open(r6, 0x0) r8 = dup(r7) getsockopt$inet_IP_XFRM_POLICY(r8, 0x0, 0x11, &(0x7f0000000140)={{{@in6, @in=@remote}}, {{@in6=@private1}, 0x0, @in=@initdev}}, 0x0) openat(0xffffffffffffffff, 0x0, 0x488000, 0x4e) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r9 = socket$inet6_udplite(0xa, 0x2, 0x88) open(&(0x7f0000000100)='./file0\x00', 0x480, 0x1ae) sendmmsg$inet6(r9, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) sendmsg$inet6(r9, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) creat(&(0x7f0000000040)='./file0\x00', 0x0) 20:12:22 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 59) 20:12:22 executing program 6: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000200), r1) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000700000008000500ffffff0004000400ac141400"], 0x24}}, 0x0) 20:12:22 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 63) [ 1935.815659] FAULT_INJECTION: forcing a failure. [ 1935.815659] name failslab, interval 1, probability 0, space 0, times 0 [ 1935.818230] CPU: 0 PID: 13924 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1935.819145] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.6'. [ 1935.819569] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1935.819589] Call Trace: [ 1935.823524] dump_stack+0x107/0x167 [ 1935.824226] should_fail.cold+0x5/0xa [ 1935.824949] ? create_object.isra.0+0x3a/0xa20 [ 1935.825813] should_failslab+0x5/0x20 [ 1935.826545] kmem_cache_alloc+0x5b/0x310 [ 1935.827324] ? mark_held_locks+0x9e/0xe0 [ 1935.828105] create_object.isra.0+0x3a/0xa20 [ 1935.828948] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1935.829935] kmem_cache_alloc_bulk+0x168/0x320 [ 1935.830841] io_submit_sqes+0x6f76/0x85c0 [ 1935.831683] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1935.832645] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1935.833569] ? lock_downgrade+0x6d0/0x6d0 [ 1935.834348] ? find_held_lock+0x2c/0x110 [ 1935.835131] ? io_submit_sqes+0x85c0/0x85c0 [ 1935.835954] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1935.836860] ? wait_for_completion_io+0x270/0x270 [ 1935.837782] ? rcu_read_lock_any_held+0x75/0xa0 [ 1935.838692] ? vfs_write+0x354/0xa70 [ 1935.839416] ? fput_many+0x2f/0x1a0 [ 1935.840110] ? ksys_write+0x1a9/0x260 [ 1935.840836] ? __ia32_sys_read+0xb0/0xb0 [ 1935.841614] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1935.842636] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1935.843638] do_syscall_64+0x33/0x40 [ 1935.844369] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1935.845356] RIP: 0033:0x7fcf4787bb19 [ 1935.846083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1935.849583] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1935.851063] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1935.852429] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1935.853783] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1935.855127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1935.856475] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 [ 1935.868652] FAULT_INJECTION: forcing a failure. [ 1935.868652] name failslab, interval 1, probability 0, space 0, times 0 [ 1935.871067] CPU: 0 PID: 13925 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1935.872305] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1935.873799] Call Trace: [ 1935.874281] dump_stack+0x107/0x167 [ 1935.874942] should_fail.cold+0x5/0xa [ 1935.875618] ? create_object.isra.0+0x3a/0xa20 [ 1935.876420] should_failslab+0x5/0x20 [ 1935.877094] kmem_cache_alloc+0x5b/0x310 [ 1935.877809] ? mark_held_locks+0x9e/0xe0 [ 1935.878538] create_object.isra.0+0x3a/0xa20 [ 1935.879320] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1935.880258] kmem_cache_alloc_bulk+0x168/0x320 [ 1935.881089] io_submit_sqes+0x6f76/0x85c0 [ 1935.881891] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1935.882815] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1935.883706] ? lock_downgrade+0x6d0/0x6d0 [ 1935.884463] ? find_held_lock+0x2c/0x110 [ 1935.885220] ? io_submit_sqes+0x85c0/0x85c0 [ 1935.886031] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1935.886953] ? wait_for_completion_io+0x270/0x270 [ 1935.887840] ? rcu_read_lock_any_held+0x75/0xa0 [ 1935.888695] ? vfs_write+0x354/0xa70 [ 1935.889383] ? fput_many+0x2f/0x1a0 [ 1935.890046] ? ksys_write+0x1a9/0x260 [ 1935.890753] ? __ia32_sys_read+0xb0/0xb0 [ 1935.891504] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1935.892483] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1935.893438] do_syscall_64+0x33/0x40 [ 1935.894127] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1935.895080] RIP: 0033:0x7fe40cf96b19 [ 1935.895765] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1935.899178] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1935.900582] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1935.901896] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1935.903223] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1935.904530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1935.905847] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 [ 1935.922905] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.6'. 20:12:43 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 60) 20:12:43 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendto(0xffffffffffffffff, &(0x7f0000000180), 0x0, 0x0, &(0x7f0000000200)=@l2tp={0x2, 0x0, @multicast1, 0x1}, 0x80) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, 0x0, 0x0) signalfd(0xffffffffffffffff, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000080)=0x29eb, 0x4) getsockopt$sock_buf(r1, 0x1, 0x1a, &(0x7f00000000c0)=""/212, &(0x7f0000000000)=0xd4) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x20040000) 20:12:43 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 64) 20:12:43 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x14, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}}, 0x14}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:12:43 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 20:12:43 executing program 2: ioctl$BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f00000000c0)={0x0, 0x0, [0x5, 0x7]}) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r1 = getegid() fchownat(r0, &(0x7f0000000040)='./file0\x00', 0xee00, r1, 0x1000) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000000900)=[{{&(0x7f0000000140), 0x6e, 0x0, 0x0, &(0x7f0000000300)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa8}}, {{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f00000003c0)=""/124, 0x7c}, {&(0x7f0000000440)=""/32, 0x20}, {&(0x7f0000000480)=""/88, 0x58}, {0x0}, {&(0x7f0000000540)=""/238, 0xee}, {&(0x7f0000000640)}, {&(0x7f0000000680)=""/174, 0xae}, {&(0x7f0000000740)=""/91, 0x5b}], 0x8, &(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000006000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="006d000020000100000000000000000eeaffffff8ca4f46756751be0c3075422d6dfab302e877711cd0a79e99d494cf084063e7c02293374e97bb784781aaf89a8c4e3fa19070b7f22cbbefb779a4db939c5cafa555541b3ef850d52cc086139a964c0228b5dfd5b66a9d2e718ab4623b3cd45c35a860a102e", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001800000000000000010000000100", @ANYRES32, @ANYRES32], 0xb8}}], 0x2, 0x2120, &(0x7f0000001980)) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='rpc_pipefs\x00', 0x0, 0x0) socket$nl_audit(0x10, 0x3, 0x9) lstat(&(0x7f0000000a40)='./file0\x00', &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchown(0xffffffffffffffff, 0x0, r2) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) umount2(&(0x7f0000000080)='./file0\x00', 0xb) 20:12:43 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, 0x0) creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000340), 0x1}, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000001780), 0xffffffffffffffff) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000000140)={'wpan0\x00', 0x0}) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000040), r4) sendmsg$NL802154_CMD_GET_WPAN_PHY(r2, &(0x7f0000001840)={0x0, 0x0, &(0x7f0000001800)={&(0x7f00000017c0)={0x24, r3, 0x19, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x24}}, 0x0) sendmsg$NL802154_CMD_NEW_SEC_DEV(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000880)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="000426bd7000fddbdf251a0000000c00060002000000020000002000238005000500010000000c0004000200aaaaaaaaaaaa050005000000000008000300", @ANYRES32=0x0, @ANYBLOB="2fa2bcae9b5f6e207db09ea198ee88a76f6ed9fd6299de87e55b993110fad2a9ed3abd89e0c417b89cfbe4997c919881c9fdd4e08ffc78eb5ad4c2b9c0458abd11282bb96c0cad6f63769f09e63048914f069029a9b0eb765f9e1189049f952245ed3b79ca32a66dc862e99f19d486676d62e1b0c15ea848c4a6e7c7f2466930fb2f4a69156a69fb611c92c8ae6613acabe899c8bb2d5ac4964598bebe2a5b51d3d1e6f0c89d8a1590ed8ddaded9dc0e1a8858c60ef17c41a99a88c9b6a7c95fa9a441cd18aeb76d0d1ffecfd74b2cc78b1a81a2ed186dc37d23ffdcd6f286e74eb7b15b106fe89b88d00973b575b9acd4356f25a53d9cc852a66351b366b44266924110fa952408b6ee70d7ceb9fe1d18953912629f4395e54f7be9c0168328666ada5e9113709baa3812e191b8882bde3425ec759f919874051977522ca98040f745d19e0940fe9512a2563a849f14dab8d126275c68e28aaf302246892f3a3d2b4b4bd0775890790212c7841d14de89b413a5e8ee584cf4e55c28fcda013c7d3938f9819d27f5c2f01f34a897508a6ea486ec1df2ed4b89a507ee42c55f25894c32dab84abaefb3e4f40bbda6c60b704e"], 0x48}, 0x1, 0x0, 0x0, 0x4048800}, 0x0) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_SECLEVEL(r6, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="a20000005953d813d6f03c981b1ef4319847388497e20b96b7ed269ebdbd19855db12cf564c26a7200edfe954f6da70c4e62a60212f7648f9b1550bf215b84e24146c3359b28390b7c856c7f3ddd2c3e69a9ab12a0493d46d1393a8f012e8f0842111408191afc6ed132b9bc22745e165fdcca08f967dd35a00b6364c15c3e22b36d9ca60723248c9e9a1a057c4eb1a7b5fa282edad91f7808355b57d77bad1f832648b6d26608f6db46ec634bc056ef6949a7999f71927eda3787e7973d4065497169c82748b0c254149c55ce3b992b8f35b08588aa5ec09ff49702abf1ea0ba6e727b8eba0aee0f4bcfaef3e64e4833564552c7aa62473a3ab2492e3b1700a", @ANYRES16=r1, @ANYBLOB="000325bd7000fedbdf2531000000050036000000000002000000013bc0860000000500340008000000050035007f0000000500350060000000"], 0x3c}, 0x1, 0x0, 0x0, 0x8040}, 0x4000014) syz_genetlink_get_family_id$netlbl_unlabel(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wpan3\x00'}) sendmsg$NL802154_CMD_SET_LBT_MODE(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000380)={&(0x7f0000000440)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16, @ANYBLOB="05001300000000000c00060003000000030000"], 0x54}, 0x1, 0x0, 0x0, 0x40000}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000500)={'wpan4\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r2, &(0x7f0000000480)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x240050}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, 0x0, 0x20, 0x70bd2c, 0x25dfdbff, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x28001}, 0xbc0a0ab040551056) sendmsg$NL802154_CMD_SET_MAX_FRAME_RETRIES(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000005c0)={&(0x7f0000000540)={0x60, 0x0, 0x400, 0x70bd27, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0x7}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x4}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0x1}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}]}, 0x60}, 0x1, 0x0, 0x0, 0x80}, 0x81) 20:12:43 executing program 6: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0xce06, 0x4, 0x0, 0x371}) r1 = socket$inet(0x2, 0xa, 0x0) move_pages(0x0, 0x3, &(0x7f0000000280)=[&(0x7f0000ff4000/0x3000)=nil, &(0x7f0000ff5000/0x4000)=nil, &(0x7f0000ff1000/0x1000)=nil], &(0x7f0000000100)=[0x1f, 0x3, 0x80000000, 0x4, 0x4, 0xf794, 0x4, 0x8000], 0xffffffffffffffff, 0x4) r2 = open(&(0x7f0000000080)='./file0\x00', 0x4a4300, 0x140) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040), 0x0) ioctl$sock_inet_SIOCGIFNETMASK(0xffffffffffffffff, 0x8914, &(0x7f0000000340)={'ip_vti0\x00', {0x2, 0x0, @empty}}) socket$inet_udp(0x2, 0x2, 0x0) r3 = syz_open_dev$evdev(&(0x7f0000000040), 0x1, 0x0) ioctl$EVIOCSKEYCODE_V2(r3, 0x80284504, &(0x7f00000000c0)={0x0, 0x1, 0x0, 0x0, "6f2e8bf8f28c10c2fc24068d2e1d58f18740aee1b7d6f2603661a6ee93cbe3b6"}) r4 = syz_open_dev$evdev(&(0x7f0000000040), 0x1, 0x0) syz_io_uring_setup(0x58d9, &(0x7f00000002c0)={0x0, 0xf6c4, 0x2c, 0x0, 0x5f, 0x0, r2}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000fee000/0xf000)=nil, &(0x7f0000000140), &(0x7f0000000240)) ioctl$EVIOCSKEYCODE_V2(r4, 0x80284504, &(0x7f00000000c0)={0x0, 0x1, 0x0, 0x0, "6f2e8bf8f28c10c2fc24068d2e1d58f18740aee1b7d6f2603661a6ee93cbe3b6"}) sendfile(r2, r4, 0x0, 0x4) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000180)=0x1) fcntl$getown(0xffffffffffffffff, 0x9) dup3(r1, r0, 0x0) [ 1956.923050] FAULT_INJECTION: forcing a failure. [ 1956.923050] name failslab, interval 1, probability 0, space 0, times 0 [ 1956.925073] CPU: 1 PID: 13933 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1956.925954] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1956.927012] Call Trace: [ 1956.927366] dump_stack+0x107/0x167 [ 1956.927846] should_fail.cold+0x5/0xa [ 1956.928353] ? io_setup_async_rw+0x180/0x580 [ 1956.928921] should_failslab+0x5/0x20 [ 1956.929415] __kmalloc+0x72/0x390 [ 1956.929871] io_setup_async_rw+0x180/0x580 [ 1956.930410] ? iov_iter_restore+0x195/0x3a0 [ 1956.931035] io_read+0x775/0x11e0 [ 1956.931532] ? kiocb_done+0xc90/0xc90 [ 1956.932108] ? stack_trace_consume_entry+0x160/0x160 [ 1956.932828] ? lock_acquire+0x197/0x470 [ 1956.933384] ? __lock_acquire+0xbb1/0x5b00 [ 1956.933941] io_issue_sqe+0x2e12/0x7660 [ 1956.934507] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1956.935242] ? SOFTIRQ_verbose+0x10/0x10 [ 1956.935830] ? lock_chain_count+0x20/0x20 [ 1956.936400] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1956.937147] ? io_connect+0x610/0x610 [ 1956.937706] ? lock_acquire+0x197/0x470 [ 1956.938227] ? find_held_lock+0x2c/0x110 [ 1956.938781] ? __fget_files+0x26d/0x4c0 [ 1956.939363] ? lock_downgrade+0x6d0/0x6d0 [ 1956.939967] __io_queue_sqe+0x90/0x9d0 [ 1956.940541] ? io_issue_sqe+0x7660/0x7660 [ 1956.941151] ? io_prep_rw+0x7f5/0x1050 [ 1956.941717] io_submit_sqes+0x4461/0x85c0 [ 1956.942329] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1956.943058] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1956.943754] ? lock_downgrade+0x6d0/0x6d0 [ 1956.944348] ? find_held_lock+0x2c/0x110 [ 1956.944948] ? io_submit_sqes+0x85c0/0x85c0 [ 1956.945583] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1956.946280] ? wait_for_completion_io+0x270/0x270 [ 1956.946990] ? rcu_read_lock_any_held+0x75/0xa0 [ 1956.947653] ? vfs_write+0x354/0xa70 [ 1956.948197] ? fput_many+0x2f/0x1a0 [ 1956.948723] ? ksys_write+0x1a9/0x260 [ 1956.949274] ? __ia32_sys_read+0xb0/0xb0 [ 1956.949867] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1956.950615] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1956.951368] do_syscall_64+0x33/0x40 [ 1956.951912] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1956.952464] FAULT_INJECTION: forcing a failure. [ 1956.952464] name failslab, interval 1, probability 0, space 0, times 0 [ 1956.952641] RIP: 0033:0x7fcf4787bb19 [ 1956.952678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1956.958096] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1956.959182] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1956.960185] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1956.961186] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1956.962187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1956.963204] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 [ 1956.964253] CPU: 0 PID: 13945 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1956.965716] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1956.967439] Call Trace: [ 1956.968010] dump_stack+0x107/0x167 [ 1956.968788] should_fail.cold+0x5/0xa [ 1956.969602] ? io_setup_async_rw+0x180/0x580 [ 1956.970532] should_failslab+0x5/0x20 [ 1956.971339] __kmalloc+0x72/0x390 [ 1956.972086] io_setup_async_rw+0x180/0x580 [ 1956.972973] ? iov_iter_restore+0x195/0x3a0 [ 1956.973885] io_read+0x775/0x11e0 [ 1956.974640] ? kiocb_done+0xc90/0xc90 [ 1956.975495] ? stack_trace_consume_entry+0x160/0x160 [ 1956.976574] ? lock_acquire+0x197/0x470 [ 1956.977422] ? __lock_acquire+0xbb1/0x5b00 [ 1956.978321] io_issue_sqe+0x2e12/0x7660 [ 1956.979181] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1956.980274] ? SOFTIRQ_verbose+0x10/0x10 [ 1956.981129] ? lock_chain_count+0x20/0x20 [ 1956.982008] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1956.983108] ? io_connect+0x610/0x610 [ 1956.983936] ? lock_acquire+0x197/0x470 [ 1956.984768] ? find_held_lock+0x2c/0x110 [ 1956.985639] ? __fget_files+0x26d/0x4c0 [ 1956.986486] ? lock_downgrade+0x6d0/0x6d0 [ 1956.987379] __io_queue_sqe+0x90/0x9d0 [ 1956.988218] ? io_issue_sqe+0x7660/0x7660 [ 1956.989085] ? io_prep_rw+0x7f5/0x1050 [ 1956.989919] io_submit_sqes+0x4461/0x85c0 [ 1956.990851] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1956.991889] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1956.992899] ? lock_downgrade+0x6d0/0x6d0 [ 1956.993761] ? find_held_lock+0x2c/0x110 [ 1956.994617] ? io_submit_sqes+0x85c0/0x85c0 [ 1956.995561] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1956.996570] ? wait_for_completion_io+0x270/0x270 [ 1956.997578] ? rcu_read_lock_any_held+0x75/0xa0 [ 1956.998553] ? vfs_write+0x354/0xa70 [ 1956.999346] ? fput_many+0x2f/0x1a0 [ 1957.000113] ? ksys_write+0x1a9/0x260 [ 1957.000912] ? __ia32_sys_read+0xb0/0xb0 [ 1957.001770] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1957.002872] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1957.003949] do_syscall_64+0x33/0x40 [ 1957.004736] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1957.005798] RIP: 0033:0x7fe40cf96b19 [ 1957.006584] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1957.010381] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1957.011967] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1957.013433] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1957.014918] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1957.016388] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1957.017857] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 20:12:44 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer, 0x0) close(0xffffffffffffffff) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 20:12:44 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 61) 20:12:44 executing program 4: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000300), 0x90101, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x5, 0x0, 0x5e, 0x2486, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$cgroup(0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f00000001c0)={[{@subsystem='freezer'}]}) preadv(0xffffffffffffffff, &(0x7f00000002c0), 0x4a, 0x61bf, 0x2) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140), 0x40001, 0x0) fsmount(r0, 0x1, 0x71) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000840)={&(0x7f0000000700)=ANY=[@ANYBLOB="40010000340002002dbd7000fbdbdf250500000008006f000000000064d186a42745ffd27883624a860309d996e04f8c8ff374f9a660d44e6df26ee3d9c2087b6c66ca2e0626971c18001e8014007e0000000000000000000000000000000000a52bb7a82ed58abed310bd83fc15f6a1f609b0d233c3264f5b55a7576971448c1a6c3c0b57ab446aff58c9a1d2971cdd4a6212f220ffa2eeeaa258b14d320007"], 0x140}, 0x1, 0x0, 0x0, 0x800}, 0x4) mount(&(0x7f00000000c0)=@filename='./file0\x00', &(0x7f0000000180)='./file1\x00', &(0x7f0000000200)='autofs\x00', 0x0, &(0x7f0000000240)='.\x00') stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000280), 0xc, &(0x7f0000000540)={&(0x7f0000000340)=ANY=[@ANYBLOB="f80000003b00000125bd7000ffdbdf259b00000034001f800c008f00001000000000000008000900", @ANYRES32, @ANYBLOB="08006000da0a00000c006000000000000000000008000500a94e00003e7129f03b598d56b5ba2aa5edd8b00b909c8a31f2b4669efcc8d68938e7a0dcf89422358c423da4c49d527799a31648482e231287ad20896bb6489d98ab949cbe8960854f11e48ac31a28db2dc22c7ff05c9571a1ea5025e5010001e91f9b4aef7d9b07c6b12d97843ec67b0a27861d53f16fec51b8f16a7ee269d8a4a45c78fbce63021a33a2b57dce7700d897eb222919332ee2bb02dba25cf26fb04e571f9b7f87513447e6612e44e71977f85e4146cf292557aa01"], 0xf8}}, 0x4008040) 20:12:44 executing program 2: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) socket$inet6_udp(0xa, 0x2, 0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) inotify_rm_watch(r0, r1) dup3(r2, r0, 0x0) [ 1957.200219] FAULT_INJECTION: forcing a failure. [ 1957.200219] name failslab, interval 1, probability 0, space 0, times 0 [ 1957.202005] CPU: 1 PID: 13960 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1957.202827] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1957.203771] Call Trace: [ 1957.204080] dump_stack+0x107/0x167 [ 1957.204488] should_fail.cold+0x5/0xa [ 1957.204916] ? create_object.isra.0+0x3a/0xa20 [ 1957.205421] should_failslab+0x5/0x20 [ 1957.205842] kmem_cache_alloc+0x5b/0x310 [ 1957.206298] create_object.isra.0+0x3a/0xa20 [ 1957.206810] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1957.207375] __kmalloc+0x16e/0x390 [ 1957.207781] io_setup_async_rw+0x180/0x580 [ 1957.208249] ? iov_iter_restore+0x195/0x3a0 [ 1957.208725] io_read+0x775/0x11e0 [ 1957.209125] ? kiocb_done+0xc90/0xc90 [ 1957.209575] ? stack_trace_consume_entry+0x160/0x160 [ 1957.210145] ? lock_acquire+0x197/0x470 [ 1957.210647] ? __lock_acquire+0xbb1/0x5b00 [ 1957.211203] io_issue_sqe+0x2e12/0x7660 [ 1957.211713] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1957.212377] ? SOFTIRQ_verbose+0x10/0x10 [ 1957.212889] ? lock_chain_count+0x20/0x20 [ 1957.213425] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1957.214090] ? io_connect+0x610/0x610 [ 1957.214542] ? lock_acquire+0x197/0x470 [ 1957.215055] ? find_held_lock+0x2c/0x110 [ 1957.215532] ? __fget_files+0x26d/0x4c0 [ 1957.216042] ? lock_downgrade+0x6d0/0x6d0 [ 1957.216529] __io_queue_sqe+0x90/0x9d0 [ 1957.217034] ? io_issue_sqe+0x7660/0x7660 [ 1957.217557] ? io_prep_rw+0x7f5/0x1050 [ 1957.218056] io_submit_sqes+0x4461/0x85c0 [ 1957.218611] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1957.219243] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1957.219855] ? lock_downgrade+0x6d0/0x6d0 [ 1957.220374] ? find_held_lock+0x2c/0x110 [ 1957.220895] ? io_submit_sqes+0x85c0/0x85c0 [ 1957.221457] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1957.222051] ? wait_for_completion_io+0x270/0x270 [ 1957.222666] ? rcu_read_lock_any_held+0x75/0xa0 [ 1957.223269] ? vfs_write+0x354/0xa70 [ 1957.223744] ? fput_many+0x2f/0x1a0 [ 1957.224218] ? ksys_write+0x1a9/0x260 [ 1957.224703] ? __ia32_sys_read+0xb0/0xb0 [ 1957.225214] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1957.225879] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1957.226525] do_syscall_64+0x33/0x40 [ 1957.227000] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1957.227630] RIP: 0033:0x7fcf4787bb19 [ 1957.228085] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1957.230379] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1957.230402] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1957.230416] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1957.230445] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1957.230458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1957.230471] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 20:12:59 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 62) 20:12:59 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x14, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}}, 0x14}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:12:59 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = syz_io_uring_setup(0x12ed, &(0x7f0000000240)={0x0, 0x6825, 0x20, 0x1, 0x1b6, 0x0, r0}, &(0x7f0000ffa000/0x6000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), &(0x7f0000000100)=0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_WRITE={0x17, 0x3, 0x2000, @fd_index=0x8, 0x8000, &(0x7f0000000340)="9f6b8d734dbb3b873a4ee52703209a11be311f84c935c44b9b43c288176460fe6af94871672125d9ecd4748fded08c39baf9d94ff33bdce025585256bbf65298ffa0d2ae6542734b8d327e6ef2bec7ab76561f46810e5c2e56af77b0ef7718478078be50d23ff38aa0c3cabf6e8bd6b59458a646e17290d4c0", 0x79, 0x17, 0x1, {0x0, r5}}, 0x7) r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r6}, 0x0) close(r6) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000340)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r7, 0x0, 0x0, 0x0) syz_io_uring_submit(r7, r8, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, 0x0}, 0x0) r9 = getpgrp(0x0) r10 = pidfd_open(r9, 0x0) dup(r10) r11 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r8, &(0x7f00000003c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x5002, @fd=r10, 0x3, 0x0, 0x0, 0x18, 0x1, {0x1, r11}}, 0x2) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 20:12:59 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 65) 20:12:59 executing program 2: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600", 0x0, 0x401}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) mq_open(0x0, 0x3, 0x0, 0x0) pread64(0xffffffffffffffff, &(0x7f0000000200)=""/230, 0xe6, 0x2) r1 = socket$inet(0x2, 0xa, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000340)=ANY=[@ANYBLOB="0100004001fb0000180000007c0e08ad", @ANYRES32=r1, @ANYBLOB="02000000000000002e2f66696c653000"]) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f0000000300)={'wg2\x00'}) r3 = syz_open_dev$mouse(&(0x7f0000000380), 0x80000001, 0x0) ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f0000000400)={'bridge0\x00'}) ioctl$FS_IOC_RESVSP(r3, 0x40305828, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="300000001800210c000000000000000002000000080000000000000014000100fc020000400000000000000000000000759892d4bb01"], 0x30}}, 0x0) ioctl$VT_GETMODE(r5, 0x5601, &(0x7f0000000100)) dup3(0xffffffffffffffff, r0, 0x80000) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x1868}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup3(r1, r0, 0x0) 20:12:59 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000080)='mnt/encrypted_dir\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = getpgrp(0x0) r1 = pidfd_open(r0, 0x0) r2 = dup(r1) pidfd_send_signal(r2, 0x0, &(0x7f0000000000), 0x0) mkdirat(r2, &(0x7f0000000000)='./file0/file0\x00', 0x2) syz_mount_image$nfs4(0x0, &(0x7f00000010c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000004c0)='mnt/encrypted_dir\x00', 0x0) rename(&(0x7f0000000180)='mnt/encrypted_dir\x00', &(0x7f0000000040)='./file0/file0\x00') 20:12:59 executing program 3: ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x840, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) flock(0xffffffffffffffff, 0xa) setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000140)=0x7f, 0x4) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c) sendmsg$inet(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x2, 0x4e23, @multicast1}, 0xfe54, 0x0}, 0x4401c) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$inet6(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000bc0)='+', 0x1fc0}], 0x1}, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000014c0)={{{@in6=@mcast2, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x11, 0x0, 0xee00}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, 0x0, 0x0, 0x1}, {{@in=@rand_addr=0x64010101, 0x4d3, 0x32}, 0x0, @in=@empty, 0x0, 0x0, 0x0, 0xb3}}, 0xe8) connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_SENDMSG={0x9, 0x3, 0x0, r1, 0x0, &(0x7f0000000380)={&(0x7f00000001c0)=@ll={0x11, 0x1c, 0x0, 0x1, 0x2, 0x6, @random="c10d38a9e8d6"}, 0x80, &(0x7f0000000340)=[{&(0x7f00000003c0)="4343e8bc9f12b431b2e86fac59775bf73367da86faba826ab1b5fe9d8ae6f91db1ae0c30e516d5b0ab8523310a482f8c5daced1aebba582f8e426c8db1c8e804252a3979076d366159b22674ca62d74c132153812963e97fb9c20ae24049176580b61d8928ca5bf0a40c657fa18195d733a7196a777c7a2e55698762b0093c466a7cb71878cf77d31edf54ca49b0e0c35a01f831", 0x94}, {&(0x7f0000000300)="70352b2455aed5ebb402b659c8694210e8ae947ab4b9481be79086ca0bfd28a96dd5ea18739f7a7bd7c4d6167e88f025", 0x30}], 0x2, &(0x7f00000015c0)=[{0x1010, 0x1, 0x8, "b2257e7d04efbfe27d3ab686b98b3ec43fa7ba68d0af9c6fcb4170399214342669939eecb417e3657ddffb8b8c7671c6373874a869a0c3e431d7249b5ba5495663b0027d58e1ad6b08afbc59f34619eb2d76de8d80906ffe350caf4ddeccbb0032e6d51d6384bd12633d3c0bc74c494bd548f226f4160a32957d6eb14d59c6b1e49d3d0dfdd68d85286b1c95a326188df3e1d62af8bb2967f864829f8ee452e2185be53dd36d84c9984a6b13163dc30b4c237c7934839c2addc012d172a7bdc70a904d62e7d8373e61ccd85f3dfb6a542735c8b83fa98cb50e6b2e4f973a9ab7231e7a0d596d46e1900e8631dbbc76dab70b8b7c9d4afb042694bfaf39bc8541a9d11580b0be770e02866369bfa8dc0cbfe08bdb0ec42eabe92548cf3c00cfddaaf92f0d1f653cd7303fe840f19bc5124e060e047f5924c1d9384ed84154356ecd5e82d48da2ebf58d4fb885fec3430fba1fe9cead0fc68e99ecfa079368eb7311e8fe4f93caf45f1a86574c4720f87296866648311d57f730247feb77a97e25d2806316afe9ea1324c0e073a5344bb9fbe39e2425576d9f4a74f7903a3f269c618a3b73e55d97c1ffd240bd9733efbc9a965586580678d21176727936d15ae2cd14ae86a5f36bdddadca11540465729c6f64c3bc022cfa5d4c32e08cb9afe6893503444d83de8a5088c5e66640d3e3fd6507c4dcf67a6efc967b90056471c961efbf4471cb0fe2cb70f036c08b1177c7510ab9c7a6a40e1bfb88401f3a5a2106ff051c106331adc80d4d94a8695c93820bae1dda19a19f5204c2778c6bca6c23bf873e4ee97cdc33b540f12ae58d3bd5ef22c7acb5824bde4a0bd25a9f231f534399dedbd6cf144c84f73b393d22c2b1bcb51ceff2f3abfa18bc0e9607b46610535731b5f1482d4d62cb00c61e870b55e4628cdb772cd1beb495b3c18ef8bae69fe60f605d2c3754f06cdead6542b53134017bb04545ccdceaf1f1f8a533421a270b4b80a1619dc104d823ac57f1d302ac03aa39db025015b498def6f07f73cc6030449114ea8f810f159d22ee427f249697b2c0002a4e0098a2bed4ab6f0569abc8e4fbb53303f39357bcf3e1a5268ba9a7529cab8dadcedc9e07613c678220dc2739374b2a8a2ad9818c2fc5ef9c94537a9906b93e82948af237185214ced569bc83b4be87baa04a77d02343d965ecec674102ee99bf458fb0349cf34997c8e7473dd394266274348097dcd85fef1d6c014abb2ec17da69101fafb462b0d7244ad870343b076bff89cbb184258e94671439f27584d65c0d2504f16096573d13e01bb56fa2685b6aa3ce59ff5bff45ce52cd0e06cb605c61490d6153c2c73c3c118fab86f8b4765425fb663f82c5caa809b9e5d6620d4a019038f9e443a5efb08ed6ea8c87c44ac13bbc3323bac0f31f652829a17eeef26c088193125581897d84dd608998c4a4b34a48c3203a728bedf042e756342641b5abaeb1a099fd207c69211a1c3696b5b88fdf21bc6bef3f1859fd34b544577d66dca0e45cfbc68c1a797c82ce5338f0b5a715887fc360233ed3e997a2f2d74512bda7d44a51d4b559c30e90c02d1652035c680cfae7b10e8d3a11ed47792426e0c749fc2270966ee227821bdeccc998af435aa6457e9bd09105287a0a4e3127b82601926e2be8c98cdaf8288a424811b01d38b3493454b530405ae60d945f4dfb28c9774b3151337f6b408b7af71029acd5fca1347fede2078de08fdac0b75501140f5ce286e4cbff1b2419fa5837e477b19c99e254f90335d85b8d5c5aa2af931c78d522ae692af1805b2dfb64f43df83af358e73da994c99540e1b4e6659253d269d216545c15fca1a94dfd7011368f37e57331bdc927e0b70cbecb4237f1fe457e4e28b4a8b6431ca20f835d3c686fbfaecfc884ee10f695a67c847233427be195603e701afbdfcc23a4ebd331107b8d8ce6ee9db98f50ceecd8499b09041ce4d37cd27209bed101ce869ff01cd1bef989455b1c39dca68bb8edaec6f51247d3b4dfc8926bf26b5a40736286f835cf362836d00589b79001eb27112536a00db46607e8e3b1e32aa31d942874bca29504a597fd4a2327f49416f27792d17939cc85b004e557112ddffd14cae22cb7decdc69481701b4bdf390d9a9dd0b444097ca2fd3039920de4518ecb2fc5b50c536176783021f4377dbf8e62f95cc15586069c461aaf7ae5a65840c6d9695cbab84f39a955db1f051fb5877faf0bba12c7c831c9b7d6ac7ab6b7a199468f8cf92dbb78a109e9a7c71b6b45438e714fa970f052c025490d6b95d3f630154817e78cc3a4b59bb1fb07ec22b379d91115e6bb2a3f2d7febbd35f871e9090fdf50c193fb0690e7c2b22117cf3583caf76e82ae5fdde64021a95455220d8640e7b6abb95d5b34a329b5a9c554f1e36639cc0bf3760a7387a4bae37b9f91ac5428783afd75c160ee99f13e1d3c91650d4d9a9d6adf01c80793b9054f76aff4bf412a80bd9473ca2e9fb6e91655590863fc0ae5dde05f34bf6a3aa726d86197dce6e26561412fec3284efc24e3f379c5f8f12b1351cd9c2a9825573a2bd4a08590a866e2b83a7d0c60792817286e71b8791be5ecec8ab1c2f39a71f2043ce81d7e6ef32c36462131eb1dae2531244fef3e93f1f15a5909a5072149948779841a882af48e364483afeceddd600d5b4ab167bdb6ab9f696ba0af8c6f8a9956fb0eaea48a41da19e70eb49139dec0530b54b47d14f07114a2f449078f53ebadeb9e1075fdd415d2fa56b2e329fe9fc9f91f97429318c4fbd99a4bd249576e8f9ddb797494798805df91040340bb26777db485d2c951ed0f293d3f757c23febc23055291e5996f4245ce5416f5f9007645ebab553725472743b5d9a92224357c9bc8f5b32d91b06162f394822cba911ff73bd1387ef1ac74917cfe3671a666bd360101c32a8b5dab3d60dccaa4a07b8afc29b2b83c03ab034abb61d19bf61709bb2fdb3489d2b955c2d8c4a8486582edd6c518c2bf9ae6561924db0bfbe33e2dd74c3a9f692818c1dc1bc44aa9158d6d9929e69d8364e80ab63ea78b4832f419c8e14733594baf3a0eb9629fde5ad30151ebca5fc0f6d4e6b554798c4ca558e9e7745d740fe0a7fb35319eb57946083fe6d2b31b1d0ce941e54ef789ac873e02db4da105bb6f53004594ba0c511b72a62d2eecc7d0571d7addce5cd762d7d9b7087ba981fc0902460d95585196f92756f8d27c4abcdb873db657e8e95c5819e8ea54571600dcfafa6176412445777353b2ff55b66255026799ed4f42b9d6a3abe549b364d8465db2837b1c0218557f7d0e0adabb99d87b6a3bb6ac6d1f9c0b7ad6e03c6ac4154ad7b634b6c063014bb79ffae0899267d8bc91b97c7f2aa5fb9c6ba5333f18c3bde5193173d730dfd6b7f3d04d65a2baf5b4ec74311b84c4fa3df339c24d803b9f651716a7cfa270a165c231fd2d1035c650fcf243d481d297cb2ed05abd7bf73cf628907227a17dc998c926084f756a49a1a03c62d849f0bf9c5a6f0da79953416cf1d23cd4e9b9d288b4330b57b15ac8ceb0f5111986fa626db4cbc37719ba70f489826f86b6332ae51bbce8ce826d1da54a469ce7b572a702f509587a1ed2be7184694b02e7fc2213087196ea3ec5c8d494ad589a8bb407012f2c63fa3ffa5ad1f89de08ffdd04e21506b1c8cb6c55576efc2f088361711927260acc044f91ac1288fcda25620125156724563800b3c9e9d8fddd8e4a87de77085ae0e1b42c94ba0364ba939bbc5f2d83cdda230b5484f620777f58d978d0cb9059367e100662325b94ed5cbf05fe657a5e20e412b4eea2078f833c5b98a6c95ad7686ffd99b9929c1aa9c4a14c07e8037930a48624d562b03ac6e0aef9ba0e4f3b561678e2c25bd74870bedc76e58c6310c811c815e079b995d8517edc39b6a0b7654a35094c7782394ef746a0bb4597f2b846deea13658f30eac3c0f1d12596930f8af2a6852d6d8fc162dbdb28de5a8146576f81493c08be2e78a15fefd60a987524991d61e694ea9a9a5fe5a34301bf444514d6538a045655357d79756ad09ed1885b91b531c481487815d6e0a74feab69abcc26d119017919fa70090ca5ad9846407af59e04deb4235057fc30d6d63c10632daa5328ef89057fed67ab3c9ba1b5f88e67cbca7e19804afd049b1793b13d305c6a91e9c2166e71d77b36d68400a6139c02f51ed7396b4501711a57762708eed8862d52a640d54235b12c23c376bbcdf64766979eeadd3de1a79f812259681c5d431899fe900bd0e7f55182888e8cccbbf6652e43690ff5c95395dd6728969a69a181c9cbf826c21c252a84a42c978baae4d9c6cb2ab019f5a7d63851a8a662f8dc089f49a14616ed5a0cfce35fbdb8c8651665fd50dc916c9eb3306c0138bd125087037a683094086c0f0ff3830e0ec241febb0fdc2b8672bca31395c87f75a36e55a9b92fca0a28605313cd78ca3c5a4dbb3a641451062c83018e4c97c70c094f8a4b6d693fd767692b5d4ac06c0abdffa2f1197f86e5ce1ec8065918587b4e05578ebb065fa76c9f870bb45406365b1d9321a7747c8e8428c1b91bf790b1502a9084fcb02e13b2f8f1a00584424ba81436639e4f7a9108288968f165a7711645b96e0f847864caee5095249a3a68828068d1e8c45c0c30de5cf77496dfb80b9616de16872ec98035e93343ee28602602db537458423b929ab56227be74f9c9010fdd733925afb5a68cd9fdc300349f1e997d16459f1d7536104e09746c3f06d000afc37268ba650808bea6b0a48941e9c8baa869dc9aafccb57e2b87f0fcaff8aaf1c9ac082a9395061c448e7799de06452e95df5d87bca6560b3822ffc250ee0e472d4bae770519f3bb059ed158e217b8c8f5070f3e219b9937519f11b97ff69fe8566cd75e8d14bbc1f361ae11869121afa34287bd05770485b72dffd26d3c36a49ab16efc9780ce7f4162381bb6ee3f7f392000761ff3cfc7dc25e76ff60b3d25eca3cf67f8b365150ab76e35e8d20037879fdf65795605f44651da96d3146a2ae84746237767b4e1081aba6bcb00b4fe1781cc303aaa9d6f6a4cdcf0f653558194599a87fcbebe78d8d38c7b412f98aec8407717474527bf3355df6d77a7b8880d22267712c6c8a8dc963128257bfe5418c378220dfad56fe73d5b1e3ad3b384b2cf3bf8cfca5169aac3039be179cf761c89c60dc279cd67b4fae17075e6958edfebe63ad1c9a3395ae5ebb83767540b9809ed1b15b84a5fbc4e5bf3b9792b232125ab179a30ab9cba6f9de3fb6ea1afc481f35a0b3038419a62e7517fdc3adadf7d4ca01d688ac1fe815a4a1018669ac8fbc78b8fa91f0b07187e315b31299cd878f767ef3b511a884830a56f98fc569573898d76b0c9be3d5322ac3b3060bb3dd7373bf50061ba484c8835a46646119f64d5ca4c4910c0d898dc0a966b95b1ae45958f292c4a92e3bc9875152cb6e3d11eeaa2b07617bfee704492c0fa9da83330b531f5a7da4c497dbe51fdd079915c693e57556fce3d4fac5e4cbe4c5a14db378cf857f72e295e1fad7111162727ecf50ace83752c79282fbcdc9cf15732af32397ba45f43bb2ac53f808f0f63abd47ef96b70f217acadc724e2884817178e00c442132e66e10060c7addd7223d38d0db04ad45faec714ab5c4dec96507b4bdcac96ef114c8cc0120cb557b50ad0aa2d04f9567373c2f4ee43bb381e6f93e66772cca5736414a9e8715059140a1ea3e7a729037862a2a9aa01b09c0f8152c37cc2169"}], 0x1010}, 0x0, 0x80}, 0x8001) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000180)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x1, &(0x7f0000000040)={0x0, 0x3938700}, 0x1, 0x1}, 0x808b) 20:12:59 executing program 6: r0 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000001bc0)='/sys/module/pata_sch', 0x40080, 0x28) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f00000002c0)={0x0, 0x0, {0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}}) ioctl$BTRFS_IOC_SEND(r0, 0x40489426, &(0x7f0000000080)={{r1}, 0x0, 0x0, 0x8, 0x1, [0x4, 0x5, 0x4, 0x7fff]}) r3 = getegid() r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8914, &(0x7f0000000140)={'lo\x00'}) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000004840)=[{{&(0x7f0000000780), 0x6e, &(0x7f0000001b40)=[{&(0x7f0000000800)=""/211, 0xd3}, {&(0x7f0000000040)=""/42, 0x2a}, {&(0x7f0000000900)=""/4096, 0x1000}, {&(0x7f0000001900)=""/75, 0x4b}, {&(0x7f0000000140)=""/17, 0x11}, {&(0x7f0000001e00)=""/4096, 0x1000}, {&(0x7f0000001980)=""/152, 0x98}, {&(0x7f0000001a40)=""/245, 0xf5}], 0x8, &(0x7f00000049c0)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000034000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r4, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES16, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002fffffffe6c9e036250517ab957c3bd77fc5c1c69b32c1a64daeb0b843413802ed65517fb48e837341895050b2c1467f000dbcd8f563a592c186147a788d6be7ca7c3f2af46a18870e3527dd2520b43df31222317a3", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="28000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32], 0x140}}, {{&(0x7f0000001d00), 0x6e, &(0x7f0000003040)=[{&(0x7f0000002e00)=""/173, 0xad}, {&(0x7f0000002ec0)=""/98, 0x62}, {&(0x7f0000002f40)=""/91, 0x5b}, {&(0x7f0000002fc0)=""/95, 0x5f}], 0x4}}, {{0x0, 0x0, &(0x7f0000003340)=[{&(0x7f0000003080)=""/198, 0xc6}, {&(0x7f0000003180)=""/152, 0x98}, {&(0x7f0000003240)=""/234, 0xea}], 0x3}}, {{&(0x7f0000003380), 0x6e, &(0x7f0000004780)=[{&(0x7f0000003400)=""/12, 0xc}, {&(0x7f0000003440)=""/246, 0xf6}, {&(0x7f0000003540)=""/180, 0xb4}, {&(0x7f0000003600)=""/203, 0xcb}, {&(0x7f0000003700)=""/4096, 0x1000}, {&(0x7f0000004700)=""/41, 0x29}, {&(0x7f0000004740)=""/13, 0xd}], 0x7, &(0x7f0000004800)=[@cred={{0x1c}}], 0x20}}], 0x4, 0x20, &(0x7f0000004940)={0x0, 0x3938700}) semctl$IPC_SET(0x0, 0x0, 0x1, &(0x7f00000002c0)={{0x2, r5, r3, 0x0, 0xee01, 0x1c8}, 0x7, 0x331}) lchown(&(0x7f0000000200)='./file1\x00', 0x0, r3) openat(0xffffffffffffffff, &(0x7f0000004980)='./file0/file0\x00', 0x12000, 0x4) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x1002}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000180), 0x490000, 0x0) sendmsg$AUDIT_GET(r6, &(0x7f0000000740)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x10, 0x3e8, 0x2, 0x70bd2d, 0x25dfdbfe, "", ["", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x4080}, 0x40014) ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f0000001c00)={'macvlan0\x00'}) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000012b00)=ANY=[]) [ 1972.512271] FAULT_INJECTION: forcing a failure. [ 1972.512271] name failslab, interval 1, probability 0, space 0, times 0 [ 1972.515039] CPU: 0 PID: 13983 Comm: syz-executor.7 Not tainted 5.10.180 #1 [ 1972.516424] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1972.518070] Call Trace: [ 1972.518625] dump_stack+0x107/0x167 [ 1972.519390] should_fail.cold+0x5/0xa [ 1972.520176] ? create_object.isra.0+0x3a/0xa20 [ 1972.521115] should_failslab+0x5/0x20 [ 1972.521923] kmem_cache_alloc+0x5b/0x310 [ 1972.522757] create_object.isra.0+0x3a/0xa20 [ 1972.523711] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1972.524751] __kmalloc+0x16e/0x390 [ 1972.525515] io_setup_async_rw+0x180/0x580 [ 1972.526365] ? iov_iter_restore+0x195/0x3a0 [ 1972.527279] io_read+0x775/0x11e0 [ 1972.528033] ? kiocb_done+0xc90/0xc90 [ 1972.528846] ? stack_trace_consume_entry+0x160/0x160 [ 1972.529917] ? lock_acquire+0x197/0x470 [ 1972.530741] ? __lock_acquire+0xbb1/0x5b00 [ 1972.531654] io_issue_sqe+0x2e12/0x7660 [ 1972.532474] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1972.533566] ? SOFTIRQ_verbose+0x10/0x10 [ 1972.534394] ? lock_chain_count+0x20/0x20 [ 1972.535275] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1972.536364] ? io_connect+0x610/0x610 [ 1972.537166] ? lock_acquire+0x197/0x470 [ 1972.537990] ? find_held_lock+0x2c/0x110 [ 1972.538651] FAULT_INJECTION: forcing a failure. [ 1972.538651] name failslab, interval 1, probability 0, space 0, times 0 [ 1972.538840] ? __fget_files+0x26d/0x4c0 [ 1972.538902] ? lock_downgrade+0x6d0/0x6d0 [ 1972.542853] __io_queue_sqe+0x90/0x9d0 [ 1972.543678] ? io_issue_sqe+0x7660/0x7660 [ 1972.544528] ? io_prep_rw+0x7f5/0x1050 [ 1972.545327] io_submit_sqes+0x4461/0x85c0 [ 1972.546208] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1972.547229] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1972.548207] ? lock_downgrade+0x6d0/0x6d0 [ 1972.549042] ? find_held_lock+0x2c/0x110 [ 1972.549868] ? io_submit_sqes+0x85c0/0x85c0 [ 1972.550787] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1972.551789] ? wait_for_completion_io+0x270/0x270 [ 1972.552773] ? rcu_read_lock_any_held+0x75/0xa0 [ 1972.553706] ? vfs_write+0x354/0xa70 [ 1972.554467] ? fput_many+0x2f/0x1a0 [ 1972.555217] ? ksys_write+0x1a9/0x260 [ 1972.555991] ? __ia32_sys_read+0xb0/0xb0 [ 1972.556825] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1972.557883] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1972.558967] do_syscall_64+0x33/0x40 [ 1972.559726] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1972.560792] RIP: 0033:0x7fe40cf96b19 [ 1972.561553] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1972.565320] RSP: 002b:00007fe40a50c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1972.566840] RAX: ffffffffffffffda RBX: 00007fe40d0a9f60 RCX: 00007fe40cf96b19 [ 1972.568265] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1972.569682] RBP: 00007fe40a50c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1972.571123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1972.572540] R13: 00007ffd5d49b87f R14: 00007fe40a50c300 R15: 0000000000022000 [ 1972.574065] CPU: 1 PID: 13988 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1972.575560] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1972.577330] Call Trace: [ 1972.577914] dump_stack+0x107/0x167 [ 1972.578757] should_fail.cold+0x5/0xa [ 1972.579628] ? io_setup_async_rw+0x180/0x580 [ 1972.580605] should_failslab+0x5/0x20 [ 1972.581423] __kmalloc+0x72/0x390 [ 1972.582231] io_setup_async_rw+0x180/0x580 [ 1972.583163] ? iov_iter_restore+0x195/0x3a0 [ 1972.584104] io_read+0x775/0x11e0 [ 1972.584881] ? kiocb_done+0xc90/0xc90 [ 1972.585807] ? stack_trace_consume_entry+0x160/0x160 [ 1972.586937] ? lock_acquire+0x197/0x470 [ 1972.587860] ? __lock_acquire+0xbb1/0x5b00 [ 1972.588805] io_issue_sqe+0x2e12/0x7660 [ 1972.589724] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1972.590905] ? SOFTIRQ_verbose+0x10/0x10 [ 1972.591814] ? lock_chain_count+0x20/0x20 [ 1972.592742] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1972.593910] ? io_connect+0x610/0x610 [ 1972.594766] ? lock_acquire+0x197/0x470 [ 1972.595638] ? find_held_lock+0x2c/0x110 [ 1972.596547] ? __fget_files+0x26d/0x4c0 [ 1972.597420] ? lock_downgrade+0x6d0/0x6d0 [ 1972.598361] __io_queue_sqe+0x90/0x9d0 [ 1972.599287] ? io_issue_sqe+0x7660/0x7660 [ 1972.600233] ? io_prep_rw+0x7f5/0x1050 [ 1972.601125] io_submit_sqes+0x4461/0x85c0 [ 1972.602099] ? __do_sys_io_uring_enter+0x175/0x1730 [ 1972.603242] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1972.604362] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1972.605452] ? lock_downgrade+0x6d0/0x6d0 [ 1972.606381] ? find_held_lock+0x2c/0x110 [ 1972.607317] ? io_submit_sqes+0x85c0/0x85c0 [ 1972.608289] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1972.609467] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1972.610669] ? trace_hardirqs_on+0x5b/0x180 [ 1972.611654] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1972.612873] ? ksys_write+0x203/0x260 [ 1972.613736] ? fput_many+0x2f/0x1a0 [ 1972.614558] ? ksys_write+0x1a9/0x260 [ 1972.615426] ? __ia32_sys_read+0xb0/0xb0 [ 1972.616348] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1972.617518] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1972.618673] do_syscall_64+0x33/0x40 [ 1972.619531] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1972.620696] RIP: 0033:0x7fcf4787bb19 [ 1972.621542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1972.625550] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1972.627236] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1972.628804] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1972.630361] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1972.630389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1972.630425] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 [ 1972.641611] netlink: 'syz-executor.2': attribute type 1 has an invalid length. 20:12:59 executing program 4: ioctl$FS_IOC_MEASURE_VERITY(0xffffffffffffffff, 0xc0046686, &(0x7f0000001e00)=ANY=[@ANYBLOB="02000010784c0e3231289ca405fbbc5f8ea18378e9fad07b62b11464d85a6fb28bee8a55d2f7ab9da3fb0dbeef84694d7b98029a80b322f5801e940cfd29c627daac263c4ce1eb09ea791b597d0e3a7f08907f2833b7e2a26670c236d79a34623c83dd4fa028eb5fb6186306e2b8d15b504a94aefa4c317a3603d72963c57567706b510992cd45af7fc95178ae44f2b90773aaa599f39b0ca564505f03ad66dda5d2a77d8e9f77bbca4fd8b43ea6e2ea4312fa3ba9b69a4b319e45aad211b982f7d1bd38934f4887c555e141b0034e6cdbe73d02c76f26c549e7a93bced078454a48107b28073886561f6a1cb1beeeef53c0ac93988c77dc304adb91934fd44bc2cd99e4f77cadf8a42b78551163e1a8c398b216ae6aee322afcea5197965d8374e14b98e3ee7d6500125aea7041dbb98919764f8045602d3fabe6ebeb96e6a184fb6091f41edbe0b66e149deb82cfee75009a66f6a6208e3557009c482a19f4883af3fbe6c45fe710f79a734acc0678c62c1184cf0189ba16e8b9f87ed57aaa016887b4753653c1ee5a242a9951f8bfb9c268cd8ef6ad780eaf66c698e38b2f9d05c7ef4b9e8c0d3c084f94cd1373099479302fd13b751b4dd92be9ec4492e8e86b8623b345735829cf18c821dcef32ee12533be3f5b67fc110c09fd5343c13a43662153a5630b511cdf3c3b221c81e8af182cf6c0aceb4d47145567bb5e5482314e26460a9c0dd3078960cd521c2530ff122e43c6e4cd5c5284e6be50cd78bf830061c04cf018dd4407345a52dfdbe601f403411be8cf2fa9ef3debafbd83cb4b70f7a58e3050a2148a3f0811fa6c2ab8b0710ceb9f4757aa98616d13694c0874a1713b305d851b7d1fc06970489a7960cb3ddf5b63fc199255c73cdb97e91665182e47c7b9f2cb524a7a87de723f54303020868972cd4e0826722535f79d36cdfffb4af79ff97f12908e3d4d36394c01d2efba72d40f37eff3f262e0275b08c71c8d157bc9b2b33b0e00da2bea0e3327c198070e5c0a95c01f97b8e97445f9e401ce50829a5364813896ee3c8ed44874edbfc08d662d519612cf77019ff6df1326e116fe4c59904ad2584fc5ea0295a1d508c1bfbf4f27b7522681d8fa4ba24cc2ab63385f6122ba76aff6e3479b2723632ce8b2a944b757e7b42161e724707709a683c4945e31164bba59ca8eb2cfd604ba707cfc03554fcd9373f556b698f4470ff8c7bb298a1f3fe9879b2df57583a60c67da138024da123939df487fd89e2a597cb721c40d4f40fccb4a97308abdda00229dda8ded89c10923f6389a8f1a395f7264478e343f51f52a5234eeed40746f65acf0835eff2c5500dedc8ebceb31815bf071551eb19728af3357b3cdd9ef698d2e176b214eda85fe31c68a14bba318fb7c3a7ae04802b92cc8656fd22060daadcb6a1b3e6afd922516ff78b494e3e279a95e49fde69f6fa0ae42293e722613f4ce4ff12722f9612c98f468895e14103d18e531ec1943d43450cc293cd78070eabea04b723eb463f34ab481de9d54c6c24bbdfa61868412e64de3cfd388a4007720afd195457bb365a82f10e41e0c5ac51c7adf0adeb09af5802a97a5ab229ad6dd95177c1f05ee4a4503dd8875f5665957f2f0d43c1e7c9c09ab3e71dca16b655586517dfc8d2c9c88de627c0ba58f8e52ee7ca267c8c91b2e6263434f9b464b11bb9f38cc90bf08939e3d639eb1af9fb3320bf07ebf85d5597955ef882900dccfec9ae77478c404472c6e18d5f837214710e2cd6bb9625470612aba44ec29a26e49887306ca37ff2465ac3dd21babc24dc4d92ddee92aef5b503b7a8784ae654db88629e1d9024fd8095af04b0f3b9fbe71033c2533c39d069727804af62b1e99138af1fba0fccda896c60d3ea5e103751214dcbac59290722efcf6bc4d154438791f9084460b248634c2d2fa79bafeb38a301c779dbb895faab4c2c916ce0a846b92966d054273ffcbccd4785685c3264eb7c1e2cefcd191d03af0eb92de18f2acaa48bbf04fde733e2bb58b83353009a3b767b9a6d6e72b3bae4880c625fc8a5643bc700b3cbe71d4fb679a4f841df63b35be68b6285a268913c1099b1989a34366e612a7f9551dd951f419e195c80e83f9da2871441eab77a72bf2d62ac4fbd50e7c8e64ed589d0af034f3a45e9de9fc7db7c50bf48a240342eca2317158c2c113c84a33fa09cbda0d26bc18d09ee6a2c747c11a7835a78bc724dfa48c69a729925206bb22055380abd33363e1a7590403d304a4cdc5231868e67e1953ac6d80407fca5ceab98ffad391eaaec6ce927266f62fe3e6a976af7334f91e6e794ea4a16305e8ca447db82402d6d953d6ffc647abda314993401908a464f931447371c0f67646c2478613bec855a26529c6fd0e20dcdee68dc24301b4599c0a65efdb48fcd37d1c8f063c2fbc44db8b32675961227d1b00ccd9097a968a251661a31da754c447006d5e041199b66ff4718c9417a2f48f3403005c5b2e958546eb5e5ff1e667450ddced1de3a2d172648db36887763557801bbaf05e3fc049ef604989254a48841488285166d19e51d1349acec18287d009537321c9954fccf5908b719a4bc0851ebf520594ad2d16d5d38a99f70e1b691fa2667e4af0bf5d065fe0d1871a9d4ca3f22adf464af219eba16146be2f68f53c3609cb756b1689140477289c58df2233bea2c19fbe3434ae2cfa51d0d6a6d975c0eb95487ef901f7ecfa7ab8435cc6fee22a0626375a45fca656984e7bbc18e73466731a6b156af69d92e68d8276d8036cc285260c2e049abde02ff7c09a9ef66c29cb0ee8d302e60f9e09efce27bf8ef098a5ede2fd1ff84ca06adf9a13c118924d9904fd3c9478e71e26ecd393346db7412c01e6a1dab5409f15c7bb8d4e3c39189b566468f76eeee40724f781721601e0a657e87f5457e59b8f378df070de3b113c22607cb7eb8477f1b4d42a8135273cc525d376d594f414755bb2bd04a3ca36f931978357dbd1a88906857308c1acad56a34e951deae04c6e995c1681c6c7f57dbbf88c7372ae62751f085362ff081016e22183e727fab74e605d635757db4a79f67f62c09e55569ca3e791c8dec95187787bd2eaa950f0fe5dcce81a9c220a92fc9440ade26a36a71818c8a6c2773f4a04f519dc29991009dcad766d717a0c35ba2f2a9c8de96291830da954e364245ddde5b226e9d5c5e5b5ca0f6142df09915a52dc2e547bbe615145e0d608aeb5fc515aaf91be4fe42c57b9b279c22ffa52d06b82ac30952be812ab28a9cd427538479b4ff439d6484529a212823eef0b6b4ce21d95b60af342d40bd4f0de3c4f22c5d8d0612968289f94a9636e94357387f3bb58cdb0e354166bb307cad190d81aac0309e7d59f4a200f4bdcf3148c9d0b967388848e246961a8e1d02b19ef296c5f5a4a5da80d7d3407a6d86cb66239d9bc21fe7977a36c418a20e28216a9e0ef171396489418ff4d9acf40a17b45479c7837c8e93a8a327818eb099c1cc70150edeebe2c4f53b0f4c6711e04dcdc32a4b51b8e2de0a0b1ac62abdfaa2c244babf3ee53c8b9883b437839e71f25df096cccc6e7ba13e4508e2902910e537cd53fc8a498d8d4bb040cdd1d6ed81a7f11c06776b5963f512661bece81b5e694b5205efe701d6a20b523a8ad4a1f05f70d74111aae2603d7d0381351519182d794f95e39f205d26665c2ecf7ccfd931bc5442ff26d4958479f057337edd125d551857e95960e1e50091bc1f8f143f3ea2c2e8f14fa78d6c9967f2780cde2f50532f4f415c7d06a19a3a0ffa952be662b2b4bdcdc0225d2200f221822281d83e3375fad22f7837d9c28b8043735964c4da312769a7b621a3ca1f5c30dc8124e28abfaeb1d45b3d976f8cbc42f7cd0540234bd496a6230dab1c8cffd29d40d0cecf324d63902a61897ef2209c6032775669e322b66aee22e0014ef2b1a02b5e8775681e8afa1810b04e2ae5b112d2d306e1fc1c419528b431b521c15a5b4314f49b926c57142ef2f5f6af31f252c033fe2ca6f4f898afdf6dcb2483142023d832a54db59d341980bd9bd85f212c2a4609c68ff4c3a68467190c7c718ddddc59c4918269ecf942b993c73e6bf25b1bff1102831e0f141c6933a381bb6fa92ce86792273b9cf19345f2f0ec0113a130cd200608fd701ab7ddb5d6c87acd4aa20eaa55df124ad4d3b9dfacfa3cb7b90bc42f77b2b1af5f0b876c1a2847b1c02172714585f2580824101646ca141a000dc9eeb24326e6391c3d842e8a1ad945a86cf8d6e941793c80a3e47f5c076d5868a7f46c6af46c4b28a4984e97952fc4819d15645b545b1af430b1d4dafae7bbb7e0b3013deb9a198dc1b3d8cfb9964ad39f431befdb08245a1def400289d33aa910d81fe7e3243af338fe0fbcdaefecf48377b9ece5d9342448632103a721861380c9c9721a2319d657c6c67d6989321261145cc3193e5033cf1859da4e487a5f834ae197fad5465d37cbfae22a540eb9844b6408720511ebbe7586dd0c9010998c593fd439e67f51d0c3f57222162db95d47709ceb9c9178dd44120597f79c23d4cbff97df391f695832d0032dbb94cb691a48ce9c0a1040f087fed747d7c5ff6014332e7641ff9690aa7d394320f9305e1d1d0284826340bed8bf3d84af052c0b1ead94b6029b99a3a3d6a0df29ee30a7da69663d24e582016724cedb0988284578468bc4fb123b97fad1310bd669e0996a72afefc0f6562530409412b0635013c28fef85812b3106397c3fd426140b77e00a6c4a744e9c7db7f030583a21644aed5adba250c7570449b114b4474de59bf531e7fd153c2986a5f1ac2e7b5c051842117904af660564853a1b34a98b8f541fdd4def0f0338522e7b2cd57d1541b8b0f158000bb5f1588a9909f22cb3e9cc31a7f5726dff000f6b9c55934e4174c224d6655f9221f892eac1849275d3f5e8654e6884d87bd8fd1f713cf689d694dd6c9d66deb0267a749408ba46f003ae67f33b6fca67d4458881977e4ce550c75165251b729f3a41f695a03a0bcf5213d760febfde8ad555794f9d13579935b3601f8d1a169c2f6def1c906b809b2afa9a8afd38e3cd202351dec5e54c0ce432cf4bae989528dd33db53ba5a6e5758cf48eaacd068c202cf15859683ad2d8fbbffe34affd8959cf335cb4e86601dbbbf79af48af37bc44f709d924acfc6ffe2d989c331d8216a3fddd5f75aa42794efb493332ec81290a83f5a487c3ee6e529c687306c17229023b3762ea551bc27199b8719dd731352ffd547a8d402a784033b295a3c1198b4356c6d6e905dfc660a2881ee7f0a3b0c5f111ebc50fcc0dd45740cafc483dca36b3a3f8029b9104435adf4175106cef9ce5effa71154a578a9007a6c774554ab9a5087ef4b995799ead0ec10110b703181886089a3831a7f326dfd6f8ddf8fdf42e884a52cbcfec649fcda8ee292426dc20f4eef3d742459b8b0fcdb9747ae363b1cdcf170805453c434fed4d321bf9699c0c9a913f09738464eef57f62d2045ca572ec2576ad9c5d3796684a8723be189d5a599a298fe9460138c03a0dab4af8dcf2db0b3082655097980a4c22de786dc82d1df3875ba6c962bed823b86ead5a10bd71e45ce90279ca7c72df5135c1c67ff2289343903d26bc86134d3f28f98d3447068e4287775ddb29e37ca0d655b5cafcb88218803bcb78e59a98eca009b52a764b06f9b8579c29771d17ec57410389e21e24d719a646fb0bd199761b21e0f47088046341fd4056c2ae9b39e2544ac910a502d83f2027657102b42a8a9da6aababd25f0ef091a78177111e993f1e72c38c78dcadccbb21797adda5f1304fdcaedcad466c94ab0ba09c8e9b3fc51b3df36526e5a23c65df1bff6f4f5d3d701a0361bb91d0d75cb051defd6b3b4e8cbaeca316e0e86bc3e8290e9b0638fe58a130edcea03bf681f2373f455f1c7b5617988c48edb7eaf71f2ce11725b584a4e6ba9186b88660353f2300bdd3d3108f8a3d46a403194cf9b487640f26682f8cb7ddc1cbb70c92815942fac7738748914aadec4b5adb9a5eeb4852d68c8f066c03852b7e09b4ff5"]) r0 = add_key$fscrypt_v1(&(0x7f0000000840), &(0x7f0000000880)={'fscrypt:', @desc4}, &(0x7f00000008c0)={0x0, "65a6cf5b9c07642a3340db90bee4874c94ec4fdd53be77d8d05520d91682233c045247ee072dddb4606017c18511ee7cc2005a83f5d5bbc07333a25fce3d1db4"}, 0x48, 0xfffffffffffffffb) keyctl$revoke(0x3, r0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x17}, 0x3}, 0x1c) connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0x1}, 0x1c) r2 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff) keyctl$update(0x1d, r2, &(0x7f00000003c0)="48226d78129a94beb4f1ad22da77bc27781bca46fa0e35c36b8c6a8ceb5e2ecc", 0x20) keyctl$search(0xa, r0, &(0x7f0000000040)='logon\x00', &(0x7f0000000200)={'syz', 0x3}, r2) sendmsg$inet6(0xffffffffffffffff, 0x0, 0x24004011) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e23, 0x1f, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x3f}, 0x1c) r3 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0) dup(r3) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x40000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x747d, &(0x7f0000000140)={0x0, 0x1cf7, 0x0, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)) sendmmsg$inet6(r1, &(0x7f0000004d00)=[{{0x0, 0x1100, &(0x7f00000004c0)=[{&(0x7f0000000080)='K', 0x1}], 0x1}}], 0x7ffff000, 0x0) 20:12:59 executing program 1: r0 = syz_io_uring_setup(0x38a6, &(0x7f00000002c0)={0x0, 0x0, 0x2, 0x1}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 20:12:59 executing program 3: ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000001a80)={0x0, 0xfffffffffffffffb, 0x7a, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f00000009c0)="07be3b6278239badd75a359c99a16d4086b70281607d960d2be9e2a3fea46d672d7fb452a47b9c4b7e60e668b3bbd6c6e94bd7634e617d885e9cd8349f652eeeaa956d11cdd781a5332634c8f5d19b6f55d20367c2a9f2eb2b6de2c7845410c62de7e9943bbf460bef37ddfa53a5dcbce92aa06a8b0e08ff4f74", 0x0, 0x1ff, 0x0, 0x3, &(0x7f0000001a40)}) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000001b00)=ANY=[@ANYBLOB="1a0d73611dbd4d054d7557b922df0ac4b568f7f4c287e0c994402e63b66194d9197d4f50f4a4ca9a09b36b40c4f916ede0e59625181997c34a7616ccd222724e3a9cd729ee9e39fcd4d49d54f0329c0d23db45ddacea592192b1d29efe57d17db96afb6ffb433aeebebe6827ec256c2801fc6112bf2b34d07963bc0fb016d455a48cecace1bd95e8af7a4edcb2f529fbc0bb7adf9e56"], 0x17) r0 = getpgrp(0x0) pidfd_open(r0, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000200)=ANY=[@ANYBLOB="01000700796bbf20fed7d8738b009c0ab628a8c9065f6a8d", @ANYRESOCT]) r1 = syz_open_dev$hiddev(&(0x7f00000000c0), 0x6, 0x2) mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0xfc, 0x3, 0x0, 0x0, 0x57, 0x1018, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x0, 0x200001ffffffffff}, 0x0, 0xffffffffffffff9e, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffe}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x3, @remote, 0x2}, 0x1c) setsockopt$inet6_udp_int(r2, 0x11, 0x67, &(0x7f0000000080)=0x5, 0x4) sendmsg$inet(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000780)="3eb245db0956c05552c8be8756ac847fb911274f502fc72b583339a260dc5c9232daef098130423e3fc5d5f147751e170fb588eba7767867cbfe6bb1fba71835916558e3ecdf95017b445c0abf85653f71640c5773c4c31c48e59291c6a543b202d0209471a1c42d6cc720bd2081c72aa4958afce671c0ad644a900975c5a10d09ffa03a06213f3e0262d1fc4ef066b9afc4955abaf5facc75055c7a7bc3cfdda261bb5dc7b4150970786154318cccec095bbd3f2c6d3e9a0442c467f5d51c45ac8876d6c2ac6683d95cb23f7278c197db9065317f43a44f78b6a7b1ce2ae9e290bdb4ef385f02000000195db3e70479292f", 0xf2}], 0x1}, 0x0) dup2(0xffffffffffffffff, r1) sendto(r2, &(0x7f0000001e00)="8c3d0c4fbb20b43429b8a84b6e77ec8f3fb9ac18f616c844ba0ec427a7b29e8b650fa7821958e526f33de37fb8a7f858686815a6c57175ade15f789e4ddee5740204019830d7e7d828c426a02402598dd34c03faf8c06eb80732ec21bb536b267e61096eb21c9c83ff06d7f7d489e820e1123bdff263e8d4c0b35c07dac9703542534e25f74d1a0e3ebc818f84a65627cd8435c2bf8c8dbea2ce6e1e810de4b85574f5c9a231ed48bd2fecc7cfe14a66b9d753ef1c8605e91525650b58dd8c9ba5386afb7583d5a72e5228ac80920d344def693481f9eaa48a94aa195f28bfb74cf93449586aae488636684135fc86483a2ebe6f1b1d8bddb64ad9482470ae3474f04099d68fd905f789ba87256e8b8c56e55eda605528c5e22b63dc7980c6bc9755fafc27db765279871bd448891749ab96b4467ec8f56fcb75fccfac8dbb91de491e9b3964c5327d36caa0779735177a3cf1ccb3d36849eab648f8900b54474846165f735405f2e5b08eab5e23a7dbe5a931f32b39121b4d87cf18e64e59faf979f799cdbdf050738bbf6523deba905ecfac5124239a2b44e8d54d19b091254636ab59d0a51f7304d4323a12e5a5c4fd3c1a7f453989bd7529842bd1ac0fb1c25d751bb24201a23b395f2ab23c9ed70407853ee6ae8450974de6d8cbd7264ee6e707c24f311a9328b3e80b23d62b57a2db220361546ec7aeea8cc26e48b1f60ce1523537d4c0d5c362362bdb6904cf9bb27de50d73af72187a83e01292032d03ac54491edd489c4ca012f4e3ae2834efc866ad1a642b96137f33413088c9983ca610e80544420061697cfbab098d105a6a862aebf4857967a6ef73ece60e22a7b9f59ee5a9e9308da4c40c1f38bef2d3ae56bde28dacea19d8ee712a16cb9f334d12469af0aa88c82ee648b6342c3f6ecda04f1f438df6668403c2206391bc945f67dd290cfbc2f06a88fa4f733e64714a30a31a3e5d27a6f1f5ee8d7e0b232607abcc9ce1bd89c44c2058b4b9ccf0c3fe3c677e9b16c25597413af32371e12b532c7d8c01bcc20d18dd6a7e22fff3d21ca9c74fdcefbc6197d16919078f81cb97a5c5344e9d2bf69bb15ba3b8ae6bce5fd16ebc3cbed5fa296d8e096705a90806adf369e21bddc44026037220c7511d6ce0d6420982d331f7ba711da266752e2312be17c8adb1cc7cc1683eb6d003c7fa162b059022f94b3bb2a06c5a3e01019a045dbac4fa7c03212d14e178736508059455f30d6fcc5cf1813d8de6f45548cdab7e9958df267234ac36fb42607636e894910f8f5f75fec5fe93d572c50b888d69dab4e4760a2c31257b59567a0cf9862c1ab09155e67839631905a4bb87ab88a9a3f81f3042d8359c54113559f1cd57fbd606affc0a10936407a70eb4c66abb970a256feb8a4d14fd6418adb3d0b0d7a450a0262d01abe365f61b104745297e76796c6e50f39194d2e44ebecc8dbde517eaffbe0b12547bc68307b36971c9437a84b0bddffa0e595320caa83e0ab08e4593a2ed33b22bab19f2db996eae38252e30075d9daa871902dd4848f908505127731385905c9c583e2fb1efaddce519304d00c566e65b81678d0a7029dab47e7f12d1693712f686023fa6e5a676125c4fb3333baabb6d6ee564ecb61be31eae7ac5e3c4eef2a5a576dcbec4db9c1d46d09ad6528fc1df7ac0aa9d628220760fb754ce3a5dddb11ca51162687921c5ee2412c49ac2e38b3d468351c3978e3601468b31a40a4a1ac6a7c76adcd58d3fdf9e96c7b038c539f7db1b3bd44d22940b0bb64db265520f51d71ec7a96a483018b4cd5d9ce81d6c34ddb56a5a74b98f5a2290b8ca96f7e487825f625ae1f29468b2b3cbbc48cf5e75d47a3cd4a32d6f06abf91fc77f3491509447433c89695ddd0bd1945fb041ca08159814da8d41cae2ec7e0cf619fe4258831be5d8c9c59ff6165bc2b0b087f74eb4e2e85f5b7b3bb688ec8abe9b610fc91070f5101a31e16272e8f4ec46fc531d8a75606d36c4e3f33291bcb50edcb227e00207532b4907306d928e9076bb6f670eb4938fc8a3973372d62bf84bdafd921b2c04db6483ba7a6d7219c9b661ffde30868ad5cd81275a44172033661ed40c7bd4694619df5ce180e0e310cb7d7fc7fda20aca530b75d371ae252726368a378ab18d01dfd6affde5bf9bc4bd928434cd307442b563cf5c33655eb2826157cf4de35a25e11f4138fe1ab0e90c6e2c81db9495bc4bae4a903fb862c8c65863c37c7b88f19a0ee90710d0680b51cd498fb4acf5f70d3a41022eacf8c2605b2430fe31a85c1fb7c0415b59ec5de9ab93143dd2d9b16586aab7e0151acdc20502bdd1bb9552d124bfb63a39a969b8aabb63eadb19341acbc026f514d6289e71a76d10650ece1b6ee912233aef596095f5b404294b015b7c9a2ea480171eec1214ae96bfa4416badbcc780729b92dfa75c6420269d2eb518023a8c3edb50dbade7011ed76c304ce0de760d7753caeed38dba71688a852a378ed7a763a5d2037023f5a4bc67e5677052466e4700b5e906b04be22714102155e56752b4faf9a16eaf29462f99ed647b52f36ef7ff21960e9f9e539fa7f1b4172188c42fbfbb332735d34845716a4a8a8ee82606699a8dff4f3fdeb74fd6132f19f4bd5d83ce5e601f20ae7c56603f3d52f5cf8b48e1dfcd8f02e5698b1c15af11e2d214238355ce321574a02dbaa4faef5c6aacd2629d217ad6380e8f397f402b6aaf5900299e4afa4fab1417a39e78a8cbf88a7386696979bd0525409b10e650d69030300958a2ee79d0ea0114c6fb72b18a6631c8a5e461c8907f1fffbda66345b30a3136f3ee716cd51636b760967a7422812a224c2fcb72767e45a2f430d31108ca2d62a6a1fb6dbd79bbb5ce3268fb6936f41b8d73d832a9384b2f88fea4c41c993f4c90e698cc78e6027893dcd052da6b7db05aa14ddfb0d005676f8bd6960b8f2b663f6b1b1b72bce6c0d111f9a168a7408a39b3ee32765210c476bf5eff964c2d8fd11837daf16cb92facc32dffb459214161e295ec5122be0cc30f9a855b2e3ecb43379ddde53f8e6d3c57e80ffd83fd30f1814f0daa095d7869ee8b2e15cd7499bb01e5f651c0ff2a4768473b3a176551f7e8daaffba02525dddf7ad778f04cd3e28d9978eeae816052d028ac2f7d8d1ab4ebb62c4ca99c679b71b253c7a533f4cea8a1328326d1f0247c5c9e7e5d74eae1ae525c47ee4a518220bd7088f9aac893f39ddbd7854d6111dd42f64bf7248df89c56ff97087a163269610c7c8154e12ea2216ff14d79b7dd45c62437b82c1ef4ed4bb9f21514b89196165d90b5bc595e42a26cb71c0152474e02e30e5f591a3acc268c83fc4210f85fe8a0050e7a44fb5da893efde387835c806cc469702169682641901057cdb84912b7fb3ae52c3b0100cdb1cea1022881603097d5b4fd4d9e2d5f07d8c3143855ddfac3ebc3f3058275598531b73a703f7d7b1347e6802980a40c3aea197135a615d0599bee5c3b21608882b5200656230d54962c0d12ca1718f7fe17aca960f63b3fac05300e3e8e6012bcc796440618ace1dff9908d116487eda40135f50314fe60cf77e871235dbfefe8a5f92e8c92becb5fbfb7f13310db0a30018205e4862b4d2277b007c30e61626ea991d4112a51aec73ae49fac58f6ab1ee114d365e408a7a2f69ef1f0d655920cf29cd744f0c0a39debbd808892ab419eafcbff5821a5f0bae3bc100bb353ae3063fb21142605b52d7fa2a08b7d38f52cb3b0dc077d98c226686e392fd2e4edc00047e10b754e405e3305fac64fdefbdac225180ae5eac0f98a8c28f40f4fe47ad634c02547eff48547f4778e34759cbea64e0ea6761f66dfd620e391bd0e4323067d043d68760115ebbff46a647035aabea5ec474fcb63078a18c15643e4f75bf70e807edf773b07ebe83f16438f4ac342af2cd2eecb9e3ea7332c3d2fb3fd09a3f3da7ca798a21235dd07ffa0f8af99eaf846fc7430264a548cf61a1cb869f518278732e700fe34fb595b568e71362cf8700b8b2c4f8e291a7a217a267c2eed8bf0172b2bade09d7a453d0ce60c1a1aff6ac7c8158419f3289846cfc26058c9e385ed0d3c411ab02d2c9b99d1135d1ec8056e47aa46dd8d32cdb58aad84281a044f2ea063dfec4da92a5d87f48e841f215bc10a6cdb175bba78abdee0769a7d9ad7499ceb141ba6ef2c2fc5b66818244ef7345623d1f0557cec342d58cda49a922dc16b26d2e3c05ff78a4bc7feae637ac4254d4010713bfb07eaf57b3231f45bc0de6da7705338bc87666f73a2ecc01f0b46d64cda4b26dbdefdc18b9d047c7a8d1f5c5069eed625375cbce13bfee7131529709177e23df092083950398b64c9f15e79f9c8d6525777571d3314a67191c1887d7e26bd0374f987e9b6a12e0dc34c7624380e1f77c9978b86021410201371033c199c7d6875fb788abcc5e4b01a101447b81c1788fb29cb679acc906a4bf96a63387973827034ef9a0b438206b0ac168899590e1861d26a1e8148a3092ed7b502b91b72e2dc9b2b23dd968b76bc0890c1cb107903093b013e7a22154a398a3f7b42dbcf0f630f27e32964a87c1f600b6a6be8ff7ff81d77b1665dea584b7e353ef3e8f94c2e99275d30a5ceaeab6bcfaa9b807f3441e5de3ad4770cf41963cbb4487869ddc4d57b65bf682dc2f4ef308ec6416f831b436d2237285bbaba8923857bb739c4f718d909cb345ef564175291f6928dddede50c7ca995e43a0aa6489e355cd0506b28cd9af23a609d80223067f4a93e98eba41fcb69016470ace02f64efc64cc6baf5d4bb3a0f1dc423fdfcaac4cbaea3458deb19836c6fdfb8611c9877ee566c05f143e81ff4b1b881c32c516436be6edbdb8b7e0b41608a76bc3742d817721882935c908aa0263ef945f2e0b0a9a8fd280998013ff7b78d0e6101e1899443a19b400ac3aed2fc08d016976bcc5d9bfc2bfea90906768360817db7b5a13966323dbd9815459e67ee976a2e990ee02692767c112bebb4c4fffa7c763c85b2ec29acedc4beb17ee4a7cb6300b6d8642f58f9f4ab31ddd78c6cba39355460c696dc7f5f70c5ffdbc2fde88be44a585f8799cc815491086997d1b9996492b267de88e5d8ea77aedb8a300ae913f01e98959cd7c188413def0a8fa8c6f88d423fd00a67d975ab687d7deefdbc4c7fcedeac620e07b2b5f728e620e95d6e8e12a6f9af455db74b530ed129d106db06615e30bde36d0e86fcc676537a1a40aa88213a236863b5422f394f33c6ecd06f40f79f4bb00e196eb4aac049a00c721c7d2e122ee8a09454c724b7d19d22a8ca0d912d4ecb66b795903f4d37f24a89dfe53fe00c311b98a44c888d341ca806411eaf41c814a7cc296df8a786c65c7ce7b481d2f33d91affec2672b70f89b3e314cfeb5e564ae2c4ee0d6b92e21faee43929763825821d7c49676539bccc5a3913d60368ef9e700e713da240e6c1dbae83341aba622e3ee9546c718434579340023219c207eb413beeebbcfa3a3c6ad6c6888665a72433747a95bb1ff6ed955ceceb1c2eb5dc50bacd3c42838682131b8270893a37ad7117dea461e4a483bef65209084e78441ca50d13748dbd019a5106341aeabd6a0f800b16d63f675ba723543b6ba25d7882f2e4383a9ec13e651c0358dce4e256e8594f185796ccb235107f7b3149f4e2eb959c50273ea9fc4357deb1d62b5d22e487110552a57ecc044e2d0d4d863912e7affd7b83d8224c6b89042039b7076369f5d35fbece666d545b7ee6b27bb56697d133fc8dd7f88e2abff6f9cee3e51f1b49d681b0c658bf593ca9dae782350d6775b3776dcded9f35151165892714d81f2b01ea22e2e484aa9a1d", 0x103f, 0x4000, &(0x7f0000001980)=@l2={0x1f, 0x0, @none, 0x76, 0x2}, 0x80) mlock2(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x721100, 0x4a) openat$cgroup_subtree(r3, &(0x7f0000000100), 0x2, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x12, 0x0, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback, 0x3}, 0x1c) [ 1972.891694] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue [ 1972.942389] ext4 filesystem being mounted at /syzkaller-testdir878649521/syzkaller.1qFSI1/78/file0 supports timestamps until 2038 (0x7fffffff) 20:12:59 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 63) 20:13:00 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 66) [ 1972.998707] FAULT_INJECTION: forcing a failure. [ 1972.998707] name failslab, interval 1, probability 0, space 0, times 0 [ 1973.002086] CPU: 0 PID: 14017 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1973.003672] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1973.005551] Call Trace: [ 1973.006165] dump_stack+0x107/0x167 [ 1973.007027] should_fail.cold+0x5/0xa [ 1973.007878] ? create_object.isra.0+0x3a/0xa20 [ 1973.008938] should_failslab+0x5/0x20 [ 1973.009794] kmem_cache_alloc+0x5b/0x310 [ 1973.010731] create_object.isra.0+0x3a/0xa20 [ 1973.011741] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1973.012892] __kmalloc+0x16e/0x390 [ 1973.013710] io_setup_async_rw+0x180/0x580 [ 1973.014667] ? iov_iter_restore+0x195/0x3a0 [ 1973.015645] io_read+0x775/0x11e0 [ 1973.016445] ? kiocb_done+0xc90/0xc90 [ 1973.017330] ? stack_trace_consume_entry+0x160/0x160 [ 1973.018474] ? lock_acquire+0x197/0x470 [ 1973.019392] ? lock_acquire+0x197/0x470 [ 1973.020287] ? __lock_acquire+0xbb1/0x5b00 [ 1973.021246] io_issue_sqe+0x2e12/0x7660 [ 1973.022158] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1973.023348] ? SOFTIRQ_verbose+0x10/0x10 [ 1973.024266] ? lock_chain_count+0x20/0x20 [ 1973.025202] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1973.026382] ? io_connect+0x610/0x610 [ 1973.027252] ? lock_acquire+0x197/0x470 [ 1973.028118] ? find_held_lock+0x2c/0x110 [ 1973.029035] ? __fget_files+0x26d/0x4c0 [ 1973.029917] ? lock_downgrade+0x6d0/0x6d0 [ 1973.030854] __io_queue_sqe+0x90/0x9d0 [ 1973.031753] ? io_issue_sqe+0x7660/0x7660 [ 1973.032690] ? io_prep_rw+0x7f5/0x1050 [ 1973.033573] io_submit_sqes+0x4461/0x85c0 [ 1973.034547] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1973.035675] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1973.036766] ? lock_downgrade+0x6d0/0x6d0 [ 1973.037695] ? find_held_lock+0x2c/0x110 [ 1973.038617] ? io_submit_sqes+0x85c0/0x85c0 [ 1973.039613] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1973.040641] ? wait_for_completion_io+0x270/0x270 [ 1973.041678] ? rcu_read_lock_any_held+0x75/0xa0 [ 1973.042674] ? vfs_write+0x354/0xa70 [ 1973.043499] ? copy_kernel_to_fpregs+0x9e/0xe0 [ 1973.044479] ? trace_event_raw_event_x86_fpu+0x390/0x390 [ 1973.045665] ? ksys_write+0x1a9/0x260 [ 1973.046478] ? __ia32_sys_read+0xb0/0xb0 [ 1973.047376] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1973.048521] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1973.049644] do_syscall_64+0x33/0x40 [ 1973.050439] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1973.051572] RIP: 0033:0x7fcf4787bb19 [ 1973.052376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1973.056414] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1973.058075] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1973.059651] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1973.061215] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1973.062779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1973.064363] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 20:13:00 executing program 3: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xffffffff, 0x5, "f31afa00434ef9bab774bdca0d00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) socket$inet(0x2, 0xa, 0x0) getuid() mmap$perf(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xf, 0x100010, 0xffffffffffffffff, 0x1000) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) mount$cgroup2(0x0, &(0x7f0000000640)='./file0\x00', &(0x7f0000000140), 0x2000004, &(0x7f0000000180)=ANY=[@ANYBLOB='memory_recursiveprot,memory_localevents,nsdelegate,memory_localevents,nsdelegate,blkio,memory_recursiveprot,net_prio,euid<', @ANYRESDEC=r1, @ANYBLOB="2c6673757569643d32643036646139612d373665632d336463312d323635632d30326234386135302c00994eb94997a219ad1b151cfdc7cb9692445edf339647885bef1ba2b55419504c00864a2a2eaea25ca6bb5609b66776b48c3bf45b48ac5de24e8f84f723a585a4c836be44fbf5346654ddb1a1e65ae31c0ba3252b77448db3ce51722df183f20b30ef2a2665f836d275b9513d5b43f4d9c7fb12bc4a7b6fc21bf0b9ae903b063bfa69b8078cd7fb483d4af3ace5bb7658c152c25a0973341c3a02d0f9912a00416b306bb75d75908c18e99a5ffed34c62a2555ba9cebcbbdf9a6c739b581806084e9342785859f5c8625576b268bd77c82f26ff74ca1c519e7f924c34e78f52d3254e03e0569a9ab4ef65f47a957e417671d0cb58cec59424ee71eb0991ce6e85bd84954789715e05607a46483b71e466c60c54ed73937d208a44464b00fa2548a70ac87ff41f384ca5a4d31f24705bd95051e596d4fff1b0"]) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x4e20, 0x4, @loopback}, 0x1c) r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffe}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup3(r3, r0, 0x0) 20:13:00 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1973.223477] cgroup2: Unknown parameter 'blkio' 20:13:00 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x2a, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xe57}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x3, {0x3}}) 20:13:00 executing program 1: ioctl$BTRFS_IOC_SPACE_INFO(0xffffffffffffffff, 0xc0109414, &(0x7f0000026400)=ANY=[@ANYBLOB="1a0c000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000066ac83fe5aff7cb6e1604c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005bb0dbacaf48f407e6717080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000eb000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000949507f75635246106d144e767d11cf10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000eaa3fc721e3d44c924a843f10e904b16cce6c924a86433b4680106ae26a98961ade591efad7ff11324207dce2935b91edcad41931c6861b55dd4f408154a2d186754b81215d497ccc2244f373f98b8e73d38cc0c0c384247b9ae0649cfba84ef1161e63a1a18518738de8146ecffadf7a1945f0bf24a15a86f00ec673fdc70935334057ea5946dc07dd21767e85a"]) r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) ioctl$AUTOFS_DEV_IOCTL_VERSION(r3, 0xc0189371, &(0x7f0000000440)=ANY=[@ANYBLOB="01004000000000001800000025813c736dc349e09e7555da64d93289a8777fa90a38a6f31ccc4941b5ba0b805ecc705139189e31fb7db3ecdde472b4e313f28249216f17b0d583fc4f179f763c1f5d5aece85676fb9216d5cfa5d51ef7b4dce724d2e1f8e56908e4a046263b16ed3b1e3aec4a8ebd2b9db82feb4e692e64aaf98dd6ea5bad806f9abc133f77b310dd41a5718f7ca9ccc0aff01a964577dd607f47e95d4d5f027636e3f86bdab4b9a68aff07efde0750e55774c0f4b5cd51a2a1de25ad2d48", @ANYRES32=r3, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file0\x00']) dup2(r4, r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) pwrite64(r0, &(0x7f0000000340)="45fcd8c997b49d0b6c2dbc17122bf414a4c95ee1e46b0c8118453afd6e9b5f7f19bf8850ae0ad8ce0725ecdbd39ef757331c1e032bc905a2947c8ca1fe2deae780791a131b15527da770f58072bc8dff91a889692e0c707931da40522a35642303e7e49fcfe00e7d3e1006edfd77585c38cb3022b62b2c68ec452716f96af50eb039472d50fd2cc486c1b3d08f223efb59835db129f8047c79887626169c281b3993ed54d8db0d32ab1ede189a1f51e61a926d2522c16b290e304032f63ef67762785181828ffc86aaa5dd6ba6a2", 0xce, 0x6) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$9p(r3, &(0x7f0000000740)="4e25a7738c140c702b5ea9ccb71a32770387d52c1503ba36742bfcb22b7aaa4d56c86c1055477386e6fda74dae79a161a6eefbbf71451e5ec327c903823ab2ea39a72a55ca873d268100cd8a387ed9ed0927a09d6edb4c3d702ba58678b90edc4ce8528750195847759a448686789e4d557e8cb44d1019260186cdc58fe6023595e1ea55242d994d15430cc73ba6700c1431206fd08a9a75f79e4c74a9a441690fcc7806757f9c2a7689b74a28bc12c2cb117cbb831aedb778e4621e8577feb3f6d08f4d29b7d66a901a00d8b81d651ec4de66456de17ef6796a08342ef75090dcb1dc976f3c90fcf5467c918f2094a21d89d648d2", 0xf5) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r5, 0x8914, &(0x7f0000000140)={'lo\x00'}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000540)) [ 1974.025313] cgroup2: Unknown parameter 'blkio' 20:13:15 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 64) 20:13:15 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x14, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}}, 0x14}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:13:15 executing program 3: openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) r1 = getpgrp(0x0) r2 = pidfd_open(r1, 0x0) r3 = dup(r2) pidfd_send_signal(r3, 0x0, &(0x7f0000000000), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe81bc0eba2e8e496, @perf_config_ext={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xf, r3, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x18000, 0x0) ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x4000006}) getpid() r5 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r5, 0x0, 0x100000001) [ 1988.618441] FAULT_INJECTION: forcing a failure. [ 1988.618441] name failslab, interval 1, probability 0, space 0, times 0 [ 1988.620431] CPU: 1 PID: 14051 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1988.621461] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1988.622700] Call Trace: [ 1988.623127] dump_stack+0x107/0x167 [ 1988.623691] should_fail.cold+0x5/0xa [ 1988.624276] ? io_setup_async_rw+0x180/0x580 [ 1988.624945] should_failslab+0x5/0x20 [ 1988.625515] __kmalloc+0x72/0x390 [ 1988.626043] io_setup_async_rw+0x180/0x580 [ 1988.626682] ? iov_iter_restore+0x195/0x3a0 [ 1988.627294] io_read+0x775/0x11e0 [ 1988.627831] ? kiocb_done+0xc90/0xc90 [ 1988.628409] ? stack_trace_consume_entry+0x160/0x160 [ 1988.629114] ? lock_acquire+0x197/0x470 [ 1988.629669] ? __lock_acquire+0xbb1/0x5b00 [ 1988.630247] io_issue_sqe+0x2e12/0x7660 [ 1988.630805] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1988.631543] ? SOFTIRQ_verbose+0x10/0x10 [ 1988.632109] ? lock_chain_count+0x20/0x20 [ 1988.632686] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1988.633402] ? io_connect+0x610/0x610 [ 1988.633928] ? lock_acquire+0x197/0x470 [ 1988.634472] ? find_held_lock+0x2c/0x110 [ 1988.635033] ? __fget_files+0x26d/0x4c0 [ 1988.635596] ? lock_downgrade+0x6d0/0x6d0 [ 1988.636170] __io_queue_sqe+0x90/0x9d0 [ 1988.636718] ? io_issue_sqe+0x7660/0x7660 [ 1988.637301] ? io_prep_rw+0x7f5/0x1050 [ 1988.637845] io_submit_sqes+0x4461/0x85c0 [ 1988.638435] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1988.639120] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1988.639802] ? lock_downgrade+0x6d0/0x6d0 [ 1988.640384] ? find_held_lock+0x2c/0x110 [ 1988.640957] ? io_submit_sqes+0x85c0/0x85c0 [ 1988.641563] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1988.642238] ? wait_for_completion_io+0x270/0x270 [ 1988.642912] ? rcu_read_lock_any_held+0x75/0xa0 [ 1988.643575] ? vfs_write+0x354/0xa70 [ 1988.644089] ? fput_many+0x2f/0x1a0 [ 1988.644594] ? ksys_write+0x1a9/0x260 [ 1988.645111] ? __ia32_sys_read+0xb0/0xb0 [ 1988.645686] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1988.646415] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1988.647151] do_syscall_64+0x33/0x40 [ 1988.647667] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1988.648372] RIP: 0033:0x7fcf4787bb19 [ 1988.648891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1988.651466] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1988.652531] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1988.653507] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1988.654485] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1988.655644] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1988.656772] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 20:13:15 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sync() 20:13:15 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 20:13:15 executing program 2: r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x2, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='smaps\x00') ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000040)='\x00') pread64(r1, &(0x7f0000001100)=""/4095, 0xfff, 0x2) ioctl$DVD_READ_STRUCT(0xffffffffffffffff, 0x5321, 0x0) r3 = getpgrp(0x0) r4 = pidfd_open(r3, 0x0) r5 = dup(r4) pidfd_send_signal(r5, 0x0, &(0x7f0000000000), 0x0) ioctl$EVIOCSABS3F(r5, 0x401845ff, &(0x7f0000000380)={0x20, 0x2cd, 0x7, 0x2, 0x9, 0x800}) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0) r6 = getpgrp(0xffffffffffffffff) r7 = pidfd_open(r6, 0x0) perf_event_open(&(0x7f0000000300)={0x5, 0x80, 0x2, 0xbb, 0x2, 0xff, 0x0, 0x7fff, 0x64, 0x19, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x21d7, 0x0, @perf_bp={&(0x7f00000002c0), 0xf}, 0x2424, 0x7ff, 0x98, 0x4, 0x1000, 0x1800000, 0xfff, 0x0, 0xbcf4, 0x0, 0x1}, 0xffffffffffffffff, 0xc, r2, 0x9) r8 = dup(r7) pidfd_send_signal(r8, 0x0, &(0x7f0000000000), 0x0) getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000000100)={{{@in6=@loopback, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in6=@loopback}}, &(0x7f0000000200)=0xe8) sendmsg$nl_generic(r8, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000240)={&(0x7f0000002100)={0x1100, 0x18, 0x1, 0x70bd25, 0x25dfdbfc, {0x14}, [@typed={0x8, 0x3e, 0x0, 0x0, @ipv4=@loopback}, @generic="691c46b527e99e3290319a88ff08a626ba37be6d7fb863d0cf53b95e65cdb9423e5b3cb981033d17b1af0b46725f7e26a4db57375bcb6caa7dfabfa6d9cda67961bc6de61d45b4b76f59d03cf574d5e83d347f05b233332795152c387a9f980d1bcf1e839ce0f8c8ed6f73bdacd1288b8bd21f0c153929b4d494d76f442943effb5dfd4ea34e9db6c5b7813e93cf991f423e2d55bede66f8ba96478142f1a7fe6bbee70408b5dec7dbfa7153209039f36897a9419977bdfbd801abea77bba29af2210905749514", @typed={0x8, 0x47, 0x0, 0x0, @uid=r9}, @generic="6800397cf09d3d6972e606dabd961bb45c03c1300d73f28bd709a8631a0bced954a031783147d87b808c4a15cdba5bd988da08e5a3c51d17c768165b3feeff1f6840be52eccde3a0d14a8ce4183c00531b22a8ae062fb754e35bbf0453ec01374fdf2bbe6af21e7f45ea72cff1b18d1ec6f48787f7234e6dd1066cf1799fcd87ff7e4b86f7029ddea2039db69b5a9e94e1dd75558832ca1eda045a7558780509b6c400f6bf7d7ae15cf6013dc9c526a4680979a0df85a735bc54d1224f1f8c6e8543f36751b5ba2ff8c844d70b9f1908ef8b3d7ebe9c7056cdc33c52209845cb93b70581794761f655d5a4eee6c626ab99fb0607f223ad8f8c9ff538880c837c339139dac6388da748a295e82b3093078dd829a25b5d66e523e1e1cecbf0659409c5717d3b6b8c3350dcf0cd60d6173d57e3fd157b0a4dbb6f802c97ca4752914378b805128cb3e44525060a402c6db766fc5672650ba4fa50b6544beaefcd19075c0e0fbb9789e46b9c87eb5c8d54ab1ffa5fe8bb91b9879c8b9f9ab890e41e50617c878f9d4a09a59074eca9dd6f9cdbb9ddb054b145db3adfbc1fb9d9725044ec24e8b407596efa313cb641c5238204756ad9c365f7db9dcadc1e837e7c95fe38466e15b56ee5693c59845683462284b27b6d06eac2d5ff174ce0b8036707786249e94fe628fb29ecd0528b4a4d19606a264aaabc365d545324473d837deb631b3a9ad78c43f0cebaf4b417ef043e137a127ccb6e37f86530a79e9d0af86f02fe2b4a339550cf7ccc237a4689eb3d96b5afe838de057e5559e16562742b433853e72f42357c8839d420e07fe6c226ce02734aaab3767f085eaef62cdb09d6b89f784710a27417e0569012e205a3291dc98c1c82ae2261ed1300a2f62a67a94c5072902f940d3a14e7a16d54146a6cf85847204cadb51171bbebb4dba9fcd8dc990cc97d38511625c7c4d55bba2c8e72ec9b2a176b5b3dc9ba358fa243fc72613034d5cbe2e53cc61099cdd0109d438a85c03d9263223febd62dd323230a46a0cf397370a3c865d99ccde73b569848e4eeb7d21c19050200846228ca915404de6061e5c8259d93535691ee0d6327e6f5dcbb191f7fc20044a0dc44d3a45d898106e16432859d2fc0aa07b23db713e7fb407ce9e6a4ec1d92b91f43138b557ef59b37292f9ad55b54fa48c82b881fc53e3f5bda52f0c509272e0da9ec0262f5b808dc3983385bbe229d47d927bfe396aee142d4a4768798f8c2255c02489aadef8e46c7870fe2723ddee160790d68be8d4965ee9b7d507cba417e6cb4a7a6ade5b15e59ac0091fa3678c52be0496162d4330b71d52232a2cc7a13aec428d334ea81fc56c1a14fc7d951a5921df7ee1b6dc118ef66846982c866aa525eb42feda5070d50dadc6dc8cf5fc3d7b093bfe5ff7d7f8d24b57e034596bb87c1ada7dc3509d66cd9758800333c3aa3eeed13587a4939244bbf013b5d3074146c8af9251e3c4bd1ce8d642c3c9e2533c719c6e23cfd74e74ef45b9c460c8bc0b6a4be8b4a442accd00e9f150a620bab8e60a5b5e91ce6e2e566f829ae7841854ba97482e078da336696e193c31ce22498f1417670cb85a8a7ba30c0eec93be4e4202fe595d92b756af54604651b3c6be6ee8630639f767fa68d8e37cc1f4343d4a450a1127478a82317058a51db21fd5277cd75af58fc090d237f9959e46ff207e91f19024c7a1c14493913f85c8cf5b46852f1fe769d7f05e4023ddad9f49cbd84a13a6ce051488473be7e6969d3ff67c8212846ec275afd8feedf84bb149e80ad6b9c7e0b47fcc576cba3ca096b1741ed3b19c9d033eed834b252ba69ccdde7eb607589ae1e050631fcc74bf7fe45250ace83abdf79dd35f1cd500269714956d25f67b17571e48b175a343914f4c6174eeda379021746e6d511a0996c8bd63ce26483154a02af0783f94c7f40674fe8738f6a5f9c91f9b228962534a061b5c8f67bc37c522fb72e45eaf16bf67c789bf7072a2612c312195613d9bd845f4ff73b6c7bcc9ac8a51a7be8e23114e76fccf46a8fe16e4fcb99e9212db95e840e00b56d857e8c927f4168e1a237a1be97b2ea80cdfb44211f929ce231d51eb98f3d4e15417f443e258ee7573f1bbb396da926422f83d2cfedc5d4f079bfe7d588a60d7506d9a446d45a8e8a24584ae6f4e7e2103fd08a7d1c1ff718981eddb830401522269ac627f58f28fb8ba460fce9d5d506ce36a19e858970b4c52df6495cf954f7738bb92f54baa2b99cb0c64022dc16b75ee43002959a091b9fcbf59bb574be2b23ac506ef0bc6ed645ddd4107ac4503bdecc4f6f4e6f09bf577cf454d4d9e199aea6aa6d5f871754d3c459d329cf8ed8b7c1f1397eac89e231fdf7b6321d5a82516f50de9321b96c1d3cc830edb09cf05598b27cae0b12a4975b739a321941774a07bba1b6617a7ce4499c821cff422bdd510334393a7229d06c7285a2b7e1d016a727ba8b15d9a0474d118a9f7dc37f79e1f5c4e4b21c1f235f5eff0d12fac755a4fb7af304ca5e4154e1e528007482255ed5ae53f7da27e409c73deede07fc128c4ba69166580b11f5aad36d989206209c38452cda9165d66498fcb96d761073af88e922f848ef1d2f01f5b0241a7d3d5fb3132ce4a8823e58c465c1cf48b2366a2c2dc70c65ade5a9360ddca3b0d7f5f3df3e47256ec190aea9b1f76525c5c48deb5476806bd10b4e7a397adea765458d1f88a2505467573c36a229fb2ef5892c32d6c49506be1c45f2bdcd810afdfc538697c46932590689c89f6dd0142006a09a618431055e24d7c2c382a6a8abd6e699b554dff8a0b184ab524b137a05a82f80bb637f246395c7e8eb219abf0bf6286a39d4e228b25dccad6181daea3f4b14a99bde5f9bff513846cecc027c8aa8c3f3c614dc26f818a0d9efe5dd6dfa00b2f055f0bbd97c5e85c85fefd85fd4f857ae6a392d498ae030ae3a11bcaed38565db5dd41431d180929e05a6dfb0a694457e75aff7e9c2ae05058a9cbd9a2056e2a5886dbb6fcdda883fb84ca4df8782c1e8494cbf24fecbc362664df2c6d672bb1bd5cd6f20fa65f0aa9286cd6cf3fb652b70dee73431fe0197d632cfd51af1febd7442450af1171d7d587f40b38ddaba2fc870ceb1a68912e1a8328cad2da94cc27653333f7736da994263bd0bf3ed550fe9d08ef05dda182c969c643f57528153f93d6b34cb650a58d421daeb32c69969fe67ec6255608c7d1b087b1c107a4707fd5b8d4f45ef26fd9b111ecb40d7fe9157a7f004325bc4d279e70e79c6926464a9288f590a42b423f5ef27084a4b04e62a8f62e5aae8d10b6b17d1a9757b1f11397f13cd91d7f2ba4eb8d53b27b47a29c010f0335431df92ac18a1a7054a90c0717a7a562b168feb2d8a1140bf7f2c90f98047e354d7a2c52d9654a0f214cd6779b0a4cb36f37697cfffdff8e673aa0147af5fd4f75ffded6400fddddfa2834f4e6926d6526000f748fb4d4c127aa511e959ebc74849db823f28c7f2e9f807e7f7d4d67c974fc01fbe4be363a321898a099bc2f5cf26e08b90a78882cf81d8a985693c5ffbac5551a67544ca84e47209f64a91d28b089bad82cf4fd0745ef96f2e946eab7e9b534a4b9d1378196401dfcb668de755cfb7c56a6b263fd1e072601689ad4f280a1e87541f90ba50ad2b19b888202f0a8fed066e08692db07accc049aab4c57a71d1bc2d05d6dc9f9de559e51ca8c52b5d85533c28a314873b5e16081fabf0848c77ad5fae942b50c83d56d44da0726ecbef7ed00af70c41716f8180b459c441da9f02b505f5289849c238a1a7fa2eab66a2b1a88caeb37d4c4e07d55be031558afd039344b1a3712421f8fe4652e88458658a9305956da2f4202d7fa4c8b9a2d18894cfe3084f75abe05134b6f9d4475ab1276cb012bad65f3c5f5879bcbd5ac0d073125d137c7e35ad48876c9e6e5efd432b84754a5fbc83a2e64b3b5583eaa985f42dc282ddaa2f8ec1dffd451434907cfb7cd74a412265277732ffa5051e2f68f9282876192c26f05b31a47a0a2a4136b524b95fe70cd100255624bdeb9415e7c12748f49bf44ae4cb27360c0a2606efedc5a821e757e7a4e3b4736bedb4515b20655bf4e4ec85ccb6bdf924de4c495ef1956d285bbdb42de77f63a7aab422eee56df813425845589a11e39a03ad13e50a1986ae6ba4b85afcb8b4758b069e21f0697dc7d568f8750e18c68f3562341ca91b34ebb7ed01e49272799d7dff13439215a54655edce8519adc7871c904497b52b2484fa6442125a02d9812fc8bdf181264ba8f82d8060840eb84db41c58ad3574103bf31e0184fbb1ae42f0ce5ff48c27d1c15dd961948b3f37039dccc62cc51cf4b46cd5b2178595b579dc64f5af3a47603bee62abf03113f5f4752bfebbf9a0b1ab469a04cf75c46e0476b67f93dc2a6883e4cc7edaf76fe8f748f430c26990771869faedb9125f96e28aa579503a8ad8213a4c59c67049425ac1bd6b17c68c8b9ac5c45ee5e23f6b484de86ad0b31125277808e9cee6709f93b139a1295deed725c4bc2405a244c5a914757fd0120ff0634e088a114019607aa0e98cf25d190d914e11c60f7e2ec3b713c2dae27b58b0603b7f2b58b9e012eb0b49ef92149d0cb187c75c5006ce078cc9f630464cbb214c1d43267bb402fc082d956a6f990dd4ff26447c8836e0efe9a23e1a5b417925b3ad183ffa83420496c64933ea8891bc3f6451fa8e143008f0a56f555bfca925442917b6034b3c8f8ac037161c1cea591a114d9f0b48aad0b24f35fc72ce57b42d297b484d57e162dc6373faab175174c740676e652632c46be2f27a24ef2b1354c39889af990fa5ab171b2275cd12d51943a073d0f970ee4779f0256540ee03a5c6ebb4b91787ba75738e1e20f56d700c344a090e250a2d8b28c6206351a5e273190ea0ef2dd950d0cf1b646c95bb31d7bb35ad6dc6b3854e2ff244ac57b80df17ed4de7ccc7753a1035c21cb77e9800b1df0ad12d71c87bd9f2e37d5000cb04f09cd20f761e9680b39dddc3b60d36a8cf1d59e23336977870eccb65ad817d5aa671eba8ba0fc6f254cd65ac3777665dca1aefcd26dfcdf8196da8cc6ff2ed7122c33d7133cdbb82481e9060b86202d1fa86c2a100624bebe527e2998426893524792ae231900f884cea7e331e6de92a84c2b0043ff052453aac26886d2e912d1a1a1fcf9a45e356238a81f3f41e4df802a76af0e444e88820f0ccb5dbc2d4ec37cef90a4e4ee65637278ac1f06f19a4940cbbb2a7e858c302cf221fa4a5df154d8b225007e0e02767f58898af3c8be4c6e07c7b34fc3bbdb76496b9ef66edc6c2314fc1eb6090e460b9b0a0a39e353d2b5dcbac1bc38c0a0896e2dd5dc9c11f91407bf938377af39f6415894c3d831740c2ed2c23b27927d80b9adef4a5036b8957ce7df3c94e318709abe1474e5a824bc2d2d39ba64b382e826b9d61c28d6a15ccd07b6b280e7ebca856da0640cdf5fd98983dde24468821bb13053c7a86d4b63cfe8df13022ceb54bdedc3a51767b997c41ae40309ea9ac2e80324ab0b9240c08b268386039ceb9cdeacf1188f2977239c30102aad4edbd28e031ce866290998e07afb4ad4d949ba2628e74715475f111bfad94fb4a0b4996fea7a76bb1ec3c48818120ce061efa4279d384bbf2531bc46174b334379e469f97c79b5071d82e4f7b660c3f46fd2f698be39b1cb881f0c96e5f58fa550873731004af93c881abe6a96d14977ae332ea78e22424da845431d16", @typed={0xa, 0x16, 0x0, 0x0, @str='smaps\x00'}, @typed={0x8, 0x43, 0x0, 0x0, @fd=r1}]}, 0x1100}, 0x1, 0x0, 0x0, 0x20000800}, 0x40) 20:13:15 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FILES_UPDATE={0x14, 0x4, 0x0, 0x0, 0x7, &(0x7f0000000080), 0x0, 0x0, 0x1, {0x0, r6}}, 0x8000) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2000008, 0x40010, r5, 0x10000000) r8 = accept4$inet(r3, 0x0, &(0x7f0000000080), 0xc00) syz_io_uring_submit(r4, r7, &(0x7f0000000580)=@IORING_OP_RECVMSG={0xa, 0x5, 0x0, r8, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@qipcrtr, 0x80, &(0x7f0000000180)=[{&(0x7f0000000340)=""/133, 0x85}, {&(0x7f0000000400)=""/212, 0xd4}], 0x2, &(0x7f0000000500)=""/3, 0x3}, 0x0, 0x100, 0x0, {0x1}}, 0x5) r9 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r10 = syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000340)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r11, 0x0, 0x0, 0x0) io_uring_enter(r10, 0x49d2, 0xbddf, 0x0, &(0x7f0000001c40)={[0x400]}, 0x8) syz_io_uring_submit(r11, r12, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_complete(r11) syz_io_uring_submit(r11, r2, &(0x7f0000001c00)=@IORING_OP_WRITEV={0x2, 0x0, 0x2004, @fd=r9, 0x6, &(0x7f0000001b40)=[{&(0x7f00000005c0)="0f506ff22a6c7e06de2a55efa398ff49826c14b5d2c2b0357de984ae625839511ab5483bbb4daceca5e4c0d05db89b2b52824214454d251dd0c47d588919e2a7763ee36a9078a99e483289617905593012f77d136b010563c048aaa667725bb682574cace72fb0129da4dcd58f03c45196985c46fe5ee5b436ab88538a51c388eb4ceadd84ee92971f17034007c19aa002bd2e417aa732070ca59b23d5f2667582496e2f5228ca2eb2baacb64ec222eb575b87bb42a2ca4e6ca710f1d7b8d905bdb446d11505638e45c5602e86d284f7ba4394340a774cfabfdae0af8a2434cc148100f6a6677212ab0df938839e24583a48d0126368", 0xf6}, {&(0x7f00000006c0)="6a75d0d3885ab6afc7c32c2095b2c221ec0a03eba2eacd1aa8f31d36b0685bab9fc5bcdfd1bda989a2822aff92b15aa4c76a359fbef66a46d0c8f4ab24393c2d1ec35746abe4575dbf98f2cc24dd74abbda5f2e53dcd238cf008a5a280f8560803e7b194547a6569a8c4dc519c1dda4205a1d154cbfbb200a5d9c52b10f46f01eabf0c4a75efdbe4cc05122f1b8787865348329db26417779bc61d224a921321e75db33e519d368dce", 0xa9}, {&(0x7f0000000780)="d3da3593ea0c51687833a1c9a19108046630db00c9f31444ff84e4afe4774eacc0c4976d6c8e183e58f2e79f4cab34f2e5cc06bd5b7cb2d9181bee84d34671fce3331838d811a17458d0f4adbbb9a6bfd45ffe41a0880dd46be6f20a73d910fd930e53af7e17dd25daa32377cdd568251a3244f4964b588aa5d9fe8fed8273b779da1e4714b38ce6a7e9f958c49d0773d23b22e702f347a56f35f59821bc37c019b2581b1d0a34b730bd81fad964201cd964347bbbf3552f9f34dd74fce333122187d6815ef38b49939dfcd27e5d969f01d29bc3c6b3032a8d1c166749e09513d7fd9a53c1ba1cc5e5a0415d26e14b605539584c04acd24b805ada565b055696cbe9da45aa48d7b89881af2d0be1c121d8369a7e3d9173c3c32fb5f9154e7938b579cd7fdd9f831708501b7d0c2a76ac9175fb43f5bf196901e1dd348a293023847cec1dc19b847474b91dabb214c0192feb40bed4fbe794dbce523e1bea0bce890312b9ed57d6cff7573d4d922f1cb3c7e27afbc070ee96fee060d8be9eeb6d88a8780954c5d22b0f9c934224218dea047499f827c33eb11b73fd7a59bb446fe5e4e72fe03b77e5cac7703e68331f9fd4735cc291eddebc12e76d48bd0584b5ce9c852186bedef7196d4e86671919e37a7c3376461ad35c073d279f54a85c28515c76632efc52c220f763e7303d8cb94c142ab8171801c8a93dfe00f619ae6f3ecae515f2f6910f19a4e6cb5e00a8d78e22f1dd2d5bdc2b33fdeb57f2e8325d3fb3789f1f0fe53ebf762f5ad3db7a892d247ab73fe9e9f906e434e7831f5a913419fb4e8b275dcbcd195979faa74c7ab5979dd47b75d9d511aa46eb01d2e794f3657e2bca25635fc77d98f4d024ef71ff6503dcad029bd554db0722c4e0dbdc775e4fe789d8ae4788e67fac83f391d03a8e66d386079eea46fe206688951e711e1dad710ac83896810f21b833ff7a19cee42688b7ed0fe3cbbdd2e4187930b3ad2723dada6f13b95f365f3b1d262a9fe813901b6dde4984d118fc3b09dbd193bd98c3482ad3017a450095eb3d5c1b2e647343785775a2c2f8169084a367fda66ca53048c34bd032862a37d765163688d37346a00847253044f718e2ae9112c95f65a34fd1b9a570c92fd069b588883330da763f532339725bd6dd793b68ee5286c7783b725baece9a48415bc9ce7fafcb8c66fffb5d73de26a86fb47e503d18648fdd481c532e7256c0d852cdc3f4c0ca8de3bbbd3ee9278f7c76ae43495da5eacde5e07b3019a3266f59134d3a8d6d5173a144a6a242b028651b09d6b316164c27ac286e0a7b12a463aad37b49ae4d5c5fdb816df25d1365d44e3ca23fce041ce19e14df8ebd063a090a6413342cf7962823e44ac8051199c00e1dda0993b348601de5e13f095920645a215d97c6d5075791ea0b68841cee427beea681cb01134ca224b4ce5a6d8a6855f8b7c306d219c867c236a108e219f373f5ddeacc05245894cc5fe73f3f9d927e80fbc7758c4692dbe969a415acaef0cf251211b1d98fa63da43ca6e5596abebd0db6c7223b67b18090547324570b98493874773dbd79b0a258f58c6d8d820c73ceb52628cb3a556d0ba3f97f61704218ca3aff203373432d03caa27ca99dbfd64989bdd38ac9658424ca642a20875b56dc32a7ccc2874dc12d6c046e10ca81df15b0222ecbadeafb289d48e08cbdeb4faba663dda2b3da8ba6a7d0522491fdc91e6192b0ce691fbd4b167a6411e2412bcf44ef11a356e50facbcf9108df8186d91116bd9cd42ae34a4ec7f2a505741cbe3b67b08e4f2b4c99cb344ff062c0ffbaeee209a9ae63ad45a12c3b1262a5c4d6d71e777b3fa3da34131495b6818792e911b0789b518b57401aaa96b11579ace875bcd5b332509da05bc6b1f5bad43db0c812e40164cd31f941ade68dd70fa436175b46d8ee097f944db24a6aa824270ae4faaff1130bf51aaa01bbdb1859aef2160c8f08730dda53ec4496a489140abcd53c233500dea8380260315d87f7b3812b278105a5242a0f7807833c469c9b61faab157974fed4dbd8be0e295b83a365d66ee3a925b8b32177bcbba364d963d1c6f9a24a82f969648e491f8e1a007ab0c68be379b9b4e00397c301e8a803c557909d25d6316f82ab64fffaa38f313224445278126f4efd7a2af6892ceb40114472c65c96444ce36368e105864da7a4c9eeebd24b67c844eb3e8cfcaec3035c060a29edf0ddb1d21ee0a375bf4282696089aaebbd115369a5541b4028c75b2bb2b1e21a3628ab7f4e66e41870d9e2832818e4d305462eff7d363744bf346c5f3fa247b878756485930e6e306bf9df5384d991baf246ac58cb092e05a5b44031aebe9d655361a0cc70fe3daf518396065bddf059bc3f74b8ebf270c5d80973c89efd9d4b3770bd2d2f46aa4d03f5db2012a97e86fd147f145434af96d65a12b08ec848eba75e8c896d611fa2d2a786660781c8fcd97ec5d9960eb613a96a0775135ca3b4901002073ca9ea651a5e5d7188720d594e4b1d82696babe0f74bad229d36674f32f10ef1774ea8ff550ba03adbaaa0a087c3fcf75dd07e035e962a499ae309e8c8dd63ad0652e4ce0ad2e5c04044fb44136f2eacadee71ac4540d96b8a874737cfd8049da86d56b0459cd419572a6270696175453a82b6e47b31d99d721a229e7168e37490997159b764f933365e29c2f81c4f9898b79414b1f39cc86535522d0c8d9dec73659fef1b2f6138b75b844097b40f512837a0236a35c146de6ec201be89616e0a89e90eace7bda9efea44762930e0517ae18114e5282cd6150d597faa091989be55e07abf3ff914d69b47516eb528d075b1f7b43be6a2434b43a50e0da816fdec064013ab912d88903adda969b44a117f343d16bba6f9cf6c339786ce3d1fe96b1779d53c8aef13090c1a1074eba42079340a5c642e6f7201c55ceb23812d5185a6fffc2d5f00db0026c673a27dcd6734d964cd761e983d50dd7ad17582e1da019dd9253b8672fdafecff59971ec57ec8aee673ab85be288c2d8708c4a644d8ae1b983d3222e6a38c5dfc6e0649bddea31d96102cbab0ff4d503c2aa0a9ee6e794c2d5357445d0d5210110f4e6ff733408eb5c8a6764b23eaa975ba7943235db81c4010fd4cc8e96fc341c747ed78ee9431dea8331936ed4c37a2bceb8db6835fd921fd1ec48ba1bfa6c85bb64661d492ec6b963eff71a7c373f0aab30f71a9dea3515947c1ed0e214b9d613d825102f05ccc281d1f69bc863d76151a16e169682981411c86d70c78eaca949b4d41741e0aae502f5f4b7ddb41f7b16f0175118198d6dcf3fa947703dac22669e95ac3604bba996624c42437b3eb6693b4750a111f3e7f2bd38020bf6e36b91c83155b45bd8ed070d8b91024172c325aa6104ccd619e3b7f4bc089d33cce0eccb1ad92b91c2ee6c35c6c81868646b54b79e6b43187eba0f3027af14448945f89cf568c4cfae8629420bfe784a957e0e7430dafa0973efb558a8fa25e5d29df1bfe885de06ef0bb52d6ea3b038261c3203b520988159b960d2c4c6d3b75fa9ad93b265f3af3ede3e0ab9cf0d701d3c4d94422d54a32cb76b59028290347c4985ec250a9d17ec6bb8f0908cb6ce34d5bfaaee06b9cd95b790fcab949a6caa39f460a785c5af93e7679395cec19c25a649da4d70fda0e855d80286412091293566697d1eac3795d02b3a63defbab8d8dfde80e736c9a05f663a83bd645f056d452addc5e43e5e35fa261592fc6456e504e62c7c7062bf92bb5b6febb21c4e27912e0ec68970c7bdf269decdd24f2027e18ffa133339a9184c45d4377ca85d09e93318e12b8d965551bf9b4fdbdebf1a19e27ba9682a261023f9172e5fc483f2eeffbcc1c64e871ada8103a31bcfd555ee8560c7267988ac22ee397a66990ff0680cde09f5271e35b840ce1b99cd77909b44b7999fab585745284da8ff00f8111234d0877353fffb71ed00c412d279024ddb722018b6219fc40847f2788ebeaa9539639d849d7b718e8236b8058149879f2d0c8dd8357ce64d3af4eb1c92d21e10aaff8969ec35a4b45cf1d0279609cd5655e831a08e24c294d4a0a46f2b581a16523f93e79385c86c7594403391c51a876c1c472e0dcf9f42710d220bd72eeb705237a08a8b110fc21a96ddc704040f96a29310582257a4b1ed0e45c1bd014681daeabd737ef4427e7119f86f2083b3adada812f23acc1571254fcc0f3a1578269cf7c6ef25a8f690fca2375276e0b64d950ff98f37dcc29a16519d76488de422a033038042a86f6f8f4abb00fcdfb53bd1f3924b8d02cf28cacbbf6fd261c71a6a9b43e69a93cafb75e8252d9858d908553270280a92eb40fc6ca3127ffc582e3c53c00087a6ece29ae282f60ae071dac08b7d159a39018ebadea3e37b7be450ca436bc8dc1350d6e8d7f5b21e66a6f754ddd4c39cb7ac5a54852ad37f5a921c28b682132f44e0519ded7c114278a414c5429b30b0fefec8372eedf70e35646081d47892174c36088bddf94bce3193892529377a99007e9ffa7eb8e6d9a75a663e747de3d17f6a68682aee007a95e11512b2217723ce5a7d022e7e57748dc8de7b639c515070b64b96b83c20561f1a6e530978399ec86451f0e85443909e81d45c5b997a56f5df3c78d423eca6707f741cb3664d395ae4b543b6b7635df6c8e854c31f2fe1d2648ec41a979e2eec7ba98604037e0cbab7b4129437e9a19b47d8b51708bebf256d7c54af8872f7d5dadd8f038a398923d9cb2c15591c05fb587eb8da80a433cfe1524cd668716b0c17290863e317112358891481d6f6ba3f78dbc7ec4128b38829896b18a80d5c71986d8e48df3834bf08e89980560acffd0ddd7852c738ac328d810eef346f4085c4817d1facae0f0d89710d66ea8c1dec424e88ae8323a03dc4cb81caa64ef0a6fdb05e70250c1894043f090c8a195894ac3344a699c4fcfc3ad0014262002c8f0524eab2919a10efb33748b8c4135f318f6c95f393f34a9e8a7ee8ceaf5847a03524776cb3bbc1fba7cc3acea5e0fded024a6eca36d5317bd965cf4c25d7e71194669067c559fbf75389ce8019c1a3971318a15cf33926f34bb45649f6beda67e8dcd8bea6309b81bf83cdf225d0f0ebf88b009283cce1f8935905d71645ebbb373a624b160db6f2f8bc1e0c363ad3222681c45c4a7daaec2ece6139bf6f5f9337de1e48045bcbaed925f61e3b17f9a49fc4c15e4956ef1191a3db1c8660eb31c7de68f5686161bdc1385fa2d2afeb24d69ed4e8d888b15fd47258f32908f2c4d3a71c5d622fdb4c982950bc9e15a982b32676d0835440f8f5a21c752dcc920ca97175efd75ab3fbc4720eff49603580ef97095344b8e656f84f1531f49254e2baa495dd6e2d03c92e74fd91b5890fa20663a8f550853b2c641fe728cf1076df02150c80316aa39be8db843d939a65aff01fda2cb915cab242ea420aa06fe0bdf56612198681f18b453c9cba8d874d5c4c353862290d267abe2867f1decc416050154e76dfbd17c6ade71fcd3a744cb4a38bfd717af7e01b71bcc6b59a55274ecbac85c7da472852903162a923510aa76bfcf51706b381391b3dd57e8122fdd4822ec84b97d28ab8dcbdb924388c6c43b070a8e999ac3143000e1eb8243dbbf24def02b7fff9ac19d8f9042ff9e3487b90ab836d8615b804d5f341f8b9ea8731f0316f4618b80359d19f22727fedc9afea21c44d18839d317cc361335e89f60a126ca6b60153c66fc805a60fce127e972133432", 0x1000}, {&(0x7f0000001780)="ad894b03f93e0a62ffd6264d3ddf169293f5b6d1c614227a5230256bb96453e66ee6bfa2de64db0297ad4dac26bc6da058de98ba3161dffa1602a8b69b61cd1207c0a3dfb4c12d5378280b3a1fc2deb08de36f8e71dd2ccb943babedf855c1138e12c7d2335a52185e11b43f3b2cb66ff33a5304cd0873dfc3a577d098900f14a6406f67b5957fdb8e38444abab57923530bcd92ffb4f820ee65f82b15c0879cb2e11e294df7a1447938e12cbcee7509f3a0f1e0a44f2f76fd274024b4d259ad5cae84a32b39f59768049bee397c941b4813acc117d10a39f2706b18fb8acf7d9a50dacaba8d", 0xe6}, {&(0x7f0000001880)="17e43173cbe7a315e79cc7643d349aecca8e7458f3ec2b39ad220f8cf08b0d7523e4d90b548dc5af2f1e56cdda98a28d313d945672242621ed177e23a3dd4345e94883692f1092a2b606ae9675683411901de3e1724ad20fdccfecda7a862e26c14b068c7e3209a5ef0f7dfa0d512873de629a8f27159076cee1e21b62e599bbb68b74f00e00fad11ccb0bac6d00ac175f0e560acd89619321df73afd3067fbe1a07996800af28c9f90a3b108e0a559f528bcb6c4a87e1cf36924db0ec790f26f0b9df981192040790521afdf43b6c8fb2f8b9436c6c76c10f6c5d3a4aa2a363b8f09da15945dfd75fc5ae3560499f0e27d4ec5ea4b4a7ac", 0xf8}, {&(0x7f0000001980)="a92900e8", 0x4}, {&(0x7f00000019c0)="f0d278b37b0b662c6d0e4353fbed002272cb0d8ffcd316c88849a818f4becbbabaf3588dadc8c93e640f2a2512c77fdc1bb16caf0e120f633ee26c830cc2914832f5e2f359c33ae03ea6227f7841e7068d54f169e4aa6fec19e47e14c8", 0x5d}, {&(0x7f0000001a40)="8844f7aeb1cf8f362fe8bba270a13af67d969e64e092f1f208bb056f51fe9a2ca079a6baa9862da0a8f73ddd37cae12245d844f56ee190beaa6f876f985a650c3512776de13f2cdc10d58ece1d8167d1a2fb3513b7e86cd9befc3d", 0x5b}, {&(0x7f0000001ac0)="ab8daa8d4bfa15c43fc4032adcb70d4ad1ddb13559242116cf6386744f0d997e43f134e6f9db60b114133965ad296649da88892db06deb1f46c77a43b53cd8d753718ea1d8c808b37a8ef0b8a249ef4d7a4072b05915665c298f7964af87cd33cf2cdf614017829cc4f76dd8791e151cffef6e8d4d05ea5c4d6c699d04", 0x7d}], 0x9, 0x11, 0x0, {0x1, r6}}, 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 20:13:15 executing program 6: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./mnt\x00', 0x0, 0x0, 0x0, 0x2000000, 0x0) r0 = syz_mount_image$nfs4(0x0, &(0x7f00000010c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="00000000850f2db12f66696c43f287fc5e9e5d53d557ba5b9b98ff99e197a7"]) r1 = getpgrp(0x0) pidfd_open(r1, 0x0) mkdirat(0xffffffffffffffff, &(0x7f00000004c0)='mnt/encrypted_dir\x00', 0x0) r2 = perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) rename(&(0x7f0000000180)='mnt/encrypted_dir\x00', &(0x7f00000001c0)='./file0\x00') r3 = socket$inet6_udplite(0xa, 0x2, 0x88) r4 = socket$inet6_udp(0xa, 0x2, 0x0) rename(&(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)='mnt/encrypted_dir\x00') ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'lo\x00', 0x0}) setsockopt$inet6_mreq(r3, 0x29, 0x1c, &(0x7f0000000000)={@local, r5}, 0x14) stat(&(0x7f00000003c0)='./file0\x00', &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$PERF_EVENT_IOC_QUERY_BPF(r2, 0xc008240a, &(0x7f00000002c0)=ANY=[@ANYBLOB="050000000000000000e51700"/28, @ANYRES16]) setresuid(0xffffffffffffffff, r6, 0x0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) stat(&(0x7f0000000140)='./mnt\x00', &(0x7f0000000200)) setsockopt$inet6_mreq(r7, 0x29, 0x1b, &(0x7f0000000080)={@remote}, 0x14) socket$inet6_udp(0xa, 0x2, 0x0) 20:13:15 executing program 6: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) r1 = io_uring_setup(0x59b8, &(0x7f00000001c0)={0x0, 0x0, 0x1, 0x0, 0x1cf}) r2 = socket$inet(0x2, 0xa, 0x0) ioctl$sock_inet_SIOCGIFNETMASK(r2, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/asound/seq/clients\x00', 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000380)=@IORING_OP_LINK_TIMEOUT={0xf, 0x3, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x1, 0x0, 0x1}, 0x7f) getsockopt$sock_linger(r3, 0x1, 0xd, &(0x7f0000000280), &(0x7f00000002c0)=0x8) r4 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000100), 0x400402, 0x0) r5 = inotify_init1(0x0) ioctl$int_in(r4, 0x5452, &(0x7f0000000080)=0x6) inotify_add_watch(r5, &(0x7f0000000040)='.\x00', 0x2000003) r6 = openat$cgroup_type(0xffffffffffffffff, &(0x7f0000000140), 0x2, 0x0) io_uring_register$IORING_REGISTER_FILES(r4, 0x2, &(0x7f0000000180)=[r1, r0, r0, r0, r5, r0, r6], 0x7) r7 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0xe}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x229cf6cf}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f00000000c0)={'xfrm0\x00'}) fcntl$setownex(r7, 0xf, &(0x7f0000000300)={0x2, 0xffffffffffffffff}) dup3(r2, r0, 0x0) 20:13:16 executing program 2: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8914, &(0x7f0000000140)={'lo\x00'}) ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, &(0x7f0000000100)={'ip6gre0\x00', &(0x7f0000000040)={'ip6gre0\x00', 0x0, 0x29, 0x3, 0x0, 0x0, 0x4, @remote, @local, 0x7800, 0x700}}) flock(0xffffffffffffffff, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'lo\x00'}) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x0, 0xfffffffffffffffc}, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8914, &(0x7f0000000140)={'lo\x00'}) openat$cdrom(0xffffffffffffff9c, 0x0, 0x10100, 0x0) fchown(0xffffffffffffffff, 0x0, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) accept4(r1, &(0x7f0000000180)=@can, &(0x7f0000000000)=0x80, 0x100800) socket$inet_udp(0x2, 0x2, 0x0) close(0xffffffffffffffff) 20:13:16 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 65) 20:13:16 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x2000, 0x0, 0x0, 0x0) 20:13:16 executing program 4: set_mempolicy(0x0, &(0x7f00000000c0)=0x6c0e, 0x7fff) syz_80211_join_ibss(&(0x7f0000000040)='wlan1\x00', 0x0, 0x0, 0x0) syz_80211_inject_frame(&(0x7f00000000c0), &(0x7f00000001c0)=ANY=[@ANYBLOB="92cfa06e370d430a420611e67926e9baf2f51b19cd34f9ffffff87286eeef356777bfcde780bc4dbd5615880a8576f00d725000551e81ed05ad4c20010000000b603000000000000fcdb34473a50a7e0227491e7e8c3d90f994db4c674e34ec1f7c5fb881b8a89b43600c00100000000008001ac5a8bf07bff57fc4546b9f349690653e4b3d1136d3da81e81b1276257b6149a40453848520dc4d54be59a1b4bf5d072014cedfa61c54d23cb5e43d9188a27835d60646cac300322485c657856bafd675acc000000000000009d13e51651d958fc88"], 0x2f) fork() fork() tkill(0x0, 0x0) ptrace$cont(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) set_mempolicy(0x2, &(0x7f0000000100)=0x3, 0x4) kcmp(0x0, 0xffffffffffffffff, 0x4, 0xffffffffffffffff, r0) r1 = fork() syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000380)=ANY=[@ANYBLOB="0e216f337fbbc7aff0628d70e400880d0000000000a2d400"], 0xa) ptrace$setopts(0x4206, r1, 0x0, 0x0) ptrace(0x8, r1) ioctl$SNDRV_SEQ_IOCTL_PVERSION(0xffffffffffffffff, 0x80045300, &(0x7f0000000400)) wait4(0x0, 0x0, 0x20000000, &(0x7f0000000440)) syz_80211_inject_frame(&(0x7f0000000000)=@broadcast, &(0x7f0000000600)=@mgmt_frame=@assoc_resp={@with_ht={{{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}, {0x3f}, @broadcast, @device_b, @random="a4749d8f07f3", {0x4, 0x652}}, @ver_80211n={0x0, 0x1, 0x0, 0x1, 0x0, 0x1}}, 0x6116, 0x4f, @default, @val={0x1, 0x5, [{0x36, 0x1}, {0x24}, {0xc, 0x1}, {0x30}, {0x1b}]}, @val={0x2d, 0x1a, {0x8, 0x2, 0x7, 0x0, {0x90e2, 0x4, 0x0, 0x5, 0x0, 0x0, 0x1, 0x3, 0x1}, 0x800, 0xfffffff8, 0xc8}}, [{0xdd, 0x90, "8a517037f7aa0d25671673490354d332acd279bfe786e181246f327ca04784e597ba102e3e48b4aed8074f8c4d40b819e905e13a124e72299b325968d83e4fe04046325bc75b84632ec120b7ad0c1b15aa20fe699230dbc5283b67fccb3d3ca6caa1e967756429d90d868d3e36b0cff6068b8784016b0baf82822a0b4c87bbc04eda5891aa533d1d71d09aed7db0c55d"}, {0xdd, 0x90, "bb2794725446d96c465fb2592afc6abeda2c407b9bcc4da7bd5981e6419abc82bbc56b77984e7692b3850b03985486bbd52cdc0f1f52b055c63bceddf4da588c2bf0f8bab4d1d76ef0cd755398e2bbbfdb4b08deeef9b99c7fab640e2b46092991927b71c728737754ac8ee4086715a05a38461e20fe9310c436bebff05459ecb9ad379d73a75fe2f0251f1044fbd5e8"}, {0xdd, 0xb5, "fd1af5ae83dd5b65fd319e3da9c5b36bb17c9e3ec788df05205468dedbc2ab495d55d6fa3070f179a3675e84306e7820dae532966ae653e2e6dca413494f308043156f3ecd95e4d2bca5e17f0469a3bf34f1248b9a5947c33d13fb51b91c5277d2e70d4531851008bee020afbe39d14ec7dbad78c3b4e0708b4812e01f0c3f24cd00061b35cb1bd89f8495a0a7d684746dcaa54bc4298a774851a2b94cec1249635c1baf085c49566ad4d66c199d0160baeed213f5"}, {0xdd, 0xda, "a5713f7de873c3e52b8f234c4a567491a973a602de376d33d8dae2d7dccbf792dc0451100f9d1435f611583bc3679f27d5f5f737248d93a5e4e5aa1504ad331d115a3efeb9fbc3ff798f58841f7c59ba4263e3b3adfb97ecc50155fcd1245dab2c57e93d0113c31f3bd9a487423e015f0632a0d1e616038e15e86df75c84efb1392eb8cfbb2819854641fba5df6d3b271493ae1dd330d612026884a1bb6edd68b75460f1ae43b2576d0df97417e899ffdc2618dc8bcb6bc4a16e1a66ae09c45fe8ff26530a869556b2f69dce2f71c0fc863569114ab13c1beaf6"}, {0xdd, 0xa8, "0008577f69257f081d3bad4d7b50338afbd9596d4fdc2a3d4d581ef8e5df45bb55e30517b8ae2ffec3f13f7d2bbe6d0172f0c42c59d13b391008363a71688f93aa09cebca6de64dd0b77e8cfa5288994354cded477c1d4cbd4088bcd4487eaef4972a2bf297cb20c516aa2c5379500dc3f7b1112ebb3ca2aa9f37eb44b67c674ecf1ac52251ea28ef80375dabebbf17b7d896cd7726012cf948f35e6644c1cdbeecce5676e47412c"}, {0xdd, 0x3c, "ae137c7ebb9342aea28e88a589695fb7f9eea0de96058d4b6b0f68972cc2c4d42cf716087f16d3da9a569209b661ae63d40c4bc1fcf6eeb9544505f4"}, {0xdd, 0x1e, "c81a78694bd6a08367c6478357c283a66f3be48d07b48353a7d82a49b360"}]}, 0x404) openat$bsg(0xffffffffffffff9c, &(0x7f0000000340), 0x206800, 0x0) syz_80211_inject_frame(&(0x7f0000000140)=@device_b, &(0x7f0000000080)=ANY=[@ANYBLOB="240100008ded002c00010000000000002f155a52b08591d08e86ce04638f272baf5b4ef1225383968728818e94324ab14b3b27"], 0x10) fork() 20:13:16 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r3, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') pipe2(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x800000, 0x0, 0x0, 0x0) [ 1989.246158] FAULT_INJECTION: forcing a failure. [ 1989.246158] name failslab, interval 1, probability 0, space 0, times 0 [ 1989.247456] CPU: 1 PID: 14084 Comm: syz-executor.5 Not tainted 5.10.180 #1 [ 1989.248215] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1989.249098] Call Trace: [ 1989.249396] dump_stack+0x107/0x167 [ 1989.249805] should_fail.cold+0x5/0xa [ 1989.250230] ? create_object.isra.0+0x3a/0xa20 [ 1989.250728] should_failslab+0x5/0x20 [ 1989.251155] kmem_cache_alloc+0x5b/0x310 [ 1989.251603] ? io_setup_async_rw+0x180/0x580 [ 1989.252089] create_object.isra.0+0x3a/0xa20 [ 1989.252567] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1989.253130] __kmalloc+0x16e/0x390 [ 1989.253534] io_setup_async_rw+0x180/0x580 [ 1989.253997] ? iov_iter_restore+0x195/0x3a0 [ 1989.254477] io_read+0x775/0x11e0 [ 1989.254864] ? kiocb_done+0xc90/0xc90 [ 1989.255319] ? stack_trace_consume_entry+0x160/0x160 [ 1989.255884] ? lock_acquire+0x197/0x470 [ 1989.256321] ? __lock_acquire+0xbb1/0x5b00 [ 1989.256789] io_issue_sqe+0x2e12/0x7660 [ 1989.257254] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1989.257850] ? SOFTIRQ_verbose+0x10/0x10 [ 1989.258308] ? lock_chain_count+0x20/0x20 [ 1989.258785] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1989.259384] ? io_connect+0x610/0x610 [ 1989.259835] ? lock_acquire+0x197/0x470 [ 1989.260295] ? find_held_lock+0x2c/0x110 [ 1989.260771] ? __fget_files+0x26d/0x4c0 [ 1989.261235] ? lock_downgrade+0x6d0/0x6d0 [ 1989.261714] __io_queue_sqe+0x90/0x9d0 [ 1989.262163] ? io_issue_sqe+0x7660/0x7660 [ 1989.262651] ? io_prep_rw+0x7f5/0x1050 [ 1989.263119] io_submit_sqes+0x4461/0x85c0 [ 1989.263591] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 1989.264163] __do_sys_io_uring_enter+0x6b5/0x1730 [ 1989.264730] ? lock_downgrade+0x6d0/0x6d0 [ 1989.265207] ? find_held_lock+0x2c/0x110 [ 1989.265687] ? io_submit_sqes+0x85c0/0x85c0 [ 1989.266196] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1989.266753] ? wait_for_completion_io+0x270/0x270 [ 1989.267319] ? rcu_read_lock_any_held+0x75/0xa0 [ 1989.267857] ? vfs_write+0x354/0xa70 [ 1989.268296] ? fput_many+0x2f/0x1a0 [ 1989.268691] ? ksys_write+0x1a9/0x260 [ 1989.269139] ? __ia32_sys_read+0xb0/0xb0 [ 1989.269613] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1989.270221] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1989.270809] do_syscall_64+0x33/0x40 [ 1989.271260] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1989.271856] RIP: 0033:0x7fcf4787bb19 [ 1989.272289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1989.274387] RSP: 002b:00007fcf44df1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1989.275265] RAX: ffffffffffffffda RBX: 00007fcf4798ef60 RCX: 00007fcf4787bb19 [ 1989.276068] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1989.276884] RBP: 00007fcf44df11d0 R08: 0000000000000000 R09: 0000000000000000 [ 1989.277705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1989.278534] R13: 00007ffe8cffc48f R14: 00007fcf44df1300 R15: 0000000000022000 20:13:16 executing program 0: ftruncate(0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) faccessat2(r0, &(0x7f0000000040)='./file1\x00', 0x4, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) dup2(0xffffffffffffffff, r2) pread64(r1, &(0x7f0000000140)=""/138, 0x8a, 0xfffffffffffffffb) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) 20:13:16 executing program 3: r0 = open_tree(0xffffffffffffffff, 0x0, 0x0) ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, "77004a6efdff00"}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x1cf}) r2 = socket$inet(0x2, 0xa, 0x0) ioctl$sock_inet_SIOCGIFNETMASK(r2, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) ioctl$TIOCSBRK(r0, 0x5427) ioctl$TUNSETVNETLE(0xffffffffffffffff, 0x400454dc, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup3(r2, r1, 0x0) connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) [ 1989.491149] device veth0_vlan entered promiscuous mode [ 1989.762143] device veth0_vlan entered promiscuous mode 2023/06/02 20:13:29 Manager.Poll call failed: read tcp 127.0.0.1:56846->127.0.0.1:42605: i/o timeout [ 2003.603150] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium VM DIAGNOSIS: 20:18:20 Registers: info registers vcpu 0 RAX=ffffffff83e4e160 RBX=0000000000000000 RCX=ffffffff83e3623c RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff83e4e768 RBP=fffffbfff09c6450 RSP=ffffffff84e07e38 R8 =0000000000000001 R9 =ffff88806ce3c12b R10=ffffed100d9c7825 R11=0000000000000001 R12=0000000000000000 R13=ffffffff85670048 R14=0000000000000000 R15=dffffc0000000000 RIP=ffffffff83e4e16e RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ffda9362e48 CR3=000000000ea1e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=7465677261742e79636e656772656d65 XMM02=ffffffffffffff0f0e0d0c0b0a090807 XMM03=00000000000000910065636976726573 XMM04=2e2e2e2e2e2e2e2e2e2e2e2e2e2e2e2e XMM05=0000000400000003000056314e0d9f50 XMM06=690031646133006563697665642e3769 XMM07=00000000000000000000000000000000 XMM08=732f6563696c732e6d65747379732f3a XMM09=00000000000000000000000000000000 XMM10=00000000000000000000200020000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=ffffffff83e4e160 RBX=0000000000000001 RCX=ffffffff83e3623c RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff83e4e768 RBP=ffffed100112d000 RSP=ffff88800897fe70 R8 =0000000000000001 R9 =ffff88806cf3c12b R10=ffffed100d9e7825 R11=0000000000000001 R12=0000000000000001 R13=ffffffff85670048 R14=0000000000000000 R15=dffffc0000000000 RIP=ffffffff83e4e16e RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ffda9360aa8 CR3=000000000eeb6000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff4ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=ffffffff000000000000000000000000 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=40404040404040404040404040404040 XMM05=5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a XMM06=20202020202020202020202020202020 XMM07=00000000000000000000000000000000 XMM08=25203a646672656d6974206574616572 XMM09=00000000000000000000000000000000 XMM10=20000000200000002000000020000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000