59:15 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 65) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 02:59:15 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0x4e48}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) [ 2081.084330] EXT4-fs (loop5): VFS: Can't find ext4 filesystem 02:59:15 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) lremovexattr(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)=@known='trusted.syz\x00') write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) 02:59:15 executing program 6: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400020021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 02:59:15 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) recvfrom$unix(0xffffffffffffffff, &(0x7f0000000080)=""/67, 0x43, 0x123, &(0x7f0000000140)=@file={0x0, './file0/../file0\x00'}, 0x6e) r1 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r1, 0x400, 0x1) fcntl$setown(r1, 0x8, 0xffffffffffffffff) recvmsg$unix(0xffffffffffffffff, &(0x7f0000001480)={&(0x7f0000000200), 0x6e, &(0x7f00000013c0)=[{&(0x7f0000000040)=""/36, 0x24}, {&(0x7f00000002c0)=""/4096, 0x1000}, {&(0x7f00000012c0)=""/253, 0xfd}], 0x3, &(0x7f0000001400)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x60}, 0x40000102) setns(r2, 0x20000) close(r1) openat(r0, &(0x7f0000000280)='./file0\x00', 0x200000, 0x20) ioctl$AUTOFS_DEV_IOCTL_READY(r1, 0xc0189376, &(0x7f00000014c0)=ANY=[@ANYBLOB="010000000100000018000000c39b76e813f55e130b16fcc57001bc0a2f99c6d7a77acf5516fb9b341ba6734ba71e21dfc2b83f5ff8309b9e86840c0c2f8978feef21d8a2054d5920036928c131bc7cb1004d7f7505d044ae1ef8a5c0fe892b33983a85e53dcf54b2e28e3da879460782e416133d116264ba8688a627cce344d0897cb07d654533d9dd69840de23a0d361904750dd43cc944cfa94c0474bbf7ba574b852994abfb474a47ab57a95d0dac714d22a80e95c62417c477c87ffb33609623cae75456da55fab5980089110316a819f1f2cdf08b78e75b8e77d7eeca163f2ec67dd2f6f685", @ANYRES32=r0, @ANYBLOB="06000000000000002e2f66696c65302f2e2e2f66696c653000"]) [ 2081.424400] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2081.424400] program syz-executor.3 not setting count and/or reply_len properly [ 2081.507139] FAULT_INJECTION: forcing a failure. [ 2081.507139] name failslab, interval 1, probability 0, space 0, times 0 [ 2081.509193] CPU: 1 PID: 11113 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2081.514967] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2081.515799] Call Trace: [ 2081.516047] dump_stack+0x107/0x167 [ 2081.516382] should_fail.cold+0x5/0xa [ 2081.516732] ? create_object.isra.0+0x3a/0xa20 [ 2081.517149] should_failslab+0x5/0x20 [ 2081.517493] kmem_cache_alloc+0x5b/0x310 [ 2081.517869] create_object.isra.0+0x3a/0xa20 [ 2081.518265] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2081.519458] kmem_cache_alloc_node+0x169/0x330 [ 2081.520289] __alloc_skb+0x6d/0x5b0 [ 2081.521251] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2081.522325] ? ip6_mtu+0x1bb/0x3d0 [ 2081.523187] ? ip_frag_init+0x350/0x350 [ 2081.524125] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2081.525224] ? ip6_mtu+0x1e9/0x3d0 [ 2081.526118] ? ip6_setup_cork+0xfb7/0x1740 [ 2081.527159] ip6_make_skb+0x2de/0x4e0 [ 2081.528030] ? ip_frag_init+0x350/0x350 [ 2081.528958] ? ip_frag_init+0x350/0x350 [ 2081.529891] ? ip6_push_pending_frames+0xf0/0xf0 [ 2081.531103] ? ip6_dst_hoplimit+0x199/0x440 [ 2081.532141] ? lock_downgrade+0x6d0/0x6d0 [ 2081.533164] udpv6_sendmsg+0x20d3/0x2ad0 [ 2081.534144] ? ip_frag_init+0x350/0x350 [ 2081.535139] ? udp_v6_push_pending_frames+0x360/0x360 [ 2081.536373] ? SOFTIRQ_verbose+0x10/0x10 [ 2081.537378] ? lock_acquire+0x197/0x470 [ 2081.538357] ? find_held_lock+0x2c/0x110 [ 2081.543304] ? __might_fault+0xd3/0x180 [ 2081.544196] ? sock_has_perm+0x1ea/0x280 [ 2081.545110] ? __import_iovec+0x458/0x590 [ 2081.546018] ? udp_v6_push_pending_frames+0x360/0x360 [ 2081.547168] inet6_sendmsg+0x105/0x140 [ 2081.548021] ? inet6_compat_ioctl+0x320/0x320 [ 2081.548992] __sock_sendmsg+0xf2/0x190 [ 2081.549844] ____sys_sendmsg+0x334/0x870 [ 2081.550732] ? sock_write_iter+0x3d0/0x3d0 [ 2081.551670] ? do_recvmmsg+0x6d0/0x6d0 [ 2081.552513] ? SOFTIRQ_verbose+0x10/0x10 [ 2081.553396] ? mark_lock+0xf5/0x2df0 [ 2081.554204] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2081.555363] ___sys_sendmsg+0xf3/0x170 [ 2081.556207] ? sendmsg_copy_msghdr+0x160/0x160 [ 2081.557205] ? __fget_files+0x2cf/0x520 [ 2081.558063] ? lock_downgrade+0x6d0/0x6d0 [ 2081.558978] ? lock_downgrade+0x6d0/0x6d0 [ 2081.559879] ? __fget_files+0x2f8/0x520 [ 2081.560747] ? __fget_light+0xea/0x290 [ 2081.561592] __sys_sendmmsg+0x195/0x470 [ 2081.562470] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2081.563434] ? lock_downgrade+0x6d0/0x6d0 [ 2081.564358] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2081.565410] ? wait_for_completion_io+0x270/0x270 [ 2081.566471] ? rcu_read_lock_any_held+0x75/0xa0 [ 2081.567481] ? vfs_write+0x354/0xb10 [ 2081.568296] ? fput_many+0x2f/0x1a0 [ 2081.569083] ? ksys_write+0x1a9/0x260 [ 2081.569914] ? __ia32_sys_read+0xb0/0xb0 [ 2081.570798] __x64_sys_sendmmsg+0x99/0x100 [ 2081.571732] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2081.572848] do_syscall_64+0x33/0x40 [ 2081.573658] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2081.574776] RIP: 0033:0x7f9ff3490b19 [ 2081.575599] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2081.579656] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2081.581317] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2081.582862] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2081.584427] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2081.585972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2081.587550] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 02:59:16 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400080021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 02:59:16 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0x53e0}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) [ 2081.886644] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2081.886644] program syz-executor.6 not setting count and/or reply_len properly [ 2082.242836] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2082.242836] program syz-executor.3 not setting count and/or reply_len properly [ 2082.249024] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2082.249024] program syz-executor.3 not setting count and/or reply_len properly 02:59:32 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040), 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) 02:59:32 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0x5978}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 02:59:32 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400300021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 02:59:32 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) r2 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r2, 0x400, 0x1) fcntl$setown(r2, 0x8, 0xffffffffffffffff) close(r2) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x2c, r4, 0x5, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r5}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x15e0}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}]]}, 0x2c}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, r4, 0x20, 0x70bd29, 0x25dfdbfc, {{}, {@void, @val={0x8, 0x3, r6}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000008}, 0x1) 02:59:32 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 66) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 02:59:32 executing program 6: r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r2) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000000140)={'wpan0\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x1c, r3, 0x609, 0x0, 0x0, {0x24}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r5}]}, 0x1c}}, 0x0) r6 = syz_open_dev$rtc(&(0x7f0000000040), 0x9, 0x181002) r7 = getpgrp(0xffffffffffffffff) fcntl$lock(r6, 0x7, &(0x7f0000000640)={0x0, 0x1, 0x1, 0x400, r7}) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x2c, r0, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_PID={0x8, 0x1c, r7}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x2c}}, 0xc804) r8 = syz_open_dev$rtc(&(0x7f0000000040), 0x9, 0x181002) r9 = getpgrp(0xffffffffffffffff) fcntl$lock(r8, 0x7, &(0x7f0000000640)={0x0, 0x1, 0x1, 0x400, r9}) r10 = syz_open_dev$rtc(&(0x7f0000000040), 0x9, 0x181002) r11 = getpgrp(0xffffffffffffffff) fcntl$lock(r10, 0x7, &(0x7f0000000640)={0x0, 0x1, 0x1, 0x400, r11}) tgkill(r9, r11, 0x2e) 02:59:32 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000680)={{0x1, 0x1, 0x18, r0, {0x1}}, './file0\x00'}) openat(r1, &(0x7f00000006c0)='./file2\x00', 0x82100, 0x100) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x5, 0x4, &(0x7f0000000580)=[{&(0x7f00000002c0)="4289b6296998d4333515eba27d567604fc526904b3b8c7329c9883fc83058b7ba453b24387cc5eeea27d97411bf258f1d27e6979b14fdac26eca0e5bd4ba03f15b14e10557fd46d015c546239bdfb08d395f9d51d305819e94d2f998211db22d03169035a15c3094cca2ec72727be0824e59564affc8bc9493c44cbd50fb50e9b81156666ea6c494c56773319487575418f1", 0x92}, {&(0x7f0000000380)="13c2fd5ebde860814217a759bb85e63f3535b3088d7ce8a139ec12b30dcb5e803ee3b0205254afd76d02c3e206c8dac153496dd406b907987829c80d14ab8dbbf0a18516d773c8c57e7a1fa0bc40c217926640ed6ce09feebcb37a74bfd66c30f5807ec3a66c97b23485293ded7e8b1904caf496e1dbfe0b1e61d5e25fe9fffb2c936bc55f8ee598c3528934ae5b31e2051bbc7e45a45638dac17cb7ce87f4dd1f8b55791793cd0cb43fc9a2a337fc78bd02ca1542ea139e71cb69b1a3923c3ceab80417a6359753f4fd65b8bdbf036fcc375e8cb363f2caa4", 0xd9, 0xffff}, {&(0x7f0000000180)="d915cf46", 0x4, 0x1}, {&(0x7f0000000480)="146d272d12d4be12ecb6faeddd438e0c962d201552d09e4da5dfb18dc41b08951ca2518ac6b1bb31b4990722f9a1518f38eda08c224b45e6125ea9c0b8e915341ea9a2798a5064de69d5bb8c103d3ee68f5a8316fe286fc7d7284db616076797881a159249f0549f0900e91b3ff14b64adfa36fb7a5da544348c282163eb735f2570b2c758f822fa079fdb884312070c38866c8f524f783319e19ab59111cb5769d873575780d5b65c40106015290c7b9c4aeda62ac6384f68c6334f3a293680413223c6c9dd2816a668078751fb1757", 0xd0, 0x8001}], 0x5000, &(0x7f0000000600)={[{@iocharset={'iocharset', 0x3d, 'macgaelic'}}, {@iocharset={'iocharset', 0x3d, 'cp1255'}}], [{@obj_role={'obj_role', 0x3d, 'vfat\x00'}}, {@func={'func', 0x3d, 'KEXEC_INITRAMFS_CHECK'}}]}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) write$binfmt_elf64(r2, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) r3 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r3, 0x400, 0x1) fcntl$setown(r3, 0x8, 0xffffffffffffffff) close(r3) openat(r3, &(0x7f0000000200)='\x00', 0x800, 0x121) 02:59:32 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x40, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000080)) perf_event_open(&(0x7f00000002c0)={0x3, 0x80, 0x81, 0x1, 0x2, 0x5, 0x0, 0x8, 0x800, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xd77, 0x1, @perf_bp={&(0x7f0000000000), 0x6}, 0x100, 0x6, 0xfffffc01, 0x8, 0x101, 0xfff, 0xfc01, 0x0, 0x7fffffff, 0x0, 0x8}, 0x0, 0x8, 0xffffffffffffffff, 0x0) unlinkat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x200) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) umount2(&(0x7f0000000280)='./file0\x00', 0x4) lseek(r0, 0xfa2b, 0x3) rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)='./file1\x00') unlinkat(r0, &(0x7f0000000140)='./file0\x00', 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) rename(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)='./file0\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x20) openat(r2, &(0x7f00000000c0)='./file0\x00', 0x88102, 0x40) mkdirat(r1, &(0x7f0000000200)='./file0\x00', 0x86) [ 2098.038249] FAULT_INJECTION: forcing a failure. [ 2098.038249] name failslab, interval 1, probability 0, space 0, times 0 [ 2098.039442] CPU: 1 PID: 11147 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2098.040030] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2098.040728] Call Trace: [ 2098.040965] dump_stack+0x107/0x167 [ 2098.041279] should_fail.cold+0x5/0xa [ 2098.041610] ? create_object.isra.0+0x3a/0xa20 [ 2098.042004] should_failslab+0x5/0x20 [ 2098.042330] kmem_cache_alloc+0x5b/0x310 [ 2098.042682] create_object.isra.0+0x3a/0xa20 [ 2098.043070] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2098.043513] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 2098.043951] ? __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2098.044398] __alloc_skb+0xb1/0x5b0 [ 2098.044717] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2098.045153] ? ip6_mtu+0x1bb/0x3d0 [ 2098.045463] ? ip_frag_init+0x350/0x350 [ 2098.045812] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2098.046209] ? ip6_mtu+0x1e9/0x3d0 [ 2098.046518] ? ip6_setup_cork+0xfb7/0x1740 [ 2098.046881] ip6_make_skb+0x2de/0x4e0 [ 2098.047220] ? ip_frag_init+0x350/0x350 [ 2098.047566] ? ip_frag_init+0x350/0x350 [ 2098.047908] ? ip6_push_pending_frames+0xf0/0xf0 [ 2098.048321] ? ip6_dst_hoplimit+0x199/0x440 [ 2098.048694] ? lock_downgrade+0x6d0/0x6d0 [ 2098.049059] udpv6_sendmsg+0x20d3/0x2ad0 [ 2098.049408] ? ip_frag_init+0x350/0x350 [ 2098.049757] ? udp_v6_push_pending_frames+0x360/0x360 [ 2098.050193] ? SOFTIRQ_verbose+0x10/0x10 [ 2098.050550] ? lock_acquire+0x197/0x470 [ 2098.050889] ? find_held_lock+0x2c/0x110 [ 2098.051250] ? __might_fault+0xd3/0x180 [ 2098.051598] ? sock_has_perm+0x1ea/0x280 [ 2098.051966] ? __import_iovec+0x458/0x590 [ 2098.052320] ? udp_v6_push_pending_frames+0x360/0x360 [ 2098.052762] inet6_sendmsg+0x105/0x140 [ 2098.053096] ? inet6_compat_ioctl+0x320/0x320 [ 2098.053481] __sock_sendmsg+0xf2/0x190 [ 2098.053816] ____sys_sendmsg+0x334/0x870 [ 2098.054165] ? sock_write_iter+0x3d0/0x3d0 [ 2098.054524] ? do_recvmmsg+0x6d0/0x6d0 [ 2098.054862] ? SOFTIRQ_verbose+0x10/0x10 [ 2098.055223] ? mark_lock+0xf5/0x2df0 [ 2098.055548] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2098.056000] ___sys_sendmsg+0xf3/0x170 [ 2098.056337] ? sendmsg_copy_msghdr+0x160/0x160 [ 2098.056736] ? __fget_files+0x2cf/0x520 [ 2098.057080] ? lock_downgrade+0x6d0/0x6d0 [ 2098.057441] ? lock_downgrade+0x6d0/0x6d0 [ 2098.057801] ? __fget_files+0x2f8/0x520 [ 2098.058147] ? __fget_light+0xea/0x290 [ 2098.058486] __sys_sendmmsg+0x195/0x470 [ 2098.058832] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2098.059223] ? lock_downgrade+0x6d0/0x6d0 [ 2098.059596] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2098.060019] ? wait_for_completion_io+0x270/0x270 [ 2098.060443] ? rcu_read_lock_any_held+0x75/0xa0 [ 2098.060843] ? vfs_write+0x354/0xb10 [ 2098.061164] ? fput_many+0x2f/0x1a0 [ 2098.061483] ? ksys_write+0x1a9/0x260 [ 2098.061813] ? __ia32_sys_read+0xb0/0xb0 [ 2098.062169] __x64_sys_sendmmsg+0x99/0x100 [ 2098.062537] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2098.062979] do_syscall_64+0x33/0x40 [ 2098.063313] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2098.063755] RIP: 0033:0x7f9ff3490b19 [ 2098.064077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2098.065636] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2098.066292] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2098.066904] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2098.067520] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2098.068134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2098.068746] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 [ 2098.083861] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2098.083861] program syz-executor.3 not setting count and/or reply_len properly 02:59:32 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040), 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) 02:59:32 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0x5f10}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 02:59:32 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400b60021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 02:59:32 executing program 6: r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r2) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000000140)={'wpan0\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x1c, r3, 0x609, 0x0, 0x0, {0x24}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r5}]}, 0x1c}}, 0x0) r6 = syz_open_dev$rtc(&(0x7f0000000040), 0x9, 0x181002) r7 = getpgrp(0xffffffffffffffff) fcntl$lock(r6, 0x7, &(0x7f0000000640)={0x0, 0x1, 0x1, 0x400, r7}) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x2c, r0, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_PID={0x8, 0x1c, r7}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x2c}}, 0xc804) r8 = syz_open_dev$rtc(&(0x7f0000000040), 0x9, 0x181002) r9 = getpgrp(0xffffffffffffffff) fcntl$lock(r8, 0x7, &(0x7f0000000640)={0x0, 0x1, 0x1, 0x400, r9}) r10 = syz_open_dev$rtc(&(0x7f0000000040), 0x9, 0x181002) r11 = getpgrp(0xffffffffffffffff) fcntl$lock(r10, 0x7, &(0x7f0000000640)={0x0, 0x1, 0x1, 0x400, r11}) tgkill(r9, r11, 0x2e) 02:59:48 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 67) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 02:59:48 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000240), 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x122) write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0xfdef) openat(r0, &(0x7f0000000000)='./file0\x00', 0x1, 0x20) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) 02:59:48 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = dup2(r0, 0xffffffffffffffff) mq_open(0x0, 0x801, 0x0, &(0x7f0000000200)={0x6, 0x0, 0xb0, 0x7}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f0000000080)=0xc0) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) recvmsg$unix(r3, &(0x7f00000002c0)={&(0x7f0000000000), 0x6e, &(0x7f0000000240)=[{&(0x7f0000000100)=""/100, 0x64}], 0x1}, 0x0) clone3(0x0, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r5, &(0x7f0000000300)={0xa, 0x4e27, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x44}, 0x1c) r6 = dup2(r4, r4) ioctl$HIDIOCINITREPORT(r6, 0x550c, 0x20000000) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wf\x00no=', @ANYRESHEX=r3, @ANYBLOB=',\x00']) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) close(0xffffffffffffffff) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000340)={'ip6_vti0\x00', &(0x7f00000003c0)={'syztnl1\x00', 0x0, 0x2f, 0x5, 0xab, 0xfff, 0x10, @private2={0xfc, 0x2, '\x00', 0x1}, @empty, 0x7800, 0x40, 0x3ff, 0xc74}}) 02:59:48 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000004d00), 0x2f, 0x0) 02:59:48 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r1, 0x400, 0x1) fcntl$setown(r1, 0x8, 0xffffffffffffffff) close(r1) r2 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x9, 0x810, r0, 0x8000000) r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x100000a, 0x100010, 0xffffffffffffffff, 0x10000000) dup2(0xffffffffffffffff, 0xffffffffffffffff) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) close(r4) syz_io_uring_submit(r2, r3, &(0x7f0000000100)=@IORING_OP_FILES_UPDATE={0x14, 0x1, 0x0, 0x0, 0x6, &(0x7f0000000040)=[r4, r0], 0x2}, 0x2) pidfd_send_signal(r1, 0x30, &(0x7f0000000200)={0x17, 0xff}, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) 02:59:48 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030009206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 02:59:48 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0x64a8}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 02:59:48 executing program 5: socketpair(0x11, 0xa, 0x2, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r1, 0x400, 0x1) recvfrom$inet6(r0, &(0x7f0000000080)=""/238, 0xee, 0x40000060, &(0x7f0000000180)={0xa, 0x4e23, 0x0, @mcast1, 0x1f}, 0x1c) r2 = openat$cgroup_int(r1, &(0x7f00000001c0)='cpu.max\x00', 0x2, 0x0) r3 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000500), 0x80000, 0x0) sendfile(r3, r2, &(0x7f0000000240)=0x3, 0x501) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) close(r1) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000280)={{0x1, 0x1, 0x18, r4, {0x3}}, './file2\x00'}) close(r5) close(r4) r6 = creat(&(0x7f0000000000)='./file2\x00', 0x0) ioctl$F2FS_IOC_START_VOLATILE_WRITE(0xffffffffffffffff, 0xf503, 0x0) fcntl$setlease(r6, 0x400, 0x1) fcntl$setown(r6, 0x8, 0xffffffffffffffff) close(r6) [ 2113.754381] FAULT_INJECTION: forcing a failure. [ 2113.754381] name failslab, interval 1, probability 0, space 0, times 0 [ 2113.755529] CPU: 0 PID: 11191 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2113.756166] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2113.756928] Call Trace: [ 2113.757180] dump_stack+0x107/0x167 [ 2113.757521] should_fail.cold+0x5/0xa [ 2113.757878] ? __alloc_skb+0x6d/0x5b0 [ 2113.758235] should_failslab+0x5/0x20 [ 2113.758592] kmem_cache_alloc_node+0x55/0x330 [ 2113.759009] __alloc_skb+0x6d/0x5b0 [ 2113.771388] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2113.771858] ? ip6_mtu+0x1bb/0x3d0 [ 2113.772189] ? ip_frag_init+0x350/0x350 [ 2113.772564] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2113.772991] ? ip6_mtu+0x1e9/0x3d0 [ 2113.773321] ? ip6_setup_cork+0xfb7/0x1740 [ 2113.773711] ip6_make_skb+0x2de/0x4e0 [ 2113.774060] ? ip_frag_init+0x350/0x350 [ 2113.774430] ? ip_frag_init+0x350/0x350 [ 2113.774797] ? ip6_push_pending_frames+0xf0/0xf0 [ 2113.775251] ? ip6_dst_hoplimit+0x199/0x440 [ 2113.775651] ? lock_downgrade+0x6d0/0x6d0 [ 2113.776045] udpv6_sendmsg+0x20d3/0x2ad0 [ 2113.776428] ? ip_frag_init+0x350/0x350 [ 2113.776803] ? udp_v6_push_pending_frames+0x360/0x360 [ 2113.777276] ? SOFTIRQ_verbose+0x10/0x10 [ 2113.777662] ? lock_acquire+0x197/0x470 [ 2113.778028] ? find_held_lock+0x2c/0x110 [ 2113.778408] ? __might_fault+0xd3/0x180 [ 2113.778784] ? sock_has_perm+0x1ea/0x280 [ 2113.779184] ? __import_iovec+0x458/0x590 [ 2113.779577] ? udp_v6_push_pending_frames+0x360/0x360 [ 2113.780053] inet6_sendmsg+0x105/0x140 [ 2113.780413] ? inet6_compat_ioctl+0x320/0x320 [ 2113.780827] __sock_sendmsg+0xf2/0x190 [ 2113.781188] ____sys_sendmsg+0x334/0x870 [ 2113.781565] ? sock_write_iter+0x3d0/0x3d0 [ 2113.781954] ? do_recvmmsg+0x6d0/0x6d0 [ 2113.782318] ? SOFTIRQ_verbose+0x10/0x10 [ 2113.782692] ? mark_lock+0xf5/0x2df0 [ 2113.783040] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2113.783542] ___sys_sendmsg+0xf3/0x170 [ 2113.783903] ? sendmsg_copy_msghdr+0x160/0x160 [ 2113.784327] ? __fget_files+0x2cf/0x520 [ 2113.784694] ? lock_downgrade+0x6d0/0x6d0 [ 2113.785080] ? lock_downgrade+0x6d0/0x6d0 [ 2113.785467] ? __fget_files+0x2f8/0x520 [ 2113.785840] ? __fget_light+0xea/0x290 [ 2113.786206] __sys_sendmmsg+0x195/0x470 [ 2113.786578] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2113.786976] ? lock_downgrade+0x6d0/0x6d0 [ 2113.787384] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2113.787831] ? wait_for_completion_io+0x270/0x270 [ 2113.788277] ? rcu_read_lock_any_held+0x75/0xa0 [ 2113.788704] ? vfs_write+0x354/0xb10 [ 2113.789048] ? fput_many+0x2f/0x1a0 [ 2113.789386] ? ksys_write+0x1a9/0x260 [ 2113.789737] ? __ia32_sys_read+0xb0/0xb0 [ 2113.790117] __x64_sys_sendmmsg+0x99/0x100 [ 2113.790508] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2113.790980] do_syscall_64+0x33/0x40 [ 2113.791337] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2113.791809] RIP: 0033:0x7f9ff3490b19 [ 2113.792152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2113.793819] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2113.794515] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2113.795173] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2113.795835] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2113.796495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2113.797152] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 [ 2113.869524] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2113.869524] program syz-executor.3 not setting count and/or reply_len properly 02:59:48 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 68) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 02:59:48 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) r1 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r1, 0x400, 0x1) fcntl$setown(r1, 0x8, 0xffffffffffffffff) close(r1) openat(r1, &(0x7f0000000000)='./file0\x00', 0x8000, 0x40) [ 2113.957388] 9pnet: Insufficient options for proto=fd 02:59:48 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0x6a40}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 02:59:48 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030221206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) [ 2113.977591] 9pnet: Insufficient options for proto=fd 02:59:48 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000004d00), 0x2f, 0x0) 02:59:48 executing program 6: r0 = memfd_create(&(0x7f0000000180)='\x02!9\x91\xfd\x00\xe4\x12\xfc\xe4\xf4\xe3d\xb1\xf4\x8a\x01\xd9qE\n\nQP\xb2\xbb\xcd`\x00\x00\xc97\xf6\x81\xf9k\x8f3\xb8\xee\x8b\xce\xad\xbf\b \xd5\x8f{\x80\xe7\x9f\xfc#XO\xbd\x00\x00\x83\x82\xac\f\x85B\x9bV2\xfa\xdd\akp?\x00@?\x18\x1ft\x9d\xa9f\x1d\x9de\xa5G\xaa\x0f\x1f2N\xf5{\x98\xbe\xbb\x1e\x14\xd3\xc4\x9e\xf7\xd1\x1f\xa5\xba\xc5u\x1e\xa5\x1a\xa6f\xee\xf9\x18\xafC\x88\xf1E\xa3/\x12\xac\x1e\x9b\x9c\x85x\x87\x05{\xc1\xe1\b\x0f@\x03+mh\xa7i\x9b\xa2~A3\x1c\xb3\x0e\xc3\x18\x14~T\xd5\xdaH\xcb\xb3q\x1b\x98\xae\x98m\aEp\xf5\n\xba1\x10\xd7\xcf\x05G\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00[\xf3jT\xbe\x9d\xf1/\x8d\x1dpTs?\xb1\x1d\x7f$\xe46\xdf\xac\xab\xd1E\xb9w\x97|\x1fBO\xce\x95\xbb\x9eNsJGZ\xc5 M9\x9b\x004\xc3Of', 0x0) perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0x6, 0x0, 0x1f, 0x8, 0x0, 0x4, 0x1000, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x2, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x7ff, 0x2, @perf_bp={&(0x7f0000000000), 0x6}, 0x20, 0x7, 0xfffffffd, 0x7, 0x100, 0x80000001, 0x8, 0x0, 0x7fffffff, 0x0, 0x9c08}, 0x0, 0x5, 0xffffffffffffffff, 0x1) fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000140)=0x1) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)='Z', 0x1}], 0x1, 0x0, 0x0, 0x0) finit_module(r0, 0x0, 0x0) 02:59:48 executing program 5: r0 = open(&(0x7f0000000140)='./file1\x00', 0x100, 0x38) statx(0xffffffffffffffff, &(0x7f00000001c0)='./cgroup/cgroup.procs\x00', 0x400, 0x20, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f00000002c0)='./file1\x00', 0x0) r3 = syz_open_dev$vcsn(0x0, 0x4, 0x0) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) fchownat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', r1, r2, 0x1000) r4 = open(&(0x7f00000000c0)='./file1\x00', 0x100, 0x40) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r4, 0x40189429, &(0x7f0000000140)={0x1, 0x8, 0x6}) sendmsg$nl_generic(r4, &(0x7f0000000500)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x20, 0x1d, 0xd14, 0x70bd29, 0x25dfdbff, {0x1}, [@typed={0xc, 0x16, 0x0, 0x0, @u64=0x3f}]}, 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x4040000) openat$vcsu(0xffffffffffffff9c, &(0x7f0000000400), 0x303242, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r3, 0xc020f509, &(0x7f0000000100)={0xffffffffffffffff, 0x80000001, 0x6, 0x6}) openat$hpet(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000005c0)={{{@in, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@loopback}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000380)={'vxcan1\x00'}) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r5, &(0x7f00000000c0), 0x12) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f00000000c0)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 2114.487680] FAULT_INJECTION: forcing a failure. [ 2114.487680] name failslab, interval 1, probability 0, space 0, times 0 [ 2114.488996] CPU: 0 PID: 11225 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2114.489631] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2114.490391] Call Trace: [ 2114.490645] dump_stack+0x107/0x167 [ 2114.490989] should_fail.cold+0x5/0xa [ 2114.491362] ? create_object.isra.0+0x3a/0xa20 [ 2114.491788] should_failslab+0x5/0x20 [ 2114.492142] kmem_cache_alloc+0x5b/0x310 [ 2114.492523] create_object.isra.0+0x3a/0xa20 [ 2114.492929] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2114.493401] kmem_cache_alloc_node+0x169/0x330 [ 2114.493828] __alloc_skb+0x6d/0x5b0 [ 2114.494175] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2114.494645] ? ip6_mtu+0x1bb/0x3d0 [ 2114.494979] ? ip_frag_init+0x350/0x350 [ 2114.495371] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2114.495801] ? ip6_mtu+0x1e9/0x3d0 [ 2114.496132] ? ip6_setup_cork+0xfb7/0x1740 [ 2114.496524] ip6_make_skb+0x2de/0x4e0 [ 2114.496876] ? ip_frag_init+0x350/0x350 [ 2114.497249] ? ip_frag_init+0x350/0x350 [ 2114.497619] ? ip6_push_pending_frames+0xf0/0xf0 [ 2114.498062] ? ip6_dst_hoplimit+0x199/0x440 [ 2114.498463] ? lock_downgrade+0x6d0/0x6d0 [ 2114.498858] udpv6_sendmsg+0x20d3/0x2ad0 02:59:49 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030321206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) [ 2114.499250] ? ip_frag_init+0x350/0x350 [ 2114.499662] ? udp_v6_push_pending_frames+0x360/0x360 [ 2114.500305] ? SOFTIRQ_verbose+0x10/0x10 [ 2114.500690] ? lock_acquire+0x197/0x470 [ 2114.501056] ? find_held_lock+0x2c/0x110 [ 2114.501435] ? __might_fault+0xd3/0x180 [ 2114.501811] ? sock_has_perm+0x1ea/0x280 [ 2114.502204] ? __import_iovec+0x458/0x590 [ 2114.502589] ? udp_v6_push_pending_frames+0x360/0x360 [ 2114.503068] inet6_sendmsg+0x105/0x140 [ 2114.503456] ? inet6_compat_ioctl+0x320/0x320 [ 2114.503869] __sock_sendmsg+0xf2/0x190 [ 2114.504229] ____sys_sendmsg+0x334/0x870 [ 2114.504607] ? sock_write_iter+0x3d0/0x3d0 [ 2114.504995] ? do_recvmmsg+0x6d0/0x6d0 [ 2114.505357] ? SOFTIRQ_verbose+0x10/0x10 [ 2114.505731] ? mark_lock+0xf5/0x2df0 [ 2114.506078] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2114.506562] ___sys_sendmsg+0xf3/0x170 [ 2114.506922] ? sendmsg_copy_msghdr+0x160/0x160 [ 2114.507362] ? __fget_files+0x2cf/0x520 [ 2114.507729] ? lock_downgrade+0x6d0/0x6d0 [ 2114.508117] ? lock_downgrade+0x6d0/0x6d0 [ 2114.508506] ? __fget_files+0x2f8/0x520 [ 2114.508879] ? __fget_light+0xea/0x290 [ 2114.509245] __sys_sendmmsg+0x195/0x470 [ 2114.509634] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2114.510033] ? lock_downgrade+0x6d0/0x6d0 [ 2114.510430] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2114.510877] ? wait_for_completion_io+0x270/0x270 [ 2114.511337] ? rcu_read_lock_any_held+0x75/0xa0 [ 2114.511762] ? vfs_write+0x354/0xb10 [ 2114.512107] ? fput_many+0x2f/0x1a0 [ 2114.512444] ? ksys_write+0x1a9/0x260 [ 2114.512795] ? __ia32_sys_read+0xb0/0xb0 [ 2114.513175] __x64_sys_sendmmsg+0x99/0x100 [ 2114.513565] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2114.514036] do_syscall_64+0x33/0x40 [ 2114.514379] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2114.514848] RIP: 0033:0x7f9ff3490b19 [ 2114.515199] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2114.516868] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2114.517565] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2114.518214] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2114.518868] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2114.519533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2114.520188] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 [ 2114.610820] Module has invalid ELF structures [ 2114.611245] kauditd_printk_skb: 1 callbacks suppressed [ 2114.611260] audit: type=1400 audit(1727233189.320:159): avc: denied { module_load } for pid=11219 comm="syz-executor.6" path=2F6D656D66643A02213991FD202864656C6574656429 dev="tmpfs" ino=245 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=system permissive=1 [ 2114.615506] Module has invalid ELF structures 03:00:05 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0x6fd8}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:00:05 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030421206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:00:05 executing program 5: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0xa800, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a79, &(0x7f0000000380), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f00000001c0)=0x0, &(0x7f0000000080)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000300)={0x0, 0x0, 0x0}}, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1100) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) close(r4) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) close(0xffffffffffffffff) tee(0xffffffffffffffff, r4, 0xa5d, 0x8) r5 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setown(r5, 0x8, 0xffffffffffffffff) close(r5) pread64(r5, &(0x7f00000005c0)=""/115, 0x73, 0x3) sendmsg$sock(r4, &(0x7f0000000340)={&(0x7f00000000c0)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x1, @multicast1}, 0x1, 0x2, 0x2, 0x4}}, 0x80, &(0x7f0000000040)=[{&(0x7f0000000140)="9b6977da60185380bc8d2278e9d63a24e94f5a8a5d00377c372695ae903534e55562a9dbf54904f8d82a57cb71db13cb1d018c9da3024ce660f9dfeacddf40e78123a9214361e133ff32a9548aac88", 0x4f}, {&(0x7f0000000200)="0508e2b7e9ee25d3e150c86561dc81c777176f7723d5bdbac6bf104139c8026d5ffec1f56dc595b76216ad1e39a614215d3ee4b362c9d0643f8152a2979de264ceea3ffdcd3d6283d40e0b80e757389b43d5ae2489cbdaddeeb6f582a1cde8588dc87869e365f9a8e1d6a61b5ca181b323b2d8ecac179caec31c4b6f0e5d20f8c51f106c3494c17e53ac64aa11d0d82ba153d1ceb267989d3186ad8f631d37799237bf0cd413842198b2943832772d50b92dc3a11ba29751988bbbaa1ecf90fed0adfcd48e24efeacc38bf845af95476d39d", 0xd2}, {&(0x7f0000000400)="b5d8491629788166aa72bdfeb977482ee2218df4fac5780990bf5a2ceb54047ba79b7fd9d4a01b819faea1f2bdfb6989b874ad273d6fb0dc6eac46fe93bd95d8c3163ca2aef67068e56debd68bd31fbf8fd17ec66a0573034112bfcc0f36379751430d6659446dfcebaa09ce690e20d000496ce265155dd5738f5bb1a9f459955f2f23c781686b9fa73303f79d1b9917dbb0", 0x92}, {&(0x7f00000004c0)="1588b8c70abeaabc252afd1b796ec16bfc3daa74466c56e97c8d2fd1aae577c8a2e6f907a3b1e97d94e17f08c9b1545fb89459b8da1fb8f397c9f7bea0db74b9d7bb43356edcc0b268f0c10e185c8cf1b558b5ef34446d620e2ddbab1add0f5d4d23da44673d0d01e0ed00ed6d5dd581ca55d356faa933fff2bd6da4513ca3877f2332dd3002b6e48d999845e48b1eeab53e37ac01ecc10fb8066f40753449e8174d6a1c08257b52d64fe9464596251014aad4c5bd06d15b94f41210e9acea32e32a56be4716c7cbd5d81898ba29493845193f21439e5d7012821df84a22f7333984557d0f542b", 0xe7}], 0x4}, 0x4) 03:00:05 executing program 6: syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x328}, &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000002c0)=0x14) r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x40000000, 0x100000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) close(r4) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3000006, 0x10, r4, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0) bind$bt_sco(0xffffffffffffffff, &(0x7f0000000240)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) ioctl$FITHAW(r0, 0xc0045878) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) perf_event_open(&(0x7f00000001c0)={0x3, 0x80, 0x2, 0x9, 0xff, 0x0, 0x0, 0x468, 0x0, 0x8, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4, @perf_config_ext={0xff, 0xab}, 0x1a, 0x0, 0x80000000, 0x4, 0x7, 0xfffff991, 0x9, 0x0, 0x9, 0x0, 0x6f40}, 0xffffffffffffffff, 0x2, r3, 0x2) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 03:00:05 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000004d00), 0x2f, 0x0) 03:00:05 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 69) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:00:05 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0xfdef) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) quotactl(0x0, &(0x7f00000005c0)='./file1\x00', 0x0, 0x0) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) 03:00:05 executing program 2: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x2f5c6350b64b9e35) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r1, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(r1, 0x0, 0x11ec1, 0x10) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000057b00)={0x0, [], 0x80, "5fabd34a60e47f"}) ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, &(0x7f0000056b00)={{0x0, 0x8, 0x7, 0x9, 0x3, 0x5, 0x6, 0xffff, 0x3, 0x1, 0x0, 0x2, 0x3f, 0x1000, 0x5}}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000057b00)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2, r5}], 0x80, "5fabd34a60e47f"}) ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, &(0x7f0000056b00)={{0x0, 0x8, 0x7, 0x9, 0x3, 0x5, 0x6, 0xffff, 0x3, 0x1, 0x0, 0x2, 0x3f, 0x1000, 0x5}}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000057b00)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6, r9}], 0x80, "5fabd34a60e47f"}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, &(0x7f00000508c0)={0x0, 0x0, "4d729858823345a9ca9cafc0aebb1a762ad61db9019db71df988ee56ab9689e641f9e3208fff0054bc955d0234ac4849f90bed57db9f4260d325c85f771663c14d6b8de8c4a0c509884c90cad83401ac37a08de587b29c17769aff05f656f0be9f3daa20b9ddb923b52a43ea6004f2355771423108983bd87ded6cf7acd41d1a22e3524be6df0d6bbd99a358bffe0b0fdb5ce6a5c8b407b3a7628b3723f42ff3a5cbd5b661896800e1c6fcbcc17b04ecbbf3e5170cd246b5cdbd829bb63786c964d1eaea160a551708ff90871b7fd47911d73e3224bb670411aeaa16b266feb6bdc9d56a0b5310b797a6bbdce583481ebedbb9d3ebd00aa720d336bb12e9b6b7", "57908493397c9cfb84de09b1700f95b7816873e8521fac1638f24b8f00a7ee7959287d0e89f2f835fc7ae2bd6bf281571161a36964870e3045b7cf3ae275e332e027d584a1a0bf57eeb48022b28092afcd9cd29dfbe2600a8e8b019def0a440450187e33b6f160cedeb4d4cbdfff9a3de6b57b3e2e044954f4beee0ab493d84811e0c728c2492187056d73ceb630b04b52dda994fa85381dd0e8cc446839cb7275882f0c2e453b8ebb57b08a38fe62e8638f2dd7ff2576f94dbb669348cf4c87f7ecf9e365e24ded0c1d8cb3bda855a5da6cc591cacef4f3cc39d5d6578269a428d9532bd864e71d4ad3d6660f827c013d534fafe609fb5ae8e00ea1e1255124bae3da51fbcc05b0bef2fe48b2daa3897e104f7d8f888b4a1985dcd4c1b69905d478ed3afb4e1e9b91c5e269396ace1f56db3b1b74e121a08b511949c3ecaa5090d3b6302b5ba4d220f975dd18e7124de954ef84d62f45794229e001702518eb3200e17b68979121b949a678c7c527fd06edcf9c2c3edfb67a753dbb0cd9e2bbcce5b6cffac4624b89a0063803bf803023b02328fbe81181ff1bd1341b22be9810f3a3b21c471602f505ea797c09c6b0f928254683c944408512486f2975a883a14148518d2969605951ae9ceaba127e909028d260534f449ae13ba6d6a0faa18bb97a314e63714cb2ca45e4b1b4680e6cdde006d23af01f403f03ca0cdb583363c7bc5091ac05b81c63e5fb5dd40b69308d29901fb94fa167f578c7ad83c48d9f896566868f191265985a55e699f5cb298fe0f14ca9f8344ef8c499260240382baaebf3b21a9dfe860e9937079fa67e3b60de5d51fe9160e409af2de108bd6add6ee72900722bca574bdb501105dc9953a5e9349b14aec91405d9a71fb63f812583fc588e2574dc315d33a8ad8e30f31c704f1a5709f5a70358dbe8aee7f16157f835c4c8bb400036803d84b5aed28b35e2919e957d51a48ef7a2d983c00e17c8785bdb38e39823f45add276fc3b38e381d7f7756d77e5e1e485b622fc302235f58b9eb1b82db54b20daff2d786ec4d7f354d74b6868142357e0fad1e7c26de979ce90f4c0dc9ab76f1c93bc86fc3bcc2919fbc7607a6537382f62dcaa95c03562a718f726da65cbff3a9367002299efa651a2f347a82e54c3a6eb1d7503d1da47cbbb85634c74308255ed31ba3047d8c7a59d1fcae7485de95b07a5d59c3616116b2d92a56af5052e351610785913c7b2deb77b18cbc445033209c07aa0ab11240e0e482b9b0408ff76f1212edd5965c619f713ab0c6ff2d4aa6f69558dec1c7d3a17a75fcdc15a07935f3d0c134dbb6477d0bf30d34822a1782ada9ce99048c175efa36269e0bee346f6a9fabbd14059714881a179a12993115ea01517f7f74efed7a3cb82207fe24815f21b0f425d48280b5d32d04db6f8442cb14951efc4122e86abccd8977471ff88bb7e52d2006bce26dd8904e4fbdbf61f2b170f265fd0be22de5df6800a4211ee1e7dc28ed937ffdd2e2c1b2413dfa9a7fd76ba4b55774966893a6c635b0911f2065405eaafa85838df3465307820bef6bae74d6674549caeb7e026790e9c3910d4f68c2f4ef8ba6d2927af81646cbaafee5cc1331c5e0937106cb9f22dcaa890635fd763441f2322d8e7aedfe3853909515522600404854528bd7ae4c0ec682ad963cd61a22a530f279075cc01e4fa617fb8d2b12499e707e7e1ed88cce056893b38668edaa754bf90ee4f0b210c7dc8f21df2de39801f0a2ae8ef3cb6fccdac27832459cf0c30944833160265fda0d2f4613124b1e0a464970132d3a5bac08f77ae62154dfd3c17de70e71186feaf97b4cc5fcf69862971b5070b442a99ae7d0b664ff2b827d833804633d864800834ea5ea0087454c6a1954be15644eedec7105c3b823eba5e94def15e9fbb4c03f3d9d8c1ff646e494cf9bbcf2caf84b47b7da723099f8e40540f32455da13dff15bb7ac6b191f601a193f39d6b709ef021a010f6a0d96e010c8eb89b0eb5c4b5b6156721b1ab1fcab896155bef5249726ac3919d0b37a9a1a5000005d8de2be40df075a9d3831d57e5b492857afa370b1ae9c8dcaa63f3415220a3b6328bfeea16f3ebe377a2e8a59ceb2bf247fa97fdaee7df6758a4438722a53748e201616c3701b57f40c6f913e7f405f47019f95ceddf17beec8939b163a57a4965852de5ab1c614eaad6b3ecdf7a38619604cdf55982709d9018eaceab132eb834d74be84e82136e4741a6ff7bff1266a3cabc95fa5ff9910d50ac5023e46589985e991b8000724bffa45d310a61a798d311bac4cf623caac26b229516d60e90caf8a5a3ef928ccd72da5db11ea205b24f9fc31c0d938df99ff981c32fddbf27a14b1a46fd986a5c4c2822d48a46fb2be617d7b6cc1a2b51d15a034899ecfb55d40011302d520108115fc458598526791465173cc8f48c94e8cc3d8a810d6423f9d7b4e6f977aafbe8f87d3a61ceda95d3fd249f5d66db4f3786d61b8e849a0bd5dd33a15f040a4f6b6d2988afe0201c19ce698c359acf17117b2a084b7879d20665146acca6b1d8e3766041995592f31655dba720e382e019423b637dcdc94392927296e767754ed72037e4f983f26b6f3194f81fd1b66d2d53724b47bf0524dca17b9f9a6b911e42ee0500e72527493f432f18933e629799fce0750f8b48c91fc1c142898bb1fc145884944a2de142bb54a712af55e27f759ab2813154e5ee26df9808065c33967de4c023587bbf157c9019e15759c3ec8af686c7a38b959ae7221bcb9094ec1ab64fa3404245bc180568c49cbdd4751a97afa018678bda742a42642cf833bb4e36eeddef1e849acf9498d7e6970a6e5bd556f979b92a59e95b98b2eab4c4988cfa47418ea1a3e0796e2f5fae64e0a10577151ede98bff608fa35a2778cab34929a2ec31fccee0de4dc4d602f4495735c3cd6c7c2624d0bc57f153fe2ab0cc6fa92f1f7c85ea9b0113e3a90217ec6dedde32aa76a9a30dcd46cd09dcbf9d540f73416776a3f4db3853ec5fe596eb21a7da78caf68b6517e8cce5d38ca34f47d1d7e4dd9bfef47ecdecdedc72ac4fa295204ff273fb778e6162a074cf5a4b2b429b11c9a2e7053cb99b8d3759267ffed40f71a34e417ce05576405aba9f1d995c390e83781295b2468ac91f6eb3dcd4fbe75e8e4ca2650e67710ab0cb42f3a91e7f4e550beca6d4e2a13fd6e61b0763d4b37b8a1fdccddac4c1abedfc57ef156aa84083b83c0b4563ff1235f8f04d02679e6fd9feb6bad09b4797f5f7cf075f8b2654b6d6863cf290a6e01626b6c09402d6ed7a9442d2101f7cc91345996ff916c54ba0139814cd2dfc293a49d59764bfe71690d765ce8a595ee61dbff2579063a4b1cb3475aca5ce6a2d66cc366b8ec62625e1eb2d2a92fc9ea4320caf0108afde417ce48be494484d299f459adb7d4866fa9b1578da88b8f714074be924a38f0824ce420c3a9d44547beff6cc75b2fe18d3357d1dd8578983b24631ffdf91e302efc2b2c193f17349a832e3ee864613fc0715d370c7214443a7dd47066ffc95406fa7d3ee807a3a1dbb7cdac1a01ba0782a7669213b05b6509bbf564cdf41cab3007ec0a698be318dc34a0371f42ede1a10adfdf1f564f3d621cfef013e0eaecb98a3de23127c50f1d4e1c1d41758080520553d4f43e43535cc23e5aaf1757770c3cb6c7c8c7e09690a477cb63f54b66b35e33ca53db263e78857e5951e1f34645c2e7bf2a3d5203b53e0040dfc68e7d4f59eb4bf740c3472c454de97eab5b8691356ddb90e09e0c075a726560637cb7d4bbda3085ca1eb39a128c9f5674b2678867720ff13db9c9ba0161e37561282c1b29a77e51908e4125d58ae932184253f7f49d972f910aa76e397dd1c21866b5ccde64d17d87bbd591d35d63335571df7daa314c8ef940d221f198a96a8051de532e3a24a7ce1dcda918bd626ece3b6b242cc5e6e5ef4a04387f4e5d54bb3503c564fbf3d86ed3572e77ee9200b5167ec9d88bf93a43ceebcf58f83ccd639f60c5ae546433179ed5ba19f23b47e36d7575a2c42e4232685740cb33fed0ec629f3fbe3a73a575040b556079f6ccbaafdf6eeee1f47eaa1b2751d8048339786bea33d5ae535c23f1db8314bb00c6d878e3b8bcc24f1b205b21589eb0b9f2ced8ba5e4a799afc92d86a9d4bb40964f1cfc171e5e56b8d6899e1574eafd615a27333d085edcee8a6d3a83b85f0876c7b9b6338ce70f238ae87312782a8f1a21e7ab4b216a770405f5af4fa8f046de24d165add9b17232ac20c9e7f862d0b2b07ebe1892ef1bee50a78b212a6b02af3a370d41b374efdde8c13658ca87574bd8eafb8ae8bfea36c6e878528ab8f4c4672fb63ffe0910522efa37dea4cb6c6f671e4e6e0171f886b4e88095993d96f2c86b7966b42dd4c6bd6b96a9d77b60c4cf1fae02cec44e7de9d976203463001e2ed8792971bc8a40f988dd03ff5a79949aaac50da3ece015acde78d4450c828641465257471b7ef8b11230f199f220c865768daf91c81b68d5e83b7f386f95fd14a45e4f715124252ed39791f1507180eb058832fa5b04946a3970266d59801c818e8b8f6b835080c4aba88e64bd6d05dfae8eabd141a68430be5a376757c279cfda51bea2ff24850de5b624f6cf464c15f04fb06b7dbaced3985a6b10c25838fdd7f6448fb3ef2fcaec422c3749a258c1bcf9bfdc2b5909e6cdd494b1781a79d0fe2a7bd4c132e446715e5cea67d5154bd28b84254b21e8ceec5354147bfea1c6851628121539e81bc20aa0af24d33ef8e551ac49577851a89a462834aea14da886d1f1ce2d32ac728a1dfe1419394bd27e14d07831f9112d2ffac582e87b84e602966396638084529b9a6d64c9d858c03852ac3c8d5faf719f6ed191bda69efe3ccde8dbd4ac3f8e5a5c4732775ca3c33d975932198b7c756f88ee9891bc3d2be8fc772019a3ee351daf8da7b58c17a33f32c9ea51b912bfe163dad914c9db8d6dea1977f6325989e2d3e32372f6ee665a7f35663bafedb3948e8adf3765956912076e0fc135915871adce550e24b35f3014ffa36ba1799c0570fb8c40c0691278ef86a6ec4fe4f159df4cbe40923c607b4a4be54bc537d9f5c0074c3046fae7b1806536977dcd0998d34cb7e42daf1f859da8172d048a8fa7e3350bb1d30d760527042138346113def210af8cfa7a38a411b9b1b963f995ebdca8b709dea07b89be13d98984270b640d9f90ee57e2a3347098d48fea346cd23134aafabca1c33a9e06d910531d1b0849464df28276bdad3e9cac29529619057b90ab32968b7c3d670915bd59840452738848112557e7f1f5a064002e4fcdadf1f59a293cce5df59679e568496b25efd3fdccfadc2e511a1d7ce2"}) ioctl$BTRFS_IOC_TREE_SEARCH(r1, 0xd0009411, &(0x7f00000518c0)={{0x0, 0x197c, 0x8, 0xffffffff, 0x9, 0xfff, 0xfa92, 0xfffffff8, 0x3ff, 0x40, 0x8, 0x2, 0x0, 0x5}}) ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, &(0x7f0000056b00)={{0x0, 0x8, 0x7, 0x9, 0x3, 0x5, 0x6, 0xffff, 0x3, 0x1, 0x0, 0x2, 0x3f, 0x1000, 0x5}}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000057b00)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r15}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r14}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r12}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r13}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r12, r15}], 0x80, "5fabd34a60e47f"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f00000528c0)={0x5, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r3}, {0x0, r9}, {}, {0x0, r10}, {}, {r11}, {0x0, r15}], 0x2, "a829ded5fdd5d3"}) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) [ 2130.489247] FAULT_INJECTION: forcing a failure. [ 2130.489247] name failslab, interval 1, probability 0, space 0, times 0 [ 2130.492085] CPU: 0 PID: 11255 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2130.492730] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2130.493488] Call Trace: [ 2130.493741] dump_stack+0x107/0x167 [ 2130.494082] should_fail.cold+0x5/0xa [ 2130.494443] should_failslab+0x5/0x20 [ 2130.494800] __kmalloc_node_track_caller+0x74/0x3b0 [ 2130.495263] ? __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2130.495773] __alloc_skb+0xb1/0x5b0 [ 2130.496116] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2130.496584] ? ip6_mtu+0x1bb/0x3d0 [ 2130.496917] ? ip_frag_init+0x350/0x350 [ 2130.497294] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2130.497723] ? ip6_mtu+0x1e9/0x3d0 [ 2130.498053] ? ip6_setup_cork+0xfb7/0x1740 [ 2130.498443] ip6_make_skb+0x2de/0x4e0 [ 2130.498793] ? ip_frag_init+0x350/0x350 [ 2130.499165] ? ip_frag_init+0x350/0x350 [ 2130.499556] ? ip6_push_pending_frames+0xf0/0xf0 [ 2130.500003] ? ip6_dst_hoplimit+0x199/0x440 [ 2130.500402] ? lock_downgrade+0x6d0/0x6d0 [ 2130.500796] udpv6_sendmsg+0x20d3/0x2ad0 [ 2130.501174] ? ip_frag_init+0x350/0x350 [ 2130.501549] ? udp_v6_push_pending_frames+0x360/0x360 [ 2130.502025] ? SOFTIRQ_verbose+0x10/0x10 [ 2130.502409] ? lock_acquire+0x197/0x470 [ 2130.502779] ? find_held_lock+0x2c/0x110 [ 2130.503158] ? __might_fault+0xd3/0x180 [ 2130.503547] ? sock_has_perm+0x1ea/0x280 [ 2130.503941] ? __import_iovec+0x458/0x590 [ 2130.504332] ? udp_v6_push_pending_frames+0x360/0x360 [ 2130.504811] inet6_sendmsg+0x105/0x140 [ 2130.505193] ? inet6_compat_ioctl+0x320/0x320 [ 2130.505616] __sock_sendmsg+0xf2/0x190 [ 2130.505979] ____sys_sendmsg+0x334/0x870 [ 2130.506355] ? sock_write_iter+0x3d0/0x3d0 [ 2130.506745] ? do_recvmmsg+0x6d0/0x6d0 [ 2130.507111] ? SOFTIRQ_verbose+0x10/0x10 [ 2130.507492] ? mark_lock+0xf5/0x2df0 [ 2130.507841] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2130.508326] ___sys_sendmsg+0xf3/0x170 [ 2130.508688] ? sendmsg_copy_msghdr+0x160/0x160 [ 2130.509120] ? __fget_files+0x2cf/0x520 [ 2130.509491] ? lock_downgrade+0x6d0/0x6d0 [ 2130.509882] ? lock_downgrade+0x6d0/0x6d0 [ 2130.510270] ? __fget_files+0x2f8/0x520 [ 2130.510644] ? __fget_light+0xea/0x290 [ 2130.511015] __sys_sendmmsg+0x195/0x470 [ 2130.511406] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2130.511807] ? lock_downgrade+0x6d0/0x6d0 [ 2130.512214] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2130.512662] ? wait_for_completion_io+0x270/0x270 [ 2130.513118] ? rcu_read_lock_any_held+0x75/0xa0 [ 2130.513553] ? vfs_write+0x354/0xb10 [ 2130.513901] ? fput_many+0x2f/0x1a0 [ 2130.514240] ? ksys_write+0x1a9/0x260 [ 2130.514596] ? __ia32_sys_read+0xb0/0xb0 [ 2130.514980] __x64_sys_sendmmsg+0x99/0x100 [ 2130.515384] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2130.515862] do_syscall_64+0x33/0x40 [ 2130.516207] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2130.516693] RIP: 0033:0x7f9ff3490b19 [ 2130.517050] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2130.518781] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2130.519509] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2130.520170] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2130.520831] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2130.521497] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2130.522157] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 03:00:05 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030521206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:00:05 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, 0x0, 0x0, 0x0) 03:00:05 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0x7570}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:00:05 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0), 0x1002c00, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r0, @ANYBLOB=',access=client,version=9p2000.L,uname=+^}-,access=', @ANYRESDEC=0x0, @ANYBLOB="2c63616368653d6c6f6f73652c756e616d653d2d2c616e616d653d2c7375626a5f81000000000000002f2a2e5c2c66736d616769633d3078303030303030303030303030303030312c66736d616769633d3078303030303030303030303030306165352c66756e633d43524544535f434845434b2c00"]) chdir(&(0x7f0000000040)='./file0\x00') acct(0x0) r1 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r1, 0x400, 0x1) fcntl$setown(r1, 0x8, 0xffffffffffffffff) close(r1) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000180)={{0x1, 0x1, 0x18, r1, {0x3ff}}, './file0\x00'}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) write$binfmt_elf64(r2, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) 03:00:05 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000100)=0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r1, 0x0, 0x0, 0x0, {}, 0x0, {0x0, r5}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_REMOVE={0x7, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, {0x0, r5}}, 0x8001) creat(&(0x7f0000000140)='./file0\x00', 0x0) r6 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r6, 0x400, 0x1) fcntl$setown(r6, 0x8, 0xffffffffffffffff) close(r6) pidfd_send_signal(r6, 0x19, &(0x7f0000000200)={0x3e, 0x3, 0x40}, 0x0) 03:00:05 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 70) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:00:05 executing program 5: perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x18, 0x52, 0xc21, 0x0, 0x0, {0x6}, [@typed={0x4, 0x2}]}, 0x18}}, 0x20000090) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x4022812, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') r2 = fsmount(0xffffffffffffffff, 0x0, 0xe) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) openat(r2, &(0x7f0000001240)='/proc/self/exe\x00', 0x200, 0x158) write$bt_hci(0xffffffffffffffff, &(0x7f0000000000)={0x1, @set_cpb={{0x441, 0xb}, {0x8, 0x0, 0x9, 0x998, 0x5, 0x6, 0x8}}}, 0xf) ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f00000002c0)={0x0, 0x1, 0x7, 0x2}) unshare(0x48020200) 03:00:05 executing program 6: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x58, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x2800018, &(0x7f0000000240)=ANY=[]) r1 = openat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x10000, 0x2) chdir(&(0x7f0000000040)='./file0\x00') fstatfs(r0, &(0x7f0000000400)=""/196) r2 = syz_open_dev$rtc(&(0x7f0000000040), 0x9, 0x181002) r3 = getpgrp(0xffffffffffffffff) fcntl$lock(r2, 0x7, &(0x7f0000000640)={0x0, 0x1, 0x1, 0x400, r3}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x8, 0x0, 0x0, 0x5e, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_config_ext={0x1000, 0x200}, 0x0, 0x0, 0xffffff7f}, r3, 0xa, 0xffffffffffffffff, 0x2) r4 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r6 = accept$inet6(r1, &(0x7f00000001c0)={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000200)=0x1c) ioctl$FITRIM(r6, 0xc0185879, &(0x7f0000000240)={0x8, 0x7fffffff, 0x8}) sendfile(r4, r5, 0x0, 0x100000001) r7 = accept(r4, &(0x7f0000000300)=@rc={0x1f, @none}, &(0x7f0000000280)=0x80) ioctl$BTRFS_IOC_DEFRAG_RANGE(r7, 0x40309410, &(0x7f0000000380)={0x1ff8000000000, 0x400, 0x3, 0x7f, 0x3, [0x4, 0x20, 0x7, 0xff]}) 03:00:05 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030621206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:00:05 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, 0x0, 0x0, 0x0) [ 2131.282646] FAULT_INJECTION: forcing a failure. [ 2131.282646] name failslab, interval 1, probability 0, space 0, times 0 [ 2131.286089] CPU: 0 PID: 11285 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2131.287693] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2131.289555] Call Trace: [ 2131.290168] dump_stack+0x107/0x167 [ 2131.290988] should_fail.cold+0x5/0xa [ 2131.291885] should_failslab+0x5/0x20 [ 2131.292748] __kmalloc_node_track_caller+0x74/0x3b0 [ 2131.293884] ? __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2131.295060] __alloc_skb+0xb1/0x5b0 [ 2131.295894] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2131.297009] ? ip6_mtu+0x1bb/0x3d0 [ 2131.297819] ? ip_frag_init+0x350/0x350 [ 2131.298722] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2131.299784] ? ip6_mtu+0x1e9/0x3d0 [ 2131.300563] ? ip6_setup_cork+0xfb7/0x1740 [ 2131.301534] ip6_make_skb+0x2de/0x4e0 [ 2131.302399] ? ip_frag_init+0x350/0x350 [ 2131.303313] ? ip_frag_init+0x350/0x350 [ 2131.304228] ? ip6_push_pending_frames+0xf0/0xf0 [ 2131.305320] ? ip6_dst_hoplimit+0x199/0x440 [ 2131.306300] ? lock_downgrade+0x6d0/0x6d0 [ 2131.307258] udpv6_sendmsg+0x20d3/0x2ad0 [ 2131.308189] ? ip_frag_init+0x350/0x350 [ 2131.309097] ? udp_v6_push_pending_frames+0x360/0x360 [ 2131.310250] ? SOFTIRQ_verbose+0x10/0x10 [ 2131.311189] ? lock_acquire+0x197/0x470 [ 2131.312093] ? find_held_lock+0x2c/0x110 [ 2131.313016] ? __might_fault+0xd3/0x180 [ 2131.313921] ? sock_has_perm+0x1ea/0x280 [ 2131.314860] ? __import_iovec+0x458/0x590 [ 2131.315812] ? udp_v6_push_pending_frames+0x360/0x360 [ 2131.316979] inet6_sendmsg+0x105/0x140 [ 2131.317855] ? inet6_compat_ioctl+0x320/0x320 [ 2131.318871] __sock_sendmsg+0xf2/0x190 [ 2131.319761] ____sys_sendmsg+0x334/0x870 [ 2131.320691] ? sock_write_iter+0x3d0/0x3d0 [ 2131.321634] ? do_recvmmsg+0x6d0/0x6d0 [ 2131.322509] ? SOFTIRQ_verbose+0x10/0x10 [ 2131.323427] ? mark_lock+0xf5/0x2df0 [ 2131.324277] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2131.325463] ___sys_sendmsg+0xf3/0x170 [ 2131.326344] ? sendmsg_copy_msghdr+0x160/0x160 [ 2131.327371] ? __fget_files+0x2cf/0x520 [ 2131.328288] ? lock_downgrade+0x6d0/0x6d0 [ 2131.329230] ? lock_downgrade+0x6d0/0x6d0 [ 2131.330175] ? __fget_files+0x2f8/0x520 [ 2131.331079] ? __fget_light+0xea/0x290 [ 2131.331980] __sys_sendmmsg+0x195/0x470 [ 2131.332885] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2131.333858] ? lock_downgrade+0x6d0/0x6d0 [ 2131.334805] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2131.335918] ? wait_for_completion_io+0x270/0x270 [ 2131.337005] ? rcu_read_lock_any_held+0x75/0xa0 [ 2131.338067] ? vfs_write+0x354/0xb10 [ 2131.338903] ? fput_many+0x2f/0x1a0 [ 2131.339764] ? ksys_write+0x1a9/0x260 [ 2131.340631] ? __ia32_sys_read+0xb0/0xb0 [ 2131.341559] __x64_sys_sendmmsg+0x99/0x100 [ 2131.342508] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2131.343677] do_syscall_64+0x33/0x40 [ 2131.344517] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2131.345684] RIP: 0033:0x7f9ff3490b19 [ 2131.346522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2131.350689] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2131.352398] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2131.353975] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2131.355565] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2131.357157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2131.358754] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 03:00:23 executing program 5: mount$cgroup(0x0, &(0x7f0000000000)='./cgroup/cgroup.procs\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@release_agent={'release_agent', 0x3d, './cgroup/cgroup.procs'}}, {@release_agent={'release_agent', 0x3d, './cgroup/cgroup.procs'}}]}) execve(&(0x7f00000000c0)='./cgroup/cgroup.procs\x00', &(0x7f0000000300)=[&(0x7f0000000100)='U\x00', &(0x7f0000000140)='cgroup\x00', &(0x7f0000000200)='cgroup\x00', &(0x7f0000000240)='cgroup\x00', &(0x7f0000000280)='cgroup\x00', &(0x7f00000002c0)='cgroup\x00'], &(0x7f0000000400)=[&(0x7f0000000340)='release_agent', &(0x7f0000000380)='cgroup\x00', &(0x7f00000003c0)='release_agent']) rmdir(&(0x7f0000000040)='./cgroup/cgroup.procs/file0\x00') mkdir(&(0x7f0000000440)='./cgroup/cgroup.procs/file0\x00', 0x10) 03:00:23 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0x7b08}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:00:23 executing program 6: io_submit(0x0, 0x1, &(0x7f00000000c0)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x80, 0xffffffffffffffff, &(0x7f0000000000)="22f2ff2bef6694ba4039628ab7b19b89a25fbf7bdc22629cb7f67a1ffa938ecaab4a304c3e825f00c39ea78dd7df726ce6adeeb0fe668eccce4a352e7687b3601f25d8e4863ef1627e326bcd83bffc58db925aec87ff16e20860aac071e6c9043881f35449f74ef0b94144cbf69f6194728487b9e9a46aa2878d94b1c3", 0x7d, 0xffff}]) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000100)=0xffffffffffffffff, 0x4) io_setup(0x81, &(0x7f0000000140)=0x0) r1 = fsmount(0xffffffffffffffff, 0x0, 0x72) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000300)='cgroup.controllers\x00', 0x0, 0x0) r3 = accept$unix(0xffffffffffffffff, &(0x7f0000000380), &(0x7f0000000400)=0x6e) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) io_submit(r0, 0x4, &(0x7f00000006c0)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x3, 0x7, 0xffffffffffffffff, &(0x7f0000000180)="1238de167ce5f5cb4dd7de18e0ec8afd2fecba7bf39616589191e99e97a4937eb32a8612dd46534c88a55782caaedffb8abfc5b0caa04b1691ca81e918e52a0618e10ed94fba20e9fa1e0489877f876c5f98c2c46c2f3a7d540013c969e7dc19213e9b2c6ccde12ab42b860ddbb9b75d556ddcfc785050ce61660ee8b09dba37c884b83032d03e92515fd009836fc085497878296c37b4f41434e4e2529dbd8852939869bc423e7b4adfceeeb985e672d0d51c5bddc3ac8f94f81b8784", 0xbd, 0x2, 0x0, 0x3, r1}, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x7, 0x1, 0xffffffffffffffff, &(0x7f0000000280)="71618a15f0bd21e50fa8683d40701ba266a039008868711baab62d0bd55b2211e1a71b9c0393ee16b37626e3076151439ebea2dd411f17d9d6c8615d9126f4a96c4badafa29d56680ce9a620955b5b118daf3d460b16a6047cd91e86e5871aa93e2d16e84d4372eaca231bc50c026d01bed2f77ad5a7a6494a32aa", 0x7b, 0xfffffffffffffffc, 0x0, 0x2, r2}, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x7, 0x6, r3, &(0x7f0000000440)="8001259adbc6232d2e130ec773acfee7edd49016f7697fe0e50922bf415a9f32d423ce3bab27ac0de2be0a80cfe7a39369fd9032504bf0c878e04b758fa1e19fae4c638440e0199232974d4f760482dafc67330d8583496c6cca6b19d4a8edf5e843fe9428c46c9c3c1901bf1b62a22babbb5d7a31b13a1348b5ce59a9985f13625f647cf88dc6dc033a67f11f01c96013a9b1a69134cc72b51cdc2a505327447ce713d9c00bd0e463707d73be99890e36190d9721b8fd14b8b29c0eb0c0b5fc3f4fc664c057e09670f2a324e359", 0xce, 0xffffffffffffffff, 0x0, 0x1}, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x6, 0x1, r4, &(0x7f0000000580)="211ebc79b97f5d2f693cda85b75d7e6e272390daa89b72923a070a5c04bf219298eb1b922d18c4ea060a00a1812f26d8315a8917092c70bd82c54ba995118f309bfb11fd8842ffcab3fb787a6f49ccf3316da1db5cedb5c16420898219d8b155f8ff6166e827c48cf078950ea7667c2fa214c10a2d90009dcac7c2c5b74b995ad3598f5fc6bd605972ec71fc303535884488f3bc369f1a45edc6be4ddbfe48165fb6edbfeee789638e2a149db76be7663c780adc4b2ae04436bc5ccbe82f8ff0a5c2b5b1596ca534becfb33822a4e099162539c20fbe827eb3cc6f2a208e0dbe209168d19842e2b47a73cd07797853f46881182e9943044c2a7105c10056", 0xfe, 0x81, 0x0, 0x2}]) r5 = timerfd_create(0x1, 0x80000) sendfile(r5, r4, &(0x7f0000000700)=0x400, 0x4) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000740)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f00000007c0)={r6, 0x1, r1, 0x0, 0x80000}) r7 = signalfd4(r2, &(0x7f0000000800)={[0x42]}, 0x8, 0x0) dup(r5) connect$inet6(r7, &(0x7f0000000840)={0xa, 0x4e21, 0x1, @local}, 0x1c) io_setup(0x1ff, &(0x7f0000000880)=0x0) clock_gettime(0x0, &(0x7f0000000900)={0x0, 0x0}) io_pgetevents(r8, 0x45, 0x0, &(0x7f00000008c0), &(0x7f0000000940)={r9, r10+60000000}, &(0x7f00000009c0)={&(0x7f0000000980)={[0x9]}, 0x8}) sendmsg$inet6(r1, &(0x7f0000000cc0)={&(0x7f0000000a00)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, 0xffff0000}, 0x1c, &(0x7f0000000b40)=[{&(0x7f0000000a40)="dd81b35aa614f660a78fe5cb77f572ebe83dfa0d9abd0414cd5db8bc31faceaba7ab945acd6190f7895a9f3c5d9b9b18c535a4e92012c0f742545ba894f502e8dc8d5edfdd7dce6e6471557313cca5678210891ec992e352f4354ad634a7d969f6627f2eeadfa6f6b1a7130ab6332feac2b5810804b0fcfa2cf8c7a953b527f3488e5e4a65b805db4f7b29bd52f33db85d09a6d6c67114a6815fac07fa9a699d872fe77212c378496f88368a1a60a80fdf7d6bd719a83ec3cfde5b42d9b664adb1345d732cc98197441c022d8a46e0132fad1cbd28f27e5b55b174bb6b", 0xdd}], 0x1, &(0x7f0000000b80)=[@rthdr_2292={{0x98, 0x29, 0x39, {0x3c, 0x10, 0x1, 0x80, 0x0, [@dev={0xfe, 0x80, '\x00', 0x1d}, @private1, @mcast2, @mcast2, @local, @empty, @private0, @mcast2]}}}, @rthdr={{0x78, 0x29, 0x39, {0x32, 0xc, 0x2, 0x8, 0x0, [@private0={0xfc, 0x0, '\x00', 0x1}, @private1, @local, @private2={0xfc, 0x2, '\x00', 0x1}, @mcast2, @mcast1]}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x4}}], 0x128}, 0x40800) io_uring_enter(r1, 0x56c5, 0x9bf, 0x1, &(0x7f0000000d00)={[0x101]}, 0x8) 03:00:23 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, 0x0, 0x0, 0x0) 03:00:23 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x1}}, './file0/file0\x00'}) r2 = openat(r1, &(0x7f0000000280)='./file0\x00', 0x440000, 0x1) write$binfmt_elf64(r2, &(0x7f0000000180)=ANY=[], 0xfdef) r3 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r3, 0x400, 0x1) fcntl$setown(r3, 0x8, 0xffffffffffffffff) close(r3) statfs(&(0x7f0000000200)='./file0\x00', &(0x7f0000000c80)=""/111) write$binfmt_elf64(r3, &(0x7f00000002c0)={{0x7f, 0x45, 0x4c, 0x46, 0xff, 0x1, 0x7, 0x6, 0x202, 0x3, 0x6, 0x6, 0x1b1, 0x40, 0x3c1, 0x4, 0x6, 0x38, 0x9, 0xfafa, 0x100, 0xff7f}, [{0x6, 0x3, 0x8000, 0x0, 0x1, 0xbe8, 0x9, 0x6}, {0x2, 0x4, 0x1, 0xfffffffffffffff9, 0x400, 0x7fffffff, 0x1f, 0xb8}], "f79fda78956117b425edb86d1042e0335f103a5c7e1c70c4634de0c5ea05461722efa0de4627456cc4470ab1d101e060bf7154d9e2945126956bab3df8b1e7d3df2b78dfe2db6501cc9e595c8ccb6b60a3e2fe4c5bac4030ad9a9d9eb6ddd306a0761df2c2936ed1017d98b14107a447b82b386225e10cb9f73b9c316bd55d5a71175145544fc40346aef9", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x93b) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r2, 0xc0189375, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r3}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r5, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, r3}, './file2\x00'}) close(r4) ioctl$PTP_CLOCK_GETCAPS(r4, 0x80503d01, &(0x7f0000000c00)) 03:00:23 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) r1 = open$dir(&(0x7f0000000040)='./file0\x00', 0x80001, 0x41) openat(r1, &(0x7f0000000100)='./file0\x00', 0x111400, 0x20) 03:00:23 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030721206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:00:23 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 71) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) [ 2148.648867] cgroup: release_agent respecified [ 2148.655250] cgroup: release_agent respecified [ 2148.686159] FAULT_INJECTION: forcing a failure. [ 2148.686159] name failslab, interval 1, probability 0, space 0, times 0 [ 2148.689177] CPU: 1 PID: 11321 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2148.690817] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2148.692784] Call Trace: [ 2148.693405] dump_stack+0x107/0x167 [ 2148.694253] should_fail.cold+0x5/0xa [ 2148.695137] ? __alloc_skb+0x6d/0x5b0 [ 2148.696049] should_failslab+0x5/0x20 [ 2148.696936] kmem_cache_alloc_node+0x55/0x330 [ 2148.697985] __alloc_skb+0x6d/0x5b0 [ 2148.698838] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2148.700018] ? ip6_mtu+0x1bb/0x3d0 [ 2148.700846] ? ip_frag_init+0x350/0x350 [ 2148.701775] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2148.702851] ? ip6_mtu+0x1e9/0x3d0 [ 2148.703695] ? ip6_setup_cork+0xfb7/0x1740 [ 2148.704676] ip6_make_skb+0x2de/0x4e0 [ 2148.705564] ? ip_frag_init+0x350/0x350 [ 2148.706495] ? ip_frag_init+0x350/0x350 [ 2148.707419] ? ip6_push_pending_frames+0xf0/0xf0 [ 2148.708539] ? ip6_dst_hoplimit+0x199/0x440 [ 2148.709547] ? lock_downgrade+0x6d0/0x6d0 [ 2148.710521] udpv6_sendmsg+0x20d3/0x2ad0 [ 2148.711470] ? ip_frag_init+0x350/0x350 [ 2148.712417] ? udp_v6_push_pending_frames+0x360/0x360 [ 2148.713618] ? SOFTIRQ_verbose+0x10/0x10 [ 2148.714567] ? mark_lock+0xf5/0x2df0 [ 2148.715440] ? lock_acquire+0x197/0x470 [ 2148.716377] ? find_held_lock+0x2c/0x110 [ 2148.717321] ? __might_fault+0xd3/0x180 [ 2148.718254] ? sock_has_perm+0x1ea/0x280 [ 2148.719209] ? udp_v6_push_pending_frames+0x360/0x360 [ 2148.720425] ? udp_v6_push_pending_frames+0x360/0x360 [ 2148.721632] inet6_sendmsg+0x105/0x140 [ 2148.722539] ? inet6_compat_ioctl+0x320/0x320 [ 2148.723587] __sock_sendmsg+0xf2/0x190 [ 2148.724505] ____sys_sendmsg+0x334/0x870 [ 2148.725448] ? sock_write_iter+0x3d0/0x3d0 [ 2148.726436] ? do_recvmmsg+0x6d0/0x6d0 [ 2148.727367] ___sys_sendmsg+0xf3/0x170 [ 2148.728294] ? sendmsg_copy_msghdr+0x160/0x160 [ 2148.729359] ? __fget_files+0x2cf/0x520 [ 2148.730299] ? lock_downgrade+0x6d0/0x6d0 [ 2148.731262] ? trace_hardirqs_on+0x5b/0x180 [ 2148.732285] ? __fget_files+0x2f8/0x520 [ 2148.733215] ? __fget_light+0xea/0x290 [ 2148.734127] __sys_sendmmsg+0x195/0x470 [ 2148.735058] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2148.736089] ? setup_APIC_eilvt+0x2f0/0x2f0 [ 2148.737104] ? clockevents_program_event+0x131/0x360 [ 2148.738284] ? tick_program_event+0xa8/0x140 [ 2148.739312] ? hrtimer_interrupt+0x771/0x9b0 [ 2148.740366] __x64_sys_sendmmsg+0x99/0x100 [ 2148.748512] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2148.749715] do_syscall_64+0x33/0x40 [ 2148.750577] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2148.751778] RIP: 0033:0x7f9ff3490b19 [ 2148.752645] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2148.756957] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2148.758727] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2148.760400] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2148.762052] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2148.763729] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2148.765406] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 03:00:23 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030921206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:00:23 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) creat(&(0x7f0000000200)='./file0\x00', 0x0) ftruncate(r1, 0x1000003) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) write$eventfd(r0, &(0x7f0000000140)=0xfff, 0x8) write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a) readv(r2, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1) r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x286842, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = accept$inet(r0, &(0x7f0000000240)={0x2, 0x0, @broadcast}, &(0x7f00000002c0)=0x10) write$binfmt_elf64(r4, &(0x7f0000002340)=ANY=[@ANYBLOB="7f454c46cd05201f008000000000000003000600f7ffffff5702000000000000400000000000000052030000000000000900000039c93800010002000200010400000060090000000500000000000000010000000000000000000000000000000300000000000000060000000000000007e6f94e000000000500000003000000249a000000000000bd8b0000000000000000000000000000ff00000000000000f5afffffffffffff0200000000000000d33adab261cf656673ac051bb0321a6bb22028d43359ec7e28d74ad38b8fe617a8e7ecd382944b9a044754ba91dbf06a12c4ee1f2730f1e4af2321e42651e5de4981f7c77ad396d3310449b4f01fa17bd98ab036be3588331de97f54b1dffece45b1335f6cba581efc26d097f60634484eb088e2a10ce4dbd49eb7455600ea8fbcaa57c6d791a27fa3f0a2cd1a9eef8fc445fd1ff7dbe7770340189821588ecdcb2d93213c7c07eb188729b56ef588e0065ab929ad8e35f930e5a8f66fdf0fe52dc93a149dad8cb4316a9ba25d5194b4941185543861ccd145286163d98898b111ee0b71f69d1710dcf0f0fb3d559f2bcfc9e0ca4cbde272273cd0d363965a2523c189b6b036fb3560d641da7ac9c8172d904f2df3a64295fa8ec8aa7c5662bf8baa8e3dc0075c417a2bcf1536c7c099341860aaeb2ab7c34e787e88c4907638ce64c16098f84cfc646c048cdb4737e9f20017293ba8dc873bab18ab9f422f6dfa355d195531471185dccad05691ebec192a90372e1bfd2cea41477043c140ee867c8fd424559e41a78cb53349e93a9ebb2f7744a81f95593f6690b82ec4ddf6fe3cfb0557f483cf5d0d855e844499a896eef25f37073f1a8564788da1683089872f160dade775206acce332ec0018e3e8722dab04cda530438735c6c369a15e73ae7a3422fd4f87392b7a7a1ad31138e68092827cef5da81e9078cba1ddf56a02f41e33fcfb926149cf397ebe9f066e0fbb18a93e355edb38f47bfe25b328e3d7f5d243866f971814123ac8f23571390c0b20ca72a637b9b566ca72c1723f933996c9a9c800637156e2b38eebf4c7c086ce336edfd69998156823163017300a24cdb279f9a00f4f3441c7c8ddb9ade28d220a907341b06fe8cfb056603da893d406fd13cc79b502733efbd94c342b52b3749cb705153a4e64c870dc852ec88420b3f6f2173ef2c65e891b81d8cf3fb780af72ba3ae027a1b8dc61373d8312df5ac94e5f1a90263c4156fb6e93d5b07f391012b71a92c34abf22113932d790d58d3f39043ca64d4820e6544f64b2f865a470ce7110097452c852c49bd2a8a1dc6679a1ceff83db752f4846e6c029befbc5bb1dcbc132f5c346f2c5a85dce8433384acfb657cae99045d397d850b968bdf55c490aa45341dc40757514508ae68327187c166889b713a9a66208c8609e0f5d1a611666aa728bae26b61724461aea821085e3a4db0cf96f57429ddff92e5e9a74fba61f3c3609defdeb431f3f79398d1c60ca98cf822b9bb7e5e61d21d6ddac34b0e93d833d047bf2c7bf6ac26cf9b674d434b052129eba69544b23bd18ba8538dd329bf3c62d727734bbc3073d3aecdec8c8ec82f1ad7e82adb8c8296f2c09eb007c7a18bd117d89c73f2fd3c436fbc9e5360db9d36ad675555b236c764c040584e123d2008cafb19e821442a9f7a2a076266594d8d25f4db148df6c5137cb59d9d9d63f9e61daa8d5e74ef1b3452bdbc9cbb337535f8f2924b2a976b16da665f6d383fcfb2d177a995a42f218db6c6f916c07f3db7a08baef90e761c3cc03ba9af906c532d5a3227203e5bdcaa1047b4d5e11f90bbb5ae7a475b62ab52aa59abac31803b644eeea56685108dc06536db78216b7544a1c19c5dd7991798644ade6d270d0893891662aa6595db4107475dd79eaa1f493e62e81b3b43183f3c8eae2b40b49eb2807dd7f856254c73d8837b1d6d3aa43fa6e3940117571eaca5df66f3c099cf2da7c2fd80ef571bc443207fecdf6301a314f786213735b2677ab9881ea4c470737324651db8aebf19700fbf79b1f15985e15ca32765254f92aa7155ab1068d3591afc184eeccf14bab0119b8f469fc7bdfb7d51768bcff70ed553d93e45e76811382a163568a3a4b3faddf69337ad1451b146bcafe0d3b57bd4c3ae1a2767c46a3cccd56c239893e2946a5889a7ce13b621dea09322da3b98f5d22460f9006bc52ad208f02443b5eee757550118e0293fc1786c3a622b9c5d1639d775cd5579495bf922d16675f14a09ec1c34e5c28e333def36ef206f86c122ad58c44235c2ca2ba9d46a5face1c05034ecd878f17435a804a7b5f7f91b262b283ded11309b421f85a7d5f51efaa77e7bdc0070b8bc88d916116f62fcc4e6878e3f13c50333496231738ccd6df55dcec80cc313c5fe6c1a087917598a2a576cfdd2d928fe6430ad64986f57e8f8ee60870dd4733f83ab3145d794c183c1d55970196330c260df9697e15473c80366cb73a74a09d31e05788d7fc86c30086504431c08d057a5df4ccb2eedf40b633f95ec36146364f4ea6f07e16352e8ac00a83207f5ed91a42150af3d15724e0e8e46a27edf947e4664c7bd2d33979f5a904536b48d40e8930ab77b0e006983b953141f5097f50b0d29d50af2215782a2c185a39baca148efd875550f753b0d099708d78349e3d2f18878a5f13fcd0aff9c29fbd11e68b465b3244d6b3cd685b9706d06a05f5896853d13bbd37f6f1ca75ee24cd9031d895c459f3bb086f53e4dcc3de555cdbdd45c71bc4a4cbedfe59d31ec6cf34d77b2888ed9f200df4c960e02eae80b4003dd3e0b144165bfb666859ebdd77ace6e326d2b7e3ed6b6fbed480505c95cf8c6427575d72cb9189a262f8e1043825c1e7a569139ed9b38671b497874b3ccde0a29dd973bfff2940333ae0da0fb97468d46be0fe67756ce2267a35c1233c14e85b55fafaeb215c8d5795ce3e22fd0b4b6fc8f7e8eddf285d73c53556e4bd9ec2a653a5441741aeed41f0f8e16c229780fc96549f6aa6715b9eb65473bde3d337ac50f11b715e8325f76a60f792d488c5a5fa81c6a7196257382e9e6e37f0cfa0e91f4372b8077dd5862d2dfaa348c6db4c1dfe136368d49f56056b13b0e81cec59bbc8a24d62dd9968bff606996b9a803809e781b90a4ac5bb1b5fd66c9457c4efbf8208381b808c867cc392b18c52c709f2f5d90cc276adea10e040a89d7fb872abb46419f9e39b3b0c3df8334ed11fc098bd7b75ab986869f73fe561d16a6221cd670a9b2f4e4c29172a676578cf5cc6e6a8afbd45f4a7cfc120e84aec00a7600f1ff55be1c2851e44d0cdc3b96f210f684f63780068980e8d028579979ea97d50207fc0ea65ec5efa157a87a44aa43d044872f60521efa374ea57a5cd69cdcf4b3c441d80dca0e65fc0d7933c42ad52ee65fb0e42b6a806df4ecb1e80cdcfa90b46fd987b53db4de233f1da80c5de2919caba23990d16101b5f6fefadc7168c1ebb4fc3867e4cc9821ec54c6ab3317b57421df345b55fdf0230847fcd09d8af509071e1cc071a75b5deff947d7be30b4af1c6dfebe8e8e81e8293fcb782db305dc3309743b967775fff040e39cf574d3605a8202169378017cf1c4e9029af6487b48220409897c13c1606b496a9e68aa9bb072aa82418ac0a45d8e719780d2fa798edc519405b1029adfe5ff6d3e3ce33c602e2c65080599f942c629345d34867c6c12f0a890bfb066e07be9f59854ee663be587470d7a0f68160b75585ed421677087120455429844ef91019353d39b049a4ba8a63021b1c21e413a8259d034ce8501d6bd00d3dd41e71c92acc3d98a0f434dcc1d9c6a0823917ae78436b32ce5de1fcd1864f0609fdcb91872dc4ade0be25f534e21c021ef6dba820a25f816c73b47c776aacc940f9c2580792aed23117388b43234049132315f0641d64024ebcaace5cc06f16161826dbc392cef82e7126996be20f6de273b0ed2b26281215d9530ace30d1f7761e6888e91061b84c096d8c6b0654b32113829b0c5a98a50db2f322ab35ab956f9cf76539e182ff2580a4af3cc62a6bf06a569bdfae468f8297dffbc6628b8d9798c87b34b2056c06e33b6dc872f2033bebd0d928017a53b5f1feeea7c09aeecb5de7d986b14bd3eac6354d65c815164a6c99e510c1964c58a5a4857d0f8147ebe9e59d83c9350652b061518603de9b405a970967d4498eb81fb51e42ad38c1b6fcc1bcf91d80707a4054e71dc12ac4f060a299fa54fc10e925dba6d1d5c87cc3f58a18ebcef44ee66882f6331f708c180b184326d63bba192fafb4df1f70237c05fd96b542477dcd08df43dc72d18b758508d3a3da1eedb47d34ad17b7ac928ba8c01aa15ca1805533cd98c02d0fd327fb9d3691c1c0b249beea3994857c099120a70016ef65e397d491df0b931ec9180299aee71512dfc25517e768a33e8a6bf5798f6b36fb7d952ab70165fee2a35db4e759a4e3178d2088037b0560342f1941a066820e8c240fbc1ca713c06ca434a445005294e1f26bd78b4e8ec1d83ec348cc8fb9f48fc9135b886bd6fd6921dc184b78e357129ccc14e06cdb91ffe40947183662ed2230f17778298f194e2e4317b31641e65f97e782b1742d72eaae13ea71bccf388dad598ddf6509d4f1e49da809323e88d141373785edc7405d45ab89d4430f636edbaf4d0c718da5c0f25c94b476d9217415daae05b1ca2c79db8941168f006787feabd973699034baca886751e0bd00dd0df309af44036df74fcdea53a4c84094f2c9824a2e5dd5cf8f2da7100c1e7af1b49f41a2ee9f7aa934e13ede5c41b60e4050e9ef82ca781121fd1be3a4b594481056e834863136f559c1c63cd069069c64978d156e825a1355429bddacc11bb499d703dfc7dcbe56dc402c0a7fe2d49406720f87c714b92dc9a91ae4ab3eff831161f2574ecd628a00b9a593802be9c3187f0881a8dece953ad0da204138dd40d821f06520ea29081a8c2af03ac78cb94a5d1cd0173d4288351bacd0817d6684e652fe135c748b1cdcce82458dfc738f24f198890bf1a5db9d9f43933c1759f227fb656c4e1fc56776ef1d50ad935991ef562f962272f4f06a3b2bdb11e4fd777123877f453e59b07dc012803cafb14ec4757600e26474fa0f5be62d797b03faad217936294dcdf84b952a3dc64e65f8bfbd7f857f6071061ebaea1181365fa4c2bd85970739770a9cc9bd36840057149e442481f4b4410a1d545efcce912ab9e62381c7aaf4fe63a476ea9bf39c27fe4b6d68e2eb5afb876edfdadbf194f4b4575c89f7ef6b534398bf22a94fe1397c193c18f4bc4daf05e8b5a0fe38634276e3a18384870813fdae7c7041a350c50250953d9879e057ce3dbed12b42cfa97f2522e96b5ed816814c7de73b89750c309741da6aea5addacf8f419fb29e40e105c39d204659df08ae5e5b87af5293a89e39e738ffb686df4aa8ea3339194f3f1797107a4c3955da30354ace7aa4971aad1ff03ec891a2f3e4e25c945bec580f285fbfb63c723c2baa5992f293ddde9dfaafb2debc4cf0dc054e049a116e7c27bd36ec23050acd94c8f60d07a12e9be5e509b31ee273bf34193041b9ef384de6508a8f3688562ab91d807a703c50e251c82686db0247fc38e904b86f6ba6e8edb9e8d10568265042f69acbd361ca8a23505414b0cc1687c7441b4a2c65fe32a4ad302719f25f24208c7aef271683f00a70d71b7f206e11c69404a591d02bf045ed9537505743836340e69c9500e1763b0f234a9b17f1805df2a6661937a89f91e918a9829384ce5de669d889a2613a7278f64bb7ae333322b5ac005f9b2d36a12abd404937925708880d57eddfb1e4d3d4e96421fe1051e92beb0242e6510cd58fdd0135f6114360c0cd16b57413254a5e41e8507546dff605ae82c6b4096cf10ce0f687c0a8a3784af7130f7347079b1d10204e5a3449d4388bb3be25e10612f81d71b762c80ec7101a684574da5d3a2db7ea8d6cdfa5cbaecbe352100"/6576], 0x19b0) ioctl$TCSETSW(r3, 0x5403, &(0x7f00000001c0)={0x2, 0x3, 0x4800, 0x2016912f, 0xf, "41b4925ccbb7167c039339b42b72ccede24803"}) signalfd(0xffffffffffffffff, &(0x7f0000000180)={[0x3eb]}, 0x8) unshare(0x4a060400) 03:00:23 executing program 6: creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x248e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_STATUS32(0xffffffffffffffff, 0x80585414, 0x0) mount$cgroup(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="387b9bdddf3ad43f00"]) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x4, 0x0, 0x0) ioctl$sock_SIOCSIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r0, 0x8983, &(0x7f00000000c0)={0x3, 'macvlan0\x00', {0x77}, 0x401}) 03:00:23 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 72) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:00:23 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0x80a0}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:00:23 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = perf_event_open(0x0, 0x0, 0x0, r0, 0x0) write(r1, &(0x7f0000000200)="e5617f8d792ecc87b24069a52e871a13aed4a580b5683919f5949e6a513c29528344c27977d1cd2033e8d0a58b74e6f89fc1e6a52142bbc6c62920f1615a21837f619bbc9746db544ed06f8ae41631c7852816abbccfbbf740c3dcda01237727e7c5fc3480ee2b13faa3c79bb786b3f57a17ef3dfe80582a042e70bfc0cb38af59ba6557f1d03069749c6121f7ece9787bf00f6fb1291c85b18a8051ec0370259270b383870c716e4456c2", 0xab) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') fcntl$setown(r0, 0x8, 0xffffffffffffffff) creat(&(0x7f0000000140)='./file0\x00', 0x0) 03:00:23 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 1) 03:00:23 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x0, &(0x7f0000000240), 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) close(0xffffffffffffffff) r2 = accept4$packet(0xffffffffffffffff, &(0x7f0000008e40)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000008e80)=0x14, 0x80000) r3 = socket$netlink(0x10, 0x3, 0x1) r4 = openat$hpet(0xffffffffffffff9c, &(0x7f0000008ec0), 0x0, 0x0) lstat(&(0x7f0000008f00)='./file0/file0\x00', &(0x7f0000008f40)={0x0, 0x0, 0x0, 0x0, 0x0}) r6 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r6, 0x400, 0x1) fcntl$setown(r6, 0x8, 0xffffffffffffffff) close(r6) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000008fc0), 0x400, 0x0) r9 = syz_open_dev$vcsu(&(0x7f0000009000), 0x1, 0x2) sendmmsg$unix(r1, &(0x7f0000009180)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000003c0)="27efb784597b3d86a9d06e76e0aa41fe5434f59ec57ce3cad02b646c846c1a8e49cb688d274812c5b2551de9b6dd51467af61d078dd154459b686e7272b16f69c3f8b397cebf56ed6f5446a289c7adb947c67b11bb3a910b28d781944ea7ffa5c9bda4eb35d08914392f1c99b655ff3e309a1a501d70e10fc62455a5de0daab64cfdf499e3732f9073c1cc4d34165e87954b597ab589a76d43a89d78a59a8707762b0648d3f52ca11eb712e099d5e320199c61c5d53f036b2a379dd796d0c1164a059857c5fbd7d3a962a7a8d348ad7a293666966a07b1a2a68d91889406737b979024ad27905f35b89031ef5d21c637ba532146b8596562de891049ab1e4b8ccc7d639e1633a338b02681e16f7023b50a1861e3c5897ef8e962225f14ac20ab5486b11d449de0e34518e85b5daeabecda19f6043d70e443e1c31e610d25c79d04a866cf55e561f50fa2f264a3b6cb8f37f8b8364ed674339c20749240902a66f26f9035403f3256418466b0b544eea511ee24ceebac9f9cc55bf9ec62df3d4b2b6cab8423e7c27cab5235871478f5834511eb8350e5f3de49460eab9425e99cc98d4eb0f295802994aedcaf69022891b01738a785d121c810540e7f2bff5a788924be0ef57fd13b6dba21ca800bbc9286b6ec5fa2314052ae5954938620e7d053a944790a61ceb7580beaab6f4ff2b4f46933de1621ad5b5051f8bf5fb00407c49f6828f080ba4ba5e562a9035a68eb48e539df9534e4a671c866642aa0c5e83295ddb4b32ffac931ce6f09ba0dc477760e5103c83757dd5373e7fa45267591c44d96413aafc67f2b0c7b2def8150a113e57162369ec211928f1a49d40845f37fef7d12b18c5d1d030a96553c818f7f9be70e55b2230a0381a5f0eb1dcfd23770797c4b17fd7251f1e345b0cab325b84249733855772c5ee51ac4a83884e2b97bf8a9b942a6d2623290e8977342df3163459e09eb83a1a80115422a5768a8f24f54026d780fe55af82dedc4d42a3d8b12a374db7fd78e9760c25f00d82ac2098f7b50d0d2d1c1b3137aa689aae5a77c1bac24fa02b1ce125ff5848f46f65668dffbb207d343c2cb126232919543d01da325653d68f4ece58243bdf87ac570b2f0e03cffdb6d078e0918713aadd71aef1f982b48bc65d2a057c35603102d895c079abb7993286c106e8462441c0b5d2fe4e5944f9b9f12a4083c55264c3b0d1c1e77848796dad6723813718ab9f7bd4f0ce0d2439b2f85467f256aaa025d2de4064c0553f293074f1b6a014e99c8bbad50667db9bbfc405314104453d591512a60a819c81eb66d3c00d77e685e041319b2342ff890b6d96f82a72228289ea9d1a1f37ade491ed9e22d67c5f86e450db9e07323ee1917acaab6f21a50a4127669f8be2898c341543aea964a7379ceae071a7bfea0b5c6b00bf922263bae9481710a6a5c169083db62c03ba5ed926f88077f18a238d8f40cd31f20e25d91f0bb594262335abd3a30599fa40e3e043758f768dc40df301bc0b5e75dacf75a94a76d99641136a98b1c2bac416fc65202e17dc63a78d29a4183bc616744c2f5201321cf4d0e85cf56eab88a6ae65980b4265501585719bb7b80483a9f789b2a7fdfefe5e995857395f8b714ee2f24b7c6d4a4f2584fcd8a4a705ac2036446740e5a80fbe7a8b769827b6c60903d34d42533650fd20b4f67e0c8ffcb1b205370a3f792093046e084edd4dc7918fc5faab81e44b8af482d0253215b881d52e3c8417c7e335dbf3aec8c699d8efca2e404cacbb8b26cf77e0ff0a03954ae3e83f75c872a00c43441468828e29be2b99a7d8ec5e4b6a874489a312cdc780366fc563a61d85c82851b47bd4f04000de5b788ce7bcefdb73db2324cd1901cfea5e769c640e772b8ac13b0f2cfd4308ee656dd0211c219bd5e14e8779d7b2130d1b6bda96bc17878414c155c0d961f94f9da05c63eb746348b777abc3b6dfc4863601ef16616363e573286c3098960abd92672456eff88103151ea4636507a6bf23f514023dc3eadd1e3f5f65adfde25488052d13e3e66903644577c2783a8b5b68970e24251dc935aa1293e5301123ca5da4a2df30473db73e21009345302e3c3febcd89c2490be023ac009a33dc5896cecac84eecde5b1167a362ddf7eaed24f777655f42c61cb3515347c2ca010d3179d870b753a5e2fbcc5f820f7ab89be0be238265f67d73187bd66741459443efbd54263f4424b7f709f32f36806f71b5e8ac9ff37748d254f01f48686bb2666721fb518ce5b62715961d961fdc9f657c995eb5e731b2d76d4ee98c3da5eb7c61d642545b1ebd91bb11941212f2db602f28acac12081197a8f48b1aa15da110a87689876e9cef3761d884e4678f0e70da334bb1ab307639a47dbdc0671e291ea31444233beea17b7806c2478b3bc4723e73da166f20e8c7515069a4234b2ee8f0f373e963843a934ad161daa868ea08bd8cf592a1dd8ed0861e77809c0494232077bc4917c8e7ddf8b8d85316366412ad0e0fb0604e9b48e6980fcb1993f0eec07249da9ba04fe6d1a9cf6fd7bf8bc302687417f9e7f6aa51040b3ccfd70c4861eb69a566a18171f5e891188d09c779721c316bee2289f0aba5c2b9c91f60399ff625494b8eae084a35ef194bfdb6a65ea697b3c42cf2097b2a0ea024499acaff14723b0432ac4a1bf6f20c4a052621dc2739f871d0d6d5e36f8d79126303b9cb97a5846901d38572cc295833a32d9b6f1f12fd95e5b879f89ce7a1d1aa97fce648137ccddcdc5c1af2f527a82921363a0eeeeadf43763580396c8310ed35040fded03e01d394317ec8fc2d5af31fa52f02d29a4ad6e82016733d92633e73a79b14a15c829a5e91f5a4b2dae593bb4347159bce86dba3c4fc28083df11428b89aa22b23a456a79ead2c0fc243542f5c5767707dffa9798590f44db49fe8e35610a71b43583115ade87204ae72000548884da8f367bfbd6195a1e92b4c69526e384cd47058bc7d9b685f0890b1a40c9531175b849c019b5159ad8db1d35cfae81037275f177a0fedc5daac0e1aece57b7912a6d83181a5b4b5f26e4351de5905ef304d793ca698ddefe69ec3f981e4b9926837990ba1d42885821481b3f61994bd5a609fd34c1cce001632f78e6100048644fdfaae80a4399b048f32dd9395831c7c6349f98cd53147245b8f85fc5d542cac7af236137b3d35f9d39d8b0c13b82ba88a41273a0e59f89b57a52171bf4deae6c64c8d08c4031fa36529e91ea25e579b38c7ad28472bdbbe7f9379b586573c64c88a549d1df8ff16c0331d624d104fcb40e3f23a4cc456f2cee61d89f190d31649bd10d711abbc5ff2a0b3162325b03486c0bc5f9da61a7df50f61b07bff6c47fd44cef4056423782a2234b292cd077af1e734dbf86d0b290d65615f100d50945f21370e1460f1d1076be527254756e2c81d89b2f3abad470afb4d2947cb2210ac3babb6a74473b29057d359bb74bfb7b18317a9aa2e6e749b608f7aac783b551e34bcc54597f81eb65731192c0f28f880023d5acab0309d00c937f3b571ba4664e52ac062c890c49d7df299a628ebc230d3f419a8fe095f421740a89782d73e961036dfa406e6d04d395fb96e9595fe5384195954eef604db1d431a44ec6d4676180b235dd76538419080aeb986260ca2ca6de8ce8cc1fb342b262d076c1322658bbaea5a53379485222491218ca58462cc577f7917407f3ae8346e597a4b5bf31d9c601489de22abf6138a6906a1976ba19b7692a280333a6d86640eea3487e8f190ae61895148ddad5e54a530b46bd7a7625cac0ce3067f897bea6fad850fd62fdd4724995d967257549f878007f690f4f829521fa37c53520befeeec9c0b3c4d94b30b03dbec267ecd7a62ccbf62a425aeccb31b62941cc1341694a521dfd0b183d30f70a29ed062a79109a4a207cfa18bc39e52af3f9896ffd7533891236b4c85d8323e702dd1060d6a3d54ed37de796c43adb41d19d7dbaa6fcde4ea83f8f214cd92fff37537a8b0d89d5158c0806fa4e054950bb0b7c78cde02d632a0fee8edd9260486a598cf2739e53314ad738cb5b93452fe8f49b693d3df0c637bc0efc52b7288cab5991406e6ccb1058413a035e38be0384db625ab99d1957b6a21c03ea96f81b9406657cfc3845eb5756beb2bdd62b88c103efb274fe588470e28f87e83f8685ce5a7329f9f002fe21bc0828f6afd3f075295d407d09ef3c8053b5fe8fd8d7587cdae88049eacf6678df261198d20063ce94197dddd87b3510e83eb23c33da4ec6a0ff1e8695deb97e9ed6a74778ebcc7bd9a1d8bef5c2bb54e337b68330812054f877be0bb5c02e042a682e62006a0a31b8e5080a9d278a9fb7c8b3eb1db95c2d37118f4d67ef6ed6a96265cdf7dc38cf44e7fac764a57a7cdb5bb2007a8f569a92eaa512306fea86374f2f286c73f53d8bcd967cebcbc71babdaa6c69b02b334bc8a97ff27974fab70fea392a0a789da5d2dc2e5bc329f77b9c2ec393bae12879de46d4652007a22e248fb90d26318cfd7b8c84d73f97811b0116d58630aa5d1142638c48dc9b0ca9ca7067f7ab48d787dddba0f9094b7be5296cf293e4cb61b348a95e70e7309b33a6c6c68ba00db8c23b24fc1388d17e507f831f8b16815f0a969fec831e4c2f28a5e637dfc010ab6bf37bec5816e2fb6e19baa19910dc434a14eebd037f641256433b94ba42ab8e5891835bdfa7e81e2c903b45e133d29cc99a4bdae36681db5e112b57f1cd4e39efa4b53f897b90c6ce1c1a096c5020626d56e600a61afc5f776f417ece5a4824f2302e71a45ba81213affacb34c5475d34eeba43a523a9f4403419fe0a2ddd450b2763093de753f8e3b914a7cc29fdfdc55e83b4cbbd1bfa87db310f1828b6a1d0415b14d74b52a8a1070268df01acd715cca2c66a1a54450497c6d009d93f39a6c7d6376b554016dd999f9bda80660e60abd4b26daa0ecf9f856f407e842d1927d8f4333016629abcf3d570361d695e1f29fae870723e56da3bab60824392a19e05bdefd20b554a4821246a20382cf6529e831aec77f8fecbf099159ed8183ed91e2ccf4c0737795db63c29123fda793ce0a621f8c60f76009db9c865f760cbde51682962a6c7905f3934ee8596b9b849e19d1e9d75138aa4289091881927ddfc7ae2d56cc1d03a92e2d77486d06f87ac6e20d9cdb74bfab8a6962ad1d56862db856f64162dcd9560cb62dbd9afe0a0b6141c398834d4ce9f0a15e4259fb6f23c44fb09ff1364e9b0330b48b80d826fc08aa27e2bc5f3c61da3f999201e557593ff246183168c0ef2aef42090350c7af24037d8b0d0400716b7c2c9a6531e1bd14cda208597a18a6bbe58f30b6faca6e76ead696337c880cf3cacd296779a56c9abaed22818034957f10121912c90a3e3f18206bc7d080f14b8891c05790fa4c42e4f8c1437f3ee1838e33d0a6a39db77727c9db68c926b10248cb7c92fe89ca451dcb9aada445ff593ad34def7567b527e4deb37aec5f036456104be964215abc5cde525707071946eda29b2645c61e2eb27f644c0e4268dce8791c7226eb8293fb9f071b5d5688af3fc876ea46231fd276042daa8092ba68c23649917e9d0556b5395b518fb92eaa913724445f214592245a114fb62dc58f1b1d9a2f032749ffefc56d9c3e81766187f2e5e776b8a545e32d9852d0acc331cad0e4e6d7a17a2555975c014d933b02b6f9ee3a440e37a64f195ed91923965accd711bc2018ce8428384b4b5d06987d1958be44", 0x1000}, {&(0x7f0000000100)='6', 0x1}], 0x2, &(0x7f0000007a00)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x38, 0x1, 0x1, [r0, r1, r1, r0, r1, r0, r1, r1, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r0]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xee00, 0xffffffffffffffff}}}], 0xf0}}, {{&(0x7f0000007b00)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f0000007bc0)=[{&(0x7f0000007b80)="464d230fdad7c805f9acf79c3df73e0c6b20d48757fa9256e94ff3f578cdd910d41a7714f2134da3db9eca75018ab8fabc3d55b5a3e31084aa976d5ea322f6", 0x3f}], 0x1, 0x0, 0x0, 0x804}}, {{&(0x7f0000007c00)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f0000007dc0)=[{&(0x7f0000007c80)="d3981c303dfc9a59bc845ca430231e41a063fd223188f7ce21e6e293074e02cc8bf2bf0754c697825cd1d0cf32831d165670c30f636011258c6e6f6cf17570de0880906da912adcb4d9f2c26fadbf170f0e4664f6bf1d0fdc69388ad5b0e108c601e55123c7f9423fede48538f86db5266b462c5f28bdd35bd553acdc352309676dd694f06e73bce705985f542e44fed670f27e933dfe5081076806c69c4901027e07a5914b3483180fceea544dfe499e8f8fc56ecf213c6b6016173da50ce73c023c276b5f133b4a5013dd766b7da77501eaaba6565f609b3e8b6dd8ae868ce2855dfae85f92a6182d04a", 0xeb}, {&(0x7f0000007d80)="897cacc0407e2c2777678a2f669892541c0bf84073cd757b54a2c60f32e6947d5a8fb09a08732329b2b74a9f9f7b6a86bb", 0x31}], 0x2, &(0x7f0000007e00)=[@rights={{0x18, 0x1, 0x1, [r0, r1]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, 0xffffffffffffffff, r1, r0]}}], 0x40, 0x4085}}, {{&(0x7f0000007e40)=@file={0x1, './file0/../file0\x00'}, 0x6e, &(0x7f0000008300)=[{&(0x7f0000007ec0)="3961749457a8ad3f8d2233e988afb69a7c3b0dd7aaf8024278c35c6091", 0x1d}, {&(0x7f0000007f00)="92f3665da0835de38da0c0efd2d145d5170075ca02ac135efd8b2cb7e607b09e69771a4db24a4ed58e7bb3bf3b5212a866e5a6a2dba87f9d0937997d3be151a9f072425927ae859a94fbfa486bb39cd1", 0x50}, {&(0x7f0000007f80)="d3723bcdcc15bb7990792cc65114e40dbaa0aa87ad7a845b9733ac4a4b8ae6bdad5de81f80c2e989d5f33daa0753927698c6535b5078a5fde5285754a7d10fe9ef662750af831dcf81b9bb42a4f23a0ccb90adae84622d647ef6510bbad1370ed27236071c328bab47f5ba2c3bd9166947e5f642dd1e696e4f3ac9a0ceba8298b94e05f74b66073f11f717b911b6fd991e5ed29af0bf04b0ec3d03812501f2870865308d71cda2f2514bfab34f2db17ff08e02d245a99526c9c5e3e5ebae2269fcdcb6f7db5dd9c4a20af55d9dc734d7d978839e1f764c5689e6fe15a1195bb9d7ac14b5ec51", 0xe6}, {&(0x7f0000008080)="c25b6c9f189f885f26f0d8418da5120d2359ccf43fcf61865bba921e63bc1797e8e7eef45cad0d542bb3916c8f503738f8b2dac9db85a5f24e749764f5592cbe56cf02fb353acedb9101a0850787bd1e7399c580c41479ea0c72ca7cf2bc6d65ab0c14fc5adbcc6eb06f52c88715", 0x6e}, {&(0x7f0000008100)="e5dd6250973a3e688ecc6f5b99a48dcc379f61475d9430e5aa63e9e7ce10db8f12da963ebdff9cb3caeda0470b5c2d46a19a4cdb6d5e47a037a5d0f2002d0e08cb", 0x41}, {&(0x7f0000008180)="baff6f22cf5930d71e0eb1380b1d0068da924f71ba79eaff853e8083d83476d7e590ac5096806c04787a6554c14223243dff270c3dbb1190a5f5eb51c9e00faa3947a5ac42cdd914aa0985c2f71b4f038df0107f5954430f859ebb1e79f5e8db2676335728335104ea06a3027aaa5ee8a62d0209b99d20be23ace9692dbd06f4d27810003e128ff8bc081d40a8514340f5d2573c9c4a26e0a9196711697769e1dcdca983109fa9bca105f9ffc442b6f2076da198920c5f77ed05d81847dd620440af3eaa", 0xc4}, {&(0x7f0000008280)="8300a5d61c0836f2465d51dbe8ef3c47f3b730d83916822a47040af218052b26d371a404193a1a2d29b456c5ef0e1b664644f085859a496b5bc45cc56ff1e629edc282e7ca4a704000d1868f1cd153bb5d3b9d050344c6ef3777ac058578d6ab76abcc333baf14", 0x67}], 0x7, &(0x7f0000008400)=[@rights={{0x14, 0x1, 0x1, [r1]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48, 0x2000a000}}, {{&(0x7f0000008480)=@file={0x1, './file0/file0\x00'}, 0x6e, &(0x7f0000008980)=[{&(0x7f0000008500)="e75e63e3b668981b39575d04c1385079ca7795ad918972c7905e64d8482ce249d991af2a2f7d5c6daf44e2d0ef066a1fedf848cac708b0d5b81e92e840d0f7870d940fc32c99369335298b70ec7f3e95c91ae93ff28395caa4293a956aa56f1fea2f174aea6df97c4ede151a991c2792711d647634b1460445347d2d24d0b2578bd7abd39428d649f7bf385676e4793f5247eead82e4f4ae81713e03987ed379bcd30a9fdd6e3b1e83aa6f831a9e7c", 0xaf}, {&(0x7f00000085c0)="90e250e99371b36dbb1eb4f3b21e9372808f27e8ff75a8363f93f2b1ce0b8d8e474f1c0fc1c2e44d38f0f75faea29adf6377103a50de31b250fd8d2d45ec4c84b4247c544ff5ad98562c417e358b0bc948c27eef946f167f7ec212d557921dd3334c40079358bdef5d9d86a06344f7fe00d8a0891cb79059bcf3d3adb22e5c18086ea2cfecfaa8cd7ae471ff98f55953b8d1dd0ca8b98dcbd414f4ddebf7d3ded687e9ec19488077306c5981f12e59c4c858494f7e69d49b644538fca3bc4c15dfc0ab6ac11cc703d7840a32", 0xcc}, {&(0x7f00000086c0)="601862c6e9e3b2e9d808127c9f55f708afa2c4f9b5583c314ce65c3f7f7cef3497f9c86adc894207f0afc0631f1dd62e8f94704f51aad71ca7f4a5b8dfeac7c961435ef1e027f5608bfa48556f1ace98de0918bed5e80a43f8342244714f2535a69bca5430249ad4887f97cdc9ea0c55dd71f370e49aab547ff0aaa239291385", 0x80}, {&(0x7f0000008740)="8f1166461c029f93d362908556e752632194f24083098b64a9b4137c8cb7c9d2d98f05bc939eb38b875ac6001ba262a54ac34869de98762ece3e2d0869616ce7cbf146f104128644d5bec69971c2a31fdaeea46b6751ef9873fa8dd25537c18def8108539fde7bf2a5a9fbbba6ee7259e1", 0x71}, {&(0x7f00000087c0)="c73874ac721b457c4efb400e3e07d7", 0xf}, {&(0x7f0000008800)="d4c68a7451c953c82bdf6a77bf9cd17bc048e37327638b1872ce5e2f498d66bdbcd2db7d1446091dd6ec4c00a72e6b42861965d33e070546d97fdd48cef8b532c28dc1df725ce52dd7780f38e56c2adeb91f1908c7a5a644b19d40951fdfc97c4faa07bdb0a16c23541eae48dfa50b128b1716a043a7e0607d4e61ac031e56c4030b491fbdc2df16c40b5b22831ab4d8215387868124f8d7777a4c21099b77c29c7d1578c0a00ad407", 0xa9}, {&(0x7f00000088c0)="51ea09cb8faaea36fc61e07f1973df9aa1791b2f96045b132b7a8c1e85e83c1ae6f48a5a3fc8c20b4ad263ba84210e6e5dbbeae513026dca8caba58883029482d9c542fd7b029308eef2baa7c613e2fe74a768842c475a2449a195566ae3de2a02803edb8d45c5226aab1c0c9a08ec13304c67a690b526cf6bfa41629f5bbb7778c90596291554cdac6d0ad1761f3bcb697bc9d088bf1509908b1d", 0x9b}], 0x7, &(0x7f0000008ac0)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xee00, 0xee00}}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r1, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, r0, 0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee01, 0xee01}}}], 0xa8, 0x60004400}}, {{&(0x7f0000008b80)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000008c40)=[{&(0x7f0000008c00)="e75ba352dff43526", 0x8}], 0x1, &(0x7f0000009040)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff, r1, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r0]}}, @rights={{0x34, 0x1, 0x1, [r1, r0, 0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff, r2]}}, @rights={{0x20, 0x1, 0x1, [r0, r0, r3, r1]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xee00}}}, @rights={{0x1c, 0x1, 0x1, [r0, r4, r0]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, r5, 0xee00}}}, @rights={{0x30, 0x1, 0x1, [r6, r7, r8, r0, r0, r0, r0, r9]}}], 0x130, 0x800}}], 0x6, 0x8001) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0xfdef) mount$cgroup2(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0), 0x400, &(0x7f0000000340)=ANY=[@ANYBLOB="6ee515657439657569643c", @ANYRESDEC=0x0, @ANYBLOB=',fsmagic=0x0000000000000003,defcontext=user_u,\x00']) truncate(&(0x7f00000001c0)='./file0\x00', 0x512) [ 2149.123189] FAULT_INJECTION: forcing a failure. [ 2149.123189] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2149.124377] CPU: 1 PID: 11346 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2149.124958] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2149.125649] Call Trace: [ 2149.125884] dump_stack+0x107/0x167 [ 2149.126200] should_fail.cold+0x5/0xa [ 2149.126533] _copy_from_user+0x2e/0x1b0 [ 2149.126880] __copy_msghdr_from_user+0x91/0x4b0 [ 2149.127277] ? __ia32_sys_shutdown+0x80/0x80 [ 2149.127937] ? __lock_acquire+0xbb1/0x5b00 [ 2149.128865] sendmsg_copy_msghdr+0xa1/0x160 [ 2149.129788] ? do_recvmmsg+0x6d0/0x6d0 [ 2149.130631] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2149.131764] ? SOFTIRQ_verbose+0x10/0x10 [ 2149.132638] ? mark_lock+0xf5/0x2df0 [ 2149.133434] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2149.134562] ? SOFTIRQ_verbose+0x10/0x10 [ 2149.135432] ___sys_sendmsg+0xc6/0x170 [ 2149.136282] ? sendmsg_copy_msghdr+0x160/0x160 [ 2149.137258] ? __fget_files+0x2cf/0x520 [ 2149.138115] ? lock_downgrade+0x6d0/0x6d0 [ 2149.138999] ? lock_downgrade+0x6d0/0x6d0 [ 2149.139908] ? __fget_files+0x2f8/0x520 [ 2149.140763] ? __fget_light+0xea/0x290 [ 2149.141602] __sys_sendmmsg+0x195/0x470 [ 2149.142451] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2149.143378] ? lock_downgrade+0x6d0/0x6d0 [ 2149.144277] ? ksys_write+0x12d/0x260 [ 2149.145103] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2149.146131] ? wait_for_completion_io+0x270/0x270 [ 2149.147179] ? rcu_read_lock_any_held+0x75/0xa0 [ 2149.148177] ? vfs_write+0x354/0xb10 [ 2149.148978] ? fput_many+0x2f/0x1a0 [ 2149.149748] ? ksys_write+0x1a9/0x260 [ 2149.150564] ? __ia32_sys_read+0xb0/0xb0 [ 2149.151435] __x64_sys_sendmmsg+0x99/0x100 [ 2149.152360] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2149.153458] do_syscall_64+0x33/0x40 [ 2149.154255] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2149.155359] RIP: 0033:0x7f0fecadbb19 [ 2149.156169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2149.160148] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2149.161778] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2149.163310] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2149.164875] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2149.166414] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2149.167948] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 [ 2149.218162] cgroup: Unknown subsys name '8{›Ýß:Ô?' [ 2149.237330] FAULT_INJECTION: forcing a failure. [ 2149.237330] name failslab, interval 1, probability 0, space 0, times 0 [ 2149.239175] CPU: 0 PID: 11353 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2149.240076] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2149.241129] Call Trace: [ 2149.241462] dump_stack+0x107/0x167 [ 2149.241936] should_fail.cold+0x5/0xa [ 2149.242432] ? create_object.isra.0+0x3a/0xa20 [ 2149.243025] should_failslab+0x5/0x20 [ 2149.243544] kmem_cache_alloc+0x5b/0x310 [ 2149.244073] create_object.isra.0+0x3a/0xa20 [ 2149.244622] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2149.245260] kmem_cache_alloc_node+0x169/0x330 [ 2149.245841] __alloc_skb+0x6d/0x5b0 [ 2149.246298] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2149.246955] ? ip6_mtu+0x1bb/0x3d0 [ 2149.247415] ? ip_frag_init+0x350/0x350 [ 2149.247932] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2149.248508] ? ip6_mtu+0x1e9/0x3d0 [ 2149.248944] ? ip6_setup_cork+0xfb7/0x1740 [ 2149.249462] ip6_make_skb+0x2de/0x4e0 [ 2149.249928] ? ip_frag_init+0x350/0x350 [ 2149.250406] ? ip_frag_init+0x350/0x350 [ 2149.250899] ? ip6_push_pending_frames+0xf0/0xf0 [ 2149.251514] ? ip6_dst_hoplimit+0x199/0x440 [ 2149.252066] ? lock_downgrade+0x6d0/0x6d0 [ 2149.252570] udpv6_sendmsg+0x20d3/0x2ad0 [ 2149.253090] ? ip_frag_init+0x350/0x350 [ 2149.253585] ? udp_v6_push_pending_frames+0x360/0x360 [ 2149.254199] ? SOFTIRQ_verbose+0x10/0x10 [ 2149.254713] ? lock_acquire+0x197/0x470 [ 2149.255191] ? find_held_lock+0x2c/0x110 [ 2149.255699] ? __might_fault+0xd3/0x180 [ 2149.256215] ? sock_has_perm+0x1ea/0x280 [ 2149.256739] ? __import_iovec+0x458/0x590 [ 2149.257276] ? udp_v6_push_pending_frames+0x360/0x360 [ 2149.257914] inet6_sendmsg+0x105/0x140 [ 2149.258419] ? inet6_compat_ioctl+0x320/0x320 [ 2149.258964] __sock_sendmsg+0xf2/0x190 [ 2149.259430] ____sys_sendmsg+0x334/0x870 [ 2149.259954] ? sock_write_iter+0x3d0/0x3d0 [ 2149.264561] ? do_recvmmsg+0x6d0/0x6d0 [ 2149.264928] ? SOFTIRQ_verbose+0x10/0x10 [ 2149.265303] ? mark_lock+0xf5/0x2df0 [ 2149.265651] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2149.266137] ___sys_sendmsg+0xf3/0x170 [ 2149.266500] ? sendmsg_copy_msghdr+0x160/0x160 [ 2149.266926] ? __fget_files+0x2cf/0x520 [ 2149.267294] ? lock_downgrade+0x6d0/0x6d0 [ 2149.267692] ? lock_downgrade+0x6d0/0x6d0 [ 2149.268080] ? __fget_files+0x2f8/0x520 [ 2149.268461] ? __fget_light+0xea/0x290 [ 2149.268828] __sys_sendmmsg+0x195/0x470 [ 2149.269201] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2149.269601] ? lock_downgrade+0x6d0/0x6d0 [ 2149.270000] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2149.270450] ? wait_for_completion_io+0x270/0x270 [ 2149.270901] ? rcu_read_lock_any_held+0x75/0xa0 [ 2149.271336] ? vfs_write+0x354/0xb10 [ 2149.272047] ? fput_many+0x2f/0x1a0 [ 2149.272389] ? ksys_write+0x1a9/0x260 [ 2149.272743] ? __ia32_sys_read+0xb0/0xb0 [ 2149.273124] __x64_sys_sendmmsg+0x99/0x100 [ 2149.273516] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2149.273990] do_syscall_64+0x33/0x40 [ 2149.274340] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2149.274811] RIP: 0033:0x7f9ff3490b19 [ 2149.275157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2149.276898] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2149.277598] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2149.278251] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2149.278902] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2149.279700] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2149.281419] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 [ 2149.398730] cgroup: Unknown subsys name '8{›Ýß:Ô?' [ 2149.418670] cgroup2: Unknown parameter 'nået9euid<00000000000000000000' [ 2149.511258] cgroup2: Unknown parameter 'nået9euid<00000000000000000000' 03:00:38 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) r1 = openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x80, 0x8, 0x0, 0x20, 0x0, 0x3, 0x9001, 0xb, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x3, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x9, 0x0, @perf_config_ext={0xfffffffffffffffe, 0x1}, 0x4c4b1, 0x9, 0x6, 0x3, 0x100, 0xffff, 0x0, 0x0, 0x6ff0}, 0x0, 0xffffffffffffffff, r1, 0x9) creat(&(0x7f0000000140)='./file0\x00', 0x0) 03:00:38 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) r0 = syz_open_dev$vcsu(&(0x7f0000000000), 0x1000, 0x40) openat(r0, &(0x7f00000000c0)='./file0\x00', 0x80, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r1, 0x0, 0x30, &(0x7f0000000980)="f6c8bf99372f114c57b2212dcb30238eaddbb5055e296f6b98f5139039137f088bce13bb5d608131b0e865a89d372a80637a8b21b1ca4da9e2d5d57e93a9555c4c72fdb3dc7e2972a454e63991e96a390b88f8c01fb322e6f19a9258e0ebc1d6f60eb1a9c562aeda1dc5b3d79ffafde7a42f35c7490746ed4c1470d313a54e63f152b3ed1e876fde63a5dc95a08954ed", 0x90) chdir(&(0x7f0000000040)='./file0\x00') r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) write$binfmt_elf64(r2, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) 03:00:38 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030d21206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:00:38 executing program 6: r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x2) fallocate(r0, 0x8, 0x2097, 0x4) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f0000000100), 0x0, &(0x7f0000000280)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}], [{@fsname={'fsname', 0x3d, 'cache=mmap'}}, {@fscontext={'fscontext', 0x3d, 'sysadm_u'}}, {@obj_role={'obj_role', 0x3d, '!'}}, {@obj_type={'obj_type', 0x3d, 'cache=loose'}}]}}) execveat(r1, &(0x7f0000000000)='./file1\x00', &(0x7f0000000340)=[&(0x7f0000000080)='trans=fd,', &(0x7f00000000c0)='cache=loose', &(0x7f0000000140)='fscontext', &(0x7f0000000180)='cache=mmap', &(0x7f00000001c0)='$g\x00'], &(0x7f00000003c0)=[&(0x7f0000000380)='h\x00'], 0x400) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000400)={r1, 0x0, 0x6, 0x7}) r2 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x10}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r2, 0x8000000) 03:00:38 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0x8638}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:00:38 executing program 5: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = epoll_create1(0xd3f7b0366c07b1e2) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r2, 0x400, 0x9, 0x9}) r3 = socket$nl_sock_diag(0x10, 0x3, 0x4) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f00000002c0)={0x2002}) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {0x0}], 0x0, &(0x7f0000012900)=ANY=[]) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000009001f00706879310000000005002000010000000c000500000000000000b481"], 0x34}, 0x1, 0x0, 0x0, 0x34}, 0x0) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000c40), 0xffffffffffffffff) syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000000c0), r0) 03:00:38 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 2) 03:00:38 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 73) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) [ 2164.234597] 9pnet: Insufficient options for proto=fd [ 2164.245456] FAULT_INJECTION: forcing a failure. [ 2164.245456] name failslab, interval 1, probability 0, space 0, times 0 [ 2164.248249] CPU: 1 PID: 11388 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2164.249851] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2164.251852] Call Trace: [ 2164.252500] dump_stack+0x107/0x167 [ 2164.253365] should_fail.cold+0x5/0xa [ 2164.254267] ? __fib_lookup+0xf7/0x160 [ 2164.255148] ? dst_alloc+0x9e/0x5d0 [ 2164.256052] should_failslab+0x5/0x20 [ 2164.256963] kmem_cache_alloc+0x5b/0x310 [ 2164.257926] dst_alloc+0x9e/0x5d0 [ 2164.258770] rt_dst_alloc+0x73/0x440 [ 2164.259691] ip_route_output_key_hash_rcu+0x93d/0x2a90 [ 2164.260920] ip_route_output_key_hash+0x18d/0x340 [ 2164.262045] ? ip_route_output_key_hash_rcu+0x2a90/0x2a90 [ 2164.263378] ? lock_downgrade+0x6d0/0x6d0 [ 2164.264453] ip_route_output_flow+0x23/0x150 [ 2164.265781] udp_sendmsg+0x16f2/0x2160 [ 2164.266706] ? ip_frag_init+0x350/0x350 [ 2164.267803] ? udp_setsockopt+0xc0/0xc0 [ 2164.268752] ? __lock_acquire+0xbb1/0x5b00 [ 2164.270226] ? lock_acquire+0x197/0x470 [ 2164.271256] ? find_held_lock+0x2c/0x110 [ 2164.272414] ? handle_mm_fault+0x1a0b/0x3500 [ 2164.273351] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 2164.273526] ? lock_downgrade+0x6d0/0x6d0 [ 2164.276159] ? do_raw_spin_lock+0x121/0x260 [ 2164.277272] ? rwlock_bug.part.0+0x90/0x90 [ 2164.278308] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2164.279546] udpv6_sendmsg+0x1b30/0x2ad0 [ 2164.280539] ? udp_v6_push_pending_frames+0x360/0x360 [ 2164.281748] ? _down_write_nest_lock+0x160/0x160 [ 2164.282861] ? vmacache_update+0xce/0x140 [ 2164.283890] ? do_user_addr_fault+0x5b0/0xc60 [ 2164.284946] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2164.286210] ? exc_page_fault+0xca/0x1a0 [ 2164.287130] ? trace_hardirqs_on+0x5b/0x180 [ 2164.288160] ? exc_page_fault+0xca/0x1a0 [ 2164.289148] ? asm_exc_page_fault+0x1e/0x30 [ 2164.290209] ? sock_has_perm+0x1ea/0x280 [ 2164.291133] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2164.292430] ? copy_user_generic_string+0x2c/0x40 [ 2164.293595] ? __import_iovec+0x458/0x590 [ 2164.294575] ? udp_v6_push_pending_frames+0x360/0x360 [ 2164.295804] inet6_sendmsg+0x105/0x140 [ 2164.296728] ? inet6_compat_ioctl+0x320/0x320 [ 2164.297779] __sock_sendmsg+0xf2/0x190 [ 2164.298729] ____sys_sendmsg+0x334/0x870 [ 2164.299698] ? sock_write_iter+0x3d0/0x3d0 [ 2164.300698] ? do_recvmmsg+0x6d0/0x6d0 [ 2164.301624] ? SOFTIRQ_verbose+0x10/0x10 [ 2164.302607] ? mark_lock+0xf5/0x2df0 [ 2164.303504] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2164.304746] ___sys_sendmsg+0xf3/0x170 [ 2164.305669] ? sendmsg_copy_msghdr+0x160/0x160 [ 2164.307455] ? __fget_files+0x2cf/0x520 [ 2164.308411] ? lock_downgrade+0x6d0/0x6d0 [ 2164.309403] ? lock_downgrade+0x6d0/0x6d0 [ 2164.310416] ? __fget_files+0x2f8/0x520 [ 2164.311363] ? __fget_light+0xea/0x290 [ 2164.312309] __sys_sendmmsg+0x195/0x470 [ 2164.313288] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2164.314329] ? lock_downgrade+0x6d0/0x6d0 [ 2164.315352] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2164.315883] ? wait_for_completion_io+0x270/0x270 [ 2164.316468] ? rcu_read_lock_any_held+0x75/0xa0 [ 2164.316972] ? vfs_write+0x354/0xb10 [ 2164.317446] ? fput_many+0x2f/0x1a0 [ 2164.317846] ? ksys_write+0x1a9/0x260 [ 2164.318330] ? __ia32_sys_read+0xb0/0xb0 [ 2164.318778] __x64_sys_sendmmsg+0x99/0x100 [ 2164.319295] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2164.319862] do_syscall_64+0x33/0x40 [ 2164.320350] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2164.320913] RIP: 0033:0x7f0fecadbb19 [ 2164.321375] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2164.323371] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2164.324251] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2164.325016] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2164.325809] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2164.326626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2164.327416] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 [ 2164.344033] 9pnet: Insufficient options for proto=fd [ 2164.375679] FAULT_INJECTION: forcing a failure. [ 2164.375679] name failslab, interval 1, probability 0, space 0, times 0 [ 2164.379167] CPU: 0 PID: 11383 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2164.380996] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2164.382968] Call Trace: [ 2164.383568] dump_stack+0x107/0x167 [ 2164.384519] should_fail.cold+0x5/0xa [ 2164.385525] should_failslab+0x5/0x20 [ 2164.386470] __kmalloc_node_track_caller+0x74/0x3b0 [ 2164.387666] ? __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2164.388949] __alloc_skb+0xb1/0x5b0 [ 2164.389895] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2164.391349] ? ip6_mtu+0x1bb/0x3d0 [ 2164.392170] ? ip_frag_init+0x350/0x350 [ 2164.393185] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2164.394320] ? ip6_mtu+0x1e9/0x3d0 [ 2164.395198] ? ip6_setup_cork+0xfb7/0x1740 [ 2164.396230] ip6_make_skb+0x2de/0x4e0 [ 2164.397149] ? ip_frag_init+0x350/0x350 [ 2164.398129] ? ip_frag_init+0x350/0x350 [ 2164.399164] ? ip6_push_pending_frames+0xf0/0xf0 [ 2164.400340] ? ip6_dst_hoplimit+0x199/0x440 [ 2164.401388] ? lock_downgrade+0x6d0/0x6d0 [ 2164.402390] udpv6_sendmsg+0x20d3/0x2ad0 [ 2164.403362] ? ip_frag_init+0x350/0x350 [ 2164.404365] ? udp_v6_push_pending_frames+0x360/0x360 [ 2164.405630] ? SOFTIRQ_verbose+0x10/0x10 [ 2164.406556] ? lock_acquire+0x197/0x470 [ 2164.407449] ? find_held_lock+0x2c/0x110 [ 2164.408383] ? __might_fault+0xd3/0x180 [ 2164.409267] ? sock_has_perm+0x1ea/0x280 [ 2164.410064] ? __import_iovec+0x458/0x590 03:00:39 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030e21206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) [ 2164.410992] ? udp_v6_push_pending_frames+0x360/0x360 [ 2164.412132] inet6_sendmsg+0x105/0x140 [ 2164.413017] ? inet6_compat_ioctl+0x320/0x320 [ 2164.414040] __sock_sendmsg+0xf2/0x190 [ 2164.414927] ____sys_sendmsg+0x334/0x870 [ 2164.415863] ? sock_write_iter+0x3d0/0x3d0 [ 2164.416816] ? do_recvmmsg+0x6d0/0x6d0 [ 2164.417694] ? SOFTIRQ_verbose+0x10/0x10 [ 2164.418606] ? mark_lock+0xf5/0x2df0 [ 2164.419451] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2164.420648] ___sys_sendmsg+0xf3/0x170 [ 2164.421523] ? sendmsg_copy_msghdr+0x160/0x160 [ 2164.422557] ? __fget_files+0x2cf/0x520 [ 2164.423451] ? lock_downgrade+0x6d0/0x6d0 [ 2164.424401] ? lock_downgrade+0x6d0/0x6d0 [ 2164.425340] ? __fget_files+0x2f8/0x520 [ 2164.426231] ? __fget_light+0xea/0x290 [ 2164.427125] __sys_sendmmsg+0x195/0x470 [ 2164.428041] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2164.429012] ? lock_downgrade+0x6d0/0x6d0 [ 2164.429959] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2164.431053] ? wait_for_completion_io+0x270/0x270 [ 2164.432150] ? rcu_read_lock_any_held+0x75/0xa0 [ 2164.433187] ? vfs_write+0x354/0xb10 [ 2164.434017] ? fput_many+0x2f/0x1a0 [ 2164.434828] ? ksys_write+0x1a9/0x260 [ 2164.435690] ? __ia32_sys_read+0xb0/0xb0 03:00:39 executing program 2: prctl$PR_MPX_ENABLE_MANAGEMENT(0x2b) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) 03:00:39 executing program 6: bind$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e20, 0x7, @mcast2, 0x7}, 0x1c) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10) sendmmsg$inet(r0, &(0x7f0000000300)=[{{&(0x7f0000000000)={0x2, 0x4e20, @multicast1}, 0x10, 0x0}}], 0x40001a9, 0x810) bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) [ 2164.436618] __x64_sys_sendmmsg+0x99/0x100 [ 2164.437714] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2164.438868] do_syscall_64+0x33/0x40 [ 2164.439714] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2164.440865] RIP: 0033:0x7f9ff3490b19 [ 2164.441698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2164.445856] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2164.447581] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2164.449192] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2164.450795] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2164.452406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2164.454014] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 03:00:39 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0x8bd0}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:00:39 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 74) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:00:39 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) r1 = syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x7fffffff, 0x7, &(0x7f00000016c0)=[{&(0x7f00000002c0)="08172423c3519aeb2ee8783c41c2558bb9f88d3de091c249183ab85f0114fed2e29e92ac3359af4ebcb9220e116f594030bebbdf6f2eeaa34b60697020cddd1b27c56f7024553a75b2f235ae553270fe6d0b61a8549a", 0x56, 0x5b}, {&(0x7f0000000340)="7aaf9c94c7afbe2446ecd53615356916f647569f1bb826f5ffd0ddf8fc60e640ffc4a41d3ffba9816c5616a11c9e233c704d20c48bfc22269e08a903238a777da74a308fd82c66020272e27339bb2e1e3ddf4e3c7127743c860b947baee4bd6532", 0x61, 0x4}, {&(0x7f00000003c0)="bd551d807bf4d6ea481f15ce09ebca3b5f5da349473e965c37dd43dd4403a0eb49dcb7e776abd55830b3299215d38f15b18b0a048d5551d20c91d0107596e14bcaae0955ce6c38099c3e29de285634601b5b33547c28427812c3c7f71908212e36a7038de4", 0x65, 0x1}, {&(0x7f0000000440)="25120b28dc2fcf7a93a1316d87227832ab2003efe2198be7e98779be181bf310382da98d9fd19a527786d5c958ded1822a79eeaa74124c0f31e7275cca608ff2f4769a8596532ce31cc113dc6363eda03cce63b368c125ae7459958d5020684c1ac97d43ef3a47dfd53eb9b2a1a2b88db0e7e584c0958bf04dcf8b5577896aeb4f8462fa9f2ba450ceabf3f2539156c33f06f2dc28e6d591d9fb48dc822fbcbbf80d5441d8217758329db04f1d4e336c702a09b59e1633db6774056cfee56d73f31eea5b254c6ae70d7851faa37d3ba5e94c0567a71a437c7f8db35e8edeeecbe1eb3b4d9c4ad64a9e8ea4c7678299cfbd89ce2cc3", 0xf5, 0x3}, {&(0x7f0000000540)="cf5c5f1b0db6faa232feb2219408b21f328fcc456866a8bb201ecd94e53c291824e68422c4078ed775b9d8b7e835d3cfc7304017d389c794bc8849d69439dc6183516c0f63bb3c38c3aecaac1045e5f93f68f33c264d26e84250753bf58b1b540d211ecd0f6ab807fec82b95ce4137b1b4168fd8716f04f3f6e16ff53408aeb720ad0361e24aaf56fa93ded854d5300604131e329a0da8a8e67561ba8537c2e939a930727b65fbf2ad06dfd1f2c03c47a0264dfbb6a28ec098efc393f756", 0xbe, 0x1}, {&(0x7f0000000600)="9350a8be481a5666def2acb62e75469f5a21eccd08bfa4a33b978fdaf2b9adcc5e898b723b96f1603df2e580044942afd351f8a3b9ca513f7579ede67c50a2ba87c42d8a675afe1492b7099b1239a31fada1447ee9e528cc6a61e2d35c21e119f87b5a462a235be9370f36a9f4f6f9b8a65259857e0fa724203e6f0ef00f696d08eae3efefddc6ffd6b2ee244b49851784e973dfc63baee853d747566d5e194f3276021811ca09dc27f9a2778653c9ed125a9b208aaf151d480050cca726c8051bfca3c49034e77c09d10795f12f2ddad0f5246846a20fbf7c32fb67940612a935933efc13597e7c9914254d26496c40df1863b4d2b4532b874d8d68087367c433e57efbe0ce99d2b0097bc355ccc3a64e18113d49386825f2346936211ac4ca0254c01872588d50962dea2030b5f8b3bf3ab17248cd6feca91975153cbf424f03152a1a1a11fceff0c4963c1ae8c1cdc43d6344bd43c2731afeb5ef08852dc10a08c790e9d1f3a11d6404600e010a2d1e5f23758aa7a2e89c959d1498c0d7e5f3f4eea35bc9ad36c9e8a5f1a7c0ccf23c35aef4a7c5d921d294814a8367573b12271c7191e7d0b79b730ad622b2c680f8ed9621e5a6af45063f1d89fca818d07ce9cf54f942984af018c7810dbefa52cdafb92c0e66c821586b5559020192e91708b8d232f3b254a47671645bd12d60cf1dd58f724e4e0a98ed21466bf359d6f8e6172ce0688395633902a3f7e1e4d7c827db5f6bd603a180682a28c6b6ae0e55a412a41c228d3d56f8397d5453b5d272ab3a367a2cddc51280679351a2315eaeb1e7b7511abf3029f0ba9b623776e4dec4ad19ddad0953c91161d54fd851541d6cfcab5e14aaa065c7b4e4644f2587e3f7d5cf508d752f38ac3ef619bbce68b6aad25e0b7b08e0db8215a25eda6faa37ec98a76dad0923afb7cf2242497b54b669c0164fa6da6bd9db309484268604dd57a60656bab43a187e4666f704ccbffc5234c144408fe6553ce9127ff660bf22d56f4e64a167b9896026b790762c033db19fa809d4669ed3478fa0a3871917d28ae87f0ee1db062ceccddec275205fd6d235e6597b2b75033a65a79a35e16b309407a2dbf586cb95b306a9cac0e7ffd46ceb6c9453520c7388fd1b58f4917f047a0c59462be209705160cd8367fdea65b1a74e8ff8a877d937cd8edcbee311771265ba6ca545477eb659c30ecafcaaca5cc08de7767fb95c45d4b7a1137e9f6c2faa46e3c7399cd4cffdd5ff291927dba30f4727dedd0b5d22cd6eac126e8da3681c1a2c7b68b1fa50985162a12973bf6106b2b96a9df9e845f3e90b03163f9219ae7d5a1119f4698fcb3919b1e8910da5e88fd74a5bd19e1dde55680231eb1e1fc7be68e7282c7bf25181d357db54b41179cb1811d731a22f51cd785d686838eca6476ee2f5383355911307fac22b3eeefb7966de98777a36c2f09189f5184d6df31a8c09c131b421c4614fb3055e5500e901e5743f77e45c341368c412b5af8d99fad25c74ab78c8e2001ceadda888bd4c3f4cf9808780e2b5bb9fb1c8cc073b40199cdd034065fb7e39823695dbf88e3e4523ef3aa980805950a5f3a1c5d1a6bc2c63ea180022866e9b6e5022d4437ed4c66871058f950d4d5229b4fb8cd216da897405a3ef8cc4b61e11dd711d3e8b206d35ecac91a2b4ecfb89d88508386d7ae460c3bd660a4a1b42c25c5834ac8ec50d9204b27fbb1e732f883e38cb88e374381d4c79947edc13f810366be895f17ed33a70c803af9095b05c430212404cb8e679213586e871519417f3b21fd2f802f5ed494dce1463e9163a8dffa083e4f452341b18b1f5c19dbaf45e48f16b822e385b1cef166e9d344358b0722834c54e4da34c2dc9d70a14c58995c750664f35a2ce39fb48f2076885873601b033703c5b202700ac734dc07730bf109e9f3d219a95c853077bcaa3196f63a1c66fff311a3ba9bbcf5c862a23118df37632bc12507fb6f78b8920a2c68f00d0264e50d71bf24b7b75e1f5dbd1b9269e613d796469821d7c7c275a5293dcf4eee82fa4458c127b332a47fb78fbc686825064f9fb625ae07d1aabdf01bd5640fbc46456d4a9d4cba1874fb9f47259a166146f972b9c16fb58d6b74b4bbf0b7fc30e51b10caa4ea321c25448e2f75186b6c27446fe7250161b1dccdb5b5d982e32453981765d07073db75ddf9d03c7221f0c456b74cc9c8fecb6ced31605bc264967113341972083496b09bf1f079b34042739ad90665e7a7dcff829d88c22f2fd003c0c96a485c4712e9d841b6f7f4a613f9f2eeaa33ab89f7be3363e520026d85e0b9258aea356f908283f2cf3cc75c2f7c65801168e7a219f2c919a92e82342a303cbb6e5acf3616f536b20bfb06da958e39b8f241472d2fb5797b17a8281f3a69c7e930147855ee177a693d4c971d0e6776dea697c4d24b4aba14c1def684b53f720255f4c73e19fa11a7a700d78143f43381d3d1ada5b36949d0b1e27552d392a49219fa2baebe49b6d6a5d9d7c9c0299711f4196fb35c47741436bcfd78eef30ee2b5f350e7c2667e81e1db9f063dfd3fe8e0862b987f9d6d10f254200eea7efbaa4911916246b93e2cc273b280ede588f067b07e887f9fb9e707b4a9e464573f2930988940165414abeef7fd511d0f93f0284edd3928692879a55fd7eebe52493811ebe5269943c80f032b0491744e03acbb3cb926c67a65d8384a33f9df6bc15a5a463bb43f8a941562428b073a9f2396d851ea73b5477bbf0a7f5b21edcc920f6af4c151f4649180fe13a932092e3be1928c99a8dd9ac1abf03386a3840e6a9872513371d803bd5c45daae2de7d100a70a41544fe6abf43e00a70de9f63901b530f89954f3d2c706ec545c5b66bb38fb3a4bc1f36123fed0047518b65cca7dffe31bcca257dbfef3c0af15228f2e82b50853fb228280569a5745eb5b4c735a8a763d40340d6b3ca4468c6a8145e3f1b57bb8c71ecdbb7dfa1d7a6fe365f8f6439551f29abdc42dd95c1020160bb8b7265e41fa4b1ce419da7561eb21a4a51709c0a8c2b8af0652f8a62781c8a305198601eaeab0938685385ad58f9b0287721d1eb3715fe7627c5651fb8a866d7a34d7c041fe18b3c2282cd791625b0b0b689ddf34990d6d9d8922a70f257f1bd0bb4c33068eb90027c876b100813f12c253c6dbc7ec2a2b619d90e8b78fb62fe99e8bf16a034d64912d568ac80ed85e149c7ef1d9777b451d6df039078193782fe1f3f68825c91a7d4ddebf147386b53ea4690fa291a01aeb8d3c2c9b92272dd3991497a7fe07fd01e0b0d2b723da61f120e8a9df82051c9427fd9b3ed73f4f80052e6c13d303ad573bee86bbdf4e13fa860baf97577568748213c3f544301d0d1afa6d05054ed221d8649659890f190a9b7d19bf39cca19b65fba60468191ee48e079fec4132561c27554cc6266c37aebf52a7934d2169d1a347ac0d567d808b87d9dd9d3bf0ff9149741b0bdffeddaca365604992147cc86e0714d4e27f6aaefb90ecbc6dc16686073e828eedd3c16518cd28283d27fcd836dba1c591f57d266f0ef394feb2a48139c5eb1cb16f11e143e8c23d1e42d7f8a68f9905df497781ab74c0ec4d3cc2c0cc687f84396f501a3f5cf8b7ea1a2dac0e3bf268467cb4f11036f5a94b7f4aec978d6fb34f1625986c1b75cb19c61bba6e368b80e50bbb62983b2a0e2f78b110d238a49918cd6841353626f578d6d6646e2842e31746095ce5b047719ac8a957548688ecaba0fa8b0cfe0639a76d1ad125a903bb7c082dabcfa3c114d1cc4cf835bd41915fb48c797f0434d0205ead82b07de1b7577c5039542b1b7eb21aece7cbc0c20bf0cc7676df1d3bc027e9c51d7aa5943b21dba794c301b76a84bef88692d368fff6872471a8bc39af651cd7c97ebd56044790d8eafb1ab812d8c0ae820081b12150948cff438dc274f4d61520e78bc165931ed946b9043ac045d204f0158e110b60da44d01f8aa969f9aaca4be37367950345401b5672537760fa41f622cf4c73a7693f18b7fbfee1d376d0e87d7044ef696effb4146d7579087e673900e90e9a59331047e19a04a17964861f010b40263c90fd5a452bce4cbe835424332d3cb679cc74adb5f552e921a5a4369381221b03d97493af94a60431a47f0b8208502785ee095e8469835319fe6074f5c0ec18c0af3481a7db2817e3cdb5e9714739c1057b76d64503c272e41a8f6efb9fb6164c1dc981614c22411f0a1b9d72110f2d4a3ae64301ecb0e127364a5e7248e7d109157bb28938a87ad1bb28ff1ecb838c708f3f983d92bdf53442a251c9ac9f17aed12004d9211afe75e4776ea50287916470bb8cbc295ddcd4b29a73073a53037acb794060fc47072b5030d18a76025568d4ba58e87e9a90af5dc278d1c484de79148fae17bb80fd9488080abe589cf64e7b5033ace69a93cbd0771dc8a9fedde3c0c4cbbcb27641de3c255287709f79959cab2ca73dd3a866ec3f5260358583232ecd94d4ab9eae687c824bb3f33461313961d0bf155fbfca5d5edd321d89452331409189ae77a2dbdb0f32ad9a6a04d638f079c7ced090eeca221401b42a41070ec85c869c855d3b9d71e3f5848c61b73698d68f7775d9ae29db413675cc8b3567d6a5f6d2f182ad743e801bc3da4795958eeab6be18c8d97f4de97cf082db08c0c893b359016010212a7e129bb89fd415580f2204f132e83b01f214393db97d1c058e8e7393e28bdd493d46603a599aaf4d220caaabbc140319af8ee07a59e641bfa573909163615defd30a82f5d5730603d32bda2085c3b9a8ef967fce300527c21947e7b6e065c0d09c9be9b55fb838a0e456661c6ffca88818d5ff15a2ced5a7f19efab544a2a8d26211aca93cec62377590d38d622539550fbbf8d2adc020ed863e249e683e21966fc630a7e2784389322b8e5ff11751ea104dfdc0a695d3833595960b9f2432ee65414e6aa41d8bbc8e51e985a702efc4056517af903b3bda386b258bb77e2d256d49969d42693ec66b1f8a361b811df9244107dcaae6da2726c5ded5fc968f58bf30a6c188567f970da775cbf58a9f80261dc8b1f4adada6c94b4456004d03d87403135687e4536f076b3f54bb18d63bcb763e41436f0651c65aa5257d774d02387b127cead925d9fd383195c5b603afa98f999a94b6931adcf446d8a66a4b285de22e0132a0c0b48e4295b48b930033d7c6feed301b217911e09d6d47c02d8a128ed8447e77793e9070299b54a26521b436a68b22417c105f3121c121ea2d34035858ff211920649a6cd8c85a48a53f6f19b51e8bb34d1f45e4a1d03e3d4cb46190ed67563341002a63794e627b63955e9ad6c19dc2db208139e087ee13952b8808a988d0c9ad1c895dbae54604cd0a677ad2dbc083b9c04019973d01e69040a6cebb1cb2d3d743eef5967fb4b6b8a35a736ae7d8972edc2d9a2cd2f7930c8385aa9a2a793b46742640b11e043a18450ef9cf9e8befcb0955da6cc2023f4756478f5075d6d8fde11884637dfeecb5267f38fded75bb91c99d464991a5e6e071b24538297eaa1ea23ce1f589c0d17c3d3c872fd77e4ea64f32f1d6783068ec3d8a48014887df685375bc8c49814ae9dd18f309223ac0271ea221019cfca282382c372c7bfe28555f4c3951a794eb931cda732688f448eb39bc7213b93e2b1931db48cf14c6c4542165ac0101dce6c5658a60a680262beb329f2528bde11b5dc5b6fb4403be000a50c164b752ad1778a4e780eb474901b7235", 0x1000}, {&(0x7f0000001600)="cc0a812b554040cebfbde69884453c0b09e948f51a286671ce984f12593f7a52de4a8ee0f055443ad2e071fc3e5e75711e8ad4a3a65a5057edf5bcc689c216f759ea5971207caa62628e000785310387b974f6c0b5cb10024a6e75a50048e45745715fa8643f552af6113124f2c4577069f7b073cd71c40d7ed8137f5c6d4a9e0305fedb7cbd1adbdba725691910694a7b3b89944b78e312eae2ae1f9b0de4d22582b6ff40b50aa2456e3c6d752f0422bc7c5d", 0xb3, 0x40}], 0x801420, &(0x7f0000001780)={[{@dioread_nolock}, {@max_batch_time={'max_batch_time', 0x3d, 0x9}}, {@noblock_validity}, {@auto_da_alloc}, {@nobarrier}, {@noacl}, {@data_ordered}, {@sysvgroups}], [{@audit}, {@rootcontext={'rootcontext', 0x3d, 'user_u'}}, {@fscontext={'fscontext', 0x3d, 'user_u'}}, {@fsname}, {@euid_lt={'euid<', 0xee01}}, {@smackfsfloor={'smackfsfloor', 0x3d, 'vfat\x00'}}, {@smackfsfloor={'smackfsfloor', 0x3d, 'vfat\x00'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '*'}}, {@uid_gt}, {@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}]}) symlinkat(&(0x7f0000000000)='./file1\x00', r1, &(0x7f0000000200)='./file0\x00') 03:00:39 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) r1 = syz_open_dev$loop(&(0x7f00000000c0), 0x0, 0x0) ioctl$BTRFS_IOC_ADD_DEV(0xffffffffffffffff, 0x5000940a, 0x0) r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0) r3 = creat(&(0x7f0000000280)='./file0\x00', 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x1001, 0x80) r5 = openat(r4, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x195) dup2(r5, r4) r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x107142, 0x0) sendfile(r6, r4, 0x0, 0x7ffffff9) fallocate(r3, 0x0, 0x0, 0x8004) r7 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r7, 0x400, 0x1) fcntl$setown(r7, 0x8, 0xffffffffffffffff) close(r7) ioctl$KIOCSOUND(r7, 0x4b2f, 0x0) perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r8 = signalfd4(r1, &(0x7f0000000080)={[0x1ff]}, 0x8, 0x0) openat(r8, &(0x7f00000001c0)='./file1\x00', 0x2000, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000040)={0x0, r2}) 03:00:39 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 3) 03:00:39 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) ioctl$AUTOFS_DEV_IOCTL_FAIL(r0, 0xc0189377, &(0x7f0000000200)=ANY=[@ANYBLOB="010022000000000000000000", @ANYRES32=r0, @ANYBLOB="08000000ff0700002e2f66697c6530004af2f9ed5943b63860f61f27fcb793dce12329b9d421f681b8910661836e3846450a179efef61591d3d458d5f071e7956fd3dda1d13102857c9e1fd648b5adb1d6b9201d786880cc666ade641009deee01f09b82373495bc913887648e2407a3d04da082cd574c1335657d8816faad051177872384d8d074d5fb8ed2935fe6cb597208a7a0b7c12ab42a6b5daa608df5278870728cfafbca6ee9f6d0859d18be36cb755214ab35ec9009ca97e22be52c84b118755c77465b42ce63f0b194900748e1"]) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x5) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) 03:00:39 executing program 6: perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) ftruncate(0xffffffffffffffff, 0x1000003) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) close(0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) write$eventfd(0xffffffffffffffff, 0x0, 0x0) r1 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) write$binfmt_elf64(r0, 0x0, 0x98a) readv(0xffffffffffffffff, &(0x7f0000000100), 0x0) fcntl$setflags(0xffffffffffffffff, 0x2, 0x1) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x105201, 0x0) dup3(r2, 0xffffffffffffffff, 0x0) getsockopt(0xffffffffffffffff, 0x6, 0x101, &(0x7f0000000180)=""/66, &(0x7f0000000100)=0x42) dup3(0xffffffffffffffff, r1, 0x0) mmap$perf(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000008, 0x10, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x103, &(0x7f0000000480)=ANY=[], 0x0) acct(&(0x7f0000000040)='./file0\x00') unshare(0x0) [ 2164.756543] FAULT_INJECTION: forcing a failure. [ 2164.756543] name failslab, interval 1, probability 0, space 0, times 0 [ 2164.757785] CPU: 0 PID: 11422 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2164.758539] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2164.759435] Call Trace: [ 2164.759740] dump_stack+0x107/0x167 [ 2164.760134] should_fail.cold+0x5/0xa [ 2164.760556] ? create_object.isra.0+0x3a/0xa20 [ 2164.761064] should_failslab+0x5/0x20 [ 2164.761483] kmem_cache_alloc+0x5b/0x310 [ 2164.761932] create_object.isra.0+0x3a/0xa20 [ 2164.762408] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2164.762968] kmem_cache_alloc_node+0x169/0x330 [ 2164.763467] __alloc_skb+0x6d/0x5b0 [ 2164.763890] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2164.764446] ? ip6_mtu+0x1bb/0x3d0 [ 2164.764834] ? ip_frag_init+0x350/0x350 [ 2164.765341] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2164.765846] ? ip6_mtu+0x1e9/0x3d0 [ 2164.766223] ? ip6_setup_cork+0xfb7/0x1740 [ 2164.766670] ip6_make_skb+0x2de/0x4e0 [ 2164.771196] ? ip_frag_init+0x350/0x350 [ 2164.771620] ? ip_frag_init+0x350/0x350 [ 2164.772024] ? ip6_push_pending_frames+0xf0/0xf0 [ 2164.772531] ? ip6_dst_hoplimit+0x199/0x440 [ 2164.772980] ? lock_downgrade+0x6d0/0x6d0 [ 2164.773429] udpv6_sendmsg+0x20d3/0x2ad0 [ 2164.773872] ? ip_frag_init+0x350/0x350 [ 2164.774306] ? udp_v6_push_pending_frames+0x360/0x360 [ 2164.774859] ? SOFTIRQ_verbose+0x10/0x10 [ 2164.775298] ? lock_acquire+0x197/0x470 [ 2164.775725] ? find_held_lock+0x2c/0x110 [ 2164.776153] ? __might_fault+0xd3/0x180 [ 2164.776574] ? sock_has_perm+0x1ea/0x280 [ 2164.777012] ? __import_iovec+0x458/0x590 [ 2164.777441] ? udp_v6_push_pending_frames+0x360/0x360 [ 2164.777983] inet6_sendmsg+0x105/0x140 [ 2164.778384] ? inet6_compat_ioctl+0x320/0x320 [ 2164.778853] __sock_sendmsg+0xf2/0x190 [ 2164.779262] ____sys_sendmsg+0x334/0x870 [ 2164.779691] ? sock_write_iter+0x3d0/0x3d0 [ 2164.780128] ? do_recvmmsg+0x6d0/0x6d0 [ 2164.780533] ? SOFTIRQ_verbose+0x10/0x10 [ 2164.791718] ? mark_lock+0xf5/0x2df0 [ 2164.792152] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2164.792760] ___sys_sendmsg+0xf3/0x170 [ 2164.793219] ? sendmsg_copy_msghdr+0x160/0x160 [ 2164.793762] ? __fget_files+0x2cf/0x520 [ 2164.794232] ? lock_downgrade+0x6d0/0x6d0 [ 2164.794729] ? lock_downgrade+0x6d0/0x6d0 [ 2164.795207] ? __fget_files+0x2f8/0x520 [ 2164.795711] ? __fget_light+0xea/0x290 [ 2164.796163] __sys_sendmmsg+0x195/0x470 [ 2164.796657] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2164.797142] ? lock_downgrade+0x6d0/0x6d0 [ 2164.797654] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2164.798204] ? wait_for_completion_io+0x270/0x270 [ 2164.798426] FAULT_INJECTION: forcing a failure. [ 2164.798426] name failslab, interval 1, probability 0, space 0, times 0 [ 2164.798741] ? rcu_read_lock_any_held+0x75/0xa0 [ 2164.798759] ? vfs_write+0x354/0xb10 [ 2164.804660] ? fput_many+0x2f/0x1a0 [ 2164.805045] ? ksys_write+0x1a9/0x260 [ 2164.805445] ? __ia32_sys_read+0xb0/0xb0 [ 2164.805876] __x64_sys_sendmmsg+0x99/0x100 [ 2164.806310] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2164.806849] do_syscall_64+0x33/0x40 [ 2164.807239] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2164.807790] RIP: 0033:0x7f9ff3490b19 [ 2164.808176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2164.810061] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2164.810852] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2164.811589] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2164.812338] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2164.813090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2164.813833] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 [ 2164.814600] CPU: 1 PID: 11424 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2164.815301] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2164.816103] Call Trace: [ 2164.816385] dump_stack+0x107/0x167 [ 2164.816771] should_fail.cold+0x5/0xa [ 2164.817188] ? create_object.isra.0+0x3a/0xa20 [ 2164.817676] should_failslab+0x5/0x20 [ 2164.818082] kmem_cache_alloc+0x5b/0x310 [ 2164.818495] create_object.isra.0+0x3a/0xa20 [ 2164.818940] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2164.819486] kmem_cache_alloc+0x159/0x310 [ 2164.819945] dst_alloc+0x9e/0x5d0 [ 2164.820334] rt_dst_alloc+0x73/0x440 [ 2164.820733] ip_route_output_key_hash_rcu+0x93d/0x2a90 [ 2164.821290] ip_route_output_key_hash+0x18d/0x340 [ 2164.821823] ? ip_route_output_key_hash_rcu+0x2a90/0x2a90 [ 2164.822402] ? lock_downgrade+0x6d0/0x6d0 [ 2164.822863] ip_route_output_flow+0x23/0x150 [ 2164.823330] udp_sendmsg+0x16f2/0x2160 [ 2164.823765] ? ip_frag_init+0x350/0x350 [ 2164.824198] ? udp_setsockopt+0xc0/0xc0 [ 2164.824680] ? __lock_acquire+0xbb1/0x5b00 [ 2164.825182] ? lock_acquire+0x197/0x470 [ 2164.825632] ? find_held_lock+0x2c/0x110 [ 2164.826094] ? handle_mm_fault+0x1a0b/0x3500 [ 2164.826593] ? lock_downgrade+0x6d0/0x6d0 [ 2164.827074] ? do_raw_spin_lock+0x121/0x260 [ 2164.827566] ? rwlock_bug.part.0+0x90/0x90 [ 2164.828041] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2164.828643] udpv6_sendmsg+0x1b30/0x2ad0 [ 2164.829132] ? udp_v6_push_pending_frames+0x360/0x360 [ 2164.829710] ? _down_write_nest_lock+0x160/0x160 [ 2164.830259] ? vmacache_update+0xce/0x140 [ 2164.830754] ? do_user_addr_fault+0x5b0/0xc60 [ 2164.831270] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2164.831885] ? exc_page_fault+0xca/0x1a0 [ 2164.832347] ? trace_hardirqs_on+0x5b/0x180 [ 2164.832878] ? exc_page_fault+0xca/0x1a0 [ 2164.833333] ? asm_exc_page_fault+0x1e/0x30 [ 2164.833837] ? sock_has_perm+0x1ea/0x280 [ 2164.834319] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2164.834935] ? copy_user_generic_string+0x2c/0x40 [ 2164.835506] ? __import_iovec+0x458/0x590 [ 2164.835927] ? udp_v6_push_pending_frames+0x360/0x360 [ 2164.836426] inet6_sendmsg+0x105/0x140 [ 2164.836788] ? inet6_compat_ioctl+0x320/0x320 [ 2164.837205] __sock_sendmsg+0xf2/0x190 [ 2164.837573] ____sys_sendmsg+0x334/0x870 [ 2164.837961] ? sock_write_iter+0x3d0/0x3d0 [ 2164.838373] ? do_recvmmsg+0x6d0/0x6d0 [ 2164.838734] ? SOFTIRQ_verbose+0x10/0x10 [ 2164.839107] ? mark_lock+0xf5/0x2df0 [ 2164.839481] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2164.840038] ___sys_sendmsg+0xf3/0x170 [ 2164.840452] ? sendmsg_copy_msghdr+0x160/0x160 [ 2164.840942] ? __fget_files+0x2cf/0x520 [ 2164.841299] ? lock_downgrade+0x6d0/0x6d0 [ 2164.841707] ? lock_downgrade+0x6d0/0x6d0 [ 2164.842089] ? __fget_files+0x2f8/0x520 [ 2164.842487] ? __fget_light+0xea/0x290 [ 2164.842904] __sys_sendmmsg+0x195/0x470 [ 2164.843309] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2164.843770] ? lock_downgrade+0x6d0/0x6d0 [ 2164.844221] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2164.844743] ? wait_for_completion_io+0x270/0x270 [ 2164.845242] ? rcu_read_lock_any_held+0x75/0xa0 [ 2164.845738] ? vfs_write+0x354/0xb10 [ 2164.846117] ? fput_many+0x2f/0x1a0 [ 2164.846510] ? ksys_write+0x1a9/0x260 [ 2164.846911] ? __ia32_sys_read+0xb0/0xb0 [ 2164.847341] __x64_sys_sendmmsg+0x99/0x100 [ 2164.847822] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2164.848347] do_syscall_64+0x33/0x40 [ 2164.848757] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2164.849284] RIP: 0033:0x7f0fecadbb19 [ 2164.849676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2164.851557] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2164.852364] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2164.853111] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2164.853858] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2164.854597] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2164.855357] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 03:00:54 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400033021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:00:54 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 75) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:00:54 executing program 5: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1) r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000000c0), r1) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000100)={'wpan0\x00', 0x0}) sendmsg$IEEE802154_LLSEC_DEL_KEY(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="cf46639f", @ANYRES16=r3, @ANYBLOB="00042bbd7000fcdbdf25280000000a0001007770616e3300000005002b000100000008000200", @ANYRES32=r4, @ANYBLOB="08002c00000100000a0001007770616e34000000"], 0x44}, 0x1, 0x0, 0x0, 0x2008000}, 0x48084) sendmsg$IEEE802154_LLSEC_DEL_DEV(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="8dcb46fa80b89779c24b842eae05dca6bbf8ffcc061c98d8", @ANYRES16=r2, @ANYBLOB="01000000000000000000220000000a0001007770616e30000000"], 0x20}}, 0x0) 03:00:54 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) fsetxattr$trusted_overlay_nlink(r0, &(0x7f0000000000), &(0x7f0000000040)={'L-', 0x34}, 0x16, 0x3) r2 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r2, 0x400, 0x1) fcntl$setown(r2, 0x8, 0xffffffffffffffff) close(r2) write$binfmt_script(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="a098db42bf903798d973a3e2cd928061cbe929184c1f0adf119c09b1666ac35ce5aea5ca10fce1fa4f310a47d803"], 0xb8) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0) openat(r1, &(0x7f0000000080)='./file1\x00', 0x101000, 0x2) 03:00:54 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000140)='./file1/file0\x00', 0x1, 0x0, &(0x7f0000000240), 0x4000, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000200)={0x10, 0x17, 0x1, {0x7, './file0'}}, 0x10) r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) r1 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r1, 0x400, 0x1) fcntl$setown(r1, 0x8, 0xffffffffffffffff) close(r1) openat(r1, &(0x7f00000002c0)='./file2\x00', 0x8803, 0x1a7) rename(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0\x00') r2 = syz_open_dev$ttys(0xc, 0x2, 0x0) fcntl$getownex(r2, 0x10, &(0x7f0000000300)) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x940c1, 0x40) write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) 03:00:54 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 4) 03:00:54 executing program 2: r0 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r0, 0x400, 0x1) fcntl$setown(r0, 0x8, 0xffffffffffffffff) close(r0) ioctl$KDSKBSENT(r0, 0x4b49, &(0x7f0000000200)={0x1f, "44dcb56f0a85e614b8bf1091c54f5f8170d71cb4d307cd4a4e869cca39c1d8986a12154db563f0ae6f93900c84c394367b35e0a0a0dca945cbd3ca4ebde7e65561383f0d244371cea74cd4cbf5dace263410c149e204da9d2e93e03d7eb389a36aab18b5740cce14b311445a89e28437735eb8eab7d7f09f125431bc26623aec272cdf6b127a31b50df3e299953e8020633c89c3dd636e1cba3f10ebf24dac107e22598e5a7c6e483244a53871ba055dfddafe2116cbbefdaf9053d2f0f8364415fd2cb43a91ff2bfad91a68180226b7dabf126a2dc28c73764a81265157d158d79adb02e8afedc1dff8616da70ba93b0674859f1a9cbca03800e180f43cf8c6415a8ba7f2563672f0a9150f5a05bea4c83ef8447835e5549652f1042cd0d6a013d313675f22db751b72e9e4d44aeef0127c2076d60e4553dfd02121dd1c708a11cc2ebeafcf76ac49bcb09b7817bbdcc0f8803fcb7b6aeb1124eab34c555616debb0527af04cd9014f92f4908c05b9bea79879ae30e2e94b220f9454f8319fca02dd06a31310aa8dd1970895568fbcc3776f837b6a3425a63fc908729a5064c05970f80a05cf7a96fb17081fcc76c804bc00fa0cc8a955ab6d574114d54dd540bfe0ae8f5fd3905387a6ff026aafc30a5a1f8efea0b343cd0abda0540a01c7910fbf4e90437ccde01e533347dc9a8b126267ce3eae4bf6dd7a46bc146ade894"}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r1, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) 03:00:54 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0x9168}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) [ 2180.402141] FAULT_INJECTION: forcing a failure. [ 2180.402141] name failslab, interval 1, probability 0, space 0, times 0 [ 2180.405441] CPU: 0 PID: 11459 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2180.407504] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2180.409352] Call Trace: [ 2180.409606] dump_stack+0x107/0x167 [ 2180.409944] should_fail.cold+0x5/0xa [ 2180.411354] ? __alloc_skb+0x6d/0x5b0 [ 2180.411714] should_failslab+0x5/0x20 [ 2180.412087] kmem_cache_alloc_node+0x55/0x330 [ 2180.413581] __alloc_skb+0x6d/0x5b0 [ 2180.413925] alloc_skb_with_frags+0x92/0x570 [ 2180.415395] sock_alloc_send_pskb+0x7af/0x930 [ 2180.415829] ? sk_alloc+0x350/0x350 [ 2180.417239] ? SOFTIRQ_verbose+0x10/0x10 [ 2180.417632] ? lock_release+0x680/0x680 [ 2180.418002] ? find_held_lock+0x2c/0x110 [ 2180.419442] __ip_append_data+0x1628/0x3310 [ 2180.420511] ? lock_downgrade+0x6d0/0x6d0 [ 2180.420895] ? do_raw_spin_lock+0x121/0x260 [ 2180.422350] ? ip_frag_init+0x350/0x350 [ 2180.422730] ? ip_finish_output+0x330/0x330 [ 2180.423130] ? ip_route_output_key_hash+0x1a4/0x340 [ 2180.424644] ? __sock_tx_timestamp+0xa3/0xc0 [ 2180.425061] ip_make_skb+0x22a/0x2a0 [ 2180.426466] ? ip_frag_init+0x350/0x350 [ 2180.426838] ? ip_flush_pending_frames+0x20/0x20 [ 2180.428340] ? lock_downgrade+0x6d0/0x6d0 [ 2180.428730] ? xfrm_lookup_route+0x65/0x210 [ 2180.429133] udp_sendmsg+0x193f/0x2160 [ 2180.430561] ? ip_frag_init+0x350/0x350 [ 2180.430939] ? udp_setsockopt+0xc0/0xc0 [ 2180.432381] ? __lock_acquire+0xbb1/0x5b00 [ 2180.432788] ? handle_mm_fault+0x1a0b/0x3500 [ 2180.434256] ? lock_downgrade+0x6d0/0x6d0 [ 2180.434642] ? do_raw_spin_lock+0x121/0x260 [ 2180.435042] ? rwlock_bug.part.0+0x90/0x90 [ 2180.436498] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2180.436987] udpv6_sendmsg+0x1b30/0x2ad0 [ 2180.438434] ? udp_v6_push_pending_frames+0x360/0x360 [ 2180.438909] ? _down_write_nest_lock+0x160/0x160 [ 2180.440404] ? vmacache_update+0xce/0x140 [ 2180.440796] ? do_user_addr_fault+0x5b0/0xc60 [ 2180.442265] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2180.442750] ? exc_page_fault+0xca/0x1a0 [ 2180.443122] ? trace_hardirqs_on+0x5b/0x180 [ 2180.443576] ? exc_page_fault+0xca/0x1a0 [ 2180.443975] ? asm_exc_page_fault+0x1e/0x30 [ 2180.446462] ? sock_has_perm+0x1ea/0x280 [ 2180.446841] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2180.452016] ? copy_user_generic_string+0x2c/0x40 [ 2180.452519] ? __import_iovec+0x458/0x590 [ 2180.452908] ? udp_v6_push_pending_frames+0x360/0x360 [ 2180.455442] inet6_sendmsg+0x105/0x140 [ 2180.455819] ? inet6_compat_ioctl+0x320/0x320 [ 2180.457310] __sock_sendmsg+0xf2/0x190 [ 2180.457675] ____sys_sendmsg+0x334/0x870 [ 2180.458051] ? sock_write_iter+0x3d0/0x3d0 [ 2180.459492] ? do_recvmmsg+0x6d0/0x6d0 [ 2180.459871] ? SOFTIRQ_verbose+0x10/0x10 [ 2180.461328] ? mark_lock+0xf5/0x2df0 [ 2180.461681] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2180.463212] ___sys_sendmsg+0xf3/0x170 [ 2180.463586] ? sendmsg_copy_msghdr+0x160/0x160 [ 2180.464030] ? __fget_files+0x2cf/0x520 [ 2180.464215] FAULT_INJECTION: forcing a failure. [ 2180.464215] name failslab, interval 1, probability 0, space 0, times 0 [ 2180.465467] ? lock_downgrade+0x6d0/0x6d0 [ 2180.465484] ? lock_downgrade+0x6d0/0x6d0 [ 2180.465501] ? __fget_files+0x2f8/0x520 [ 2180.465518] ? __fget_light+0xea/0x290 [ 2180.465536] __sys_sendmmsg+0x195/0x470 [ 2180.465553] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2180.465565] ? lock_downgrade+0x6d0/0x6d0 [ 2180.465589] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2180.465605] ? wait_for_completion_io+0x270/0x270 [ 2180.465620] ? rcu_read_lock_any_held+0x75/0xa0 [ 2180.465632] ? vfs_write+0x354/0xb10 [ 2180.465644] ? fput_many+0x2f/0x1a0 [ 2180.465657] ? ksys_write+0x1a9/0x260 [ 2180.465669] ? __ia32_sys_read+0xb0/0xb0 [ 2180.465687] __x64_sys_sendmmsg+0x99/0x100 [ 2180.465699] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2180.465709] do_syscall_64+0x33/0x40 [ 2180.465721] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2180.465729] RIP: 0033:0x7f0fecadbb19 [ 2180.465741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2180.465748] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2180.465761] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2180.465769] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2180.465776] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2180.465783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2180.465791] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 [ 2180.504834] CPU: 1 PID: 11462 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2180.505412] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2180.506102] Call Trace: [ 2180.506328] dump_stack+0x107/0x167 [ 2180.506638] should_fail.cold+0x5/0xa [ 2180.506960] ? __alloc_skb+0x6d/0x5b0 [ 2180.507283] should_failslab+0x5/0x20 [ 2180.507606] kmem_cache_alloc_node+0x55/0x330 [ 2180.508032] __alloc_skb+0x6d/0x5b0 [ 2180.508347] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2180.508776] ? ip6_mtu+0x1bb/0x3d0 [ 2180.509078] ? ip_frag_init+0x350/0x350 [ 2180.509423] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2180.509815] ? ip6_mtu+0x1e9/0x3d0 [ 2180.510117] ? ip6_setup_cork+0xfb7/0x1740 [ 2180.510475] ip6_make_skb+0x2de/0x4e0 [ 2180.510796] ? ip_frag_init+0x350/0x350 [ 2180.511135] ? ip_frag_init+0x350/0x350 [ 2180.511472] ? ip6_push_pending_frames+0xf0/0xf0 [ 2180.511910] ? ip6_dst_hoplimit+0x199/0x440 [ 2180.512307] ? lock_downgrade+0x6d0/0x6d0 [ 2180.512701] udpv6_sendmsg+0x20d3/0x2ad0 [ 2180.513084] ? ip_frag_init+0x350/0x350 [ 2180.513467] ? udp_v6_push_pending_frames+0x360/0x360 [ 2180.513940] ? SOFTIRQ_verbose+0x10/0x10 [ 2180.514349] ? lock_acquire+0x197/0x470 [ 2180.514718] ? find_held_lock+0x2c/0x110 [ 2180.515101] ? __might_fault+0xd3/0x180 [ 2180.515492] ? sock_has_perm+0x1ea/0x280 [ 2180.515909] ? __import_iovec+0x458/0x590 [ 2180.516295] ? udp_v6_push_pending_frames+0x360/0x360 [ 2180.516784] inet6_sendmsg+0x105/0x140 [ 2180.517146] ? inet6_compat_ioctl+0x320/0x320 [ 2180.517566] __sock_sendmsg+0xf2/0x190 [ 2180.517943] ____sys_sendmsg+0x334/0x870 [ 2180.518323] ? sock_write_iter+0x3d0/0x3d0 [ 2180.518717] ? do_recvmmsg+0x6d0/0x6d0 [ 2180.519087] ? SOFTIRQ_verbose+0x10/0x10 [ 2180.519462] ? mark_lock+0xf5/0x2df0 [ 2180.519831] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2180.520332] ___sys_sendmsg+0xf3/0x170 [ 2180.520697] ? sendmsg_copy_msghdr+0x160/0x160 [ 2180.521136] ? __fget_files+0x2cf/0x520 [ 2180.521505] ? lock_downgrade+0x6d0/0x6d0 [ 2180.521894] ? lock_downgrade+0x6d0/0x6d0 [ 2180.522298] ? __fget_files+0x2f8/0x520 [ 2180.522677] ? __fget_light+0xea/0x290 [ 2180.523049] __sys_sendmmsg+0x195/0x470 [ 2180.523445] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2180.523862] ? lock_downgrade+0x6d0/0x6d0 [ 2180.524264] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2180.524719] ? wait_for_completion_io+0x270/0x270 [ 2180.525167] ? rcu_read_lock_any_held+0x75/0xa0 [ 2180.525619] ? vfs_write+0x354/0xb10 [ 2180.525964] ? fput_many+0x2f/0x1a0 [ 2180.526313] ? ksys_write+0x1a9/0x260 [ 2180.526693] ? __ia32_sys_read+0xb0/0xb0 [ 2180.527084] __x64_sys_sendmmsg+0x99/0x100 [ 2180.527480] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2180.527991] do_syscall_64+0x33/0x40 [ 2180.528336] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2180.528809] RIP: 0033:0x7f9ff3490b19 [ 2180.529155] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2180.530809] RSP: 002b:00007f9ff09e5188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2180.531524] RAX: ffffffffffffffda RBX: 00007f9ff35a4020 RCX: 00007f9ff3490b19 [ 2180.532204] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2180.532848] RBP: 00007f9ff09e51d0 R08: 0000000000000000 R09: 0000000000000000 [ 2180.533516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2180.534159] R13: 00007fff56876fef R14: 00007f9ff09e5300 R15: 0000000000022000 03:00:55 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400034821206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:00:55 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0x9700}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:00:55 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 76) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:00:55 executing program 5: r0 = syz_mount_image$ext4(0x0, &(0x7f00000002c0)='./file0\x00', 0x5, 0xfffffffffffffd2d, 0x0, 0x91, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x1163868, &(0x7f0000000900)=ANY=[]) mkdirat(r1, 0x0, 0x2) umount2(&(0x7f0000000080)='./file0\x00', 0x4) lseek(r1, 0xfa2b, 0x0) unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) pipe(&(0x7f0000000280)) mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f00000001c0)=ANY=[@ANYRES16=r0, @ANYRESOCT=r2, @ANYRES32=r1, @ANYRESDEC=r1]) unlinkat(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x200) chown(&(0x7f0000000040)='./file0\x00', 0xee00, 0xffffffffffffffff) syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='smaps_rollup\x00') creat(&(0x7f0000000300)='./file0\x00', 0x1) getresuid(&(0x7f0000000340), &(0x7f00000003c0), &(0x7f0000000400)=0x0) symlinkat(&(0x7f0000000440)='./file0\x00', r0, &(0x7f0000000480)='./file0\x00') syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x3f, 0x0, &(0x7f00000001c0), 0x2010004, &(0x7f0000000500)={[{@nodelalloc}, {@grpid}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x400}}, {@jqfmt_vfsv0}], [{@fsmagic={'fsmagic', 0x3d, 0x5}}, {@audit}, {@smackfsroot}, {@obj_type={'obj_type', 0x3d, ':[{'}}, {@fowner_eq={'fowner', 0x3d, r3}}, {@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}, {@dont_hash}]}) 03:00:55 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 5) 03:00:55 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) sendmsg$IPVS_CMD_SET_INFO(r0, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)={0x28, 0x0, 0x2, 0x70bd2b, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0xc, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x40000}, 0x1) perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x75, 0x7, 0x20, 0x8, 0x0, 0x1ff, 0x41800, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0x2, 0x473}, 0x48801, 0xac72, 0x6e, 0x7, 0x1, 0x4, 0x3, 0x0, 0x9, 0x0, 0x3b28}, 0x0, 0x0, r0, 0x8) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=@updsa={0x168, 0x10, 0x1, 0x0, 0x0, {{@in6=@mcast2, @in6=@private0}, {@in, 0x0, 0x32}, @in=@multicast1, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_aead={0x70, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0x120, 0x40, "976ae46d07d1812fd0664e95dee18314b91df2e10ff98153074f6a02e3550c030000001b"}}, @XFRMA_SET_MARK={0x8, 0x1d, 0x7}]}, 0x168}}, 0x0) r2 = openat$sr(0xffffffffffffff9c, 0x0, 0xe8b02, 0x0) r3 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0xffffffff, 0x0, 0xfffffffe, 0x0, 0x0, r2}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000040)=0x0) r6 = socket$inet_tcp(0x2, 0x1, 0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x3}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r3, 0x0) r7 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r3, 0x8000000) syz_io_uring_submit(r7, r5, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) syz_io_uring_setup(0x1ac2, &(0x7f0000000100)={0x0, 0x8784, 0x10, 0x1, 0x376, 0x0, r0}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000000000), &(0x7f0000000180)=0x0) r9 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r10 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000100)=0x0) r13 = io_uring_register$IORING_REGISTER_PERSONALITY(r10, 0x9, 0x0, 0x0) syz_io_uring_submit(r11, r12, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r9, 0x0, 0x0, 0x0, {}, 0x0, {0x0, r13}}, 0x0) syz_io_uring_submit(r7, r8, &(0x7f00000001c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x1, 0x0, @fd=r1, 0x401, 0x0, 0x7, 0x4, 0x1, {0x0, r13}}, 0xfff) 03:00:55 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) statx(r0, &(0x7f0000000000)='./file0\x00', 0x2000, 0x800, &(0x7f00000002c0)) [ 2181.458962] FAULT_INJECTION: forcing a failure. [ 2181.458962] name failslab, interval 1, probability 0, space 0, times 0 [ 2181.461278] CPU: 1 PID: 11491 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2181.462910] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2181.463608] Call Trace: [ 2181.464920] dump_stack+0x107/0x167 [ 2181.465233] should_fail.cold+0x5/0xa [ 2181.465560] ? create_object.isra.0+0x3a/0xa20 [ 2181.466999] should_failslab+0x5/0x20 [ 2181.467324] kmem_cache_alloc+0x5b/0x310 [ 2181.467671] create_object.isra.0+0x3a/0xa20 [ 2181.469123] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2181.469555] kmem_cache_alloc_node+0x169/0x330 [ 2181.470999] __alloc_skb+0x6d/0x5b0 [ 2181.471317] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2181.471747] ? ip6_mtu+0x1bb/0x3d0 [ 2181.474291] ? ip_frag_init+0x350/0x350 [ 2181.474639] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2181.476132] ? ip6_mtu+0x1e9/0x3d0 [ 2181.476434] ? ip6_setup_cork+0xfb7/0x1740 [ 2181.478841] ip6_make_skb+0x2de/0x4e0 [ 2181.479173] ? ip_frag_init+0x350/0x350 [ 2181.479512] ? ip_frag_init+0x350/0x350 [ 2181.480913] ? ip6_push_pending_frames+0xf0/0xf0 [ 2181.481320] ? ip6_dst_hoplimit+0x199/0x440 [ 2181.481688] ? lock_downgrade+0x6d0/0x6d0 [ 2181.483101] udpv6_sendmsg+0x20d3/0x2ad0 [ 2181.483450] ? ip_frag_init+0x350/0x350 [ 2181.484312] FAULT_INJECTION: forcing a failure. [ 2181.484312] name failslab, interval 1, probability 0, space 0, times 0 [ 2181.484848] ? udp_v6_push_pending_frames+0x360/0x360 [ 2181.484860] ? SOFTIRQ_verbose+0x10/0x10 [ 2181.484882] ? lock_acquire+0x197/0x470 [ 2181.484893] ? find_held_lock+0x2c/0x110 [ 2181.484910] ? __might_fault+0xd3/0x180 [ 2181.484930] ? sock_has_perm+0x1ea/0x280 [ 2181.484959] ? __import_iovec+0x458/0x590 [ 2181.484972] ? udp_v6_push_pending_frames+0x360/0x360 [ 2181.484987] inet6_sendmsg+0x105/0x140 [ 2181.485000] ? inet6_compat_ioctl+0x320/0x320 [ 2181.485012] __sock_sendmsg+0xf2/0x190 [ 2181.485025] ____sys_sendmsg+0x334/0x870 [ 2181.485039] ? sock_write_iter+0x3d0/0x3d0 [ 2181.485050] ? do_recvmmsg+0x6d0/0x6d0 [ 2181.485065] ? SOFTIRQ_verbose+0x10/0x10 [ 2181.485076] ? mark_lock+0xf5/0x2df0 [ 2181.485091] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2181.485107] ___sys_sendmsg+0xf3/0x170 [ 2181.485121] ? sendmsg_copy_msghdr+0x160/0x160 [ 2181.485137] ? __fget_files+0x2cf/0x520 [ 2181.485150] ? lock_downgrade+0x6d0/0x6d0 [ 2181.485166] ? lock_downgrade+0x6d0/0x6d0 [ 2181.485183] ? __fget_files+0x2f8/0x520 [ 2181.485201] ? __fget_light+0xea/0x290 [ 2181.485219] __sys_sendmmsg+0x195/0x470 [ 2181.485235] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2181.485248] ? lock_downgrade+0x6d0/0x6d0 [ 2181.485274] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2181.485290] ? wait_for_completion_io+0x270/0x270 [ 2181.485305] ? rcu_read_lock_any_held+0x75/0xa0 [ 2181.485317] ? vfs_write+0x354/0xb10 [ 2181.485329] ? fput_many+0x2f/0x1a0 [ 2181.485342] ? ksys_write+0x1a9/0x260 [ 2181.485355] ? __ia32_sys_read+0xb0/0xb0 [ 2181.485373] __x64_sys_sendmmsg+0x99/0x100 [ 2181.485385] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2181.485396] do_syscall_64+0x33/0x40 [ 2181.485408] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2181.485417] RIP: 0033:0x7f9ff3490b19 [ 2181.485430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2181.485437] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2181.485451] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2181.485458] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2181.485465] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2181.485472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2181.485479] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 [ 2181.511292] tmpfs: Unknown parameter 'ÿÿ00000000000000000000005' [ 2181.511439] CPU: 0 PID: 11493 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2181.521650] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2181.522484] Call Trace: [ 2181.522763] dump_stack+0x107/0x167 [ 2181.523152] should_fail.cold+0x5/0xa [ 2181.523549] ? create_object.isra.0+0x3a/0xa20 [ 2181.524037] should_failslab+0x5/0x20 [ 2181.524423] kmem_cache_alloc+0x5b/0x310 [ 2181.524857] create_object.isra.0+0x3a/0xa20 [ 2181.525303] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2181.525819] kmem_cache_alloc_node+0x169/0x330 [ 2181.526295] __alloc_skb+0x6d/0x5b0 [ 2181.526669] alloc_skb_with_frags+0x92/0x570 [ 2181.527132] sock_alloc_send_pskb+0x7af/0x930 [ 2181.527574] ? sk_alloc+0x350/0x350 [ 2181.527975] ? SOFTIRQ_verbose+0x10/0x10 [ 2181.528389] ? lock_release+0x680/0x680 [ 2181.528786] ? find_held_lock+0x2c/0x110 [ 2181.540183] __ip_append_data+0x1628/0x3310 [ 2181.540631] ? lock_downgrade+0x6d0/0x6d0 [ 2181.541069] ? do_raw_spin_lock+0x121/0x260 [ 2181.541515] ? ip_frag_init+0x350/0x350 [ 2181.541943] ? ip_finish_output+0x330/0x330 [ 2181.542394] ? ip_route_output_key_hash+0x1a4/0x340 [ 2181.542909] ? __sock_tx_timestamp+0xa3/0xc0 [ 2181.543364] ip_make_skb+0x22a/0x2a0 [ 2181.543754] ? ip_frag_init+0x350/0x350 [ 2181.544200] ? ip_flush_pending_frames+0x20/0x20 [ 2181.544693] ? lock_downgrade+0x6d0/0x6d0 [ 2181.545138] ? xfrm_lookup_route+0x65/0x210 [ 2181.545596] udp_sendmsg+0x193f/0x2160 [ 2181.546010] ? ip_frag_init+0x350/0x350 [ 2181.546438] ? udp_setsockopt+0xc0/0xc0 [ 2181.546861] ? __lock_acquire+0xbb1/0x5b00 [ 2181.547336] ? handle_mm_fault+0x1a0b/0x3500 [ 2181.547796] ? lock_downgrade+0x6d0/0x6d0 [ 2181.548237] ? do_raw_spin_lock+0x121/0x260 [ 2181.548680] ? rwlock_bug.part.0+0x90/0x90 [ 2181.549131] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2181.549676] udpv6_sendmsg+0x1b30/0x2ad0 [ 2181.550123] ? udp_v6_push_pending_frames+0x360/0x360 [ 2181.550653] ? _down_write_nest_lock+0x160/0x160 [ 2181.551156] ? vmacache_update+0xce/0x140 [ 2181.551582] ? do_user_addr_fault+0x5b0/0xc60 [ 2181.552075] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2181.552607] ? exc_page_fault+0xca/0x1a0 [ 2181.553032] ? trace_hardirqs_on+0x5b/0x180 [ 2181.553485] ? exc_page_fault+0xca/0x1a0 [ 2181.553919] ? asm_exc_page_fault+0x1e/0x30 [ 2181.554357] ? sock_has_perm+0x1ea/0x280 [ 2181.554774] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2181.555314] ? copy_user_generic_string+0x2c/0x40 [ 2181.555810] ? __import_iovec+0x458/0x590 [ 2181.556244] ? udp_v6_push_pending_frames+0x360/0x360 [ 2181.556791] inet6_sendmsg+0x105/0x140 [ 2181.557202] ? inet6_compat_ioctl+0x320/0x320 [ 2181.557669] __sock_sendmsg+0xf2/0x190 [ 2181.558077] ____sys_sendmsg+0x334/0x870 [ 2181.558493] ? sock_write_iter+0x3d0/0x3d0 [ 2181.558937] ? do_recvmmsg+0x6d0/0x6d0 [ 2181.559337] ? SOFTIRQ_verbose+0x10/0x10 [ 2181.559744] ? mark_lock+0xf5/0x2df0 [ 2181.560153] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2181.560682] ___sys_sendmsg+0xf3/0x170 [ 2181.561096] ? sendmsg_copy_msghdr+0x160/0x160 [ 2181.561579] ? __fget_files+0x2cf/0x520 [ 2181.562006] ? lock_downgrade+0x6d0/0x6d0 [ 2181.562435] ? lock_downgrade+0x6d0/0x6d0 [ 2181.562867] ? __fget_files+0x2f8/0x520 [ 2181.563281] ? __fget_light+0xea/0x290 [ 2181.563699] __sys_sendmmsg+0x195/0x470 [ 2181.568157] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2181.568599] ? lock_downgrade+0x6d0/0x6d0 [ 2181.569050] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2181.569325] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 2181.569538] ? wait_for_completion_io+0x270/0x270 [ 2181.570536] ? rcu_read_lock_any_held+0x75/0xa0 [ 2181.571007] ? vfs_write+0x354/0xb10 [ 2181.571364] ? fput_many+0x2f/0x1a0 [ 2181.571705] ? ksys_write+0x1a9/0x260 [ 2181.572119] ? __ia32_sys_read+0xb0/0xb0 [ 2181.572503] __x64_sys_sendmmsg+0x99/0x100 [ 2181.572926] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2181.573412] do_syscall_64+0x33/0x40 [ 2181.573764] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2181.574277] RIP: 0033:0x7f0fecadbb19 [ 2181.574638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2181.576441] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2181.577203] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2181.577892] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2181.578554] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2181.579247] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2181.579944] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 [ 2181.680363] tmpfs: Unknown parameter 'ÿÿ00000000000000000000005' [ 2181.695026] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 2181.879498] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=5 sclass=netlink_xfrm_socket pid=11492 comm=syz-executor.6 03:01:12 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x6}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') creat(&(0x7f0000000000)='./file0\x00', 0x2) openat(r0, &(0x7f00000000c0)='./file0\x00', 0x240100, 0x104) r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) 03:01:12 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f0000002dc0)={&(0x7f0000000240)=ANY=[@ANYBLOB="6401000010000100000000ffff8c141400fe8000000000000000000000000000aa00"/57, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="fe8800000000000000000000000000010000000032000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000000000005800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000f24aa6b13c2e62f3556b1cbcfeac2a01c001700"/284], 0x164}}, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f00000000c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file0\x00'}) perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0xff, 0x6d, 0xb8, 0x6, 0x0, 0x4467546f, 0x20, 0xc, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x2, @perf_bp, 0x8028, 0x6, 0x3, 0x8, 0x5, 0x3eb, 0x100, 0x0, 0x6, 0x0, 0x5}, 0x0, 0xd, r1, 0x0) 03:01:12 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 77) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:01:12 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400034c21206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:01:12 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0x9c98}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:01:12 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x8011}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) r1 = syz_io_uring_complete(0x0) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000000)=0x7) ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000240)={0x2b45, 0x0, 0x0, 0x1000ffff, 0x0, "0489fdc1843fc745ea52a5fff7962e807836db"}) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000800)) 03:01:12 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 6) [ 2198.284376] FAULT_INJECTION: forcing a failure. [ 2198.284376] name failslab, interval 1, probability 0, space 0, times 0 [ 2198.285492] CPU: 0 PID: 11536 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2198.286160] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2198.286967] Call Trace: [ 2198.287237] dump_stack+0x107/0x167 [ 2198.287595] should_fail.cold+0x5/0xa [ 2198.287974] should_failslab+0x5/0x20 [ 2198.288371] __kmalloc_node_track_caller+0x74/0x3b0 [ 2198.288870] ? alloc_skb_with_frags+0x92/0x570 [ 2198.289330] __alloc_skb+0xb1/0x5b0 [ 2198.289702] alloc_skb_with_frags+0x92/0x570 [ 2198.290128] sock_alloc_send_pskb+0x7af/0x930 [ 2198.290579] ? sk_alloc+0x350/0x350 [ 2198.290948] ? SOFTIRQ_verbose+0x10/0x10 [ 2198.291357] ? find_held_lock+0x2c/0x110 [ 2198.291775] __ip_append_data+0x1628/0x3310 [ 2198.292219] ? lock_downgrade+0x6d0/0x6d0 [ 2198.292618] ? do_raw_spin_lock+0x121/0x260 [ 2198.293052] ? ip_frag_init+0x350/0x350 [ 2198.293458] ? ip_finish_output+0x330/0x330 [ 2198.293896] ? ip_route_output_key_hash+0x1a4/0x340 [ 2198.294385] ? __sock_tx_timestamp+0xa3/0xc0 [ 2198.294810] ip_make_skb+0x22a/0x2a0 [ 2198.295189] ? ip_frag_init+0x350/0x350 [ 2198.295590] ? ip_flush_pending_frames+0x20/0x20 [ 2198.296087] ? lock_downgrade+0x6d0/0x6d0 [ 2198.296505] ? xfrm_lookup_route+0x65/0x210 [ 2198.296927] udp_sendmsg+0x193f/0x2160 [ 2198.297311] ? ip_frag_init+0x350/0x350 [ 2198.297718] ? udp_setsockopt+0xc0/0xc0 [ 2198.298122] ? __lock_acquire+0xbb1/0x5b00 [ 2198.298565] ? handle_mm_fault+0x1a0b/0x3500 [ 2198.299003] ? lock_downgrade+0x6d0/0x6d0 [ 2198.299397] ? do_raw_spin_lock+0x121/0x260 [ 2198.299830] ? rwlock_bug.part.0+0x90/0x90 [ 2198.300272] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2198.300800] udpv6_sendmsg+0x1b30/0x2ad0 [ 2198.301218] ? udp_v6_push_pending_frames+0x360/0x360 [ 2198.301708] ? _down_write_nest_lock+0x160/0x160 [ 2198.302180] ? vmacache_update+0xce/0x140 [ 2198.302602] ? do_user_addr_fault+0x5b0/0xc60 [ 2198.303059] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2198.303575] ? exc_page_fault+0xca/0x1a0 [ 2198.303972] ? trace_hardirqs_on+0x5b/0x180 [ 2198.304408] ? exc_page_fault+0xca/0x1a0 [ 2198.304817] ? asm_exc_page_fault+0x1e/0x30 [ 2198.305253] ? sock_has_perm+0x1ea/0x280 [ 2198.305659] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2198.306186] ? copy_user_generic_string+0x2c/0x40 [ 2198.306684] ? __import_iovec+0x458/0x590 [ 2198.307094] ? udp_v6_push_pending_frames+0x360/0x360 [ 2198.307591] inet6_sendmsg+0x105/0x140 [ 2198.307996] ? inet6_compat_ioctl+0x320/0x320 [ 2198.308444] __sock_sendmsg+0xf2/0x190 [ 2198.308841] ____sys_sendmsg+0x334/0x870 [ 2198.309251] ? sock_write_iter+0x3d0/0x3d0 [ 2198.309682] ? do_recvmmsg+0x6d0/0x6d0 [ 2198.310079] ? SOFTIRQ_verbose+0x10/0x10 [ 2198.310469] ? mark_lock+0xf5/0x2df0 [ 2198.310830] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2198.311354] ___sys_sendmsg+0xf3/0x170 [ 2198.311747] ? sendmsg_copy_msghdr+0x160/0x160 [ 2198.312227] ? __fget_files+0x2cf/0x520 [ 2198.312621] ? lock_downgrade+0x6d0/0x6d0 [ 2198.313031] ? lock_downgrade+0x6d0/0x6d0 [ 2198.313439] ? __fget_files+0x2f8/0x520 [ 2198.313844] ? __fget_light+0xea/0x290 [ 2198.314240] __sys_sendmmsg+0x195/0x470 [ 2198.314644] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2198.315069] ? lock_downgrade+0x6d0/0x6d0 [ 2198.315479] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2198.315972] ? wait_for_completion_io+0x270/0x270 [ 2198.316465] ? rcu_read_lock_any_held+0x75/0xa0 [ 2198.316928] ? vfs_write+0x354/0xb10 [ 2198.317301] ? fput_many+0x2f/0x1a0 [ 2198.317675] ? ksys_write+0x1a9/0x260 [ 2198.318065] ? __ia32_sys_read+0xb0/0xb0 [ 2198.318465] __x64_sys_sendmmsg+0x99/0x100 [ 2198.318873] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2198.319366] do_syscall_64+0x33/0x40 [ 2198.319724] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2198.320232] RIP: 0033:0x7f0fecadbb19 [ 2198.320587] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2198.322315] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2198.323042] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2198.323722] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2198.324422] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2198.325073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2198.325714] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 [ 2198.333482] netlink: 116 bytes leftover after parsing attributes in process `syz-executor.6'. [ 2198.340446] netlink: 116 bytes leftover after parsing attributes in process `syz-executor.6'. [ 2198.352604] FAULT_INJECTION: forcing a failure. [ 2198.352604] name failslab, interval 1, probability 0, space 0, times 0 [ 2198.354028] CPU: 1 PID: 11535 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2198.354658] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2198.355411] Call Trace: [ 2198.355667] dump_stack+0x107/0x167 [ 2198.356026] should_fail.cold+0x5/0xa [ 2198.356391] should_failslab+0x5/0x20 [ 2198.356747] __kmalloc_node_track_caller+0x74/0x3b0 [ 2198.357208] ? __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2198.357689] __alloc_skb+0xb1/0x5b0 [ 2198.358034] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2198.358502] ? ip6_mtu+0x1bb/0x3d0 [ 2198.358834] ? ip_frag_init+0x350/0x350 [ 2198.359214] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2198.359639] ? ip6_mtu+0x1e9/0x3d0 [ 2198.359985] ? ip6_setup_cork+0xfb7/0x1740 [ 2198.360374] ip6_make_skb+0x2de/0x4e0 [ 2198.360716] ? ip_frag_init+0x350/0x350 [ 2198.361084] ? ip_frag_init+0x350/0x350 [ 2198.361452] ? ip6_push_pending_frames+0xf0/0xf0 [ 2198.361896] ? ip6_dst_hoplimit+0x199/0x440 [ 2198.362295] ? lock_downgrade+0x6d0/0x6d0 [ 2198.362690] udpv6_sendmsg+0x20d3/0x2ad0 [ 2198.363071] ? ip_frag_init+0x350/0x350 [ 2198.363450] ? udp_v6_push_pending_frames+0x360/0x360 [ 2198.363922] ? SOFTIRQ_verbose+0x10/0x10 [ 2198.364314] ? lock_acquire+0x197/0x470 [ 2198.364670] ? find_held_lock+0x2c/0x110 [ 2198.365056] ? __might_fault+0xd3/0x180 [ 2198.365432] ? sock_has_perm+0x1ea/0x280 [ 2198.365837] ? __import_iovec+0x458/0x590 [ 2198.366233] ? udp_v6_push_pending_frames+0x360/0x360 [ 2198.366715] inet6_sendmsg+0x105/0x140 [ 2198.367076] ? inet6_compat_ioctl+0x320/0x320 [ 2198.367486] __sock_sendmsg+0xf2/0x190 [ 2198.367848] ____sys_sendmsg+0x334/0x870 [ 2198.368253] ? sock_write_iter+0x3d0/0x3d0 [ 2198.368643] ? do_recvmmsg+0x6d0/0x6d0 [ 2198.369013] ? SOFTIRQ_verbose+0x10/0x10 [ 2198.369398] ___sys_sendmsg+0xf3/0x170 [ 2198.369760] ? sendmsg_copy_msghdr+0x160/0x160 [ 2198.370186] ? __fget_files+0x2cf/0x520 [ 2198.370552] ? lock_downgrade+0x6d0/0x6d0 [ 2198.370953] ? __fget_files+0x2f8/0x520 [ 2198.371317] ? __fget_light+0xea/0x290 [ 2198.371658] __sys_sendmmsg+0x195/0x470 [ 2198.372024] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2198.372401] ? __switch_to+0x572/0xf70 [ 2198.372736] ? __switch_to_asm+0x3a/0x60 [ 2198.373116] ? __switch_to_asm+0x34/0x60 [ 2198.373498] ? __schedule+0x82c/0x1ea0 [ 2198.373886] ? io_schedule_timeout+0x140/0x140 [ 2198.374311] ? copy_kernel_to_fpregs+0x9e/0xe0 [ 2198.374735] ? trace_event_raw_event_x86_fpu+0x390/0x390 [ 2198.375213] __x64_sys_sendmmsg+0x99/0x100 [ 2198.375573] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2198.376037] do_syscall_64+0x33/0x40 [ 2198.376374] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2198.376832] RIP: 0033:0x7f9ff3490b19 [ 2198.377165] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2198.378779] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2198.379475] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2198.380139] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2198.380746] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2198.381349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2198.382000] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 03:01:13 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400036821206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:01:13 executing program 6: r0 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r0, 0x400, 0x1) fcntl$setown(r0, 0x8, 0xffffffffffffffff) close(r0) ioctl$KDSKBSENT(r0, 0x4b49, &(0x7f0000000200)={0x1f, "44dcb56f0a85e614b8bf1091c54f5f8170d71cb4d307cd4a4e869cca39c1d8986a12154db563f0ae6f93900c84c394367b35e0a0a0dca945cbd3ca4ebde7e65561383f0d244371cea74cd4cbf5dace263410c149e204da9d2e93e03d7eb389a36aab18b5740cce14b311445a89e28437735eb8eab7d7f09f125431bc26623aec272cdf6b127a31b50df3e299953e8020633c89c3dd636e1cba3f10ebf24dac107e22598e5a7c6e483244a53871ba055dfddafe2116cbbefdaf9053d2f0f8364415fd2cb43a91ff2bfad91a68180226b7dabf126a2dc28c73764a81265157d158d79adb02e8afedc1dff8616da70ba93b0674859f1a9cbca03800e180f43cf8c6415a8ba7f2563672f0a9150f5a05bea4c83ef8447835e5549652f1042cd0d6a013d313675f22db751b72e9e4d44aeef0127c2076d60e4553dfd02121dd1c708a11cc2ebeafcf76ac49bcb09b7817bbdcc0f8803fcb7b6aeb1124eab34c555616debb0527af04cd9014f92f4908c05b9bea79879ae30e2e94b220f9454f8319fca02dd06a31310aa8dd1970895568fbcc3776f837b6a3425a63fc908729a5064c05970f80a05cf7a96fb17081fcc76c804bc00fa0cc8a955ab6d574114d54dd540bfe0ae8f5fd3905387a6ff026aafc30a5a1f8efea0b343cd0abda0540a01c7910fbf4e90437ccde01e533347dc9a8b126267ce3eae4bf6dd7a46bc146ade894"}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r1, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) 03:01:13 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xa230}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:01:13 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 7) 03:01:13 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 78) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:01:13 executing program 5: r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0xfd, 0x0, 0xfc, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0) getdents64(r1, &(0x7f0000001400)=""/53, 0x35) fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB='trans=fd,rfd4v=', @ANYRESHEX, @ANYBLOB="2c77666452fb3d6d7711299d89f689d3408a1be40edf1a086ffd11cff7eef526a69da2734887bd6d64a1629c007ff3b97ad677b97c483d95f438183132c584401975ca8ff3507968afdab0c5ce44c74e5f3fa9271b643abd41c5b769870a515bf61d328a3f5a1857357e903599e570bc82720bb93aca4591f25b34423aaa34", @ANYRESHEX, @ANYBLOB=',cache=mmap,cache=loose,\x00']) r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000240), 0x145003, 0x0) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ppoll(&(0x7f0000000000)=[{r3, 0x108}], 0x1, 0x0, 0x0, 0x0) fcntl$dupfd(r0, 0x0, r3) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) r5 = syz_io_uring_setup(0x7fb8, &(0x7f00000002c0)={0x0, 0x0, 0x8}, &(0x7f0000b0f000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xe, 0x13, r5, 0x0) io_uring_enter(r5, 0x58ab, 0x0, 0x0, 0x0, 0x0) ioctl$BTRFS_IOC_BALANCE(r1, 0x5000940c, 0x0) syz_io_uring_setup(0x205b, &(0x7f0000000100)={0x0, 0xd3f6, 0x1, 0x0, 0x2cd, 0x0, r5}, &(0x7f0000b0c000/0x2000)=nil, &(0x7f0000800000/0x800000)=nil, &(0x7f0000000080), &(0x7f0000000280)) ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000340)=ANY=[@ANYBLOB="3a00000000000000000000000000000000000000000000000000000002000000000000006d99f16ce5cde70f0500d1b563b9ec026bea4349f6319bd61255671963c4a1e7b399006032872a580eff88151c51f37f532e6377706eafbd7ea83051e06755dae58b5ae9fe349efe2d2bb727fd6025ac42272acc213660edef53bfb8d9ec1402a6e2f583e0e9f0ac6a88db8d5c8c56ade4101208b7f65a1c0d31066f6ee8c956d6c4d88a97976c4cbf9a16b878c9a2cbf21a2ec754f1fef47c3aee360c16b24dcd992d3a9da1cc2dc312dd4230"]}) pidfd_getfd(r3, r2, 0x0) 03:01:13 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x335040, 0x8) write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) [ 2198.688663] FAULT_INJECTION: forcing a failure. [ 2198.688663] name failslab, interval 1, probability 0, space 0, times 0 [ 2198.691534] CPU: 1 PID: 11556 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2198.693161] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2198.695097] Call Trace: [ 2198.695741] dump_stack+0x107/0x167 [ 2198.696573] should_fail.cold+0x5/0xa [ 2198.697478] ? create_object.isra.0+0x3a/0xa20 [ 2198.698555] should_failslab+0x5/0x20 [ 2198.699424] kmem_cache_alloc+0x5b/0x310 [ 2198.700362] create_object.isra.0+0x3a/0xa20 [ 2198.701366] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2198.702528] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 2198.703684] ? alloc_skb_with_frags+0x92/0x570 [ 2198.704741] __alloc_skb+0xb1/0x5b0 [ 2198.705570] alloc_skb_with_frags+0x92/0x570 [ 2198.706569] sock_alloc_send_pskb+0x7af/0x930 [ 2198.707603] ? sk_alloc+0x350/0x350 [ 2198.708463] ? SOFTIRQ_verbose+0x10/0x10 [ 2198.709395] ? lock_release+0x680/0x680 [ 2198.710308] ? find_held_lock+0x2c/0x110 [ 2198.711244] __ip_append_data+0x1628/0x3310 [ 2198.712229] ? lock_downgrade+0x6d0/0x6d0 [ 2198.713169] ? do_raw_spin_lock+0x121/0x260 [ 2198.714143] ? ip_frag_init+0x350/0x350 [ 2198.715060] ? ip_finish_output+0x330/0x330 [ 2198.716048] ? ip_route_output_key_hash+0x1a4/0x340 [ 2198.717214] ? __sock_tx_timestamp+0xa3/0xc0 [ 2198.723850] 9pnet: Insufficient options for proto=fd [ 2198.732057] ip_make_skb+0x22a/0x2a0 [ 2198.732072] ? ip_frag_init+0x350/0x350 [ 2198.732087] ? ip_flush_pending_frames+0x20/0x20 [ 2198.732105] ? lock_downgrade+0x6d0/0x6d0 [ 2198.732122] ? xfrm_lookup_route+0x65/0x210 [ 2198.732139] udp_sendmsg+0x193f/0x2160 [ 2198.732157] ? ip_frag_init+0x350/0x350 [ 2198.732175] ? udp_setsockopt+0xc0/0xc0 [ 2198.732194] ? __lock_acquire+0xbb1/0x5b00 [ 2198.732221] ? handle_mm_fault+0x1a0b/0x3500 [ 2198.732233] ? lock_downgrade+0x6d0/0x6d0 [ 2198.732246] ? do_raw_spin_lock+0x121/0x260 [ 2198.732260] ? rwlock_bug.part.0+0x90/0x90 [ 2198.732273] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2198.732292] udpv6_sendmsg+0x1b30/0x2ad0 [ 2198.732316] ? udp_v6_push_pending_frames+0x360/0x360 [ 2198.732328] ? _down_write_nest_lock+0x160/0x160 [ 2198.732343] ? vmacache_update+0xce/0x140 [ 2198.732362] ? do_user_addr_fault+0x5b0/0xc60 [ 2198.732377] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2198.732390] ? exc_page_fault+0xca/0x1a0 [ 2198.732400] ? trace_hardirqs_on+0x5b/0x180 [ 2198.732412] ? exc_page_fault+0xca/0x1a0 [ 2198.732427] ? asm_exc_page_fault+0x1e/0x30 [ 2198.732440] ? sock_has_perm+0x1ea/0x280 [ 2198.732452] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2198.732470] ? copy_user_generic_string+0x2c/0x40 [ 2198.732490] ? __import_iovec+0x458/0x590 [ 2198.732502] ? udp_v6_push_pending_frames+0x360/0x360 [ 2198.732518] inet6_sendmsg+0x105/0x140 [ 2198.732530] ? inet6_compat_ioctl+0x320/0x320 [ 2198.732541] __sock_sendmsg+0xf2/0x190 [ 2198.732554] ____sys_sendmsg+0x334/0x870 [ 2198.732567] ? sock_write_iter+0x3d0/0x3d0 [ 2198.732578] ? do_recvmmsg+0x6d0/0x6d0 [ 2198.732593] ? SOFTIRQ_verbose+0x10/0x10 [ 2198.732603] ? mark_lock+0xf5/0x2df0 [ 2198.732618] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2198.732633] ___sys_sendmsg+0xf3/0x170 [ 2198.732647] ? sendmsg_copy_msghdr+0x160/0x160 [ 2198.732663] ? __fget_files+0x2cf/0x520 [ 2198.732675] ? lock_downgrade+0x6d0/0x6d0 [ 2198.732691] ? lock_downgrade+0x6d0/0x6d0 [ 2198.732708] ? __fget_files+0x2f8/0x520 [ 2198.732725] ? __fget_light+0xea/0x290 [ 2198.732743] __sys_sendmmsg+0x195/0x470 [ 2198.732759] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2198.732771] ? lock_downgrade+0x6d0/0x6d0 [ 2198.732795] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2198.732811] ? wait_for_completion_io+0x270/0x270 [ 2198.732826] ? rcu_read_lock_any_held+0x75/0xa0 [ 2198.732837] ? vfs_write+0x354/0xb10 [ 2198.732849] ? fput_many+0x2f/0x1a0 [ 2198.732862] ? ksys_write+0x1a9/0x260 [ 2198.732874] ? __ia32_sys_read+0xb0/0xb0 [ 2198.732892] __x64_sys_sendmmsg+0x99/0x100 [ 2198.732903] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2198.732914] do_syscall_64+0x33/0x40 [ 2198.732926] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2198.732935] RIP: 0033:0x7f0fecadbb19 [ 2198.732948] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2198.732955] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2198.732969] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2198.732976] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2198.732984] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2198.732991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2198.732999] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 [ 2198.867290] FAULT_INJECTION: forcing a failure. [ 2198.867290] name failslab, interval 1, probability 0, space 0, times 0 [ 2198.869813] CPU: 1 PID: 11560 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2198.871309] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2198.873137] Call Trace: [ 2198.873708] dump_stack+0x107/0x167 [ 2198.874489] should_fail.cold+0x5/0xa [ 2198.875310] ? create_object.isra.0+0x3a/0xa20 [ 2198.876355] should_failslab+0x5/0x20 [ 2198.877177] kmem_cache_alloc+0x5b/0x310 [ 2198.878055] create_object.isra.0+0x3a/0xa20 [ 2198.879000] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2198.880131] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 2198.881242] ? __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2198.882736] __alloc_skb+0xb1/0x5b0 [ 2198.883643] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2198.884766] ? ip6_mtu+0x1bb/0x3d0 [ 2198.885545] ? ip_frag_init+0x350/0x350 [ 2198.886414] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2198.887415] ? ip6_mtu+0x1e9/0x3d0 [ 2198.888224] ? ip6_setup_cork+0xfb7/0x1740 [ 2198.889139] ip6_make_skb+0x2de/0x4e0 [ 2198.889957] ? ip_frag_init+0x350/0x350 [ 2198.890813] ? ip_frag_init+0x350/0x350 [ 2198.891669] ? ip6_push_pending_frames+0xf0/0xf0 [ 2198.892734] ? ip6_dst_hoplimit+0x199/0x440 [ 2198.893669] ? lock_downgrade+0x6d0/0x6d0 [ 2198.894570] udpv6_sendmsg+0x20d3/0x2ad0 [ 2198.895447] ? ip_frag_init+0x350/0x350 [ 2198.896344] ? udp_v6_push_pending_frames+0x360/0x360 [ 2198.897466] ? SOFTIRQ_verbose+0x10/0x10 [ 2198.898349] ? lock_acquire+0x197/0x470 [ 2198.899203] ? find_held_lock+0x2c/0x110 [ 2198.900122] ? __might_fault+0xd3/0x180 [ 2198.900989] ? sock_has_perm+0x1ea/0x280 [ 2198.901879] ? __import_iovec+0x458/0x590 [ 2198.902771] ? udp_v6_push_pending_frames+0x360/0x360 [ 2198.903881] inet6_sendmsg+0x105/0x140 [ 2198.904752] ? inet6_compat_ioctl+0x320/0x320 [ 2198.905718] __sock_sendmsg+0xf2/0x190 [ 2198.906558] ____sys_sendmsg+0x334/0x870 [ 2198.907431] ? sock_write_iter+0x3d0/0x3d0 [ 2198.924134] ? do_recvmmsg+0x6d0/0x6d0 [ 2198.928234] ? SOFTIRQ_verbose+0x10/0x10 [ 2198.928580] ? mark_lock+0xf5/0x2df0 [ 2198.928899] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2198.929345] ___sys_sendmsg+0xf3/0x170 [ 2198.929677] ? sendmsg_copy_msghdr+0x160/0x160 [ 2198.930068] ? __fget_files+0x2cf/0x520 [ 2198.930405] ? lock_downgrade+0x6d0/0x6d0 [ 2198.930759] ? lock_downgrade+0x6d0/0x6d0 [ 2198.931116] ? __fget_files+0x2f8/0x520 [ 2198.931457] ? __fget_light+0xea/0x290 [ 2198.931792] __sys_sendmmsg+0x195/0x470 [ 2198.932155] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2198.932521] ? lock_downgrade+0x6d0/0x6d0 [ 2198.932888] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2198.933299] ? wait_for_completion_io+0x270/0x270 [ 2198.933711] ? rcu_read_lock_any_held+0x75/0xa0 [ 2198.934102] ? vfs_write+0x354/0xb10 [ 2198.934419] ? fput_many+0x2f/0x1a0 [ 2198.934730] ? ksys_write+0x1a9/0x260 [ 2198.935062] ? __ia32_sys_read+0xb0/0xb0 [ 2198.935411] __x64_sys_sendmmsg+0x99/0x100 [ 2198.935770] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2198.936222] do_syscall_64+0x33/0x40 [ 2198.936539] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2198.936970] RIP: 0033:0x7f9ff3490b19 [ 2198.937285] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2198.938823] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2198.939464] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2198.940078] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2198.940675] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2198.941272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2198.941868] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 03:01:28 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400036c21206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:01:28 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x3, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) 03:01:28 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xa7c8}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:01:28 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00') ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) sendmsg$NL80211_CMD_GET_SURVEY(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="1c000000fd6d34a34da6a7f4fca9701359d0e981ead1bb03e767cec802f88e538c11579d9c45e888a06af98286a33362c3074a4a6e757c6de6a484812d135a98025a4e38a4f31f9e1e7e2ee9eb91b12ec079e4e8658f1bccc72c9c9724e0f1437e20b595239f1d7393e7ef02426e8e805ee2e18788ccabc0830b712547c9b13858", @ANYRES16=0x0, @ANYRES32=0x0], 0x1c}}, 0x0) sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x40000) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000002) ftruncate(0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) lseek(r1, 0x800, 0x0) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000000)=@req3={0x86, 0x87, 0xfffffff9, 0x1, 0x7fff, 0x9, 0x80000001}, 0x1c) r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) stat(&(0x7f0000000200)='./file1\x00', &(0x7f0000000580)) sendfile(r1, r2, 0x0, 0x100000001) 03:01:28 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 8) 03:01:28 executing program 6: r0 = perf_event_open(0x0, 0x0, 0x7, 0xffffffffffffffff, 0x0) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0) capget(&(0x7f0000000080), &(0x7f0000000100)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$pidfd(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r3 = dup(r2) pidfd_send_signal(r3, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1010, r3, 0x10000000) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r3, 0x4008240b, &(0x7f0000000200)={0x0, 0x80, 0x80, 0x0, 0xd8, 0xfc, 0x0, 0xb0d, 0x28000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0x6, 0x62}, 0x100, 0x4, 0x1, 0x6, 0x4, 0x114, 0x7, 0x0, 0xfffffffc}) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {r0}}, './file1\x00'}) ioctl$KDSETKEYCODE(r4, 0x4b4d, &(0x7f00000000c0)={0x49, 0x7fff}) ioctl$TIOCL_SCROLLCONSOLE(r1, 0x5453, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x4) fcntl$getown(r1, 0x9) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000180)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x2, 0x0, 0x406, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xb10d) ioctl$GIO_FONTX(r1, 0x4b6b, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000380)={0x0, 0x52b2, 0x2, 0x0, 0x68}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000001c0), &(0x7f0000000400)) 03:01:28 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 79) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:01:28 executing program 2: r0 = perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x7}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r1, 0x0) r2 = openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000057b00)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r5}], 0x80, "5fabd34a60e47f"}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000042bc0)={0x0, ""/256, 0x0}) ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, &(0x7f0000056b00)={{0x0, 0x8, 0x7, 0x9, 0x3, 0x5, 0x6, 0xffff, 0x3, 0x1, 0x0, 0x2, 0x3f, 0x1000, 0x5}}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000057b00)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r13}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r12}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r10}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r11}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r10, r13}], 0x80, "5fabd34a60e47f"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r2, 0xd000943d, &(0x7f0000042dc0)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r6}], 0x1, "5d02070176d3ef"}) ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, &(0x7f0000056b00)={{0x0, 0x8, 0x7, 0x9, 0x3, 0x5, 0x6, 0xffff, 0x3, 0x1, 0x0, 0x2, 0x3f, 0x1000, 0x5}}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000057b00)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r19}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r18}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r16}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r17}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r16, r19}], 0x80, "5fabd34a60e47f"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r1, 0xd000943d, &(0x7f0000043dc0)={0x3, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r14}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r5}, {r9}, {}, {r11}, {0x0, r15}, {}, {}, {0x0, r19}], 0x2b, "0a4fc0b5359013"}) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000100)='system_u:object_r:inetd_exec_t:s0\x00', 0x22, 0x3) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) stat(&(0x7f0000000200)='./file1\x00', &(0x7f0000000240)) [ 2213.970470] FAULT_INJECTION: forcing a failure. [ 2213.970470] name failslab, interval 1, probability 0, space 0, times 0 [ 2213.971818] CPU: 0 PID: 11578 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2213.973234] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2213.974199] Call Trace: [ 2213.974452] dump_stack+0x107/0x167 [ 2213.975000] should_fail.cold+0x5/0xa [ 2213.975356] ? skb_clone+0x14f/0x3d0 [ 2213.975808] should_failslab+0x5/0x20 [ 2213.976327] kmem_cache_alloc+0x5b/0x310 [ 2213.976761] skb_clone+0x14f/0x3d0 [ 2213.977294] __skb_tstamp_tx+0x422/0x8d0 [ 2213.977718] __dev_queue_xmit+0x1770/0x2710 [ 2213.978327] ? find_held_lock+0x2c/0x110 [ 2213.978747] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2213.979374] ? lock_downgrade+0x6d0/0x6d0 [ 2213.979799] ? lock_acquire+0x197/0x470 [ 2213.980242] ? ip_finish_output2+0x220/0x21f0 [ 2213.980837] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2213.981522] neigh_connected_output+0x382/0x4d0 [ 2213.982021] ip_finish_output2+0x6f1/0x21f0 [ 2213.982485] ? nf_hook_slow+0xfc/0x1e0 [ 2213.983032] ? ip_frag_next+0x9e0/0x9e0 [ 2213.983469] ? nf_hook+0x160/0x510 [ 2213.983955] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2213.984499] __ip_finish_output.part.0+0x5f3/0xb50 [ 2213.985151] ? ip_fragment.constprop.0+0x240/0x240 [ 2213.985698] ? nf_hook+0x510/0x510 [ 2213.986227] ip_output+0x2f7/0x600 [ 2213.986561] ip_send_skb+0xdd/0x260 [ 2213.987167] udp_send_skb+0x6da/0x11d0 [ 2213.987536] udp_sendmsg+0x197f/0x2160 [ 2213.988146] ? ip_frag_init+0x350/0x350 [ 2213.988533] ? udp_setsockopt+0xc0/0xc0 [ 2213.989065] ? __lock_acquire+0xbb1/0x5b00 [ 2213.989605] ? handle_mm_fault+0x1a0b/0x3500 [ 2213.990166] ? lock_downgrade+0x6d0/0x6d0 [ 2213.990723] ? do_raw_spin_lock+0x121/0x260 [ 2213.991236] ? rwlock_bug.part.0+0x90/0x90 [ 2213.991810] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2213.992554] udpv6_sendmsg+0x1b30/0x2ad0 [ 2213.992990] ? udp_v6_push_pending_frames+0x360/0x360 [ 2213.993743] ? _down_write_nest_lock+0x160/0x160 [ 2213.994238] ? vmacache_update+0xce/0x140 [ 2213.994828] ? do_user_addr_fault+0x5b0/0xc60 [ 2213.995244] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2213.996007] ? exc_page_fault+0xca/0x1a0 [ 2213.996456] ? trace_hardirqs_on+0x5b/0x180 [ 2213.997423] ? exc_page_fault+0xca/0x1a0 [ 2213.997927] ? asm_exc_page_fault+0x1e/0x30 [ 2213.998462] ? sock_has_perm+0x1ea/0x280 [ 2213.998996] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2213.999692] ? copy_user_generic_string+0x2c/0x40 [ 2214.000228] ? __import_iovec+0x458/0x590 [ 2214.000801] ? udp_v6_push_pending_frames+0x360/0x360 [ 2214.001343] inet6_sendmsg+0x105/0x140 [ 2214.001944] ? inet6_compat_ioctl+0x320/0x320 [ 2214.002419] __sock_sendmsg+0xf2/0x190 [ 2214.003001] ____sys_sendmsg+0x334/0x870 [ 2214.003443] ? sock_write_iter+0x3d0/0x3d0 [ 2214.004024] ? do_recvmmsg+0x6d0/0x6d0 [ 2214.004462] ? SOFTIRQ_verbose+0x10/0x10 [ 2214.005055] ? mark_lock+0xf5/0x2df0 [ 2214.005473] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2214.006185] ___sys_sendmsg+0xf3/0x170 [ 2214.006615] ? sendmsg_copy_msghdr+0x160/0x160 [ 2214.007273] ? __fget_files+0x2cf/0x520 [ 2214.007745] ? lock_downgrade+0x6d0/0x6d0 [ 2214.008320] ? lock_downgrade+0x6d0/0x6d0 [ 2214.008818] ? __fget_files+0x2f8/0x520 [ 2214.009321] ? __fget_light+0xea/0x290 [ 2214.009831] __sys_sendmmsg+0x195/0x470 [ 2214.010204] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2214.010849] ? lock_downgrade+0x6d0/0x6d0 [ 2214.011246] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2214.011989] ? wait_for_completion_io+0x270/0x270 [ 2214.012572] ? rcu_read_lock_any_held+0x75/0xa0 [ 2214.013159] ? vfs_write+0x354/0xb10 [ 2214.013505] ? fput_many+0x2f/0x1a0 [ 2214.014064] ? ksys_write+0x1a9/0x260 [ 2214.014417] ? __ia32_sys_read+0xb0/0xb0 [ 2214.014952] __x64_sys_sendmmsg+0x99/0x100 [ 2214.015406] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2214.016068] do_syscall_64+0x33/0x40 [ 2214.016489] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2214.017151] RIP: 0033:0x7f0fecadbb19 [ 2214.017561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2214.019733] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2214.020641] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2214.021472] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2214.022231] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2214.023101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2214.023962] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 [ 2214.082491] FAULT_INJECTION: forcing a failure. [ 2214.082491] name failslab, interval 1, probability 0, space 0, times 0 [ 2214.084021] CPU: 1 PID: 11585 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2214.084665] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2214.085356] Call Trace: [ 2214.085583] dump_stack+0x107/0x167 [ 2214.085896] should_fail.cold+0x5/0xa [ 2214.086221] ? __alloc_skb+0x6d/0x5b0 [ 2214.086546] should_failslab+0x5/0x20 [ 2214.086872] kmem_cache_alloc_node+0x55/0x330 [ 2214.087254] __alloc_skb+0x6d/0x5b0 [ 2214.087571] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2214.088001] ? ip6_mtu+0x1bb/0x3d0 [ 2214.088340] ? ip_frag_init+0x350/0x350 [ 2214.088688] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2214.089082] ? ip6_mtu+0x1e9/0x3d0 [ 2214.089386] ? ip6_setup_cork+0xfb7/0x1740 [ 2214.089745] ip6_make_skb+0x2de/0x4e0 [ 2214.090067] ? ip_frag_init+0x350/0x350 [ 2214.090407] ? ip_frag_init+0x350/0x350 [ 2214.090745] ? ip6_push_pending_frames+0xf0/0xf0 [ 2214.091151] ? ip6_dst_hoplimit+0x199/0x440 [ 2214.091516] ? lock_downgrade+0x6d0/0x6d0 [ 2214.091878] udpv6_sendmsg+0x20d3/0x2ad0 [ 2214.092252] ? ip_frag_init+0x350/0x350 [ 2214.092596] ? udp_v6_push_pending_frames+0x360/0x360 [ 2214.093030] ? SOFTIRQ_verbose+0x10/0x10 [ 2214.093384] ? lock_acquire+0x197/0x470 [ 2214.093720] ? find_held_lock+0x2c/0x110 [ 2214.094069] ? __might_fault+0xd3/0x180 [ 2214.094412] ? sock_has_perm+0x1ea/0x280 [ 2214.094773] ? __import_iovec+0x458/0x590 [ 2214.095123] ? udp_v6_push_pending_frames+0x360/0x360 [ 2214.095561] inet6_sendmsg+0x105/0x140 [ 2214.095892] ? inet6_compat_ioctl+0x320/0x320 [ 2214.096314] __sock_sendmsg+0xf2/0x190 [ 2214.096674] ____sys_sendmsg+0x334/0x870 [ 2214.097053] ? sock_write_iter+0x3d0/0x3d0 [ 2214.097441] ? do_recvmmsg+0x6d0/0x6d0 [ 2214.097806] ? SOFTIRQ_verbose+0x10/0x10 [ 2214.098183] ? mark_lock+0xf5/0x2df0 [ 2214.098534] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2214.099023] ___sys_sendmsg+0xf3/0x170 [ 2214.099393] ? sendmsg_copy_msghdr+0x160/0x160 [ 2214.099822] ? __fget_files+0x2cf/0x520 [ 2214.100212] ? lock_downgrade+0x6d0/0x6d0 [ 2214.100603] ? lock_downgrade+0x6d0/0x6d0 [ 2214.100998] ? __fget_files+0x2f8/0x520 [ 2214.101377] ? __fget_light+0xea/0x290 [ 2214.101754] __sys_sendmmsg+0x195/0x470 [ 2214.102135] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2214.102541] ? lock_downgrade+0x6d0/0x6d0 [ 2214.102947] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2214.103398] ? wait_for_completion_io+0x270/0x270 [ 2214.103848] ? rcu_read_lock_any_held+0x75/0xa0 [ 2214.104297] ? vfs_write+0x354/0xb10 [ 2214.104651] ? fput_many+0x2f/0x1a0 [ 2214.104994] ? ksys_write+0x1a9/0x260 [ 2214.105353] ? __ia32_sys_read+0xb0/0xb0 [ 2214.105741] __x64_sys_sendmmsg+0x99/0x100 [ 2214.106136] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2214.106610] do_syscall_64+0x33/0x40 [ 2214.106958] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2214.107429] RIP: 0033:0x7f9ff3490b19 [ 2214.107779] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2214.109446] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2214.110149] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2214.110803] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2214.111451] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2214.112110] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2214.112762] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 03:01:28 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xad60}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:01:28 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400037421206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:01:28 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x14, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x4317, &(0x7f0000000080)={0x0, 0x0, 0x8, 0x2}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000240)=0x0) syz_io_uring_setup(0x33e3, &(0x7f0000000100)={0x0, 0x224f, 0x20, 0x2, 0x146, 0x0, r0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)) r3 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000100)=0x0) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, {}, 0x0, {0x0, r7}}, 0x0) syz_io_uring_submit(r2, r1, &(0x7f0000000540)=@IORING_OP_RECVMSG={0xa, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)=@generic, 0x80, &(0x7f0000000480)=[{&(0x7f0000000280)=""/60, 0x3c}, {&(0x7f00000002c0)=""/217, 0xd9}, {&(0x7f00000003c0)=""/135, 0x87}], 0x3, &(0x7f00000004c0)=""/44, 0x2c}, 0x0, 0x20, 0x1, {0x0, r7}}, 0x987) 03:01:28 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 80) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:01:28 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 9) 03:01:28 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') chdir(&(0x7f0000000000)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) r1 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r1, 0x400, 0x1) mount$9p_unix(&(0x7f00000000c0)='./file2\x00', &(0x7f0000000200)='./file2\x00', &(0x7f00000002c0), 0x404, &(0x7f0000000300)={'trans=unix,', {[{@cache_fscache}, {@uname={'uname', 0x3d, 'vfat\x00'}}], [{@subj_type}, {@smackfstransmute={'smackfstransmute', 0x3d, 'vfat\x00'}}, {@dont_appraise}]}}) fcntl$setown(r1, 0x8, 0xffffffffffffffff) close(r1) r2 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r2, 0x400, 0x1) fcntl$setown(r2, 0x8, 0xffffffffffffffff) close(r2) r3 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r3, 0x400, 0x1) fcntl$setown(r3, 0x8, 0xffffffffffffffff) creat(&(0x7f0000000380)='./file2\x00', 0x83) close(r3) write$binfmt_elf64(r3, &(0x7f0000000180)=ANY=[@ANYRES64, @ANYRES64=r0, @ANYRESOCT], 0xfffffffffffffecd) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) 03:01:28 executing program 2: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r1, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') syz_io_uring_setup(0x6cf0, &(0x7f0000000200)={0x0, 0xb4ee, 0x10, 0x1, 0x2d0, 0x0, r1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000100)=0x0) r4 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x3, 0x0, 0x4307, 0x640, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000100)) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0) r8 = mmap$IORING_OFF_SQES(&(0x7f0000fef000/0x11000)=nil, 0x11000, 0x3000000, 0x1010, r2, 0x10000000) r9 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r10 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000100)=0x0) r13 = io_uring_register$IORING_REGISTER_PERSONALITY(r10, 0x9, 0x0, 0x0) r14 = mmap$IORING_OFF_SQES(&(0x7f0000ff8000/0x8000)=nil, 0x8000, 0x100000c, 0x112, r5, 0x10000000) syz_io_uring_submit(0x0, r14, &(0x7f00000003c0)=@IORING_OP_ASYNC_CANCEL={0xe, 0x3, 0x0, 0x0, 0x0, 0x1}, 0x8000) syz_io_uring_submit(r11, r12, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r9, 0x0, 0x0, 0x0, {}, 0x0, {0x0, r13}}, 0x0) syz_io_uring_submit(r6, r8, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, {}, 0x0, {0x0, r13}}, 0x0) syz_io_uring_submit(0x0, r3, &(0x7f0000000380)=@IORING_OP_WRITEV={0x2, 0x0, 0x6000, @fd=r0, 0x2, &(0x7f0000000340)=[{&(0x7f0000000280)="9a29b6e5c9cedb65fcf6ea2b622098407fb5a37af8fe68612e4bc9bc1704dc2cd352f487a6d34953aa79636ffe6cfb4842", 0x31}, {&(0x7f00000002c0)="71159946140043c29f86b8dda7e04ca5f223e7c1924a48877a4ad720b0337562f6b5fa005b4d88f1c83fa43ea3ebcc4755f5e62e035c149b92d309dd3afa5573aa2897a919ba43368b75f52221b40e88c17e6cb481ce4f2f485e0648bb6ab67dd3a91e616a7315", 0x67}], 0x2, 0x1d, 0x1, {0x2, r7}}, 0x2) creat(&(0x7f0000000140)='./file0\x00', 0x0) 03:01:28 executing program 5: r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x2c, r2, 0x5, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r3}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x15e0}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}]]}, 0x2c}}, 0x0) sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x24, r2, 0x20, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x20040801}, 0x4000800) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) close(0xffffffffffffffff) connect$inet6(0xffffffffffffffff, &(0x7f0000000540)={0xa, 0x4e21, 0x74, @remote, 0x2}, 0x1c) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000340)='/proc/cpuinfo\x00', 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r4, 0x89f3, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'sit0\x00', 0x0, 0x4, 0x8, 0x20, 0x2, 0x24, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @ipv4={'\x00', '\xff\xff', @local}, 0x8, 0x8000, 0x7, 0xffff54aa}}) syz_mount_image$vfat(&(0x7f0000002400), &(0x7f0000002440)='./file0\x00', 0x0, 0x0, &(0x7f00000046c0), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="6e6f636173652c696f636861727365743d61736369692c6957b9be3505341c643d6575632d6a702c00f01b5521427ed13a08da8293a4fca8c5eb5294b8c432b7bb04ba9978506b62f6be6196ac98866f4800137090c6d98a79b99daa37132643600079a949f2c65fe2708ab3fd82cc0795c66cc45c2f8befed3fd4505ed47473b6501594582248541214f9b8db8fafa8278a68b75cf073ab4761d3bcae58705ac726c35c3fec4f4fcc1e3f380e716e28e23273ecdd8e989661ca292b495a957ae110ea479e8eef"]) r5 = fcntl$dupfd(r1, 0x406, r1) r6 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r6, 0x400, 0x1) fcntl$setown(r6, 0x8, 0xffffffffffffffff) close(r6) ioctl$sock_inet6_tcp_SIOCOUTQNSD(r6, 0x894b, &(0x7f0000000300)) ioctl$BTRFS_IOC_DEFRAG_RANGE(r5, 0x40309410, &(0x7f00000002c0)={0x8, 0x414, 0x3, 0x0, 0x1, [0x5, 0x3, 0xffff7fff, 0x4d]}) getsockopt$EBT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x81, &(0x7f0000000240)={'filter\x00', 0x0, 0x4, 0x24, [0xe22, 0xfffffffffffffffc, 0x3ff, 0xffffffffbaac065a, 0x9, 0xff], 0x2, &(0x7f0000000100)=[{}, {}], &(0x7f0000000140)=""/36}, &(0x7f0000000180)=0x78) [ 2214.552493] FAULT_INJECTION: forcing a failure. [ 2214.552493] name failslab, interval 1, probability 0, space 0, times 0 [ 2214.553648] CPU: 0 PID: 11608 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2214.554349] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2214.555183] Call Trace: [ 2214.555469] dump_stack+0x107/0x167 [ 2214.555857] should_fail.cold+0x5/0xa [ 2214.556273] ? create_object.isra.0+0x3a/0xa20 [ 2214.556760] should_failslab+0x5/0x20 [ 2214.557146] kmem_cache_alloc+0x5b/0x310 [ 2214.557560] ? mark_lock+0xf5/0x2df0 [ 2214.557948] create_object.isra.0+0x3a/0xa20 [ 2214.558388] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2214.558919] kmem_cache_alloc+0x159/0x310 [ 2214.559349] skb_clone+0x14f/0x3d0 [ 2214.559730] __skb_tstamp_tx+0x422/0x8d0 [ 2214.560163] __dev_queue_xmit+0x1770/0x2710 [ 2214.560602] ? find_held_lock+0x2c/0x110 [ 2214.561029] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2214.561493] ? lock_downgrade+0x6d0/0x6d0 [ 2214.561927] ? lock_acquire+0x197/0x470 [ 2214.562329] ? ip_finish_output2+0x220/0x21f0 [ 2214.562797] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2214.563336] neigh_connected_output+0x382/0x4d0 [ 2214.563831] ip_finish_output2+0x6f1/0x21f0 [ 2214.564297] ? nf_hook_slow+0xfc/0x1e0 [ 2214.564692] ? ip_frag_next+0x9e0/0x9e0 [ 2214.565110] ? nf_hook+0x160/0x510 [ 2214.565471] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2214.565998] __ip_finish_output.part.0+0x5f3/0xb50 [ 2214.566508] ? ip_fragment.constprop.0+0x240/0x240 [ 2214.567010] ? nf_hook+0x510/0x510 [ 2214.567390] ip_output+0x2f7/0x600 [ 2214.567775] ip_send_skb+0xdd/0x260 [ 2214.568155] udp_send_skb+0x6da/0x11d0 [ 2214.568566] udp_sendmsg+0x197f/0x2160 [ 2214.568974] ? ip_frag_init+0x350/0x350 [ 2214.569388] ? udp_setsockopt+0xc0/0xc0 [ 2214.569821] ? __lock_acquire+0xbb1/0x5b00 [ 2214.570268] ? handle_mm_fault+0x1a0b/0x3500 [ 2214.570732] ? lock_downgrade+0x6d0/0x6d0 [ 2214.571154] ? do_raw_spin_lock+0x121/0x260 [ 2214.571600] ? rwlock_bug.part.0+0x90/0x90 [ 2214.572038] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2214.572587] udpv6_sendmsg+0x1b30/0x2ad0 [ 2214.573018] ? udp_v6_push_pending_frames+0x360/0x360 [ 2214.573536] ? _down_write_nest_lock+0x160/0x160 [ 2214.574035] ? vmacache_update+0xce/0x140 [ 2214.574466] ? do_user_addr_fault+0x5b0/0xc60 [ 2214.574944] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2214.575480] ? exc_page_fault+0xca/0x1a0 [ 2214.575902] ? trace_hardirqs_on+0x5b/0x180 [ 2214.576364] ? exc_page_fault+0xca/0x1a0 [ 2214.576792] ? asm_exc_page_fault+0x1e/0x30 [ 2214.577233] ? sock_has_perm+0x1ea/0x280 [ 2214.577655] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2214.578203] ? copy_user_generic_string+0x2c/0x40 [ 2214.578699] ? __import_iovec+0x458/0x590 [ 2214.579137] ? udp_v6_push_pending_frames+0x360/0x360 [ 2214.579680] inet6_sendmsg+0x105/0x140 [ 2214.580084] ? inet6_compat_ioctl+0x320/0x320 [ 2214.580560] __sock_sendmsg+0xf2/0x190 [ 2214.580969] ____sys_sendmsg+0x334/0x870 [ 2214.581383] ? sock_write_iter+0x3d0/0x3d0 [ 2214.581830] ? do_recvmmsg+0x6d0/0x6d0 [ 2214.582226] ? SOFTIRQ_verbose+0x10/0x10 [ 2214.582639] ? mark_lock+0xf5/0x2df0 [ 2214.583047] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2214.583568] ___sys_sendmsg+0xf3/0x170 [ 2214.583985] ? sendmsg_copy_msghdr+0x160/0x160 [ 2214.584472] ? __fget_files+0x2cf/0x520 [ 2214.584885] ? lock_downgrade+0x6d0/0x6d0 [ 2214.585313] ? lock_downgrade+0x6d0/0x6d0 [ 2214.585734] ? __fget_files+0x2f8/0x520 [ 2214.586156] ? __fget_light+0xea/0x290 [ 2214.586569] __sys_sendmmsg+0x195/0x470 [ 2214.586990] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2214.587440] ? lock_downgrade+0x6d0/0x6d0 [ 2214.587890] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2214.588426] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2214.588962] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2214.589519] ? trace_hardirqs_on+0x5b/0x180 [ 2214.589969] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2214.590531] __x64_sys_sendmmsg+0x99/0x100 [ 2214.590985] do_syscall_64+0x33/0x40 [ 2214.591363] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2214.591899] RIP: 0033:0x7f0fecadbb19 [ 2214.592297] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2214.594142] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2214.594913] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2214.595635] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2214.596383] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2214.597100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2214.597830] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 [ 2214.679448] FAT-fs (loop5): Unrecognized mount option "iW¹¾54d=euc-jp" or missing value [ 2214.695232] 9pnet: p9_fd_create_unix (11619): problem connecting socket: ./file2: -111 [ 2214.719389] FAULT_INJECTION: forcing a failure. [ 2214.719389] name failslab, interval 1, probability 0, space 0, times 0 [ 2214.720521] CPU: 1 PID: 11618 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2214.721198] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2214.722040] Call Trace: [ 2214.722295] dump_stack+0x107/0x167 [ 2214.722635] should_fail.cold+0x5/0xa [ 2214.723055] ? create_object.isra.0+0x3a/0xa20 [ 2214.723482] should_failslab+0x5/0x20 [ 2214.723896] kmem_cache_alloc+0x5b/0x310 [ 2214.724307] create_object.isra.0+0x3a/0xa20 [ 2214.724762] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2214.725241] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 2214.725798] ? __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2214.726277] __alloc_skb+0xb1/0x5b0 [ 2214.726613] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2214.727136] ? ip6_mtu+0x1bb/0x3d0 [ 2214.727474] ? ip_frag_init+0x350/0x350 [ 2214.727916] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2214.728375] ? ip6_mtu+0x1e9/0x3d0 [ 2214.728769] ? ip6_setup_cork+0xfb7/0x1740 [ 2214.729162] ip6_make_skb+0x2de/0x4e0 [ 2214.729512] ? ip_frag_init+0x350/0x350 [ 2214.729968] ? ip_frag_init+0x350/0x350 [ 2214.730349] ? ip6_push_pending_frames+0xf0/0xf0 [ 2214.730844] ? ip6_dst_hoplimit+0x199/0x440 [ 2214.731243] ? lock_downgrade+0x6d0/0x6d0 [ 2214.731652] udpv6_sendmsg+0x20d3/0x2ad0 [ 2214.732105] ? ip_frag_init+0x350/0x350 [ 2214.732499] ? udp_v6_push_pending_frames+0x360/0x360 [ 2214.733027] ? SOFTIRQ_verbose+0x10/0x10 [ 2214.734104] ? lock_acquire+0x197/0x470 [ 2214.734445] ? find_held_lock+0x2c/0x110 [ 2214.734841] ? __might_fault+0xd3/0x180 [ 2214.735191] ? sock_has_perm+0x1ea/0x280 [ 2214.735552] ? __import_iovec+0x458/0x590 [ 2214.735958] ? udp_v6_push_pending_frames+0x360/0x360 [ 2214.736421] inet6_sendmsg+0x105/0x140 [ 2214.736803] ? inet6_compat_ioctl+0x320/0x320 [ 2214.737187] __sock_sendmsg+0xf2/0x190 [ 2214.737520] ____sys_sendmsg+0x334/0x870 [ 2214.737943] ? sock_write_iter+0x3d0/0x3d0 [ 2214.738301] ? do_recvmmsg+0x6d0/0x6d0 [ 2214.738634] ? SOFTIRQ_verbose+0x10/0x10 [ 2214.739036] ___sys_sendmsg+0xf3/0x170 [ 2214.739370] ? sendmsg_copy_msghdr+0x160/0x160 [ 2214.739763] ? __fget_files+0x2cf/0x520 [ 2214.740116] ? lock_downgrade+0x6d0/0x6d0 [ 2214.740536] ? __fget_files+0x2f8/0x520 [ 2214.740905] ? __fget_light+0xea/0x290 [ 2214.741247] __sys_sendmmsg+0x195/0x470 [ 2214.741591] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2214.741983] ? setup_APIC_eilvt+0x2f0/0x2f0 [ 2214.742351] ? clockevents_program_event+0x131/0x360 [ 2214.742784] ? tick_program_event+0xa8/0x140 [ 2214.743164] ? hrtimer_interrupt+0x771/0x9b0 [ 2214.743554] __x64_sys_sendmmsg+0x99/0x100 [ 2214.743920] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2214.744394] do_syscall_64+0x33/0x40 [ 2214.744711] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2214.745142] RIP: 0033:0x7f9ff3490b19 [ 2214.745467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2214.747003] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2214.747643] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2214.748282] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2214.748882] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2214.749481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2214.750077] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 [ 2214.796115] 9pnet: p9_fd_create_unix (11624): problem connecting socket: ./file2: -111 03:01:44 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 10) 03:01:44 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400037a21206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:01:44 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r1 = openat(r0, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000200)='./file0\x00', 0xfffffffffffffff8, 0x1, &(0x7f0000000340)=[{&(0x7f00000002c0)="d92e1a1e60a17f967be2fd30beffc0c67b1bc09342580a55afb1aa0efeaa3c7c2f99aa9f6ae1b0929a4d5d091fa8343ba516f40adf0da91df6e92f53ef289a1a6500a60fd80ddf9eae145ff1bd131b30116259b469a61a6d082b", 0x5a, 0x9}], 0x3000, &(0x7f0000000380)={[{@fat=@errors_continue}, {@utf8no}, {@uni_xlateno}, {@shortname_win95}, {@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@fat=@errors_remount}], [{@smackfsfloor={'smackfsfloor', 0x3d, '\x9d'}}, {@measure}, {@hash}]}) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x45) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) fallocate(r0, 0xb, 0x3, 0x3) r2 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r2, 0x400, 0x1) fcntl$setown(r2, 0x8, 0xffffffffffffffff) close(r2) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'veth1_to_batadv\x00'}) 03:01:44 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x980e}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x600000, 0x0) creat(&(0x7f0000000140)='./file0\x00', 0x0) 03:01:44 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xb2f8}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:01:44 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="fbffffffffffffff00004400000008000300", @ANYRES32=r2, @ANYBLOB="0a0018000303030303030000080026006c090000"], 0x30}}, 0x0) sendmsg$NL80211_CMD_GET_MPP(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x28, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x28}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="050000000000000000000200000008000300", @ANYRES32=r5, @ANYBLOB="08022600e00000000800270003000000"], 0x2c}}, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x2c, 0x0, 0x5, 0x0, 0x0, {{0x2}, {@val={0x8}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x15e0}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}]]}, 0x2c}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000580)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_QOS_MAP(r0, &(0x7f00000007c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000780)={&(0x7f00000005c0)={0x1ac, 0x0, 0x2, 0x70bd27, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r7}, @val={0xc, 0x99, {0x10000, 0x58}}}}, [@NL80211_ATTR_QOS_MAP={0x32, 0xc7, {[{0x7, 0x7}, {0xfb, 0x6}, {0x80, 0x2}, {0x6, 0x7}, {0x6, 0x5}, {0x3, 0x7}, {0xb3, 0x7}, {0x24, 0x1}, {0x0, 0x4}, {0x8, 0x7}, {0x5, 0x2}, {0x6}, {0x7f, 0x2}, {0x7f, 0x7}, {0x33, 0x6}, {0x2, 0x3}, {0x0, 0x5}, {0x3f, 0x1}, {0x7f, 0x6}], "8fbbbae14ba8e712"}}, @NL80211_ATTR_QOS_MAP={0x26, 0xc7, {[{0x80, 0x1}, {0x4}, {0x7}, {0x9, 0x7}, {0x9c, 0x4}, {0x8, 0x2}, {0x20, 0x2}, {0xff, 0x3}, {0x60, 0x4f}, {0x0, 0x1}, {0x8, 0x4}, {0x0, 0x1}, {0xd2}], "04cb8f04a3dd0bcc"}}, @NL80211_ATTR_QOS_MAP={0x36, 0xc7, {[{0x8}, {0x9, 0x6}, {0x1}, {0x8, 0x2}, {0x3, 0x4}, {0x9, 0x3}, {0x0, 0x5}, {0xff, 0x1}, {0x1, 0x1}, {0x11, 0x3}, {0xe0, 0x2}, {0x0, 0x4}, {0x80, 0x5}, {0x39, 0x7}, {0x7, 0x20}, {0xff, 0x7}, {0xe1, 0x2}, {0xff, 0x7}, {0x2, 0x1}, {0x0, 0x7}, {0x0, 0x7}], "cf9036aa1460a262"}}, @NL80211_ATTR_QOS_MAP={0x34, 0xc7, {[{0x1, 0x4}, {0x8, 0x7}, {0xff, 0x5}, {0xff, 0x4}, {0x2, 0x1}, {0xda, 0x5}, {0x3, 0x2}, {0xff, 0x3}, {0x7, 0x2}, {0xc9, 0x5}, {0x5, 0x7}, {0x4, 0x7}, {0x9, 0x5}, {0x2, 0x5}, {0x80, 0x3}, {0x7, 0x1}, {0x0, 0x4}, {0x81, 0x4}, {0x3f, 0x7}, {0x0, 0x6}], "91a9413132a26b36"}}, @NL80211_ATTR_QOS_MAP={0x34, 0xc7, {[{0x3f, 0x4}, {0x6, 0x5}, {0xf5, 0x4}, {0x9, 0x1}, {0x8, 0x7}, {0x2, 0x1}, {0xa9, 0x6}, {0x8, 0x4}, {0x4}, {0x3, 0x3}, {0x0, 0x3}, {0xff, 0x5}, {0x3, 0x1}, {0xf9, 0x7}, {0x7d, 0x6}, {0x3f, 0x2}, {0xfa, 0x3}, {0x7f, 0x7}, {0x1f, 0x5}, {0x8, 0x5}], "93cedeb87b728078"}}, @NL80211_ATTR_QOS_MAP={0x2c, 0xc7, {[{0x7f, 0x4}, {0x8, 0xcd}, {0x0, 0x7}, {0xff}, {0x3, 0x4}, {0xfd, 0x4}, {0x81, 0x5}, {0xff, 0x6}, {0x99, 0x2}, {0x2, 0x1}, {0x6, 0x1}, {0x1f, 0x3}, {}, {0x9, 0x7}, {0xb6, 0x6}, {0xe0, 0x3}], "584b0ec882fe8e95"}}, @NL80211_ATTR_QOS_MAP={0x2e, 0xc7, {[{0x6, 0x2}, {0x8a}, {0x80, 0x5}, {0x7f, 0x1}, {0x1, 0x4}, {0x2, 0x2}, {}, {0xc0, 0x1}, {0x6, 0x2}, {0xfe, 0x7}, {0x3, 0x6}, {0x0, 0x2}, {0x9, 0x6}, {0x7, 0x4}, {0xe9, 0x4}, {0x9, 0x6}, {0x40}], "b560f5b8706db387"}}, @NL80211_ATTR_QOS_MAP={0x2a, 0xc7, {[{0x40, 0x7}, {0x30, 0x6}, {0x3e, 0x2}, {0x4, 0x6}, {0x40, 0x7}, {0x69, 0x5}, {0xaa, 0x2}, {0x94, 0x2}, {0x9, 0x1}, {0x9, 0x6}, {0x0, 0x2}, {0x3, 0x2}, {0x40}, {0xe2, 0x6}, {0xf9, 0x5e}], "3dfa17a2353fd4ea"}}]}, 0x1ac}, 0x1, 0x0, 0x0, 0x20000081}, 0x40) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x2c, r8, 0x5, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r9}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x15e0}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}]]}, 0x2c}}, 0x0) sendmsg$NL80211_CMD_RELOAD_REGDB(r0, &(0x7f0000000500)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000540)={&(0x7f0000000480)={0xfffffffffffffc7e, r4, 0x20, 0x170bd2b, 0x25dfdbff, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x4000000) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000400)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000880)={0x9c, r4, 0x20, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8, 0x3, r10}, @void}}, [@chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x994d}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x14c8}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x339}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xfffffffe}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x2b}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x1}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x128}], @chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xa}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x1}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1001fd}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x14}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0xc58d}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x308}]]}, 0x9c}, 0x1, 0x0, 0x0, 0x41}, 0x20004000) 03:01:44 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 81) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:01:44 executing program 6: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) clone3(&(0x7f0000000880)={0x20000, &(0x7f0000000640), &(0x7f0000000680)=0x0, &(0x7f00000006c0), {0xd}, &(0x7f0000000700), 0x0, &(0x7f0000000740)=""/224, &(0x7f0000000840)=[0xffffffffffffffff], 0x1}, 0x58) capset(&(0x7f0000000900)={0x19980330, r0}, &(0x7f0000000940)={0x5, 0x0, 0x3ff, 0x7, 0x8ff9}) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="010000801600010d00"], 0x14}}, 0x0) read(r2, &(0x7f0000000080)=""/65, 0x41) [ 2230.148327] FAULT_INJECTION: forcing a failure. [ 2230.148327] name failslab, interval 1, probability 0, space 0, times 0 [ 2230.149576] CPU: 1 PID: 11640 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2230.150161] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2230.150853] Call Trace: [ 2230.151087] dump_stack+0x107/0x167 [ 2230.151401] should_fail.cold+0x5/0xa [ 2230.151727] ? lock_release+0x680/0x680 [ 2230.152073] ? skb_clone+0x14f/0x3d0 [ 2230.152419] should_failslab+0x5/0x20 [ 2230.152745] kmem_cache_alloc+0x5b/0x310 [ 2230.153089] ? lock_downgrade+0x6d0/0x6d0 [ 2230.153446] skb_clone+0x14f/0x3d0 [ 2230.153753] dev_queue_xmit_nit+0x3a7/0xb00 [ 2230.154123] ? ipv6_mc_check_mld+0x1110/0x1110 [ 2230.154517] dev_hard_start_xmit+0xab/0x6f0 [ 2230.154890] __dev_queue_xmit+0x17ec/0x2710 [ 2230.155261] ? find_held_lock+0x2c/0x110 [ 2230.155609] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2230.155999] ? lock_downgrade+0x6d0/0x6d0 [ 2230.160390] ? lock_acquire+0x197/0x470 [ 2230.160730] ? ip_finish_output2+0x220/0x21f0 [ 2230.161119] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2230.161602] neigh_connected_output+0x382/0x4d0 [ 2230.162007] ip_finish_output2+0x6f1/0x21f0 [ 2230.162405] ? nf_hook_slow+0xfc/0x1e0 [ 2230.162737] ? ip_frag_next+0x9e0/0x9e0 [ 2230.163074] ? nf_hook+0x160/0x510 [ 2230.163416] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2230.163854] __ip_finish_output.part.0+0x5f3/0xb50 [ 2230.164309] ? ip_fragment.constprop.0+0x240/0x240 [ 2230.164725] ? nf_hook+0x510/0x510 [ 2230.165037] ip_output+0x2f7/0x600 [ 2230.165381] ip_send_skb+0xdd/0x260 [ 2230.165697] udp_send_skb+0x6da/0x11d0 [ 2230.166036] udp_sendmsg+0x197f/0x2160 [ 2230.166397] ? ip_frag_init+0x350/0x350 [ 2230.166744] ? udp_setsockopt+0xc0/0xc0 [ 2230.167089] ? __lock_acquire+0xbb1/0x5b00 [ 2230.167506] ? handle_mm_fault+0x1a0b/0x3500 [ 2230.167879] ? lock_downgrade+0x6d0/0x6d0 [ 2230.168270] ? do_raw_spin_lock+0x121/0x260 [ 2230.168652] ? rwlock_bug.part.0+0x90/0x90 [ 2230.169013] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2230.169501] udpv6_sendmsg+0x1b30/0x2ad0 [ 2230.169860] ? udp_v6_push_pending_frames+0x360/0x360 [ 2230.170322] ? _down_write_nest_lock+0x160/0x160 [ 2230.170727] ? vmacache_update+0xce/0x140 [ 2230.171085] ? do_user_addr_fault+0x5b0/0xc60 [ 2230.171504] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2230.171948] ? exc_page_fault+0xca/0x1a0 [ 2230.172323] ? trace_hardirqs_on+0x5b/0x180 [ 2230.172729] ? exc_page_fault+0xca/0x1a0 [ 2230.173111] ? asm_exc_page_fault+0x1e/0x30 [ 2230.173510] ? sock_has_perm+0x1ea/0x280 [ 2230.173883] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2230.174374] ? copy_user_generic_string+0x2c/0x40 [ 2230.174829] ? __import_iovec+0x458/0x590 [ 2230.175216] ? udp_v6_push_pending_frames+0x360/0x360 [ 2230.175701] inet6_sendmsg+0x105/0x140 [ 2230.176063] ? inet6_compat_ioctl+0x320/0x320 [ 2230.176509] __sock_sendmsg+0xf2/0x190 [ 2230.176858] ____sys_sendmsg+0x334/0x870 [ 2230.177225] ? sock_write_iter+0x3d0/0x3d0 [ 2230.177604] ? do_recvmmsg+0x6d0/0x6d0 [ 2230.177938] ? SOFTIRQ_verbose+0x10/0x10 [ 2230.178313] ? mark_lock+0xf5/0x2df0 [ 2230.178648] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2230.179097] ___sys_sendmsg+0xf3/0x170 [ 2230.179457] ? sendmsg_copy_msghdr+0x160/0x160 [ 2230.179851] ? __fget_files+0x2cf/0x520 [ 2230.180209] ? lock_downgrade+0x6d0/0x6d0 [ 2230.180612] ? lock_downgrade+0x6d0/0x6d0 [ 2230.180971] ? __fget_files+0x2f8/0x520 [ 2230.181343] ? __fget_light+0xea/0x290 [ 2230.181684] __sys_sendmmsg+0x195/0x470 [ 2230.182027] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2230.182430] ? lock_downgrade+0x6d0/0x6d0 [ 2230.182798] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2230.183237] ? wait_for_completion_io+0x270/0x270 [ 2230.183656] ? rcu_read_lock_any_held+0x75/0xa0 [ 2230.184050] ? vfs_write+0x354/0xb10 [ 2230.184428] ? fput_many+0x2f/0x1a0 [ 2230.184739] ? ksys_write+0x1a9/0x260 [ 2230.185064] ? __ia32_sys_read+0xb0/0xb0 [ 2230.185440] __x64_sys_sendmmsg+0x99/0x100 [ 2230.185801] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2230.186262] do_syscall_64+0x33/0x40 [ 2230.186597] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2230.187031] RIP: 0033:0x7f0fecadbb19 [ 2230.187377] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2230.188957] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2230.189622] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2230.190242] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2230.190857] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2230.191480] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2230.192076] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 [ 2230.240100] FAULT_INJECTION: forcing a failure. [ 2230.240100] name failslab, interval 1, probability 0, space 0, times 0 [ 2230.242118] CPU: 0 PID: 11644 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2230.242853] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2230.243652] Call Trace: [ 2230.243950] dump_stack+0x107/0x167 [ 2230.244389] should_fail.cold+0x5/0xa [ 2230.244749] should_failslab+0x5/0x20 [ 2230.245263] __kmalloc_node_track_caller+0x74/0x3b0 [ 2230.245723] ? __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2230.246303] __alloc_skb+0xb1/0x5b0 [ 2230.246647] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2230.247234] ? ip6_mtu+0x1bb/0x3d0 [ 2230.247574] ? ip_frag_init+0x350/0x350 [ 2230.248000] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2230.248556] ? ip6_mtu+0x1e9/0x3d0 [ 2230.248951] ? ip6_setup_cork+0xfb7/0x1740 [ 2230.249392] ip6_make_skb+0x2de/0x4e0 [ 2230.249744] ? ip_frag_init+0x350/0x350 [ 2230.250200] ? ip_frag_init+0x350/0x350 [ 2230.250577] ? ip6_push_pending_frames+0xf0/0xf0 [ 2230.251070] ? ip6_dst_hoplimit+0x199/0x440 [ 2230.251518] ? lock_downgrade+0x6d0/0x6d0 [ 2230.252642] udpv6_sendmsg+0x20d3/0x2ad0 [ 2230.253066] ? ip_frag_init+0x350/0x350 [ 2230.253536] ? udp_v6_push_pending_frames+0x360/0x360 [ 2230.254058] ? SOFTIRQ_verbose+0x10/0x10 [ 2230.254533] ? lock_acquire+0x197/0x470 [ 2230.254937] ? find_held_lock+0x2c/0x110 [ 2230.255403] ? __might_fault+0xd3/0x180 [ 2230.255821] ? sock_has_perm+0x1ea/0x280 [ 2230.256355] ? __import_iovec+0x458/0x590 [ 2230.256778] ? udp_v6_push_pending_frames+0x360/0x360 [ 2230.257353] inet6_sendmsg+0x105/0x140 [ 2230.257752] ? inet6_compat_ioctl+0x320/0x320 [ 2230.258072] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2230.258236] __sock_sendmsg+0xf2/0x190 [ 2230.258253] ____sys_sendmsg+0x334/0x870 [ 2230.259769] ? sock_write_iter+0x3d0/0x3d0 [ 2230.260282] ? do_recvmmsg+0x6d0/0x6d0 [ 2230.260672] ? SOFTIRQ_verbose+0x10/0x10 [ 2230.261078] ? mark_lock+0xf5/0x2df0 [ 2230.261519] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2230.262060] ___sys_sendmsg+0xf3/0x170 [ 2230.262509] ? sendmsg_copy_msghdr+0x160/0x160 [ 2230.262977] ? __fget_files+0x2cf/0x520 [ 2230.263428] ? lock_downgrade+0x6d0/0x6d0 [ 2230.263856] ? lock_downgrade+0x6d0/0x6d0 [ 2230.264377] ? __fget_files+0x2f8/0x520 [ 2230.264795] ? __fget_light+0xea/0x290 [ 2230.265267] __sys_sendmmsg+0x195/0x470 [ 2230.265681] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2230.266135] ? lock_downgrade+0x6d0/0x6d0 [ 2230.266634] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2230.267129] ? wait_for_completion_io+0x270/0x270 [ 2230.267676] ? rcu_read_lock_any_held+0x75/0xa0 [ 2230.268202] ? vfs_write+0x354/0xb10 [ 2230.268606] ? fput_many+0x2f/0x1a0 [ 2230.268985] ? ksys_write+0x1a9/0x260 [ 2230.269457] ? __ia32_sys_read+0xb0/0xb0 [ 2230.269532] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2230.269848] __x64_sys_sendmmsg+0x99/0x100 [ 2230.269864] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2230.269879] do_syscall_64+0x33/0x40 [ 2230.271924] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2230.272503] RIP: 0033:0x7f9ff3490b19 [ 2230.272894] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2230.275096] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2230.276849] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2230.277758] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2230.278561] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2230.279490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2230.280264] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 03:01:45 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030030206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:01:45 executing program 5: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = dup2(r0, 0xffffffffffffffff) mq_open(0x0, 0x801, 0x0, &(0x7f0000000200)={0x6, 0x0, 0xb0, 0x7}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f0000000080)=0xc0) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) clone3(0x0, 0x0) ioctl$AUTOFS_IOC_CATATONIC(0xffffffffffffffff, 0x9362, 0x0) r5 = dup2(r4, r4) ioctl$HIDIOCINITREPORT(r5, 0x550c, 0x20000000) ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40082404, &(0x7f0000000000)) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="748904541a090000007266646e6f3d", @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',\x00']) 03:01:45 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xb890}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:01:45 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000340)="f862c27e4dfce97c66617400020801000570000000f8cfed8e47ae0b1cceeab54778ae5f54c7cb97ce231ee5aaa762adbde5ee9c60dd1d544e130ba96521d17bbdd196dfef177bd5510557ce38f52265320800000000000000ab4961603c14c5880ceddca49fc1a268d542e3f58db5acdb4f64d68880ba6e154539bec0ea71a9cabd2b76172c5bb3dfe3f2bdef5cdcc214358dfbdd92d15985", 0x99}, {0x0, 0x0, 0x10009fe}], 0x4, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) 03:01:45 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 11) 03:01:45 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = perf_event_open(0x0, 0x0, 0x0, r0, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(r0, 0x1, 0x0, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0xfde1) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) 03:01:45 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 82) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) [ 2230.864540] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2230.864540] program syz-executor.3 not setting count and/or reply_len properly 03:01:45 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe024000300b6206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) [ 2230.909216] FAULT_INJECTION: forcing a failure. [ 2230.909216] name failslab, interval 1, probability 0, space 0, times 0 [ 2230.911683] CPU: 1 PID: 11671 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2230.913184] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2230.914977] Call Trace: [ 2230.915549] dump_stack+0x107/0x167 [ 2230.916374] should_fail.cold+0x5/0xa [ 2230.917203] ? create_object.isra.0+0x3a/0xa20 [ 2230.918193] should_failslab+0x5/0x20 [ 2230.919010] kmem_cache_alloc+0x5b/0x310 [ 2230.919885] ? lock_acquire+0x197/0x470 [ 2230.920751] create_object.isra.0+0x3a/0xa20 [ 2230.921692] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2230.922784] kmem_cache_alloc+0x159/0x310 [ 2230.923669] ? lock_downgrade+0x6d0/0x6d0 [ 2230.924576] skb_clone+0x14f/0x3d0 [ 2230.925341] dev_queue_xmit_nit+0x3a7/0xb00 [ 2230.926267] ? ipv6_mc_check_mld+0x1110/0x1110 [ 2230.927251] dev_hard_start_xmit+0xab/0x6f0 [ 2230.928185] __dev_queue_xmit+0x17ec/0x2710 [ 2230.929129] ? find_held_lock+0x2c/0x110 [ 2230.930000] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2230.930981] ? lock_downgrade+0x6d0/0x6d0 [ 2230.931870] ? lock_acquire+0x197/0x470 [ 2230.932793] ? ip_finish_output2+0x220/0x21f0 [ 2230.933843] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2230.934981] neigh_connected_output+0x382/0x4d0 [ 2230.935988] ip_finish_output2+0x6f1/0x21f0 [ 2230.936932] ? nf_hook_slow+0xfc/0x1e0 [ 2230.937784] ? ip_frag_next+0x9e0/0x9e0 [ 2230.938637] ? nf_hook+0x160/0x510 [ 2230.939408] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2230.940554] __ip_finish_output.part.0+0x5f3/0xb50 [ 2230.941617] ? ip_fragment.constprop.0+0x240/0x240 [ 2230.942672] ? nf_hook+0x510/0x510 [ 2230.943444] ip_output+0x2f7/0x600 [ 2230.944210] ip_send_skb+0xdd/0x260 [ 2230.945042] udp_send_skb+0x6da/0x11d0 [ 2230.945896] udp_sendmsg+0x197f/0x2160 [ 2230.946746] ? ip_frag_init+0x350/0x350 [ 2230.947606] ? udp_setsockopt+0xc0/0xc0 [ 2230.948531] ? __lock_acquire+0xbb1/0x5b00 [ 2230.949470] ? handle_mm_fault+0x1a0b/0x3500 [ 2230.950415] ? lock_downgrade+0x6d0/0x6d0 [ 2230.951305] ? do_raw_spin_lock+0x121/0x260 [ 2230.952235] ? rwlock_bug.part.0+0x90/0x90 [ 2230.953158] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2230.954293] udpv6_sendmsg+0x1b30/0x2ad0 [ 2230.955179] ? udp_v6_push_pending_frames+0x360/0x360 [ 2230.956345] ? _down_write_nest_lock+0x160/0x160 [ 2230.957418] ? vmacache_update+0xce/0x140 [ 2230.958318] ? do_user_addr_fault+0x5b0/0xc60 [ 2230.959285] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2230.960422] ? exc_page_fault+0xca/0x1a0 [ 2230.961292] ? trace_hardirqs_on+0x5b/0x180 [ 2230.962220] ? exc_page_fault+0xca/0x1a0 [ 2230.963102] ? asm_exc_page_fault+0x1e/0x30 [ 2230.964027] ? sock_has_perm+0x1ea/0x280 [ 2230.964915] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2230.966030] ? copy_user_generic_string+0x2c/0x40 [ 2230.967076] ? __import_iovec+0x458/0x590 [ 2230.967971] ? udp_v6_push_pending_frames+0x360/0x360 [ 2230.969131] inet6_sendmsg+0x105/0x140 [ 2230.969968] ? inet6_compat_ioctl+0x320/0x320 [ 2230.970928] __sock_sendmsg+0xf2/0x190 [ 2230.971765] ____sys_sendmsg+0x334/0x870 [ 2230.972696] ? sock_write_iter+0x3d0/0x3d0 [ 2230.973604] ? do_recvmmsg+0x6d0/0x6d0 [ 2230.974440] ? SOFTIRQ_verbose+0x10/0x10 [ 2230.975306] ? mark_lock+0xf5/0x2df0 [ 2230.976106] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2230.977289] ___sys_sendmsg+0xf3/0x170 [ 2230.978155] ? sendmsg_copy_msghdr+0x160/0x160 [ 2230.979194] ? __fget_files+0x2cf/0x520 [ 2230.980166] ? lock_downgrade+0x6d0/0x6d0 [ 2230.984617] ? lock_downgrade+0x6d0/0x6d0 [ 2230.985517] ? __fget_files+0x2f8/0x520 [ 2230.986375] ? __fget_light+0xea/0x290 [ 2230.987216] __sys_sendmmsg+0x195/0x470 [ 2230.988072] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2230.989100] ? lock_downgrade+0x6d0/0x6d0 [ 2230.990088] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2230.991128] ? wait_for_completion_io+0x270/0x270 [ 2230.992165] ? rcu_read_lock_any_held+0x75/0xa0 [ 2230.993174] ? vfs_write+0x354/0xb10 [ 2230.993972] ? fput_many+0x2f/0x1a0 [ 2230.994751] ? ksys_write+0x1a9/0x260 [ 2230.995567] ? __ia32_sys_read+0xb0/0xb0 [ 2230.996499] __x64_sys_sendmmsg+0x99/0x100 [ 2230.997501] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2230.998611] do_syscall_64+0x33/0x40 [ 2230.999412] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2231.000573] RIP: 0033:0x7f0fecadbb19 [ 2231.001454] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2231.005472] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2231.007116] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2231.008725] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2231.010320] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2231.011855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2231.013443] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 03:01:45 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xbe28}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:01:45 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0xfdef) mount$9p_rdma(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', &(0x7f0000000200), 0x2082001, &(0x7f00000002c0)={'trans=rdma,', {'port', 0x3d, 0x4e20}, 0x2c, {[{@common=@msize={'msize', 0x3d, 0x20}}, {@rq={'rq', 0x3d, 0x4}}, {@common=@version_u}, {@rq={'rq', 0x3d, 0x1800000000}}, {@rq={'rq', 0x3d, 0xff}}, {@timeout={'timeout', 0x3d, 0x6}}], [{@appraise}, {@dont_hash}, {@mask={'mask', 0x3d, '^MAY_READ'}}, {@obj_role={'obj_role', 0x3d, 'vfat\x00'}}]}}) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000000)={0xbba, 0x200, 0x5}) [ 2231.066296] FAULT_INJECTION: forcing a failure. [ 2231.066296] name failslab, interval 1, probability 0, space 0, times 0 [ 2231.068973] CPU: 1 PID: 11679 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2231.070469] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2231.072261] Call Trace: [ 2231.072877] dump_stack+0x107/0x167 [ 2231.073662] should_fail.cold+0x5/0xa [ 2231.074481] ? create_object.isra.0+0x3a/0xa20 [ 2231.075461] should_failslab+0x5/0x20 [ 2231.076306] kmem_cache_alloc+0x5b/0x310 [ 2231.077205] create_object.isra.0+0x3a/0xa20 [ 2231.078150] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2231.079239] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 2231.080365] ? __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2231.081500] __alloc_skb+0xb1/0x5b0 [ 2231.082282] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2231.083360] ? ip6_mtu+0x1bb/0x3d0 [ 2231.084121] ? ip_frag_init+0x350/0x350 [ 2231.085033] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2231.086034] ? ip6_mtu+0x1e9/0x3d0 [ 2231.086796] ? ip6_setup_cork+0xfb7/0x1740 [ 2231.087703] ip6_make_skb+0x2de/0x4e0 [ 2231.088565] ? ip_frag_init+0x350/0x350 [ 2231.089424] ? ip_frag_init+0x350/0x350 [ 2231.090277] ? ip6_push_pending_frames+0xf0/0xf0 [ 2231.091300] ? ip6_dst_hoplimit+0x199/0x440 [ 2231.092227] ? lock_downgrade+0x6d0/0x6d0 [ 2231.093174] udpv6_sendmsg+0x20d3/0x2ad0 [ 2231.094050] ? ip_frag_init+0x350/0x350 [ 2231.094907] ? udp_v6_push_pending_frames+0x360/0x360 [ 2231.096008] ? SOFTIRQ_verbose+0x10/0x10 [ 2231.096943] ? lock_acquire+0x197/0x470 [ 2231.097797] ? find_held_lock+0x2c/0x110 [ 2231.098668] ? __might_fault+0xd3/0x180 [ 2231.099527] ? sock_has_perm+0x1ea/0x280 [ 2231.100466] ? __import_iovec+0x458/0x590 [ 2231.101367] ? udp_v6_push_pending_frames+0x360/0x360 [ 2231.102474] inet6_sendmsg+0x105/0x140 [ 2231.103305] ? inet6_compat_ioctl+0x320/0x320 [ 2231.104278] __sock_sendmsg+0xf2/0x190 [ 2231.105158] ____sys_sendmsg+0x334/0x870 [ 2231.106034] ? sock_write_iter+0x3d0/0x3d0 [ 2231.106941] ? do_recvmmsg+0x6d0/0x6d0 [ 2231.107776] ? SOFTIRQ_verbose+0x10/0x10 [ 2231.108692] ? mark_lock+0xf5/0x2df0 [ 2231.109495] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2231.110620] ___sys_sendmsg+0xf3/0x170 [ 2231.111457] ? sendmsg_copy_msghdr+0x160/0x160 [ 2231.112490] ? __fget_files+0x2cf/0x520 [ 2231.113346] ? lock_downgrade+0x6d0/0x6d0 [ 2231.114236] ? lock_downgrade+0x6d0/0x6d0 [ 2231.115132] ? __fget_files+0x2f8/0x520 [ 2231.115989] ? __fget_light+0xea/0x290 [ 2231.116881] __sys_sendmmsg+0x195/0x470 [ 2231.117739] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2231.118661] ? lock_downgrade+0x6d0/0x6d0 [ 2231.119561] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2231.120645] ? wait_for_completion_io+0x270/0x270 [ 2231.121684] ? rcu_read_lock_any_held+0x75/0xa0 [ 2231.122680] ? vfs_write+0x354/0xb10 [ 2231.123477] ? fput_many+0x2f/0x1a0 [ 2231.124261] ? ksys_write+0x1a9/0x260 [ 2231.125125] ? __ia32_sys_read+0xb0/0xb0 [ 2231.126002] __x64_sys_sendmmsg+0x99/0x100 [ 2231.126910] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2231.128012] do_syscall_64+0x33/0x40 [ 2231.128858] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2231.129963] RIP: 0033:0x7f9ff3490b19 [ 2231.130767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2231.134783] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2231.136462] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2231.138100] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2231.139634] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2231.141175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2231.142706] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 [ 2231.619340] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2231.619340] program syz-executor.3 not setting count and/or reply_len properly [ 2231.636712] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2231.636712] program syz-executor.3 not setting count and/or reply_len properly 03:02:02 executing program 5: ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xee00, 0xffffffffffffffff}}, './file0\x00'}) r3 = fsmount(r0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {r1, r2}}, './file0\x00'}) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x2aa18c8, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {}, 0x2c, {[{@access_any}], [{@audit}]}}) r5 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000180), 0x80500, 0x0) ioctl$FS_IOC_MEASURE_VERITY(r5, 0xc0046686, &(0x7f00000001c0)={0x1, 0xd5, "fbad38346ce7d847ddf7ed23fa72606b1fdfc527251aa58a4f1b4d77abfb9d921678af5d1fe8f229cf72d3fb00306537623bd3d6aa20b8e96f6d1002a4ae87bed7fde7900d14b507db5281317bcfdd18e0b283ca2dc37ec9987c33dd1aa7c13987bde1936e5b53875aa489165fd7214a6da970e2608277f659fad70b19da74402bb35b30fe7f2ebf1f8761a65ca5c61cc12bce6458f604ef9f397b6453fb47cdd5e20922d28dcbd34b2729c8236f89621bd695ffc00d6d6a8d3f54563fc5a280a6a4216dd697b598b7e4d8b89a6406cf6d73db2bbe"}) r6 = openat(r3, &(0x7f00000002c0)='./file0\x00', 0x8aa00, 0x110) r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000300), 0x40400, 0x0) sendmsg$nl_generic(r7, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x20, 0x1b, 0x700, 0x70bd2a, 0x25dfdbfb, {0x7}, [@typed={0xc, 0x43, 0x0, 0x0, @u64=0x3ff}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000800}, 0x20000801) r8 = syz_open_dev$vcsa(&(0x7f0000000440), 0x0, 0x1c0) ioctl$AUTOFS_DEV_IOCTL_VERSION(r3, 0xc0189371, &(0x7f0000000480)={{0x1, 0x1, 0x18, r7}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r9, 0xc0189379, &(0x7f00000004c0)={{0x1, 0x1, 0x18, r3}, './file0\x00'}) r10 = openat2(r8, &(0x7f0000000500)='./file0/file0\x00', &(0x7f0000000540)={0x8000, 0x222, 0xe}, 0x18) ioctl$BLKRESETZONE(r10, 0x40101283, &(0x7f0000000580)={0x6, 0xe000000000000000}) syz_mount_image$msdos(&(0x7f00000005c0), &(0x7f0000000600)='./file0/file0\x00', 0x485, 0x5, &(0x7f0000000900)=[{&(0x7f0000000640)="0efacae4a885bc676a7874f6c263998cdf5c2bb7b16a4e41596289c465d4c23ac8b8776f8a7cc1c41c681e3e2c53d5e2004dfc4cd620bbe7d3d576d626c89d113ba187daea4c383b7c562025e0ce98cbfbd110a8aa4dd00ba959658746e051b8976edd7b58af2de8efffcf86302d8c97642c90ebbbb18d2ba000983647daaa680b9a4277e03837591396ed23af34fddddcb5c0f6", 0x94, 0x1}, {&(0x7f0000000700)="51ed839cbec161970db19d8e5fb12f643e0f0d44e3c5d247bf76238b222324b9ad17efc1ebe2b7ed53ad20e54d8f8293630b082d53fe995dd6ebb9a90d6560a7894916e6e7364b76006782f12e9ce450a035d8ce7bca93aa396307db5d15275ef3e0a4741a7e8f5a151b65ce9c468da083ff6c7f83ff9b3a1f3be84b5ee7", 0x7e, 0x4a9}, {&(0x7f0000000780)="03704bce5511c7d665ef249fc957c77e47b2431f303ef540d252fd1b9014416ec48297546798f368f52127e3baec4840759cbbf2d42727568e5ec68d9dcd87f1", 0x40, 0x3ff}, {&(0x7f00000007c0)="7d6583cee69d8d6c9df0216ec50c101babed3e36702953230560eca11f3ff9bb5176cca4e4dbd1a9f83800ce2feafdfef573bb50ceaba89765", 0x39, 0x1}, {&(0x7f0000000800)="bbcdd22ea44f954cc839216e4e73376cb002e7215863164c5105327542aa0e746f8ed18bbb869c2559a2fc19ffe05a1d4030fb73a5e4716a2d7246658dd0bd1c1153d06c2cc2cb98bfe81b40e0572931219ad40946562cb31dc3f17858e1abdf5978ffd16349261c2247aae28639b6492edb74bfe7fd7cdbeed40d7f53152a34fd1c10273dc358664fd8cbf27ae398563d66fe933a16c63227c88b70ac28b312b9a1a95ec30095af23957ac63186f3146837bbf1b4b72de8fb59235c4d9c1e19f1f8536df9f83fa2cf0f7708d930513a0d3f9f4b875d0d18e95fb43dd7e34a3d6f80d03e846c762943c147c07696162084", 0xf1, 0x2}], 0x80, &(0x7f0000000980)={[{@nodots}, {@fat=@debug}], [{@audit}, {@audit}, {@measure}, {@euid_eq={'euid', 0x3d, r1}}, {@subj_user={'subj_user', 0x3d, ':'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '$!-'}}, {@subj_role={'subj_role', 0x3d, '/dev/vcsa#\x00'}}, {@audit}]}) r11 = syz_io_uring_complete(0x0) ioctl$BLKROTATIONAL(r11, 0x127e, &(0x7f0000000a00)) sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000b00)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x38, 0x2, 0x6, 0x3, 0x0, 0x0, {0xc, 0x0, 0x9}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000801}, 0x1) creat(&(0x7f0000000b40)='./file0/file0\x00', 0x2c) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r6, &(0x7f0000000d00)={&(0x7f0000000b80)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000bc0)={0xd0, 0x0, 0x4, 0x70bd2b, 0x25dfdbfc, {}, [@ETHTOOL_A_LINKMODES_OURS={0x44, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x7}, @ETHTOOL_A_BITSET_BITS={0x38, 0x3, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, 'trans=fd,'}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '),\'*)\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x69464bcb}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, 'msdos\x00'}]}]}]}, @ETHTOOL_A_LINKMODES_DUPLEX={0x5, 0x6, 0x7f}, @ETHTOOL_A_LINKMODES_DUPLEX={0x5, 0x6, 0x20}, @ETHTOOL_A_LINKMODES_HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @ETHTOOL_A_LINKMODES_DUPLEX={0x5, 0x6, 0x1}, @ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0x1}, @ETHTOOL_A_LINKMODES_DUPLEX={0x5, 0x6, 0x40}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0xe4}, @ETHTOOL_A_LINKMODES_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}]}]}, 0xd0}, 0x1, 0x0, 0x0, 0x20006012}, 0x4000000) 03:02:02 executing program 6: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe024000300b6206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:02:02 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) r1 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r1, 0x400, 0x1) fcntl$setown(r1, 0x8, 0xffffffffffffffff) close(r1) r2 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r2, 0x400, 0x1) fcntl$setown(r2, 0x8, 0xffffffffffffffff) close(r2) write$binfmt_elf64(r0, &(0x7f0000000380)=ANY=[@ANYRES64, @ANYRES16=r0, @ANYBLOB="c187af14befab7848dc57bbde684eea65a11c0b06f22d95d24c0db31cabf5d3ae7c0cccc1dc1e5cba898cdb5da997023534b0ac31fc9983472e074e35425789bb4589aa1c4cc6c4988dbe1602a498783c5473a0006c5426eaf876b9d027a2a9172aca2df7d293c7ce0013dfc3e1b0703bfe837b57f8ed88b75cdd039b51515c3d9a1c866db33", @ANYRES32=r0, @ANYRES16=r2, @ANYRESDEC=r1], 0xfdef) r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x20041, 0x0) fcntl$setpipe(r3, 0x407, 0x6) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) 03:02:02 executing program 2: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x10) perf_event_open(0x0, 0x0, 0x0, r1, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') r3 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r3, 0x400, 0x1) fcntl$setown(r3, 0x8, 0xffffffffffffffff) close(r3) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) close(r4) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000000200)={"b27d949db7f948dfc476db656153ce55", 0x0, 0x0, {0x1}, {0x1ff, 0x401}, 0x80000001, [0x4, 0x1, 0x2, 0x2, 0x1, 0x6, 0x40, 0xfff, 0x5, 0x8000, 0x101, 0x5, 0x7, 0x1, 0x6, 0x7]}) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r0, 0x5000943f, &(0x7f00000013c0)={{r2}, r5, 0x16, @unused=[0x7, 0x3, 0x8, 0x5], @name="58b1bde88ec9798efbf4fdbfe029545eeb53f5fcc3c6883c95c238445a032aad738f1e9c163b22a6572e15f66f2469da19852ed46241d6c0358a14c57a349db1c9fa0eaad9c6e0ec1bae829ce946559079a1a5997d5ef24adde4d6bb40f0c7f5f00cc658d4fec491c790ec1d774f629a66ddfae34413ba35e7f6d8fd54180afd4426d786cc993db41e170b71eb79a8cc09c2b54e2762e1ea29c904dcf71d9dde6f8bdee0694e63eef5f266125d0cde01215e19ac4628699e7ce4023b3eae980981ae85e7b5d743954c6c1d8209d9e601252ee79842c2b7e671637fb444f75004340b6965c3e535c76669b645551df2a494603de343763c9053ab26db0d12d520b465a8a08a87d8b8b4e58db09c762638a5cdf94758882e6aad739145d4c9eb43d5920bd884fdefcd081cf1509d0786535399352f213c1993751a7f12086eaffc4d8a8822a9ace3b10441d58c332d7327a2b30b75dc2d830f73af981eb5e4a8c8e5046c97d3936cf274f1b48839d58d7fef39ec8acfb06326e495e5063144d3de23ff2e597d6499b2162073d9b1f7c4cb456dc27621f16eb8e2a21ae1dffabf2e400e75365c26d652cf4f673695d500923b41ab8d2de7d706adfa8028d9a1f1db31d954ac6ba708b3034c7ab1471902f7a96749226d9cea1f7cc55802370f3ff0800e595d79900b69aca9e839909d915aedb92d14819976ba4d456b2f9b524549b31e3d5595fa167de3b963b4e46b6b827b067bb98c107ddd4108d64a7fc3d3ac7b5143f2dbaacbf885e6f04210afd65914c73834d536ea15424f4fb26c371ece2016ee179b5d63e943213e9bd86722201fde4c7091d6c0cdbbdc8ceace0addcbd8609b993e56bb7e03706e78480943931cda00305e5ccf01b5ad350e8c6482000f0ed602c6f156bb54fa8b552a9a1eed6352d3909b5325ce3c4ae5ed0e4ea88dc653189c3d01de8967643f0327348a38cfe5a7f2954f71b336a50ba8275dcbf19f019a7f8bf2789e979a17f8783b3c57b82cbc98c025dcf0aadb4acfc95216471e81ed16bcaa5109378737447cdfdb48b2365c80bf5a7b3532b085e0562e7c01e6cc999762e5876badb358c93c7a5367a7ccca837dfe999262e5f4a1627d75ec3100ed3190cfa6ca495e8ae02365c4f8da63ea86b592913c5b059a353960b30b647d2dfc190afe517ff994a5cf5edbb22e5df9318ed8eeb7946afd4caeae87d685c87fd6f76a8e75b2498c2860f4428399d1a7f3226dc069f295b64242344d182527b2852e4d2ad71ea6fdd21613b8d69a443ef73fdf85ccd5d30d94c3da966b77ec747d3d7e042a1012d7191a81754b40d1c8f5c9c0105138ff82f4e8d0fd6f3c3c7d7b850142e6a5ea2e447db4dcba2a8b8c692fef185d347ca1493c4c195f57e7863afc59d713101db5fbc68e1e7eb5e1f70f082a6333ab5169163f3b0e1c56286cb9a796ac4a849ae71bb557c1b8429159c77f3aeb35662edc316a2d558540fb78352a86b29cdfdc963cba65741f547b235bce7bee238fa261c2ef6256450733c16317c0fc3de5443e2bd2cbbba1c49192ae9590c54b97eb2930f715a88fd16cb38e2ca456d170f81ee2b8193102dc01820be77548d07e88930ceb34a0bed4ddc4829eee65464fe3d8c7f1198d61df5e5b88bb18636c276e586a0a34e2d8ec885cda55a3c9c8ed146fe5fce5fab64ac45c0654fe4bc0069cfda524f84d4eacdc6b074b843f14c2a778cafe2b63194a3d6ddbd75503f793daf9bba8ffb4ebc9018d525a86aa6c57c0d2cbe35a397db22b78218d2228145ef60ac34a6f1be4b0cd7d3410e6b4cb97ea54914bc974de01fe1a01081949e3f08f420e78804860badd11e5b9f7d982d07e26546da6850eb2fd94395a07765c7829ac608ed1ad93a04192df051f8425aac6e7dea2cbab087b64b480be92f52eee6a24955a4ecca26d5d28f4931dfb72ffefb465aa4b7d4f5b9bef308dc537b8b66599815f2d066303ca3213da8d3f922f0968b771b02d7b22bf6479152f2ac04be9181228a524f1df0d5a7592b96ae265bb1328c9e5e71135e5baeab2435a5d33eb601d9483bc807fc99a5470e373fd0993c55d99667be61f53d08d740bed31aa78eabbfe4b438841fcc29b29012d229e91ad10ce60d54e3007f9cd31e0528040645596a67ac6b16926a8b69f924c3927350f2544c0ba5cb579c246f52138eccb1adf3c614839b11a7e79a0034bffeece1ed4bfc2553b73ec464641d5d1550dff71c762a08706ddf538389092321b86792d2572efad2e627497509a0a6953307714dd2619b0e70231e81d5c176adc79c9d586daed1b070f33c725a72f7f5262a1db211e9200d1be4bd4d11ab73f6216954da154e7d44c5ade2625018ec9b0cf3491cb5819c7f534afe3227b39116d10048a15eadde346e88371bbef06570401cd8eeb0b3e7174b97de874e78e0814cb5551cd1837c686998101d482c9b8b3f2869c9fb1913a2550c4e3d66e7bda523c148240dbd48cac23e79d857eb48c6e5490f6fbb745b139c2d78ce14e70faa94095b04a517ca0311075c62cfcb4ea5352d624db331e910e673920800dca3436fb9443e5dd68c46283ee885a50f5074292c9c7d97dbf774104757a98a1c7803eadced23dabbdda04b8086e59c6b3bb46797d84f06fe20b91de30f1cc6181be34eb1bcba529f08d8ee9004bea2676604ecc090be4fe5a367cc1ec45adde9f080223e0c8308ec5180e83bbdf0d2c212d9cda3f41ae30259468ec9c70062b2013ef5b961c6f6d23c5d071986364e10d2e405b7b29206f39aa85b446ac664f0c01ca03f182f49657bbc1d0546d1902acc5c0cb30efd32d463e298a64b414af10094ae2fbee531162bfb5470f285deb9ea69b9d262d946881f87e8b31411317371e6fd40fa41fc59d2dc26ea791769392ca58dc2cf5cddfd53820b0da101a9ddf28e75ce69c81749a99782eba09aef519b866e0747effe429ab4da380b12483522229e02477d7a8de94c6710b6e47ca811a007f122368e326838b6edfb124f858fff46dae8caa35309d674757f238c183b9abff05fa0806722a3fa8687aeced71754f1cebddcaa75496aa6807328682b0f5160294a72bd115ccf504bbf470a05e3cb4160764b49ddd54f7dc84ed0b10957343666f7342891d0bc70159b6c07b4ceaa8093101030d8a40b9b97b6b5495ce5f636cdf13a1869628790ca52687d0420edb5618d243bb02929808b089b5a378c1d87f73c6476dd957f3642b32a496fd0cb6a0283b17724bc7e001fdec31196f3c203d63fbb05d3712e640571c78049ba796ae2efa0e05a55bd2a2b2af92e456931a6df9854d13afc0ea3c1291772ad06bf47b63b45ad370d6cf3541052fd810c076bad7202f1c5917569dfeedbcb7c42a5b952f5d74e484579401350caed8e2ab52cb918ac0c8c73f04a168d80002f5b9b43f43ebd870cbd4ae2d31c2cae1f5b30819e3c55b891f959b1fe29fd34e02efa2e4d4d252e8ab1a84fe7214ba235ba5b6319bf8d497a86e3227ce504e8cceca5e5e31159d3317abf4c84d43dc36dc9ab7b11516005e440702a6ff294af49ed083433410a2669fa5ac35ecb353a8fedee91b98c702694f6a7f3579b6b5d6b6671c6f9be3346a33aac88cc88f13b1c43e6732c948aa511cd17b26ae633c3e1a3a3f12bf57920718f8e23aad701f25ca5c73c79d01275443cfe53657c65ea2eea175165c4d97afd36508f9656f7d16d06b091aa8f81cdbccef620076541d66f77f95865ff6e5cd491c85fe2f74804f821d06878bfd3c491da4086f1150a98e01ca08396713ff5b623f6ebfaa16ce1abb5c9a28bd42cf021c19782edf55451d031f942c91bb6d391ee507a78d2a695569036eb4083cb5786c378963af960c1323501265be452d043410b68a1a0611d24679c964583a1b0f5d56545c4239314eab2cb6a28fdfbd54f4ee6f09d985abfbe9b4d318eb5fe1b73295a967295c54b2e5b3f5f1804d64dfbe4746032285c64a49f9cd8ce3de6c5276fbac2243890a609c6d479933cc563592d68bf79202f80a9e7ea71f2560de28309105886134416134a6b38b99e1bc2ae7dcd896c00d6ad663c621e9dca3bb7007c6ca332c09067a22870b3156c06a67a3acf05feda86d8da318bdf8820f531cdf305cdd1ba8791cf718cb34829902e2a5ef47ba1ea43400211c3701bfb427ae1b4c7b805021409e85afd7fddc181640d8ec4eb9340e2d55de7ada6b4cc1d8c750758305944ae12e7fc4999e117c2039d00138bf6f5d6fefbf761ba3ef7f0df44438b11e621a09078bfbb90d4f31aae7e40b83851e0d1b2602b4459a67ea69dde9900d52a9add4aeea8c99a7ea3d488dd2b7931b7ce380af579be590e954a260661dc9eeac05119514a857ffa1801183fd6ac3f96520bfe6fa531e5caf332a9a3c947c8a20dcf797db21c2dc2fc7c77dcedcc6f13bb4dd40401ec14b539c4b0c946711514d75e3203e8036bccc110eee1ad05393c240bbcab88ab9d57a001187391ed39fc329e688c8e22a7d4f14176c15c26b094d3bce43796ae06936aaee46b28b259e817d4723a19732944f5664fa142346e0f0cd3811098fca7ff6f8f3e22f3becc50e527525d573013962328e22e3d674b3791599644c854c259b4ec63dded8704a0f19eb70b9c7af82b7eeda6f33b2f75b353034c463262477501f33c6005c3a63db642a1e4596e1d756d52488c2f0379a7c13023db15941a1e4a0b6b4c55c1b43b189f6a4006900a4d51659181d057a891b6643580ede0cb03abd8f6fd952c70633966e6b12b1f6ae3c6d881f88ac9e5510ccd8e04bae39ad3b107ffa137744ef4e8f67c2f4350f4299b77b0954db6b34d614c02d1a0c0d199b386385e9c6f2961ccca057370024eca1d036a45dc51665a1bc34840770024fde2d3d47fd1a4acc3d8f9c03e92cf67a4bf3d4d5228a22e6abeb53abe9c2800f380ac66cc1de5672e9f6485a9815c1203f6160968f209ada6d7ce0183d936b8348b54f6d5240b3905cf331917d18bacebf9e316c2d26938fef44190d8df1c96e37de9cf6bcaf32487d76cfba743b24018f675f0cb24f166e7109ba09991f022e982f9c75fd46f5cbe55e4281024bf7531e05da87b5fe1b8ba12078b51a1b0df023e30b9d51ce23dda4246dcf53c8ec5ce2e4a4737b5dd8e5134ebc701f584b5e99a64a71af96fe4802e47ac26de55623eb849e52b1a692c0d3ce3fbe5ed9c5f8967dc4cafac3f0bfa5e8a9d4d5720caf99adbb61efadc057b6dbb39bab565dd320cc6b7239da4f3642985310a6c94c3116a5ab0b24c40c86811bcfdd21ab7849169700683d33dc6f5b8f0c922c1f7f4d2047f8e03d147118b3a4c101e551ea3b2151e89ab563bf5e045404a8fb6810ba975f22642fbd4901cb2b36abfb5d82f078ade4e3f753c4150c3667bba4bf8618c59cd9b11902902315b587d94a3eba1afa834a8e479f1425c1e72e8f7c9a5864602651804b72f96fe17ec28e074e7093a1e543b86026482aa48c91327dca9ec4defd533f50492a590ed9e9d1f5783f3d7b15aba5d0b5c0b34a3e6d02070030a233bd2e0d62e7307b5b04212c1cae873ac4a23863aeccea4449ca7240275f7d9b0ff096e2cf754d0b25e941b8b3e222466d291c95b3b6b3f3ee2547c64ca2049a41a8ecf31ed73060021a799fbfdf77874296a0be8268b45b16e8dec31230ed11"}) creat(&(0x7f0000000140)='./file0\x00', 0x144) r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0) tee(0xffffffffffffffff, r6, 0x4, 0x0) 03:02:02 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 12) 03:02:02 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 83) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:02:02 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030009206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:02:02 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xc3c0}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) [ 2247.564466] FAULT_INJECTION: forcing a failure. [ 2247.564466] name failslab, interval 1, probability 0, space 0, times 0 [ 2247.565385] FAULT_INJECTION: forcing a failure. [ 2247.565385] name failslab, interval 1, probability 0, space 0, times 0 [ 2247.566067] CPU: 0 PID: 11702 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2247.567156] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2247.567915] Call Trace: [ 2247.568167] dump_stack+0x107/0x167 [ 2247.568523] should_fail.cold+0x5/0xa [ 2247.568883] ? __alloc_skb+0x6d/0x5b0 [ 2247.569242] should_failslab+0x5/0x20 [ 2247.569601] kmem_cache_alloc_node+0x55/0x330 [ 2247.570023] __alloc_skb+0x6d/0x5b0 [ 2247.570374] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2247.570853] ? ip6_mtu+0x1bb/0x3d0 [ 2247.571187] ? ip_frag_init+0x350/0x350 [ 2247.571568] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2247.572002] ? ip6_mtu+0x1e9/0x3d0 [ 2247.572336] ? ip6_setup_cork+0xfb7/0x1740 [ 2247.572745] ip6_make_skb+0x2de/0x4e0 [ 2247.573101] ? ip_frag_init+0x350/0x350 [ 2247.573475] ? ip_frag_init+0x350/0x350 [ 2247.573854] ? ip6_push_pending_frames+0xf0/0xf0 [ 2247.574300] ? ip6_dst_hoplimit+0x199/0x440 [ 2247.574704] ? lock_downgrade+0x6d0/0x6d0 [ 2247.575101] udpv6_sendmsg+0x20d3/0x2ad0 [ 2247.575483] ? ip_frag_init+0x350/0x350 [ 2247.575861] ? udp_v6_push_pending_frames+0x360/0x360 [ 2247.576339] ? SOFTIRQ_verbose+0x10/0x10 [ 2247.576753] ? lock_acquire+0x197/0x470 [ 2247.577123] ? find_held_lock+0x2c/0x110 [ 2247.577501] ? __might_fault+0xd3/0x180 [ 2247.577880] ? sock_has_perm+0x1ea/0x280 [ 2247.578272] ? __import_iovec+0x458/0x590 [ 2247.578656] ? udp_v6_push_pending_frames+0x360/0x360 [ 2247.579133] inet6_sendmsg+0x105/0x140 [ 2247.579493] ? inet6_compat_ioctl+0x320/0x320 [ 2247.579907] __sock_sendmsg+0xf2/0x190 [ 2247.580270] ____sys_sendmsg+0x334/0x870 [ 2247.580664] ? sock_write_iter+0x3d0/0x3d0 [ 2247.581055] ? do_recvmmsg+0x6d0/0x6d0 [ 2247.581418] ? SOFTIRQ_verbose+0x10/0x10 [ 2247.581794] ? mark_lock+0xf5/0x2df0 [ 2247.582142] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2247.582630] ___sys_sendmsg+0xf3/0x170 [ 2247.582992] ? sendmsg_copy_msghdr+0x160/0x160 [ 2247.583417] ? __fget_files+0x2cf/0x520 [ 2247.583786] ? lock_downgrade+0x6d0/0x6d0 [ 2247.584174] ? lock_downgrade+0x6d0/0x6d0 [ 2247.584579] ? __fget_files+0x2f8/0x520 [ 2247.584953] ? __fget_light+0xea/0x290 [ 2247.585320] __sys_sendmmsg+0x195/0x470 [ 2247.585694] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2247.586092] ? lock_downgrade+0x6d0/0x6d0 [ 2247.586490] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2247.586943] ? wait_for_completion_io+0x270/0x270 [ 2247.587392] ? rcu_read_lock_any_held+0x75/0xa0 [ 2247.587821] ? vfs_write+0x354/0xb10 [ 2247.588165] ? fput_many+0x2f/0x1a0 [ 2247.588518] ? ksys_write+0x1a9/0x260 [ 2247.588872] ? __ia32_sys_read+0xb0/0xb0 [ 2247.589253] __x64_sys_sendmmsg+0x99/0x100 [ 2247.589645] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2247.590121] do_syscall_64+0x33/0x40 [ 2247.590467] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2247.590939] RIP: 0033:0x7f9ff3490b19 [ 2247.591285] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2247.592988] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2247.593685] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2247.594333] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2247.594984] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2247.595632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2247.596281] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 [ 2247.596975] CPU: 1 PID: 11706 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2247.597620] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2247.598331] Call Trace: [ 2247.598569] dump_stack+0x107/0x167 [ 2247.598887] should_fail.cold+0x5/0xa [ 2247.599213] ? __fib_lookup+0xf7/0x160 [ 2247.599547] ? dst_alloc+0x9e/0x5d0 [ 2247.599862] should_failslab+0x5/0x20 [ 2247.600188] kmem_cache_alloc+0x5b/0x310 [ 2247.600563] dst_alloc+0x9e/0x5d0 [ 2247.600866] rt_dst_alloc+0x73/0x440 [ 2247.601187] ip_route_output_key_hash_rcu+0x93d/0x2a90 [ 2247.601639] ip_route_output_key_hash+0x18d/0x340 [ 2247.602062] ? ip_route_output_key_hash_rcu+0x2a90/0x2a90 [ 2247.602536] ? neigh_connected_output+0x382/0x4d0 [ 2247.602950] ? ip_finish_output2+0x6f1/0x21f0 [ 2247.603344] ? __ip_finish_output.part.0+0x5f3/0xb50 [ 2247.603784] ? __sock_sendmsg+0xf2/0x190 [ 2247.604127] ? ____sys_sendmsg+0x334/0x870 [ 2247.604498] ? ___sys_sendmsg+0xf3/0x170 [ 2247.604844] ? __sys_sendmmsg+0x195/0x470 [ 2247.605209] ? __x64_sys_sendmmsg+0x99/0x100 [ 2247.605581] ? do_syscall_64+0x33/0x40 [ 2247.605915] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2247.606376] ip_route_output_flow+0x23/0x150 [ 2247.606754] ip_tunnel_xmit+0x70e/0x2f40 [ 2247.607114] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2247.607558] ? ip_md_tunnel_xmit+0x1840/0x1840 [ 2247.607964] ? slab_free_freelist_hook+0xa9/0x180 [ 2247.608381] sit_tunnel_xmit+0xef0/0x2960 [ 2247.608751] ? find_held_lock+0x2c/0x110 [ 2247.609099] ? ipip_rcv+0x4f0/0x4f0 [ 2247.609411] ? dev_queue_xmit_nit+0x7f5/0xb00 [ 2247.609792] ? lock_downgrade+0x6d0/0x6d0 [ 2247.610146] ? tpacket_rcv+0x3960/0x3960 [ 2247.610490] ? dev_queue_xmit_nit+0x80b/0xb00 [ 2247.610886] dev_hard_start_xmit+0x1cb/0x6f0 [ 2247.611267] __dev_queue_xmit+0x17ec/0x2710 [ 2247.611639] ? find_held_lock+0x2c/0x110 [ 2247.611987] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2247.612377] ? lock_downgrade+0x6d0/0x6d0 [ 2247.612757] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2247.613205] neigh_connected_output+0x382/0x4d0 [ 2247.613610] ip_finish_output2+0x6f1/0x21f0 [ 2247.613980] ? nf_hook_slow+0xfc/0x1e0 [ 2247.614314] ? ip_frag_next+0x9e0/0x9e0 [ 2247.614652] ? nf_hook+0x160/0x510 [ 2247.614957] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2247.615405] __ip_finish_output.part.0+0x5f3/0xb50 [ 2247.615831] ? ip_fragment.constprop.0+0x240/0x240 [ 2247.616243] ? nf_hook+0x510/0x510 [ 2247.616571] ip_output+0x2f7/0x600 [ 2247.616882] ip_send_skb+0xdd/0x260 [ 2247.617198] udp_send_skb+0x6da/0x11d0 [ 2247.617541] udp_sendmsg+0x197f/0x2160 [ 2247.617877] ? ip_frag_init+0x350/0x350 [ 2247.618223] ? udp_setsockopt+0xc0/0xc0 [ 2247.618571] ? __lock_acquire+0xbb1/0x5b00 [ 2247.618949] ? handle_mm_fault+0x1a0b/0x3500 [ 2247.619322] ? lock_downgrade+0x6d0/0x6d0 [ 2247.619680] ? do_raw_spin_lock+0x121/0x260 [ 2247.620048] ? rwlock_bug.part.0+0x90/0x90 [ 2247.620416] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2247.620877] udpv6_sendmsg+0x1b30/0x2ad0 [ 2247.621237] ? udp_v6_push_pending_frames+0x360/0x360 [ 2247.621681] ? _down_write_nest_lock+0x160/0x160 [ 2247.622089] ? vmacache_update+0xce/0x140 [ 2247.622449] ? do_user_addr_fault+0x5b0/0xc60 [ 2247.622840] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2247.623284] ? exc_page_fault+0xca/0x1a0 [ 2247.623628] ? trace_hardirqs_on+0x5b/0x180 [ 2247.623998] ? exc_page_fault+0xca/0x1a0 [ 2247.624347] ? asm_exc_page_fault+0x1e/0x30 [ 2247.624730] ? sock_has_perm+0x1ea/0x280 [ 2247.625076] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2247.625535] ? copy_user_generic_string+0x2c/0x40 [ 2247.625955] ? __import_iovec+0x458/0x590 [ 2247.626310] ? udp_v6_push_pending_frames+0x360/0x360 [ 2247.626751] inet6_sendmsg+0x105/0x140 [ 2247.627085] ? inet6_compat_ioctl+0x320/0x320 [ 2247.627465] __sock_sendmsg+0xf2/0x190 [ 2247.627799] ____sys_sendmsg+0x334/0x870 [ 2247.628148] ? sock_write_iter+0x3d0/0x3d0 [ 2247.628518] ? do_recvmmsg+0x6d0/0x6d0 [ 2247.628861] ? SOFTIRQ_verbose+0x10/0x10 [ 2247.629206] ? mark_lock+0xf5/0x2df0 [ 2247.629528] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2247.629976] ___sys_sendmsg+0xf3/0x170 [ 2247.630316] ? sendmsg_copy_msghdr+0x160/0x160 [ 2247.630711] ? __fget_files+0x2cf/0x520 [ 2247.631058] ? lock_downgrade+0x6d0/0x6d0 [ 2247.631416] ? lock_downgrade+0x6d0/0x6d0 [ 2247.631776] ? __fget_files+0x2f8/0x520 [ 2247.632123] ? __fget_light+0xea/0x290 [ 2247.632471] __sys_sendmmsg+0x195/0x470 [ 2247.632823] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2247.633189] ? lock_downgrade+0x6d0/0x6d0 [ 2247.633564] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2247.633977] ? wait_for_completion_io+0x270/0x270 [ 2247.634388] ? rcu_read_lock_any_held+0x75/0xa0 [ 2247.634783] ? vfs_write+0x354/0xb10 [ 2247.635102] ? fput_many+0x2f/0x1a0 [ 2247.635429] ? ksys_write+0x1a9/0x260 [ 2247.635755] ? __ia32_sys_read+0xb0/0xb0 [ 2247.636109] __x64_sys_sendmmsg+0x99/0x100 [ 2247.636484] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2247.636920] do_syscall_64+0x33/0x40 [ 2247.637238] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2247.637670] RIP: 0033:0x7f0fecadbb19 [ 2247.637989] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2247.639515] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2247.640156] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2247.640769] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2247.641377] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2247.641976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2247.642575] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 [ 2247.662211] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2247.662211] program syz-executor.3 not setting count and/or reply_len properly [ 2247.676265] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2247.676265] program syz-executor.6 not setting count and/or reply_len properly 03:02:02 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 84) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:02:02 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030030206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:02:02 executing program 5: r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x8a020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, @perf_bp={&(0x7f0000000140)}, 0x3a20, 0x0, 0x0, 0x4, 0x1000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x1e, &(0x7f00000000c0)=0x1, 0x4) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000080)=0x90, 0x4) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x0, 0x1, 0x2, 0x7f, 0x0, 0xfffffffffffffffb, 0x60496, 0x4, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, @perf_config_ext={0xe3, 0x1}, 0x20000, 0x0, 0x0, 0x9, 0x400, 0xb4, 0x8, 0x0, 0x100, 0x0, 0x200}, r1, 0x4, r0, 0xb) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0) setxattr$system_posix_acl(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='system.posix_acl_access\x00', &(0x7f0000000480)={{}, {}, [], {}, [{}], {0x10, 0x6}}, 0x2c, 0x0) recvmsg$unix(r3, &(0x7f0000000680)={&(0x7f0000000400), 0x6e, &(0x7f0000000540)=[{&(0x7f0000000480)=""/153, 0x99}], 0x1, &(0x7f0000000580)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0x0}}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc8}, 0x1) r5 = getegid() fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000100)='system.posix_acl_default\x00', &(0x7f00000006c0)={{}, {0x1, 0x1}, [{0x2, 0x3}, {0x2, 0x2, 0xee01}, {0x2, 0x1}, {}, {0x2, 0x0, 0xee01}], {}, [{0x8, 0x1, 0xffffffffffffffff}, {0x8, 0x1}, {0x8, 0x6}, {0x8, 0x4, r4}, {0x8, 0x3, 0xffffffffffffffff}, {0x8, 0x4, r5}], {0x10, 0x2}, {0x20, 0x1}}, 0x7c, 0x0) r6 = open(&(0x7f0000000040)='./file0\x00', 0x1a18c1, 0x0) open_tree(r3, &(0x7f00000001c0)='./file0\x00', 0x0) write$binfmt_elf64(r6, &(0x7f0000000180)=ANY=[], 0xfec4) fallocate(r3, 0x0, 0x0, 0x2) ioctl$EXT4_IOC_MOVE_EXT(r3, 0xc028660f, &(0x7f0000000040)={0x0, r6, 0x0, 0xfffffffffffffffd}) getsockopt$inet6_tcp_int(r6, 0x6, 0x12, &(0x7f0000000200), &(0x7f0000000180)=0x4) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) [ 2247.881981] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2247.881981] program syz-executor.3 not setting count and/or reply_len properly [ 2247.911337] FAULT_INJECTION: forcing a failure. [ 2247.911337] name failslab, interval 1, probability 0, space 0, times 0 [ 2247.912336] CPU: 1 PID: 11730 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2247.912936] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2247.913633] Call Trace: [ 2247.913867] dump_stack+0x107/0x167 [ 2247.914181] should_fail.cold+0x5/0xa [ 2247.914511] ? create_object.isra.0+0x3a/0xa20 [ 2247.914901] should_failslab+0x5/0x20 [ 2247.915229] kmem_cache_alloc+0x5b/0x310 [ 2247.915580] create_object.isra.0+0x3a/0xa20 [ 2247.915956] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2247.916390] kmem_cache_alloc_node+0x169/0x330 [ 2247.916800] __alloc_skb+0x6d/0x5b0 [ 2247.917119] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2247.917552] ? ip6_mtu+0x1bb/0x3d0 [ 2247.917858] ? ip_frag_init+0x350/0x350 [ 2247.918206] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2247.918602] ? ip6_mtu+0x1e9/0x3d0 [ 2247.918908] ? ip6_setup_cork+0xfb7/0x1740 [ 2247.919271] ip6_make_skb+0x2de/0x4e0 [ 2247.919596] ? ip_frag_init+0x350/0x350 [ 2247.919939] ? ip_frag_init+0x350/0x350 [ 2247.920281] ? ip6_push_pending_frames+0xf0/0xf0 [ 2247.920705] ? ip6_dst_hoplimit+0x199/0x440 [ 2247.921075] ? lock_downgrade+0x6d0/0x6d0 [ 2247.921440] udpv6_sendmsg+0x20d3/0x2ad0 [ 2247.921792] ? ip_frag_init+0x350/0x350 [ 2247.922140] ? udp_v6_push_pending_frames+0x360/0x360 [ 2247.922577] ? SOFTIRQ_verbose+0x10/0x10 [ 2247.922935] ? lock_acquire+0x197/0x470 [ 2247.923275] ? find_held_lock+0x2c/0x110 [ 2247.923625] ? __might_fault+0xd3/0x180 [ 2247.923975] ? sock_has_perm+0x1ea/0x280 [ 2247.924336] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2247.924806] ? trace_hardirqs_on+0x5b/0x180 [ 2247.925174] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2247.925637] ? udp_v6_push_pending_frames+0x360/0x360 [ 2247.926079] inet6_sendmsg+0x105/0x140 [ 2247.926412] ? inet6_compat_ioctl+0x320/0x320 [ 2247.926793] __sock_sendmsg+0xf2/0x190 [ 2247.927126] ____sys_sendmsg+0x334/0x870 [ 2247.927475] ? sock_write_iter+0x3d0/0x3d0 [ 2247.927833] ? do_recvmmsg+0x6d0/0x6d0 [ 2247.928168] ? SOFTIRQ_verbose+0x10/0x10 [ 2247.928526] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2247.928996] ___sys_sendmsg+0xf3/0x170 [ 2247.929330] ? sendmsg_copy_msghdr+0x160/0x160 [ 2247.929724] ? __fget_files+0x2cf/0x520 [ 2247.930064] ? lock_downgrade+0x6d0/0x6d0 [ 2247.930428] ? __fget_files+0x2f8/0x520 [ 2247.930775] ? __fget_light+0xea/0x290 [ 2247.931112] __sys_sendmmsg+0x195/0x470 [ 2247.931455] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2247.931831] ? _raw_spin_unlock_irq+0x1f/0x30 [ 2247.932213] ? __switch_to+0x572/0xf70 [ 2247.932563] ? __switch_to_asm+0x3a/0x60 [ 2247.932908] ? __switch_to_asm+0x34/0x60 [ 2247.933258] ? __schedule+0x82c/0x1ea0 [ 2247.933597] ? io_schedule_timeout+0x140/0x140 [ 2247.933988] ? copy_kernel_to_fpregs+0x9e/0xe0 [ 2247.934378] ? trace_event_raw_event_x86_fpu+0x390/0x390 [ 2247.934845] __x64_sys_sendmmsg+0x99/0x100 [ 2247.935206] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2247.935642] do_syscall_64+0x33/0x40 [ 2247.935961] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2247.936394] RIP: 0033:0x7f9ff3490b19 [ 2247.936744] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2247.938459] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2247.939169] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2247.939835] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2247.940512] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2247.941116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2247.941721] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 03:02:16 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xc958}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:02:16 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 85) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:02:16 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe024000300b6206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:02:16 executing program 5: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) syz_io_uring_complete(0x0) r1 = socket$packet(0x11, 0x3, 0x300) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_POLL_ADD={0x6, 0x5, 0x0, @fd_index=0x5, 0x0, 0x0, 0x0, {0x169}}, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000080)={0x0, 0x1000}, 0x4) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r2, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x3, 0x8080) sendmsg$inet6(r2, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) 03:02:16 executing program 6: prlimit64(0x0, 0xd, &(0x7f0000000080)={0xfffffffffffffffe}, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x4400) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e23, 0x6, @loopback, 0x2}, 0x1c) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) fork() mlock(&(0x7f0000fef000/0x2000)=nil, 0x2000) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) close(0xffffffffffffffff) r2 = gettid() sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000019c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000001980)={&(0x7f0000003240)=ANY=[@ANYBLOB="541600001e00000226bd7000fedbdf2513000000080025000a0101010800250009000000daa0f8620e56fa16382ab06acef31381951ed82f25cc14b178e21908a5294582fc86d2962d01a69204b811d18f0eeb08d0e107764c1dff8f3b909edc489c986974572195b78d58f1e261ac6fa5cec69c8cac39b497a178b7cf4fedf55033c59993beadbbd4a6a8d4a37b8fbe3f6d90e489f29c77bd77b2526f777731d8479a62eea20326da2eb0179b7a010126a73f5e169e64406b4e9959441e9fa4530f8a00e4cf9957f4b598b71da59b8b70d6a0d6c3edf561900dd57698b9c16cf9ae9a0bb080d3303e3f47d9928e1d296a46820f8a5dd0cc0ce8122caf003ef8a5be18ad287453e4bb0504001200ff1fa2f578bd8f3b81e06c9af2fb31e6d14a47eb105bc59de87f05aae70f3453fdea303c3c7025849fdab1c50e22334d0e1858cf3d6aaed6abc66f15af1e058d4a3f91c913840d55941cce6c0a34c3aa45c4ac95956c2a7207f61396043ed1607013dddf1ff1d5bb57baa2bae8342a65aa9edf585ef52a00ba8a1c7ee478a71c7969ae88559b505a4fdf2110386ae3caf1f0a5d42366739da4309bddaaf30523916c99dfcf5b270ec9d8adf32915b3fff67cf23d1be958f85d4b49643c24043334543948bc5b6349615064f5fab5182d4b8e9004c65ecebde66cdfda282cc67946c421699c661eef5b6be9b2ed5a205f55b5667697ca6ce089ebc8ce5f85c5700a96e38bb403b85da5a41e84600e9d19ce2c05616ea54a666de509a01409b57743c2f73e8c021edb2f49215c0e4c88ce137159271d5ece5626c3e28c48271e2571971037e246291eb020afd4fcf1d911344e65ff65506a2c64a901366639cec427e6a67a8f7b46ca6b6a056a901a76fc11dae1d0f2a087f39387df6ece9aad0c7fb244099de0f1b1d351b71e24777d5f2e4bf8bc735e6b3262c52b3e0fc7a67369ce39426c8ddacbbf3ae728359cd666cf001267a66be7d4477e6f4e6ce0e502ecebcc2502b57d94a6d8a1e456e6d80edca74c2490a57c67d89e284d70c00c470d8a40c7417b47eac9a8fb7dbd549cd7384c469f3ffef909760198af3b7ae1df7d6616a26a0c9506b92b8ac7a65306342b5ad7a756db3a25b4fc7a55cb3a9e2449e8ed9b44946d2d3ec09b8c7cacfb560a6e3bfb890d0b17173fcb8743a90b7fe797b7eedcf403fb1c2f731ee5f831e518a6188fd830d743debdf48ceb0dd043f43198209f0e6fd2b7d655192e497014ec79c56e74e641171e40172426cd454ded9001e7bb25d78282734cb79d784366673d2905c79ec0140c4081b3004e30313673d372eb381664ceae96ffe1c2d2d1eb6706fc4679addf31597b273f8ee938578396468fa1cc442b1b2db638a2c3970468b42d41e9717ce94129fc333507e946468b1715814a518b3e12c6f2a05ce9f100906359ad1427ba24d0094695018f014eff4595bbf037255f59900c86c3451ca16a4ad7bf45dec3148fd428f7b8fc2ee07305f2e56c3eec13ca373c3819784c75ae66e108b6d6caa4df8be8e896ae43648f9a513f7382afe2abab102f71d9de6d5c27f872d78fb01fe8d1c38916b6462644325e053639b284085bf9d1167057fde70f646206ad5fb9f43148786acc2338029481e64068347c0f6e4be9b0d29614af275953350f65c89d6a67bd27176359173a3a1604bf795cabad18a95066986f429899d2de91f34af4606b4cc73c6206dd030e215b7dd2d2e06ebbc76d5707f130a2c642e5d5e10c0cde89895ae2bc7be6145c8ce12ef048ad5b5ef96146f80eedfe80e4ba8dbd1919dd852c88851f8ed6f73359bf7ccd260ca451c50450fbe13302328188163adadd713725a5b2532c69ea0dcb53ebb665f9e5ba010594a37b0503aa6f4d44dd15603bf7487f27028d3defe129f37f7fc5219ddf85bfcefa8904ce984b48e9834791e725f10fef3ff510c7348e7991ba3be68f25cabe42101dcd9b0d992aea352cdad39597f55f5845992ca4d18f446efa4670dd44ce743b5e348ba18dfe57a8ff0453175769986a4d038b1c5d4f513fd8e7836399a33fbe7be9f06b1159e27c6ee996bbe8ed44983090e1a609a59667486323aadb60b3b6277452e94f3879bdeaf7073c01145ae809d9ecc89ec468482ec3a956ccf0c21fe580adb31ca1ed6f71fcadaa8e2a97bacc80d9369748883c5418fba058fd74ec268b1d70e039f0d5494d4c323afd5cd49228c2a4fec6b33168901513fabda91a075aabd37f473d2de0612d1ac2ea4cdb2e921b84f5c0d983f0db52dc5432712893f1969df650ada450ce6833e114c01cfacf9a8a89826e49ddd89e6de8372b90aa3fe786796c3ca5490f0e86ddc6ed23160caf0f42d407ab7b345aa85ae94e862f5873f211d9cbf885cb150fad3a54ab148289304705c775fbfef3ecff7027a9aa0d7acae368d25945428040f444adb704505b79ab9b14a883ecb8bcf63829b76df6cd5843f1edd3aa6f97303340fdad2930e5992a677ee4531b3720bac4b7dc1b4a1a1f1457faf5c207fd641aab15283bd330b5844767945f7aca29993ecc5e0cc3b6b70814a092044e0435ee048ad4a7bf3d46199e6edc7924001cb738b5ad3785da3cc0267c09e35ac82d13ff3f837ef29cce617f64d951fffe8a25f05c721ed3b1f51f2d373210a24ffd021b139fbd48274f0fc3129b8a58fa944db3da6523a29f2fca108c726a682987cd2fcfbeb52c5d3b5b5f8bd712cf12f78da428da281f0bec66b41842ed9bdd9a91d014fe93f5cb3bd1069278703c168fa9897785a73a57b7ce75cbbc6006349ebce1208b803841595f7a5d32b28adbace4c5d4f226ff96cc57f06989e4e220445d833781606dfa206f9a5a853ef872234c908f4fed021868fcc40abea2cf04278ccc1d9a598a33b1dafc453e8ef398de0b2351ac8f8436545f5fa81b4b87ef1c13e877451cf6babdf40a29fb7b0e28f1fd8cc9f21cd582e79de68f30fb5ea5aecfd4d9a31ca88188e64f5014c4b0daa164aa47c8bfd30b986eba7cd8c5788a1cfb06294d486721fe285a2b9406a2ca12a100e2c7d025d83c630980bcb692b3a568ccfa17920303cc4a8dfad84d99fb440cc2f0a842a508b017af91fdffa5c0a89483f5d67e78ee741f48c9d95fe86b77251a53824870cd6aa8b93ebd081b7cfe1522f5b42bf14a663dac3cb9e0e329f41f36b93789809c57650f8aa007b93656e13f6d2edb7485c625cbe37b62afdaa6107392e5bcb4180fa3f9cba18b066d6e22407d8fc014acc2767613f324a57e4c1c2d162a01de541719ad558a810e338c23b9da56fcebfee2ef74082b070443e5553ca0e53ce94efdafe1ddd46a123e5b31fb3af323026fad4f1ccbe34b337f5f7286b0f5ed37c896e0e044121cc114f44d79d3839bf0888fdfd64fdc538fa1235bc7643510fe1f2a12c8ed30e30bd8b9172bd489860e6cf2dbd1e5fae1b7ae6add1d7a329d6d40c3f2c696dd3316c60f434b456e9bdf736a2f7c88e3fcfe30e598f0f614aa2f6d0ea2577ada7caee66d9338b911ca6fbfdc2dbb55c91603afc9b1f0881856ca201476ca1ea622096bf623eef56e64e7bbf7b7f0e79d6f19b1c3fb0919964ee760ec7b3e0dd117404a6b77247125da88efe91535713bdea29517f799c625ca17cc7a38413373fa58433a2d3cb996624337b49177df07145cba1852f7ab005693b855d259fded0e2849a1688cbe0052360abe9809671cccdd368becc14a27f53b6b6b715adb6eb2505a0b2b9021097f21e8a392251fd206b4a020189f266308d144e8ef87f19a6342abb40cd20d802ccbbc13343bc3683e0bfcd546e11df15f09f60ad96a01e15986667e3eb7c096db1ff5261343da5a8d0db72aba8b130541a677e224ac544e5c871a2bebc23e3e7bcb2e9569ceeb817c47c1876d75ff8a36a3ac23e6ae770b5bc9a81896ac081a1c5a976ba170a26b401d4d77b9139737146d97d3a749eee64330c14547f0df970e3c5b7f3444176cb982b76f86cba6ba96a7f298a354f37a575aa0ab3aed4ef116147d0a2774fb1357234c6370e6744217fe9a9cc41c17e6c14bb39c57c0268775dc59de21b5d55f9de8cf5914fb717ab46b45adb863abf3223a4b58cc6a510a3ca1fde1e1854dff13309c773942ba22e7d3380250e8afa0e13940c3d9f3f5224f06b3345cf8b3f99ea72801f1acb7496a7bc96bf5120f2e7b7d662ed080d440f3ceb74526a54d4c14d8e6d804efacaecda3b5d6075756f61ba20205a48d0eaef5ca3657b87388a8ddfdab75f250f84e3d9bf5405e56fece8c5500d9b342ff8698a39688f4cca858c30a34863610dea5875d1e8a31384ed682072d91c2ff82321788d8c64f302deae573165a363d0489c77c4afed7ae1e941b9fef4ba73fdc712a56841f53f91d097d0724519bc206a4bc3729f4d4451b1d1dc21970516555d929d3f6528dabba87ff720eaea57156746ed6c8d41c2f87ec9fe754477d86214b03a4555be3299f8995b75243f2928f1b22081c352314f94858576bcab4f2d91d651f88ca792ff0c4fd9c5292bb84f44cb5085c858d59e5c122e748918db0ad0a7f753a61755d2edc0bb10953f01aa8ca7c5f3a289f0113009d6fe4126926f82cd0b64648fb272a5cabbcc31ba5caf1168039b325dfaa0eebea89b2b748ffd1241afaae2a7c21be3dda892a47bad0335f908ead70f2f5ad02df2988733ef7a6b9c57d8431cd0c92dce33931e71cd604c4d98e6afc73a47f8972ff9e021c747c8055f512b3ccc2309bdbdd275dc1a7c91314d6796bceca0478d3261fbafda3dc22fe53a2ca6477b15b3b6b3ad383e99d6a46c1a69e9b7b91fdb7c1b8569f850864b0ca56fc19349c406e5756da122441b7f3f53cf9afd6a3f6e435628c304083a5309f1343aa1e28516ba5badbb12835f01c00bb4ce79115b110b038aa52e10c6a280fe67e3b63b982aaf2415d8cff2b6276c522f2c420505117570ad5bd4225e56b79411baeed0127313ae61d552449e00009b89730abc70c96eb7f9c0e9aed401d336d101d92a3ac92138aa46300483ba0e366a43c8c4f39ba40b8fac78f11272e47d4d4154042c2dac5028d62eba5745d7b538b892303ae7fe63fd6752b85f98e0fe62370fb4c5c861d75915214c3ba1b4a36700acb91bcf0dcb7da9fc12d62b6ab5e6d377723c78308ad55cadc4964801dddd402b34d336268fcfdd2061bb4f21f88f6cec8667670cd1bee93a40fd0e1fbc92dab37c8b8e05ea3fe1aef956b0e78158ff2cce021fd0887fd4e36e540dd5993e789c53b461385160c4107025fc3125349f7a11815241e5ede1ba9557a40f0e402adc24f5969fe39bee4ad4a2e06cb21061b63aae608699afd674c5e47ed88af6430a7355a7e9c049b102e41afff88d432c62070c4a8e87e3a2103e7a3487ab9fb6a0354c694dba41854100bc8b0da44db016a685aebc393a91570598d87687073d62841df32bfd86bb35a17762ba4c34fb3b37fae6b4202e4a1664205334235c5cd7ee637e639d4be902339ddb4ca74b291c8086b461b2372abd320bef0641b5163e57902f10c7beb4c71950ee1044eaae09590316d944f19d3d6caf5435d1cfb9a4d51d8760fd03763102464c6f3af95f0dbd3a49608bb65a5e402aa4288e3e35af745b4471cc384a12b59e3938024f85f3b2077b14e589af5de7149206ab0eec5899fcfd6dc74fe64240e064596ecfd374a03beb1c0d94ce225653e2343c5d0dcbf598e1b6bf5ca3eebf28ee700cb5a8359f8a1003978b6c3461f5dafbbd4bbc3dcd28075e193d11c2d6d0fb22ff8f55e2385feb8d53930177f72818ed3cc08fc52bc80b2f69950eb3b55c507c8841e61d850731a19dc2d90fc3b177fe43bf3fb7ac0159aeadf107f8ea76039a1525358702b794a71dd38bfd95fd9c11b6fb13ee101c3acff15eb01bdfb4e383192a6a854c8f399ddd6f2e6f3893590d7cee4440f18ad6bc54559d0590529818cf6e7aad7f5eca0224c26ca40affc63b9608198c4804de25b26d346b955a1f51b5b7dbfc9bcf5728e60ea8fd901705427acac6e82dfae4b2ba011936468a9607fb62bff0f9df2cb08a273f4ef020ec39835ff02e41d54bef43b783c013b80a3694400232ccfe77be8551fbe9f0c271646b9bdc6a5e2700305cb5ddbf2f69fd3bfae7a72a8adff9631a5b8ae7ceffdf1941dde62ae794dafd9e86ca638c4e94cf3019d4a82434db72db4c69633ce101eb4ed5cd2ab3b9f541602146b3f68fe182500146631f0daf29cbc56ac36bf54ee8a3148caa210b305f7701ca73ced8740a82b5b5b4b83b776380e5ad486da13a05f4d38ee691108009300ac1e000111caab314686047f0b24aef58269eddedfa4bf8e2f4791371d71f35900d47fb0d538e0bf00f6f971dd4f1b35bd3cdedc172fc71f016a06d6c284a4fbcd0704761f6e292e18c7d7bae2b2a4b47308a498edd8ba64d93e22d3fc9b1c2caee37228735b280a705907bf4f0c7447903f35505a80b03c982e0fc64c21f1ca54fcabc8d314d223d38878ee44ec9368f0bb6d2eaf0800190000000000d201298088d578337b305bf7dfe7ecb54a91e9422d8176e41fd2e7fbdfdcaaee958d1fa1b1bb4c30e4800ef3c2d827eee320909466b121534b3b9599e7aa47a0f3f0ceef4a7406e9f6d34180be4b642d9a312b119bd3e798a4ed8e47bf36566802ee026a0ba55fc69a7ad5edd6842c9addf590c14b2a9697fc55a285ffa82847a46f15b7b1e6ea83a66d27e919014cf68982f40d78d2c30c0043119ae378dff963bf907655e20787b7466c04360bcd25e5d034e0371ff77874f2b677aa6eac2f1de5e989f5ff330830a43321f4ffc215fea5ab514d2b93776fada1a7f6540c49ba9e1c74970c00440007000000000000008fca1d74881cccf79823080007000000000005000500000000004064b4d62f767a5178cba8e029aafd045f3599dfbd697a9afb9c113ad6212edee9f46f0b78f05b301a7957bfa7dd2ac2f6afa63d0cd555ecfeb46245c0313f78cdc4c28b41aae5f3f6f6aa578d1f4a35adb513cb91eaf1951271b3da8620eb1c97ad4d0d3585833ce803bc4ea61af881d12bb0b237acb19e101b8e2094d7d55e47f0921c770109f0c30ef1d6fc5a6212ab663cee6d23e9acc9a55e6327c95715e9674bb74c291e8267fda4e97fef7110574bd9f05dd2dbda44c6c4adbb540208000d00", @ANYRES32, @ANYBLOB="000031026d80eff1e1cd655b95972e654de14e7508ac9c7354bccfb7b88d4054faf32b58e77ee903b7048b7ed3ac15bda754624cc7ce49fd1f8b46e81ed76002dd64b860d8b364d734e23b8fc2156df06c4bc1c7ae054b9ea159d8ba2d3256ea480e5269608b098e747b45699125d9e12cf7de9b466f99d923f9c9c294e150e71e4d7cb005b342d653e47f90aa66717e45b92bd90a9348fac91540559c071aef5ec3d56c8b76a58e4d6324f8042e9864be343b18fc1d3b15680fe6e9feb983b4963092eb6ec7987885a51f56391cd6002eeb6bf224110716b48926cb28bca00d527ee96b2bace1e01e66130f2a61db115cb73508000300ffffffff339fa830fa1d627c4119fa139e81a961df6d50469cc4836cebd17a6c29fc41a00c9059e59f2ca02895f732588d944b0b65741475e1cd516327446c6a29e89f52e38fa7e11328b7b174179f370fffff0000962f1cfa3869b123fd5d789d76843c57572c8a5a254ddd555a64a69d732389c4dc31c6793393607c9f4d3a2e4e2d9e0d5e6cb23a6229321f28f5a85f029f7d4b10107694ed6dfdc09c86b606532cdbd939c84452e1d919ab347bcdf41b5afe3415327ef3f92e6e6c2c090105c77446b41a9de0e746b1ecec21ada834ed9da075cd7331e1a7bad7e9696156aa0e6d94e1eadc893f0a7f60128d45c2184de7272f21b4d8b001dabb8a47592867e0c319b145a8dfec70d11cc5782d302896283b19b12f0e24781ffdb526c9b49f94373b9644cfefdddfa4c5a6fbb4f90108005900", @ANYRES32=r2, @ANYBLOB="4afd1da9bef8a707e148979b4a45dad5a3589b8f8d1831a1263b7d130060d0a339a50b4db96dd829883998cccbaf929384d25f4394f69f65d1f41ea013d78e92e0a75f9e3f073c90a56f34f1b22d011838898df73bcb46457c38cbaaaaa598fb923e5de7fe6e0dd5ccb1cbd74d64d019934323f0a3767f008104908f40a892b369797440ca1751680aea3c4c21ccc3ec3818921be6a713cd99a97ff9d43112801e407809b0798fead57a055ef83fe9aba4b62355e8b526c26533282482fcbc558abc91834656d8552fc6e6a5797c113098b13fe7f2423de916db466243da0af6e1a9fcb5aa3062337ce965272088e149d8dbe140ebe7a153c45e0b89b5086d27384053cf136b751f7fb07e2043c015fce3d4af34410500ad3e04fbd29d3e92a0253833a3d2fa924e9a731e17587f2a677cd3ceeb52f3d68524120ebf4233d5aab1e383d10fad45205b16e59fd937aa87cff3e6d4123a49fecc21fbc574e29557355b55a6e2c81cb7b531f8870cf4e4ee3a26a34680e0d23eaec5553ffea5690520e04a3999ea0b4d7ef83e3d1590df6e890fd928419aa9bbde93afe38d07d74871075987665c37e2addd5b2ada765f1564e38e98dcff2126139e421681e6e46721b102bce199e8"], 0x1654}, 0x1, 0x0, 0x0, 0x1}, 0x0) r3 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x2) fcntl$setown(r3, 0x8, 0xffffffffffffffff) close(r3) connect$inet6(r3, &(0x7f0000000040)={0xa, 0x4e24, 0x101, @remote, 0x1}, 0x1c) perf_event_open(&(0x7f0000000140)={0x0, 0x80, 0x6, 0x81, 0x1f, 0x2, 0x0, 0x2, 0x10020, 0xf, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffffffff, 0x4, @perf_bp={&(0x7f0000000100), 0x1}, 0x400, 0x9, 0x7, 0x1, 0x1, 0xbb, 0x5, 0x0, 0x60c5, 0x0, 0x7fffffff}, r2, 0xb, 0xffffffffffffffff, 0x1) fork() mmap$IORING_OFF_SQ_RING(&(0x7f0000fee000/0x2000)=nil, 0x2000, 0x200000a, 0x20032, 0xffffffffffffffff, 0x0) 03:02:16 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000180)='./file0/file0\x00', 0x0, 0x3, &(0x7f00000002c0)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}, {&(0x7f00000000c0)="18d910fdd7722f128569b14dca7d3bf82afa2e62984f90f8cee48c", 0x1b, 0x80000000}], 0x484, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdirat(r0, &(0x7f0000000000)='./file0\x00', 0x41) r1 = openat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) 03:02:16 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 13) 03:02:16 executing program 2: stat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setxattr$system_posix_acl(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='system.posix_acl_access\x00', &(0x7f0000000240)={{}, {}, [], {0x4, 0x2}, [{0x8, 0x6, r0}], {0x10, 0x7}}, 0x2c, 0x0) chown(&(0x7f0000000040)='./file0\x00', 0xee01, r0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r2 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r2, 0x400, 0x1) fcntl$setown(r2, 0x8, 0xffffffffffffffff) close(r2) connect(r2, &(0x7f0000000300)=@llc={0x1a, 0x324, 0x4, 0x99, 0x40, 0x33, @multicast}, 0x80) perf_event_open(0x0, 0x0, 0x0, r1, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x2002, 0x1) [ 2262.405502] FAULT_INJECTION: forcing a failure. [ 2262.405502] name failslab, interval 1, probability 0, space 0, times 0 [ 2262.406478] CPU: 1 PID: 11750 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2262.407074] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2262.407795] Call Trace: [ 2262.408030] dump_stack+0x107/0x167 [ 2262.408344] should_fail.cold+0x5/0xa [ 2262.408694] ? create_object.isra.0+0x3a/0xa20 [ 2262.409102] should_failslab+0x5/0x20 [ 2262.409440] kmem_cache_alloc+0x5b/0x310 [ 2262.409803] create_object.isra.0+0x3a/0xa20 [ 2262.410188] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2262.410638] kmem_cache_alloc+0x159/0x310 [ 2262.411024] dst_alloc+0x9e/0x5d0 [ 2262.411340] rt_dst_alloc+0x73/0x440 [ 2262.411683] ip_route_output_key_hash_rcu+0x93d/0x2a90 [ 2262.412167] ip_route_output_key_hash+0x18d/0x340 [ 2262.412612] ? ip_route_output_key_hash_rcu+0x2a90/0x2a90 [ 2262.413095] ? neigh_connected_output+0x382/0x4d0 [ 2262.413526] ? ip_finish_output2+0x6f1/0x21f0 [ 2262.413933] ? __ip_finish_output.part.0+0x5f3/0xb50 [ 2262.414389] ? __sock_sendmsg+0xf2/0x190 [ 2262.414756] ? ____sys_sendmsg+0x334/0x870 [ 2262.414774] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2262.414774] program syz-executor.3 not setting count and/or reply_len properly [ 2262.415148] ? ___sys_sendmsg+0xf3/0x170 [ 2262.415161] ? __sys_sendmmsg+0x195/0x470 [ 2262.415172] ? __x64_sys_sendmmsg+0x99/0x100 [ 2262.415183] ? do_syscall_64+0x33/0x40 [ 2262.415195] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2262.415212] ip_route_output_flow+0x23/0x150 [ 2262.415228] ip_tunnel_xmit+0x70e/0x2f40 [ 2262.415253] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2262.415272] ? ip_md_tunnel_xmit+0x1840/0x1840 [ 2262.420400] ? slab_free_freelist_hook+0xa9/0x180 [ 2262.420917] sit_tunnel_xmit+0xef0/0x2960 [ 2262.421290] ? find_held_lock+0x2c/0x110 [ 2262.421637] ? ipip_rcv+0x4f0/0x4f0 [ 2262.421962] ? dev_queue_xmit_nit+0x7f5/0xb00 [ 2262.422346] ? lock_downgrade+0x6d0/0x6d0 [ 2262.422795] ? tpacket_rcv+0x3960/0x3960 [ 2262.423703] ? dev_queue_xmit_nit+0x80b/0xb00 [ 2262.424605] dev_hard_start_xmit+0x1cb/0x6f0 [ 2262.424993] __dev_queue_xmit+0x17ec/0x2710 [ 2262.425364] ? find_held_lock+0x2c/0x110 [ 2262.425708] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2262.426098] ? lock_downgrade+0x6d0/0x6d0 [ 2262.426451] ? lock_acquire+0x197/0x470 [ 2262.426790] ? ip_finish_output2+0x220/0x21f0 [ 2262.427175] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2262.427623] neigh_connected_output+0x382/0x4d0 [ 2262.428028] ip_finish_output2+0x6f1/0x21f0 [ 2262.428397] ? nf_hook_slow+0xfc/0x1e0 [ 2262.436790] ? ip_frag_next+0x9e0/0x9e0 [ 2262.437128] ? nf_hook+0x160/0x510 [ 2262.437430] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2262.437867] __ip_finish_output.part.0+0x5f3/0xb50 [ 2262.438281] ? ip_fragment.constprop.0+0x240/0x240 [ 2262.438692] ? nf_hook+0x510/0x510 [ 2262.439002] ip_output+0x2f7/0x600 [ 2262.439308] ip_send_skb+0xdd/0x260 [ 2262.439621] udp_send_skb+0x6da/0x11d0 [ 2262.439965] udp_sendmsg+0x197f/0x2160 [ 2262.440298] ? ip_frag_init+0x350/0x350 [ 2262.440655] ? udp_setsockopt+0xc0/0xc0 [ 2262.441001] ? __lock_acquire+0xbb1/0x5b00 [ 2262.441377] ? handle_mm_fault+0x1a0b/0x3500 [ 2262.441749] ? lock_downgrade+0x6d0/0x6d0 [ 2262.442101] ? do_raw_spin_lock+0x121/0x260 [ 2262.442469] ? rwlock_bug.part.0+0x90/0x90 [ 2262.442828] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2262.443276] udpv6_sendmsg+0x1b30/0x2ad0 [ 2262.443633] ? udp_v6_push_pending_frames+0x360/0x360 [ 2262.444067] ? _down_write_nest_lock+0x160/0x160 [ 2262.444470] ? vmacache_update+0xce/0x140 [ 2262.444848] ? do_user_addr_fault+0x5b0/0xc60 [ 2262.445231] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2262.445672] ? exc_page_fault+0xca/0x1a0 [ 2262.446017] ? trace_hardirqs_on+0x5b/0x180 [ 2262.446384] ? exc_page_fault+0xca/0x1a0 [ 2262.446732] ? asm_exc_page_fault+0x1e/0x30 [ 2262.447101] ? sock_has_perm+0x1ea/0x280 [ 2262.447448] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2262.447892] ? copy_user_generic_string+0x2c/0x40 [ 2262.448310] ? __import_iovec+0x458/0x590 [ 2262.448681] ? udp_v6_push_pending_frames+0x360/0x360 [ 2262.449154] inet6_sendmsg+0x105/0x140 [ 2262.449507] ? inet6_compat_ioctl+0x320/0x320 [ 2262.449911] __sock_sendmsg+0xf2/0x190 [ 2262.450262] ____sys_sendmsg+0x334/0x870 [ 2262.450630] ? sock_write_iter+0x3d0/0x3d0 [ 2262.451009] ? do_recvmmsg+0x6d0/0x6d0 [ 2262.451366] ? SOFTIRQ_verbose+0x10/0x10 [ 2262.451732] ? mark_lock+0xf5/0x2df0 [ 2262.452074] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2262.452560] ___sys_sendmsg+0xf3/0x170 [ 2262.452917] ? sendmsg_copy_msghdr+0x160/0x160 [ 2262.453335] ? __fget_files+0x2cf/0x520 [ 2262.453697] ? lock_downgrade+0x6d0/0x6d0 [ 2262.454078] ? lock_downgrade+0x6d0/0x6d0 [ 2262.454458] ? __fget_files+0x2f8/0x520 [ 2262.454824] ? __fget_light+0xea/0x290 [ 2262.455182] __sys_sendmmsg+0x195/0x470 [ 2262.455544] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2262.455934] ? lock_downgrade+0x6d0/0x6d0 [ 2262.456327] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2262.456773] ? wait_for_completion_io+0x270/0x270 [ 2262.457206] ? rcu_read_lock_any_held+0x75/0xa0 [ 2262.457616] ? vfs_write+0x354/0xb10 [ 2262.457948] ? fput_many+0x2f/0x1a0 [ 2262.458275] ? ksys_write+0x1a9/0x260 [ 2262.458613] ? __ia32_sys_read+0xb0/0xb0 [ 2262.458981] __x64_sys_sendmmsg+0x99/0x100 [ 2262.459359] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2262.459814] do_syscall_64+0x33/0x40 [ 2262.460147] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2262.460605] RIP: 0033:0x7f0fecadbb19 [ 2262.460939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2262.462555] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2262.463241] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2262.463886] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2262.464529] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2262.465165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2262.465793] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 [ 2262.478531] FAULT_INJECTION: forcing a failure. [ 2262.478531] name failslab, interval 1, probability 0, space 0, times 0 [ 2262.479556] CPU: 1 PID: 11747 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2262.480151] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2262.480896] Call Trace: [ 2262.481133] dump_stack+0x107/0x167 [ 2262.481455] should_fail.cold+0x5/0xa [ 2262.481804] should_failslab+0x5/0x20 [ 2262.482144] __kmalloc_node_track_caller+0x74/0x3b0 [ 2262.482581] ? __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2262.483039] __alloc_skb+0xb1/0x5b0 [ 2262.483367] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2262.483816] ? ip6_mtu+0x1bb/0x3d0 [ 2262.484133] ? ip_frag_init+0x350/0x350 [ 2262.484492] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2262.484916] ? ip6_mtu+0x1e9/0x3d0 [ 2262.485235] ? ip6_setup_cork+0xfb7/0x1740 [ 2262.485610] ip6_make_skb+0x2de/0x4e0 [ 2262.485949] ? ip_frag_init+0x350/0x350 [ 2262.486305] ? ip_frag_init+0x350/0x350 [ 2262.486659] ? ip6_push_pending_frames+0xf0/0xf0 [ 2262.487084] ? ip6_dst_hoplimit+0x199/0x440 [ 2262.487469] ? lock_downgrade+0x6d0/0x6d0 [ 2262.487849] udpv6_sendmsg+0x20d3/0x2ad0 [ 2262.488211] ? ip_frag_init+0x350/0x350 [ 2262.488576] ? udp_v6_push_pending_frames+0x360/0x360 [ 2262.489054] ? SOFTIRQ_verbose+0x10/0x10 [ 2262.489425] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2262.489908] ? trace_hardirqs_on+0x5b/0x180 [ 2262.490306] ? lock_acquire+0x197/0x470 [ 2262.490670] ? find_held_lock+0x2c/0x110 [ 2262.491052] ? __might_fault+0xd3/0x180 [ 2262.491412] ? sock_has_perm+0x1ea/0x280 [ 2262.491788] ? security_socket_sendmsg+0x22/0xb0 [ 2262.492208] ? udp_v6_push_pending_frames+0x360/0x360 [ 2262.492673] inet6_sendmsg+0x105/0x140 [ 2262.493026] ? inet6_compat_ioctl+0x320/0x320 [ 2262.493424] __sock_sendmsg+0xf2/0x190 [ 2262.493780] ____sys_sendmsg+0x334/0x870 [ 2262.494153] ? sock_write_iter+0x3d0/0x3d0 [ 2262.494529] ? do_recvmmsg+0x6d0/0x6d0 [ 2262.494883] ? SOFTIRQ_verbose+0x10/0x10 [ 2262.495249] ? mark_lock+0xf5/0x2df0 [ 2262.495584] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2262.496052] ___sys_sendmsg+0xf3/0x170 [ 2262.496408] ? sendmsg_copy_msghdr+0x160/0x160 [ 2262.496823] ? __fget_files+0x2cf/0x520 [ 2262.497171] ? lock_downgrade+0x6d0/0x6d0 [ 2262.497538] ? mark_lock+0xf5/0x2df0 [ 2262.497876] ? __fget_files+0x2f8/0x520 [ 2262.498226] ? __fget_light+0xea/0x290 [ 2262.498564] __sys_sendmmsg+0x195/0x470 [ 2262.498917] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2262.499288] ? lock_downgrade+0x6d0/0x6d0 [ 2262.499652] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2262.500073] ? vfs_write+0x5bf/0xb10 [ 2262.500394] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2262.500861] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2262.501320] ? trace_hardirqs_on+0x5b/0x180 [ 2262.501689] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2262.502170] __x64_sys_sendmmsg+0x99/0x100 [ 2262.502530] do_syscall_64+0x33/0x40 [ 2262.502850] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2262.503290] RIP: 0033:0x7f9ff3490b19 [ 2262.503606] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2262.505196] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2262.505850] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2262.506448] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2262.507057] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2262.507658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2262.508257] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 03:02:17 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021036cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:02:17 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) rename(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='./file0\x00') chdir(&(0x7f0000000040)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0xfdef) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0x0, 0xee01}}, './file0\x00'}) ioctl$sock_SIOCSIFBR(r2, 0x8941, &(0x7f0000000180)=@generic={0x2, 0x0, 0x3}) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) r3 = syz_open_dev$vcsa(&(0x7f0000000000), 0x200, 0x200000) setxattr$incfs_metadata(&(0x7f0000000200)='./file0\x00', &(0x7f0000000380), &(0x7f00000003c0)="f13d18dea4800baf37892cb5ea19969f662e62f182479184b4e742cc940cebd149f2784d914bb26f4aef52bd32f47020ced14fa7b369a261ecd220d1a5334434362ce79eefe69af4a7fb7e9251a8af9e9a0fe66d96d21700dd1dafdcef5f19598b371850ea87c98672e787075fefc505aadfb4195e15774845681d7f120e56c32aede35b1dd9c7e488a2a46e54e36fb88b05150aad5e5c2b80f3fc1996782cf635157cd6e517640372e65a2872a50574a01c", 0xb2, 0x3) syz_open_procfs(0x0, &(0x7f0000000540)='net/wireless\x00') ioctl$BLKBSZSET(r3, 0x40081271, &(0x7f0000000500)=0x3) getdents64(r3, &(0x7f00000002c0)=""/176, 0xb0) 03:02:17 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xcef0}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:02:17 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 86) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:02:17 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 14) 03:02:17 executing program 5: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) r0 = socket$inet(0xa, 0x3, 0xff) dup(r0) kexec_load(0x0, 0x1, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x8000000}], 0x0) kexec_load(0xff, 0x1, &(0x7f0000000080)=[{&(0x7f0000000000)="10985698fa31a18f3bcdf20ad05a0ae28a8ea2bc7102da39afff1fd549f213cfeea468de93c94d82ac54a01d1364b7dbad89d5ab5bc1e0f4aab6e53a5df693bce3873dbe03fa5a616e05b8ed5487ef", 0x4f, 0xe24, 0x6}], 0x320000) 03:02:17 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r5 = dup2(r4, r3) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f00000002c0)) writev(r1, &(0x7f0000000080)=[{&(0x7f00000001c0)="fb1eb379973c5621d03966e45145cb366a5d8cecc4b6c7270f14fc6372d942e3e61f4e4e0d3d423f86b9ad83f1b2a80e8df5a015ee50162abae2dbd4269c32b261eb321ca8b4da7c18b7574cfd36cf2b9b3f080266ac5eb9d30388f55cc391d4731ce7fc4fe8800a3fd1d4b5f34b9a371cd737fcb7fff584ba841a338d498c3af9c6f3113d2a7664ac837557ffc11139173a457be327510447945001eace17b507b5fbcbadf95c617f0df08190d5d5f52517727deb57fa11e0269a8b", 0xbc}], 0x1) r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x107142, 0x0) sendfile(r6, r3, 0x0, 0x7ffffff9) fallocate(r2, 0x0, 0x0, 0x8004) perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000040)={0x0, r1}) 03:02:17 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SCSI_IOCTL_BENCHMARK_COMMAND(r0, 0x3) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) ioctl$AUTOFS_DEV_IOCTL_FAIL(r1, 0xc0189377, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0x7ff, 0x7fffffff}}, './file0\x00'}) pidfd_send_signal(r2, 0x3e, &(0x7f0000000200)={0x25, 0xd89a, 0x4}, 0x0) [ 2262.758742] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2262.758742] program syz-executor.3 not setting count and/or reply_len properly [ 2262.792396] FAULT_INJECTION: forcing a failure. [ 2262.792396] name failslab, interval 1, probability 0, space 0, times 0 [ 2262.793493] CPU: 1 PID: 11778 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2262.793924] FAULT_INJECTION: forcing a failure. [ 2262.793924] name failslab, interval 1, probability 0, space 0, times 0 [ 2262.794073] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2262.794079] Call Trace: [ 2262.794098] dump_stack+0x107/0x167 [ 2262.794114] should_fail.cold+0x5/0xa [ 2262.794130] ? create_object.isra.0+0x3a/0xa20 [ 2262.797225] should_failslab+0x5/0x20 [ 2262.797550] kmem_cache_alloc+0x5b/0x310 [ 2262.797900] create_object.isra.0+0x3a/0xa20 [ 2262.798273] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2262.798707] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 2262.799137] ? __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2262.799578] __alloc_skb+0xb1/0x5b0 [ 2262.799895] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2262.800325] ? ip6_mtu+0x1bb/0x3d0 [ 2262.800643] ? ip_frag_init+0x350/0x350 [ 2262.801000] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2262.801394] ? ip6_mtu+0x1e9/0x3d0 [ 2262.801698] ? ip6_setup_cork+0xfb7/0x1740 [ 2262.802060] ip6_make_skb+0x2de/0x4e0 [ 2262.802388] ? ip_frag_init+0x350/0x350 [ 2262.802730] ? ip_frag_init+0x350/0x350 [ 2262.803070] ? ip6_push_pending_frames+0xf0/0xf0 [ 2262.803476] ? ip6_dst_hoplimit+0x199/0x440 [ 2262.803844] ? lock_downgrade+0x6d0/0x6d0 [ 2262.804209] udpv6_sendmsg+0x20d3/0x2ad0 [ 2262.804569] ? ip_frag_init+0x350/0x350 [ 2262.804922] ? udp_v6_push_pending_frames+0x360/0x360 [ 2262.805358] ? SOFTIRQ_verbose+0x10/0x10 [ 2262.805714] ? lock_acquire+0x197/0x470 [ 2262.806050] ? find_held_lock+0x2c/0x110 [ 2262.806399] ? __might_fault+0xd3/0x180 [ 2262.806748] ? sock_has_perm+0x1ea/0x280 [ 2262.807109] ? __import_iovec+0x458/0x590 [ 2262.807463] ? udp_v6_push_pending_frames+0x360/0x360 [ 2262.807902] inet6_sendmsg+0x105/0x140 [ 2262.808234] ? inet6_compat_ioctl+0x320/0x320 [ 2262.808627] __sock_sendmsg+0xf2/0x190 [ 2262.808971] ____sys_sendmsg+0x334/0x870 [ 2262.809317] ? sock_write_iter+0x3d0/0x3d0 [ 2262.809676] ? do_recvmmsg+0x6d0/0x6d0 [ 2262.810010] ? SOFTIRQ_verbose+0x10/0x10 [ 2262.810355] ? mark_lock+0xf5/0x2df0 [ 2262.810674] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2262.811120] ___sys_sendmsg+0xf3/0x170 [ 2262.811453] ? sendmsg_copy_msghdr+0x160/0x160 [ 2262.811845] ? __fget_files+0x2cf/0x520 [ 2262.812184] ? lock_downgrade+0x6d0/0x6d0 [ 2262.812539] ? lock_downgrade+0x6d0/0x6d0 [ 2262.812913] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2262.813357] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2262.813812] ? trace_hardirqs_on+0x5b/0x180 [ 2262.814179] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2262.814643] ? __sys_sendmmsg+0x13a/0x470 [ 2262.815001] __sys_sendmmsg+0x195/0x470 [ 2262.815343] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2262.815710] ? lock_downgrade+0x6d0/0x6d0 [ 2262.816076] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2262.816488] ? wait_for_completion_io+0x270/0x270 [ 2262.816917] ? rcu_read_lock_any_held+0x75/0xa0 [ 2262.817311] ? vfs_write+0x354/0xb10 [ 2262.817628] ? fput_many+0x2f/0x1a0 [ 2262.817940] ? ksys_write+0x1a9/0x260 [ 2262.818264] ? __ia32_sys_read+0xb0/0xb0 [ 2262.818614] __x64_sys_sendmmsg+0x99/0x100 [ 2262.818975] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2262.819409] do_syscall_64+0x33/0x40 [ 2262.819728] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2262.820160] RIP: 0033:0x7f9ff3490b19 [ 2262.820478] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2262.822025] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2262.822670] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2262.823267] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2262.823866] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2262.824463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2262.825079] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 [ 2262.825703] CPU: 0 PID: 11781 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2262.826365] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2262.827121] Call Trace: [ 2262.827374] dump_stack+0x107/0x167 [ 2262.827715] should_fail.cold+0x5/0xa [ 2262.828074] should_failslab+0x5/0x20 [ 2262.828430] __kmalloc_node_track_caller+0x74/0x3b0 [ 2262.828937] ? ip_tunnel_xmit+0xedf/0x2f40 [ 2262.829327] ? __ip_finish_output.part.0+0x5f3/0xb50 [ 2262.829898] pskb_expand_head+0x15a/0x1040 [ 2262.830305] ? tnl_update_pmtu+0x381/0x1450 [ 2262.830718] ip_tunnel_xmit+0xedf/0x2f40 [ 2262.831104] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2262.831585] ? ip_md_tunnel_xmit+0x1840/0x1840 [ 2262.832022] ? slab_free_freelist_hook+0xa9/0x180 [ 2262.832472] sit_tunnel_xmit+0xef0/0x2960 [ 2262.832907] ? find_held_lock+0x2c/0x110 [ 2262.833282] ? ipip_rcv+0x4f0/0x4f0 [ 2262.833620] ? dev_queue_xmit_nit+0x7f5/0xb00 [ 2262.834035] ? lock_downgrade+0x6d0/0x6d0 [ 2262.834419] ? tpacket_rcv+0x3960/0x3960 [ 2262.834792] ? dev_queue_xmit_nit+0x80b/0xb00 [ 2262.835215] dev_hard_start_xmit+0x1cb/0x6f0 [ 2262.835626] __dev_queue_xmit+0x17ec/0x2710 [ 2262.836031] ? find_held_lock+0x2c/0x110 [ 2262.836496] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2262.836971] ? lock_downgrade+0x6d0/0x6d0 [ 2262.837422] ? lock_acquire+0x197/0x470 [ 2262.839297] ? ip_finish_output2+0x220/0x21f0 [ 2262.839715] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2262.840325] neigh_connected_output+0x382/0x4d0 [ 2262.840811] ip_finish_output2+0x6f1/0x21f0 [ 2262.841321] ? nf_hook_slow+0xfc/0x1e0 [ 2262.841690] ? ip_frag_next+0x9e0/0x9e0 [ 2262.842055] ? nf_hook+0x160/0x510 [ 2262.842595] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2262.843065] __ip_finish_output.part.0+0x5f3/0xb50 [ 2262.843566] ? ip_fragment.constprop.0+0x240/0x240 [ 2262.844013] ? nf_hook+0x510/0x510 [ 2262.844402] ip_output+0x2f7/0x600 [ 2262.844783] ip_send_skb+0xdd/0x260 [ 2262.845124] udp_send_skb+0x6da/0x11d0 [ 2262.845562] udp_sendmsg+0x197f/0x2160 [ 2262.845926] ? ip_frag_init+0x350/0x350 [ 2262.846368] ? udp_setsockopt+0xc0/0xc0 [ 2262.846742] ? __lock_acquire+0xbb1/0x5b00 [ 2262.847149] ? handle_mm_fault+0x1a0b/0x3500 [ 2262.847553] ? lock_downgrade+0x6d0/0x6d0 [ 2262.847935] ? do_raw_spin_lock+0x121/0x260 [ 2262.848332] ? rwlock_bug.part.0+0x90/0x90 [ 2262.848767] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2262.849255] udpv6_sendmsg+0x1b30/0x2ad0 [ 2262.849641] ? udp_v6_push_pending_frames+0x360/0x360 [ 2262.850113] ? _down_write_nest_lock+0x160/0x160 [ 2262.850550] ? vmacache_update+0xce/0x140 [ 2262.850938] ? do_user_addr_fault+0x5b0/0xc60 [ 2262.851354] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2262.851833] ? exc_page_fault+0xca/0x1a0 [ 2262.852204] ? trace_hardirqs_on+0x5b/0x180 [ 2262.852623] ? exc_page_fault+0xca/0x1a0 [ 2262.853024] ? asm_exc_page_fault+0x1e/0x30 [ 2262.853422] ? sock_has_perm+0x1ea/0x280 [ 2262.853797] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2262.854274] ? copy_user_generic_string+0x2c/0x40 [ 2262.854727] ? __import_iovec+0x458/0x590 [ 2262.855110] ? udp_v6_push_pending_frames+0x360/0x360 [ 2262.855587] inet6_sendmsg+0x105/0x140 [ 2262.855949] ? inet6_compat_ioctl+0x320/0x320 [ 2262.856373] __sock_sendmsg+0xf2/0x190 [ 2262.856792] ____sys_sendmsg+0x334/0x870 [ 2262.857168] ? sock_write_iter+0x3d0/0x3d0 [ 2262.857555] ? do_recvmmsg+0x6d0/0x6d0 [ 2262.857918] ? SOFTIRQ_verbose+0x10/0x10 [ 2262.858307] ? mark_lock+0xf5/0x2df0 [ 2262.858653] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2262.859300] ___sys_sendmsg+0xf3/0x170 [ 2262.859666] ? sendmsg_copy_msghdr+0x160/0x160 [ 2262.860107] ? __fget_files+0x2cf/0x520 [ 2262.860602] ? lock_downgrade+0x6d0/0x6d0 [ 2262.861057] ? lock_downgrade+0x6d0/0x6d0 [ 2262.861563] ? __fget_files+0x2f8/0x520 [ 2262.862000] ? __fget_light+0xea/0x290 [ 2262.862513] __sys_sendmmsg+0x195/0x470 [ 2262.862947] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2262.863555] ? lock_downgrade+0x6d0/0x6d0 [ 2262.863995] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2262.864604] ? wait_for_completion_io+0x270/0x270 [ 2262.865080] ? rcu_read_lock_any_held+0x75/0xa0 [ 2262.865590] ? vfs_write+0x354/0xb10 [ 2262.865936] ? fput_many+0x2f/0x1a0 [ 2262.866386] ? ksys_write+0x1a9/0x260 [ 2262.866738] ? __ia32_sys_read+0xb0/0xb0 [ 2262.867241] __x64_sys_sendmmsg+0x99/0x100 [ 2262.867653] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2262.868123] do_syscall_64+0x33/0x40 [ 2262.868465] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2262.868950] RIP: 0033:0x7f0fecadbb19 [ 2262.869293] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2262.870964] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2262.871668] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2262.872318] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2262.873012] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2262.873661] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2262.874381] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 03:02:17 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 87) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:02:17 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021076cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:02:17 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000000)='./file0\x00') r0 = getuid() mount$9p_unix(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x2000, &(0x7f00000002c0)={'trans=unix,', {[{@version_L}, {@version_9p2000}], [{@pcr={'pcr', 0x3d, 0x20}}, {@subj_role={'subj_role', 0x3d, 'vfat\x00'}}, {@func={'func', 0x3d, 'KEXEC_INITRAMFS_CHECK'}}, {@uid_eq={'uid', 0x3d, r0}}, {@appraise_type}, {@smackfstransmute={'smackfstransmute', 0x3d, 'vfat\x00'}}, {@obj_type={'obj_type', 0x3d, 'vfat\x00'}}]}}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) 03:02:17 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') r1 = creat(&(0x7f0000000140)='./file0\x00', 0x0) ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r1, 0x4018f50b, &(0x7f0000000040)={0x1, 0x2, 0x7}) 03:02:17 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xd488}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) [ 2263.033021] FAULT_INJECTION: forcing a failure. [ 2263.033021] name failslab, interval 1, probability 0, space 0, times 0 [ 2263.034687] CPU: 0 PID: 11800 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2263.035325] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2263.036076] Call Trace: [ 2263.036329] dump_stack+0x107/0x167 [ 2263.036709] should_fail.cold+0x5/0xa [ 2263.037118] should_failslab+0x5/0x20 [ 2263.037513] __kmalloc_node_track_caller+0x74/0x3b0 [ 2263.038036] ? __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2263.038697] __alloc_skb+0xb1/0x5b0 [ 2263.039082] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2263.039618] ? ip6_mtu+0x1bb/0x3d0 [ 2263.040000] ? ip_frag_init+0x350/0x350 [ 2263.040525] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2263.040989] ? ip6_mtu+0x1e9/0x3d0 [ 2263.041433] ? ip6_setup_cork+0xfb7/0x1740 [ 2263.041832] ip6_make_skb+0x2de/0x4e0 [ 2263.042257] ? ip_frag_init+0x350/0x350 [ 2263.043986] ? ip_frag_init+0x350/0x350 [ 2263.044467] ? ip6_push_pending_frames+0xf0/0xf0 [ 2263.044929] ? ip6_dst_hoplimit+0x199/0x440 [ 2263.045457] ? lock_downgrade+0x6d0/0x6d0 [ 2263.045854] udpv6_sendmsg+0x20d3/0x2ad0 [ 2263.046371] ? ip_frag_init+0x350/0x350 [ 2263.046749] ? udp_v6_push_pending_frames+0x360/0x360 [ 2263.047426] ? SOFTIRQ_verbose+0x10/0x10 [ 2263.047823] ? lock_acquire+0x197/0x470 [ 2263.048304] ? find_held_lock+0x2c/0x110 [ 2263.048703] ? __might_fault+0xd3/0x180 [ 2263.049091] ? sock_has_perm+0x1ea/0x280 [ 2263.049561] ? __import_iovec+0x458/0x590 [ 2263.049951] ? udp_v6_push_pending_frames+0x360/0x360 [ 2263.050431] inet6_sendmsg+0x105/0x140 [ 2263.050795] ? inet6_compat_ioctl+0x320/0x320 [ 2263.051210] __sock_sendmsg+0xf2/0x190 [ 2263.051587] ____sys_sendmsg+0x334/0x870 [ 2263.051966] ? sock_write_iter+0x3d0/0x3d0 [ 2263.052359] ? do_recvmmsg+0x6d0/0x6d0 [ 2263.052738] ? SOFTIRQ_verbose+0x10/0x10 [ 2263.053114] ? mark_lock+0xf5/0x2df0 [ 2263.053462] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2263.053950] ___sys_sendmsg+0xf3/0x170 [ 2263.054315] ? sendmsg_copy_msghdr+0x160/0x160 [ 2263.054741] ? __fget_files+0x2cf/0x520 [ 2263.055109] ? lock_downgrade+0x6d0/0x6d0 [ 2263.055496] ? lock_downgrade+0x6d0/0x6d0 [ 2263.055888] ? __fget_files+0x2f8/0x520 [ 2263.056275] ? __fget_light+0xea/0x290 [ 2263.056659] __sys_sendmmsg+0x195/0x470 [ 2263.057036] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2263.057440] ? lock_downgrade+0x6d0/0x6d0 [ 2263.057843] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2263.058301] ? wait_for_completion_io+0x270/0x270 [ 2263.058750] ? rcu_read_lock_any_held+0x75/0xa0 [ 2263.059183] ? vfs_write+0x354/0xb10 [ 2263.059528] ? fput_many+0x2f/0x1a0 [ 2263.059868] ? ksys_write+0x1a9/0x260 [ 2263.060222] ? __ia32_sys_read+0xb0/0xb0 [ 2263.060616] __x64_sys_sendmmsg+0x99/0x100 [ 2263.061013] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2263.061495] do_syscall_64+0x33/0x40 [ 2263.061842] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2263.062314] RIP: 0033:0x7f9ff3490b19 [ 2263.062661] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2263.064471] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2263.065300] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2263.065989] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2263.066718] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2263.067473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2263.068128] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 [ 2263.074477] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2263.074477] program syz-executor.3 not setting count and/or reply_len properly 03:02:17 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021096cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) [ 2263.224172] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2263.224172] program syz-executor.3 not setting count and/or reply_len properly 03:02:17 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) [ 2263.304518] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2263.304518] program syz-executor.3 not setting count and/or reply_len properly 03:02:18 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xda20}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:02:18 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 88) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:02:18 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000080)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}, {&(0x7f00000002c0)="153b08cc54eb50bc585e9880c80461d1af4ea89436932d6a910300be75bf27c2f07abc284b59676b3316754f0d302a78529e93a23052edd1721919f058945bcbba418feecce6cc7cebff67bf089a7b9cc6acd2f1960b970e3ec6216c87b655403b7137d60d76ffcc39f08537402b072efa1d60adb87d5bbed0ace949dd48402c419288f38c73c25704f7084670d98abddd7e5c691a0aaefc60f7e06f6ab3fefd512a17e3dd9730337d8137e45c527e5b9073cdd9adeb16cd9acd4bb9f2001a53abbb0e167d8eb68a34343944fee4d69426c71a14ce9c", 0xd6, 0xe011}], 0x143000, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0xfdef) r1 = openat$cgroup(r0, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) sendfile(r1, r0, 0x0, 0x7) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) close(r2) r3 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r3, 0x400, 0x1) fcntl$setown(r3, 0x8, 0xffffffffffffffff) close(r3) fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f0000000240)='syz0\x00', 0x0, r3) ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000000180)=0x6ff) 03:02:18 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) 03:02:18 executing program 6: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xca92}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001340)=ANY=[]) ioctl$PERF_EVENT_IOC_RESET(r0, 0x2403, 0xff) r2 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r2, 0x400, 0x1) fcntl$setown(r2, 0x8, 0xffffffffffffffff) close(r2) openat(r2, &(0x7f0000001140)='./file1\x00', 0x200002, 0x124) r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x88001) dup3(r1, r3, 0x0) ioctl$BTRFS_IOC_TREE_SEARCH(r3, 0xd0009411, &(0x7f00000000c0)={{0x0, 0x0, 0x10000000000, 0x9, 0x0, 0x0, 0x5, 0x7fff, 0x3, 0x7fffffff, 0x1000, 0x3, 0xfff, 0x101, 0x100000000}}) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0xc0709411, &(0x7f0000001180)=ANY=[@ANYRES64=r4, @ANYBLOB="08000000000000007f000000000000001f000000000000007f000000000000000300000000000000ffff000000000000ff01000001040000ed20322f0600c8521389a257abd6000001e0ffffffffffffff000000000000000000000000000000ff0f000000bba59a3b08919e5210d80000000000000000004d93fc96db00ac5b679ab9742267ea9f580a278a5853e41a1f56af000500000000000000f15d25300dc1c3ad100cc4d9f55a8db2ff11e7d869ff03"]) [ 2263.462073] FAULT_INJECTION: forcing a failure. [ 2263.462073] name failslab, interval 1, probability 0, space 0, times 0 [ 2263.463434] CPU: 1 PID: 11827 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2263.464026] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2263.464735] Call Trace: [ 2263.464967] dump_stack+0x107/0x167 [ 2263.465281] should_fail.cold+0x5/0xa [ 2263.465614] ? create_object.isra.0+0x3a/0xa20 [ 2263.466009] should_failslab+0x5/0x20 [ 2263.466335] kmem_cache_alloc+0x5b/0x310 [ 2263.466686] create_object.isra.0+0x3a/0xa20 [ 2263.467060] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2263.467495] kmem_cache_alloc_node+0x169/0x330 [ 2263.467890] __alloc_skb+0x6d/0x5b0 [ 2263.468211] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2263.468656] ? ip6_mtu+0x1bb/0x3d0 [ 2263.468963] ? ip_frag_init+0x350/0x350 [ 2263.469313] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2263.469727] ip6_make_skb+0x2de/0x4e0 [ 2263.470060] ? ip_frag_init+0x350/0x350 [ 2263.470402] ? ip_frag_init+0x350/0x350 [ 2263.470742] ? ip6_push_pending_frames+0xf0/0xf0 [ 2263.471148] ? ip6_dst_hoplimit+0x199/0x440 [ 2263.471517] ? lock_downgrade+0x6d0/0x6d0 [ 2263.471899] udpv6_sendmsg+0x20d3/0x2ad0 [ 2263.472250] ? ip_frag_init+0x350/0x350 [ 2263.472620] ? udp_v6_push_pending_frames+0x360/0x360 [ 2263.473073] ? SOFTIRQ_verbose+0x10/0x10 [ 2263.473424] ? mark_lock+0xf5/0x2df0 [ 2263.473748] ? lock_acquire+0x197/0x470 [ 2263.474086] ? find_held_lock+0x2c/0x110 [ 2263.474436] ? __might_fault+0xd3/0x180 [ 2263.474784] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2263.475238] ? sock_has_perm+0x1ea/0x280 [ 2263.475600] ? kcov_remote_stop+0x310/0x310 [ 2263.475974] ? __import_iovec+0x458/0x590 [ 2263.476328] ? udp_v6_push_pending_frames+0x360/0x360 [ 2263.476781] inet6_sendmsg+0x105/0x140 [ 2263.477118] ? inet6_compat_ioctl+0x320/0x320 [ 2263.477499] __sock_sendmsg+0xf2/0x190 [ 2263.477835] ____sys_sendmsg+0x334/0x870 [ 2263.478185] ? sock_write_iter+0x3d0/0x3d0 [ 2263.478543] ? do_recvmmsg+0x6d0/0x6d0 [ 2263.478899] ___sys_sendmsg+0xf3/0x170 [ 2263.479244] ? sendmsg_copy_msghdr+0x160/0x160 [ 2263.479645] ? __fget_files+0x2cf/0x520 [ 2263.479984] ? lock_downgrade+0x6d0/0x6d0 [ 2263.480344] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2263.480822] ? trace_hardirqs_on+0x5b/0x180 [ 2263.481191] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2263.481675] ? __fget_files+0x2f8/0x520 [ 2263.482023] ? __fget_light+0xea/0x290 [ 2263.482363] __sys_sendmmsg+0x195/0x470 [ 2263.482719] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2263.483113] ? setup_APIC_eilvt+0x2f0/0x2f0 [ 2263.483482] ? clockevents_program_event+0x131/0x360 [ 2263.483916] ? tick_program_event+0xa8/0x140 [ 2263.484295] ? hrtimer_interrupt+0x771/0x9b0 [ 2263.484708] __x64_sys_sendmmsg+0x99/0x100 [ 2263.485076] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2263.485512] do_syscall_64+0x33/0x40 [ 2263.485831] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2263.486278] RIP: 0033:0x7f9ff3490b19 [ 2263.486597] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2263.488136] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2263.488795] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2263.489404] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2263.490026] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2263.490628] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2263.491228] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 [ 2263.510809] EXT4-fs warning (device sda): ext4_resize_begin:82: There are errors in the filesystem, so online resizing is not allowed [ 2263.565270] EXT4-fs warning (device sda): ext4_resize_begin:82: There are errors in the filesystem, so online resizing is not allowed 03:02:33 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 15) 03:02:33 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 89) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:02:33 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe024000300210a6cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:02:33 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x93, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000001c0)='./cgroup/cgroup.procs\x00', 0x0) open_by_handle_at(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="0000000000000000931bc1e600"], 0x0) r1 = creat(&(0x7f0000000200)='./cgroup/cgroup.procs\x00', 0x82) bind$packet(r1, &(0x7f0000000140)={0x11, 0xf5, 0x0, 0x1, 0x3}, 0x14) fcntl$setlease(r1, 0x400, 0x1) fcntl$setown(r1, 0x8, 0xffffffffffffffff) r2 = openat$sr(0xffffffffffffff9c, &(0x7f00000000c0), 0x40180, 0x0) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000100)={0x3, 0x4, 0x8, 0x4, 0xfffffff7}) bind$packet(r1, &(0x7f0000000180)={0x11, 0x19, 0x0, 0x1, 0xff, 0x6, @local}, 0x14) close(r1) r3 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r3, 0x400, 0x1) fcntl$setown(r3, 0x8, 0xffffffffffffffff) close(r3) fsconfig$FSCONFIG_SET_PATH(r1, 0x3, &(0x7f0000000040)='@\x1e\x00', &(0x7f0000000080)='./cgroup/cgroup.procs\x00', r3) 03:02:33 executing program 2: r0 = shmget$private(0x0, 0x3000, 0x1000, &(0x7f0000ffb000/0x3000)=nil) shmat(r0, &(0x7f0000ffb000/0x2000)=nil, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r1, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) 03:02:33 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000340)={{0x1, 0x1, 0x18, r0}, './file1\x00'}) name_to_handle_at(r1, &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)=@isofs_parent={0x14, 0x2, {0x1, 0x5, 0x3, 0x2d7b, 0x6, 0xffff}}, &(0x7f0000000400), 0x1000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000180)="758efbfb55c22e677b262f7f12eb50d0653be4a68bfbfce24a60fe724c6d", 0x1e, 0xd1a}], 0x22, &(0x7f00000002c0)={[{@nouid32}, {@noinit_itable}, {@usrjquota}, {@stripe}], [{@uid_eq={'uid', 0x3d, 0xee01}}, {@smackfsroot={'smackfsroot', 0x3d, 'vfat\x00'}}]}) write$binfmt_elf64(r2, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) write$binfmt_elf32(r0, &(0x7f0000000440)={{0x7f, 0x45, 0x4c, 0x46, 0x9b, 0x20, 0x40, 0xa7, 0xff, 0x2, 0x3e, 0x8, 0x12e, 0x38, 0x283, 0x81, 0x2, 0x20, 0x1, 0x200, 0xb6ce, 0x8}, [{0x1, 0x6, 0x7, 0x0, 0xff, 0x925, 0x31d2, 0x6}], "63f1aa9e9d7463326ee78e40f8f6e1291f2b1b5e2fa536278d66b3f5e84731d59cf3eace2d691f5635062b98a6d53f9fc944282bcd972e3c93fb51b6ec569609fa9e8af276d7711c962c1ef7b41b99eba78334ba66a57a360951068ef175", ['\x00', '\x00', '\x00', '\x00', '\x00']}, 0x5b6) 03:02:33 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xdfb8}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:02:33 executing program 5: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x1) r1 = getpgrp(0xffffffffffffffff) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000640)={0x0, 0x1, 0x1, 0x400, r1}) r2 = syz_open_dev$rtc(&(0x7f0000000040), 0x9, 0x181002) r3 = getpgrp(0xffffffffffffffff) fcntl$lock(r2, 0x7, &(0x7f0000000640)={0x0, 0x1, 0x1, 0x400, r3}) r4 = getegid() r5 = getgid() recvmsg$unix(r0, &(0x7f0000001c80)={&(0x7f0000001700), 0x6e, &(0x7f0000001ac0)=[{&(0x7f0000001780)=""/236, 0xec}, {&(0x7f0000001880)=""/82, 0x52}, {&(0x7f0000001900)=""/234, 0xea}, {&(0x7f0000001a00)=""/91, 0x5b}, {&(0x7f0000001a80)=""/37, 0x25}], 0x5, &(0x7f0000001b40)=[@rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0}}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x108}, 0x40000020) r7 = syz_open_dev$rtc(&(0x7f0000000040), 0x9, 0x181002) r8 = getpgrp(0xffffffffffffffff) fcntl$lock(r7, 0x7, &(0x7f0000000640)={0x0, 0x1, 0x1, 0x400, r8}) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000001cc0)={0x0}, &(0x7f0000001d00)=0xc) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r0, 0xc018937b, &(0x7f0000001d40)={{0x1, 0x1, 0x18, r0, {0xee01}}, './file0\x00'}) stat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setxattr$system_posix_acl(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='system.posix_acl_access\x00', &(0x7f0000000480)={{}, {}, [], {}, [{0x8, 0x0, r11}], {0x10, 0x6}}, 0x2c, 0x0) sendmsg$unix(0xffffffffffffffff, &(0x7f0000001e80)={&(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000001640)=[{&(0x7f0000000180)="4490c137aecfaaa4324b5b4f018a0e1d46da6903a49a2f5b4e27467d870c800cb0b04dec865ab6d8520a7628541cec0e4e799780599c95d9f916c93ced027e6d26ae948ac5b1bb23e2058f2bc3494bc9c1cc87a846554722d5f0c1b9bdfd1e62a76397159c157f5746ce3972726365b114473d4b4c2c49a746423ec1eb4075665e61ba47de90c2fc776b65b0f7f9b7", 0x8f}, {&(0x7f0000000240)="918a57ad2bad4468b83677c36355406a0c51910c753b5235e664c5805645a2a79758c95e15e1049b22ec9d0c37a71f5b9046860b5a79b93d6af3c367121f02a55aa001095c61a7c9ac8aebe07c9339147ffefad41d19ad1d4ba6b29e7f4ed8d09c7d0638f0bac82f3df59447d7ab4efe417cd66beaca2582008b6f630d7f5f333429164299f827dea0fb6d15efc5f9f4643faf005b104ff8dd2bb8e50214c994388baa89551139c0102e15a8a3dc24ad52fcea379409425401107a8b0e91db3f98a71e7dbb1c34c759196fb053da0133", 0xd0}, {&(0x7f0000000340)="404b7ec760617a422449a4191fa847641081491e4857367c2b6c28af70c18e24689ec3001b1660c92e086ae09a09c2f3bdd5256dbfdda3669669350ecc62d63f91380bdef3fe5d799acfe65235cdf5dcab315c2b9adc0336759fd00aa78c6863a0e55c5ffd256c1e104db59aeeb8ba49c7492de1a25bcac5bea0de3a759a36aeaac7e6ee88665fcba8fa846ce0f9e56d0529aafc348bf35e0675f1b33f680eb0f12d583f55fa1cb473f6e3532c54ad963383ce4a", 0xb4}, {&(0x7f0000000400)="a6b0d8fd61930822b76344303fb39ecc3d863bb4d76232d41ea37dc61f1a3e656f5d6fc118f003754ac4c349823c4a87abb615178ffdc84be5db23670aaeee1b2ce61a52219d774677c921ed68", 0x4d}, {&(0x7f0000000480)="a47dce9ab56b371449e49b99a60edde887c230fa54670c2ea21be9d3549470ac52683abba147f01a2aba4297d9c9570462489b2e187425ce74afe1b82bfceaa0ecb1602a029575a82b86b40efb9fadbb5a97fc7749e94a6a0a5c03", 0x5b}, {&(0x7f0000000500)="0d4e669c26b41848f3d894ac482c9f9dbe11ad9377ab165435964a0cc3c198465353c47ced71afcc00f1e4d9570b4fa7bede222ffd3aee79318af2e3407ce0e3995073b54b17984b97316dc5d232f461429828eb1b163ee473dbb8f1ac3d0cb44e95b4b9cfdaa2bc33092b13c4ebf9eb3d89acb91a74c857602da83bbd2be36ac0f103eeab4891b46e0aad3b7f8b78bf31dece82626315d07a9fb7d0a549ea0a3a5e7e3a66798656c68d8810c148cc088b84709443c78e19aae614a5f5eb92843a96ce89d7fa8f8cf3b6b8f72d239364c38554f6455e68f443db51bec384ecdbdad28f71d9776eb11b434b2fcc158084165951408c625d72452ae977057c6e5d1aefdfa43b1696f131af7a8ba621bf829b897ad3c4d624d9d6184133704848b5fe873fb6fd57451f1729542032308076e9b9ea2db2fc3e12a23f831ce435ff4d043878f2155070bb6e0e36233f6b17bce6cfc5138656bf25b3fad25222322f19ce60a976a0b604f79ebca2021e8de0687f135455980a503cf3e2b3f2fab374604a0831a63d8654c23ccd32d2e5ba5f6f5e1ef779e05f87fac31efbdb93bee173dce652c565b5906a7e10d23a9ef0a4bd57e00f5737c70d8e787df0cd4101fc6ad4c80aab481b2ac0eec889926c1405d0e9a9f33e4befea92023d7b7b41af60ddec6e3c690dd45c313f29b67526cd33daf707b9a9c4fb14e5f8930d6d1d34a597dfbad71fda41cd94868e0e8410ac8a4c45a1b2109e907da320d3cb645ffbb6302eeef2b48e661d15f401d283ca4912a0b961cfdbe416cb6aee8bd835d85d2d6a16d66b4b57b491b4bacec6372ae0d5ac085ecf75695e3aba26796b399a69d0240b4d6becc79f9eb3fd48a71a7ec1d0ed2a7cf32021b70a3a8ee9c965c3b7d433bc439042c748d7502dd7bb0bfd495a333e6d372fe12cff864c2eb0734ec59df8bfd1d4429178aa1f2c31e4ce0d881f230b05d26edca499034536027f78aba4f2530c9adf32da844197a391b5b93bec39f38182242011728bed960346bd507fc5c1ed989f86dda4599cb079fa06ba6f91bcbbf09ecd22a5d6d1f6f95cbf11d86d3976421f234a51db7281a3cfb5e93c311b504e1ae7685b777b9b340370a230c5e2142b890a2d1d705ad8cbf888f25f7ab682e43813f75a61f146bf9608b625ed7248d2a95353c7e7ae3abba44b58e243c46817f7adb527d6dea345ccb3983def9ce8020b8b00506b6aa005115b5aeb6bae852030c3ec7975cb3f7c1863c677ce756a32f07867d72263e20afb96442dbeeda670423f065a7a90b1f39f41fd965e6bb75f4c7f51e86e958352f0df658283c885e45a99519d5e1aff8407013ca1ee83b47b7324e09b38c0e738210d58132305a86132ea821778234a968c682e9b37422427c0ab75d3af592069e9001dbfdde4b86678ff0ed76878988b0db8e82d4b780f8056545e8c23e7a431984c63ce2f4e48cd7ae731d8c959634ee5d1b15311fa26fc973611294940042ea1187573196fd6527779f5bf20aed5540ca8e8d04ce8f2ecf10c70299a8aa8bbe6643c911df52bf296a46738c07bbca7d8d9f0efc2fe9b87f2397b4aae65ed2856783ee483914ef9a19c09a3703f3605640c118a1a5aa13aae97e1016d769ec34661756631304545170744d2c5ae3c18e258c3af449459f2c7f7d0ba154856e81e8016a99fbd3b2cc9abb90c0ee700bcec59af8a8ed03372acfa37049ba7c21902c9d129cc6a77d59d2a2f1b2922894dfcd8e18bcf6696ea297bc1d2454fdf5694d5c262daa47a5409ecabfc20de0a93b7af9d167fafb8fbf8f1a92d04995c669995d70b39504b7d5cfbee61d159ea24aa43f155223be82700546c726f6ceb190820bdeb46937c4b1ca8a89c17e0434becf1983b35070875d9551d4e5bd028cf5bc6177a8d07d991b914b147fa9183057af83ca9ca93374b16e0f543aa411e8c5dc116210b124cb66f5b94f2c54a9af199f9a803c798bdd804cfba7afd490a2e8d576c8b409d3ed94ea5f142f3b33634ccfd8763d97902ee996ace2c810069e1633b3a0773acac50a07c1ea799b98e229bb6bd064588c047b7c9fc2476afec121847451b3914f064359873accfda23da7dc940a09f369c674d0402517f0c2c85e341069f7876d6d82a2fd63b62f6437e97916c21ce9203c7d35ad51991a430fa731d3121de04931394498e0847031d6468d536c58fedcbbea13d962722b9920b310257155bca9d1b12826ce496ba02778136bcf52d6bbb3df6927c58f637492d4c09b1751fed6e8174e72c85c6f35c358743f463f39c8830e517a0d42f9fc31c51dec66bf71361b13247b8be9c0e90045d0f15281c310ee3ec8084dd32ca783b0a0e6cc2739eeb3451fa8eda28d29d17d77627b974338930e6becf8ccd9b6f1c98088fa458056c999300a28fa73ea742bb542bfd050f349e8a1bc6cc0d86e2e59ada9b4198948161e3c06d6d64acb4511f29d25f75db4f9ffb169ae0226e9d6a3cf33071d0e47cb36f92d7c8ffbb250fdda7f04b34d1689ed0faeaeb84b9de61ffad3a0bde09becc728c67e30192611d5322a8c0f21276400ecc4e2ab0091d202d39ff033006c369e9d058c049ab078fe4128e267bf1b5c696d355b1337510974c44999799a8bfc429a28e9d3600cb01dcea203025d8e966721e14311f235af5ca5e4f2db33e1ae52bd479722e19c36d5f4334e9a7e03a61069eba282b872798251bfa5cbb987c2b8c951d9bbe7615642da249a1c97b13c48a6f48eaab50a1f8ddeef0b5c04dc443449806c91e51a1ea14d4b159388f50837a88444dd0c6ca0404d176360f51c5a3f91e0d8c16a7777bde43de63d9556d85309e3b6ab66edb42a88cb512fcb4b59d45ed598e9458a26968c3560aebd3d2151d3ebe58c8699d894b18ae64f8e122091beea283a413dc7a18bcb380939e5176966eb1de93eea47964993ee1d4e376acd981781e04d4e39aea6dda9e39cc6e116deb22d8cd7630ead0eab2079d52cadff66c0fb8a777f4a728b96567299d6f931fffbb204166fa3e1f0e0bfe35b9ec7eb001275c343d87c3cb0124de1b7ffcbb23c1fb9b2cc124f46fb75890b344fb4ce4728251e22efea9cfe11028c776d573bd08ee13d207a3616ede18698f38fc88abb7f40fde0786283cd252e351497daa5be56c3568e16df3c8db40a96c994182cb3347e05b60ca281319f992681d35b2247efc40568fe381894b065101c48abe7fbf78633d5485b3b8cf45294686e49b5c147a262a03753b71f768af0f586d6516bfcd66976fac58dd7615b3732d7fac24e2bbaf0986f87654b4fe4b151500353703db168b483fc4a236f9b4bc238272c273619b8ca23f1f8d1adfab82b57fdda345b42294f2860e91c036e7d806f19adae058937186d8f35462c44470e86ae12086e3bdb2a2834e61c7cefd11acf9fa4afe2bd765515db4fcca0455e5dee8e68c7c82454733500807fdded481680b92203924b6c6f2c54bed6879a9d0873aff154ca524149e09804c8e0f3d42799f6fa7c0e8143339fd50878bff06216b2ea97ed4589b4f2b4fcd36fdc4e78aa7fb4821855b736883f9ef430e76b42be549c1484219bab76cf41124d3edcfcd1588142dc8aa23b4df4c63a1a98406770ac9293362de9878cbee8a102351a03e5fdbe7ee5a0d9d2c6174b02a54ad250538d079cb326ed2578102d7ba3318d7a1829b31d3726e9284678ae8505849f56971c0c85f1c01f6f42f0ca7e3e425ca7f55cb9d1b629e7c8b317bd12740242fc8fb0f0c897c63fda74d01f1b008e358e3c25e0050d26476ab571be8e8a0a8a2e08758d27cc31c30ab49eb4822d7683e2154ef56d2ae544fbc781e20f3b9047b264c4701ff30f1cc2dba9aed0453d0a3473f1b59ffd16ce68b0edc288e578d45f62ff74f70ce1c1c51bbfcc852ac6a1a861e27526a7970845c7320bf848e8d782c86f4dfbba3d63da2672cc8d154363d2b015806c93656ecc15bce63f03c3d7c08ca9e34cb22d8892b3a078835f48cd650f5b4240ea098477ae5beb76550cdbe3a80e2a61a363b69fef78a88ca23e716433aeaf5f7c773c5623b038c22c0841a9b2b411bf14bd6ace60a1a43b896818f7b4d0d1ddcd9432bf9696a7e9f4c933422ecbae25de8c835ec378a59483df3985c48a834ee452b6d849fc456a5ae54f96ee4f795042ce8f0beeb1bbe1ee15465c663fa1b46dd5fa9d2ea6979630182ebf4a131929c86d0e8424287afe129a0dd8117e721e158c4625206aeef50c997408bb1213be0e28e1f890f5d3eef5d559ef2ef2a424e9ca6816daf70f99356014ff86f04b4ceedbeb8b7ac7c27bc62630fe037181519df599d3067b21a314bfe07c565006e526f5a6a8acbdb1af2ff7980f6a73945f5b3370cc3298b8f1335faae427e9e32f9663be772c9b3f4b42a38576536c8032b75a9a3ecf7e7ce9640d813fb8cfb323711812a31564c275f1090522f24406fe49c6f8a8b336dbcec3d9cf99945774080ba71bbf7e8f47aa1f0ecd294fdd4a93c6a86f59760e8b4adf662f8d02dc274665c1783ee86767e89be85f57b0915ca0772bf6c5749d36c1667d6bdd7872b593848d453d8df924c5d88cc0140bf3f4df53a025c1abd14aef0065869d99123709e45556bb054f75ef734227b02e9b1720e45593a77a4f745de980036264ac2a6056bcc52cb58f892d0fc9423a3e8c5d763223d7a30d5cd6fe0c1de895b283818450aab8758ca55b76d01ee4547e1bfff3fbf56e57967f36a717f456fafedf6a91411cf89c7bff1dd3c7d4f80cc6ad109ac69eb975b9388378341a265dd5a1683a702b34b0a18c0b822cd7e03145392c5688dfd4385ffb93c639d8c981cce590c92bd259bc593bba3b07813edee4e6986e01802eba1b59f59cb6faf275277a4eedf77d384ed21e9b2d8950ca632bb22b93bd9227abef212993e0ed82121bd250716dd1fa577718d8b0298f6520be4a408337b73cdbd425d3198f0bceeedfba19c36be70ef94a4165dece39eb5b182c512b5cab2da0a74aa9d0c4c2d905ffa7fb69ff63518259263152633fdc6992066088465149f3d34d25b9452e788c4d57a625d340a7fbdb785af99819f5fa1424a1a71096dfe8d06b9a680054279f6691ca0e2cedfdff4d6a5e2c7c71e375fd92f4545bb933d3937b984343ecd48efd11f9ff76a21a244d8ba459ae650839cf66f2f6301a0e4b3bc32f10420d4446914c1e534c3f7880e6019ab3bdd1d823f55144ebfcac9e8c45123cfd8aa27566c8d8162ed1c0075b554a9538404c6145d1a7bd064881bc07bd4ef80f2b1a807322eee59cbbd0353d00a1972a9ce600846622d09a38568aad8e52d79c89f919097832524c3a4366ab6b2bdff2285c351ecc1a5de07bcb307507c59c4534fdc6fe273f62b6fcd4da06081f3335b9242a99a75c486285e638c61f8ff797dfdf0d54dc57a9e5058b9ec7ecf812fe3605428480322709c6090243cd26675b6f2ea79f1c5b3e85fc6741e528564b1daa3814563a8db2be53b085684ec1c837bc7fd4482217f35b0120d5e9631ca8981c9617030b5a882c134e5527812479b077870acabd50fb53a0e88f8af0974a0f3f2651b25291401a58ba971ef01cb8b2b814ccd7036ff285f8f5390a8b62e5f4d282bf3c13d962dccd8b35c083d8c2d952769a46f739e22d218d425d83b8d124d71b5bc5bc5f357e7c80089528a467d1036677dd69f6ebfc6c9212e3d9488ddf2db8d80df0109063dc590d720550c896ed1ac15c890b08456db40a129392f32595ff50f2b", 0x1000}, {&(0x7f0000000000)="0591480b92731b324133b36366c07dda644804dafdee8302117450fcb9f1cdad1ac426772fdb011a20a04f4224e9a0582e0d", 0x32}, {&(0x7f0000001500)="532f535955a89bfcb6d869b211a17f93fd2271fe0833e03fe25e7b211a532de9e70243b6798e9765e82a039ac4b14b93688c5edc68512646ab1706b6ccb3a30afdc1e11ca7d812eef6ef80bea80d16fe69b0f5a5366b5c8542c9f6cf846a9e4894e4935249b8aca7a07b44e4f3cc8cc8613b639d1a701ac5e0dc8d98ee7af834c2822614e5aa069adfa2012473fc88e20b2d913222b51fd11daa281bdf500eea6c36825a2db9a6d2eaed2d8990b2e67f606360881932f90d6164f6223e3a452ccaa8908e34e60a3043", 0xc9}, {&(0x7f0000001600)="719bbc7519b921e30267273d19", 0xd}], 0x9, &(0x7f0000001d80)=[@cred={{0x1c, 0x1, 0x2, {r1, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {r3, 0xffffffffffffffff, r4}}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xffffffffffffffff, r5}}}, @cred={{0x1c, 0x1, 0x2, {r6, 0xee00, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {r8, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {r9, r10, r11}}}, @rights={{0x10}}], 0xd0, 0x4044}, 0x4008) r12 = open$dir(&(0x7f0000000080)='./file0\x00', 0x153803, 0x148) prlimit64(0x0, 0x7, &(0x7f0000000080), 0x0) open_by_handle_at(r12, &(0x7f00000000c0)=ANY=[@ANYBLOB="1000000004a6a541f16e000000144337429f0ac7ffff0300"], 0x101102) [ 2278.840189] FAULT_INJECTION: forcing a failure. [ 2278.840189] name failslab, interval 1, probability 0, space 0, times 0 [ 2278.842035] CPU: 0 PID: 11860 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2278.842677] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2278.843436] Call Trace: [ 2278.843691] dump_stack+0x107/0x167 [ 2278.844033] should_fail.cold+0x5/0xa [ 2278.844391] ? __alloc_skb+0x6d/0x5b0 [ 2278.854728] should_failslab+0x5/0x20 [ 2278.855208] kmem_cache_alloc_node+0x55/0x330 [ 2278.855625] __alloc_skb+0x6d/0x5b0 [ 2278.856020] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2278.856491] ? ip6_mtu+0x1bb/0x3d0 [ 2278.856889] ? ip_frag_init+0x350/0x350 [ 2278.857267] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2278.857698] ? ip6_mtu+0x1e9/0x3d0 [ 2278.858075] ? ip6_setup_cork+0xfb7/0x1740 [ 2278.858470] ip6_make_skb+0x2de/0x4e0 [ 2278.858865] ? ip_frag_init+0x350/0x350 [ 2278.859238] ? ip_frag_init+0x350/0x350 [ 2278.859607] ? ip6_push_pending_frames+0xf0/0xf0 [ 2278.860123] ? ip6_dst_hoplimit+0x199/0x440 [ 2278.860522] ? lock_downgrade+0x6d0/0x6d0 [ 2278.860974] udpv6_sendmsg+0x20d3/0x2ad0 [ 2278.861353] ? ip_frag_init+0x350/0x350 [ 2278.861727] ? udp_v6_push_pending_frames+0x360/0x360 [ 2278.863248] ? SOFTIRQ_verbose+0x10/0x10 [ 2278.863635] ? lock_acquire+0x197/0x470 [ 2278.865932] ? find_held_lock+0x2c/0x110 [ 2278.866312] ? __might_fault+0xd3/0x180 [ 2278.866690] ? sock_has_perm+0x1ea/0x280 [ 2278.868174] ? __import_iovec+0x458/0x590 [ 2278.868558] ? udp_v6_push_pending_frames+0x360/0x360 [ 2278.870103] inet6_sendmsg+0x105/0x140 [ 2278.870465] ? inet6_compat_ioctl+0x320/0x320 [ 2278.871972] __sock_sendmsg+0xf2/0x190 [ 2278.872334] ____sys_sendmsg+0x334/0x870 [ 2278.872719] ? sock_write_iter+0x3d0/0x3d0 [ 2278.874157] ? do_recvmmsg+0x6d0/0x6d0 [ 2278.874521] ? SOFTIRQ_verbose+0x10/0x10 [ 2278.875987] ? mark_lock+0xf5/0x2df0 [ 2278.876334] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2278.877936] ___sys_sendmsg+0xf3/0x170 [ 2278.878301] ? sendmsg_copy_msghdr+0x160/0x160 [ 2278.878728] ? __fget_files+0x2cf/0x520 [ 2278.880145] ? lock_downgrade+0x6d0/0x6d0 [ 2278.880533] ? lock_downgrade+0x6d0/0x6d0 [ 2278.882006] ? __fget_files+0x2f8/0x520 [ 2278.882382] ? __fget_light+0xea/0x290 [ 2278.883788] __sys_sendmmsg+0x195/0x470 [ 2278.884169] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2278.884568] ? lock_downgrade+0x6d0/0x6d0 [ 2278.887002] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2278.887451] ? wait_for_completion_io+0x270/0x270 [ 2278.888948] ? rcu_read_lock_any_held+0x75/0xa0 [ 2278.889378] ? vfs_write+0x354/0xb10 [ 2278.889726] ? fput_many+0x2f/0x1a0 [ 2278.891137] ? ksys_write+0x1a9/0x260 [ 2278.891489] ? __ia32_sys_read+0xb0/0xb0 [ 2278.892927] __x64_sys_sendmmsg+0x99/0x100 [ 2278.893321] do_syscall_64+0x33/0x40 [ 2278.893668] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2278.895212] RIP: 0033:0x7f9ff3490b19 [ 2278.895559] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2278.899354] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2278.901104] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2278.902827] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2278.903476] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2278.905178] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2278.906908] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 [ 2278.972221] FAULT_INJECTION: forcing a failure. [ 2278.972221] name failslab, interval 1, probability 0, space 0, times 0 [ 2278.973264] CPU: 1 PID: 11866 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2278.973849] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2278.974547] Call Trace: [ 2278.974784] dump_stack+0x107/0x167 [ 2278.975099] should_fail.cold+0x5/0xa [ 2278.975430] ? __build_flow_key.constprop.0+0x1df/0x660 [ 2278.975885] ? create_object.isra.0+0x3a/0xa20 [ 2278.976279] should_failslab+0x5/0x20 [ 2278.976605] kmem_cache_alloc+0x5b/0x310 [ 2278.980976] ? ip_rt_update_pmtu+0x2e8/0xaa0 [ 2278.981351] create_object.isra.0+0x3a/0xa20 [ 2278.981722] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2278.982151] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 2278.982576] ? ip_tunnel_xmit+0xedf/0x2f40 [ 2278.982934] ? __ip_finish_output.part.0+0x5f3/0xb50 [ 2278.983367] pskb_expand_head+0x15a/0x1040 [ 2278.983725] ? tnl_update_pmtu+0x381/0x1450 [ 2278.984098] ip_tunnel_xmit+0xedf/0x2f40 [ 2278.984453] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2278.984915] ? ip_md_tunnel_xmit+0x1840/0x1840 [ 2278.985309] ? slab_free_freelist_hook+0xa9/0x180 [ 2278.985723] sit_tunnel_xmit+0xef0/0x2960 [ 2278.986078] ? find_held_lock+0x2c/0x110 [ 2278.986420] ? ipip_rcv+0x4f0/0x4f0 [ 2278.986729] ? dev_queue_xmit_nit+0x7f5/0xb00 [ 2278.987108] ? lock_downgrade+0x6d0/0x6d0 [ 2278.987460] ? tpacket_rcv+0x3960/0x3960 [ 2278.987802] ? dev_queue_xmit_nit+0x80b/0xb00 [ 2278.988188] dev_hard_start_xmit+0x1cb/0x6f0 [ 2278.988567] __dev_queue_xmit+0x17ec/0x2710 [ 2278.988955] ? find_held_lock+0x2c/0x110 [ 2278.989300] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2278.989688] ? lock_downgrade+0x6d0/0x6d0 [ 2278.990039] ? lock_acquire+0x197/0x470 [ 2278.990376] ? ip_finish_output2+0x220/0x21f0 [ 2278.990757] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2278.991203] neigh_connected_output+0x382/0x4d0 [ 2278.991604] ip_finish_output2+0x6f1/0x21f0 [ 2278.991970] ? nf_hook_slow+0xfc/0x1e0 [ 2278.992301] ? ip_frag_next+0x9e0/0x9e0 [ 2278.992637] ? nf_hook+0x160/0x510 [ 2278.992959] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2278.993390] __ip_finish_output.part.0+0x5f3/0xb50 [ 2278.993807] ? ip_fragment.constprop.0+0x240/0x240 [ 2278.994218] ? nf_hook+0x510/0x510 [ 2278.994526] ip_output+0x2f7/0x600 [ 2278.994832] ip_send_skb+0xdd/0x260 [ 2278.995144] udp_send_skb+0x6da/0x11d0 [ 2278.995482] udp_sendmsg+0x197f/0x2160 [ 2278.995813] ? ip_frag_init+0x350/0x350 [ 2278.996155] ? udp_setsockopt+0xc0/0xc0 [ 2278.996497] ? __lock_acquire+0xbb1/0x5b00 [ 2279.000888] ? handle_mm_fault+0x1a0b/0x3500 [ 2279.001270] ? lock_downgrade+0x6d0/0x6d0 [ 2279.001624] ? do_raw_spin_lock+0x121/0x260 [ 2279.002008] ? rwlock_bug.part.0+0x90/0x90 [ 2279.002367] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2279.002825] udpv6_sendmsg+0x1b30/0x2ad0 [ 2279.003189] ? udp_v6_push_pending_frames+0x360/0x360 [ 2279.003624] ? _down_write_nest_lock+0x160/0x160 [ 2279.004045] ? vmacache_update+0xce/0x140 [ 2279.004403] ? do_user_addr_fault+0x5b0/0xc60 [ 2279.004820] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2279.005272] ? exc_page_fault+0xca/0x1a0 [ 2279.005629] ? trace_hardirqs_on+0x5b/0x180 [ 2279.005992] ? exc_page_fault+0xca/0x1a0 [ 2279.006355] ? asm_exc_page_fault+0x1e/0x30 [ 2279.006734] ? sock_has_perm+0x1ea/0x280 [ 2279.007092] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2279.007540] ? copy_user_generic_string+0x2c/0x40 [ 2279.007957] ? __import_iovec+0x458/0x590 [ 2279.008309] ? udp_v6_push_pending_frames+0x360/0x360 [ 2279.008760] inet6_sendmsg+0x105/0x140 [ 2279.009097] ? inet6_compat_ioctl+0x320/0x320 [ 2279.009477] __sock_sendmsg+0xf2/0x190 [ 2279.009809] ____sys_sendmsg+0x334/0x870 [ 2279.010155] ? sock_write_iter+0x3d0/0x3d0 [ 2279.010513] ? do_recvmmsg+0x6d0/0x6d0 [ 2279.010845] ? SOFTIRQ_verbose+0x10/0x10 [ 2279.011188] ? mark_lock+0xf5/0x2df0 [ 2279.011506] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2279.011952] ___sys_sendmsg+0xf3/0x170 [ 2279.012284] ? sendmsg_copy_msghdr+0x160/0x160 [ 2279.012675] ? __fget_files+0x2cf/0x520 [ 2279.013034] ? lock_downgrade+0x6d0/0x6d0 [ 2279.013391] ? lock_downgrade+0x6d0/0x6d0 [ 2279.013749] ? __fget_files+0x2f8/0x520 [ 2279.014094] ? __fget_light+0xea/0x290 [ 2279.014431] __sys_sendmmsg+0x195/0x470 [ 2279.014775] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2279.015141] ? lock_downgrade+0x6d0/0x6d0 [ 2279.015507] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2279.015920] ? wait_for_completion_io+0x270/0x270 [ 2279.016330] ? rcu_read_lock_any_held+0x75/0xa0 [ 2279.016730] ? vfs_write+0x354/0xb10 [ 2279.017057] ? fput_many+0x2f/0x1a0 [ 2279.017370] ? ksys_write+0x1a9/0x260 [ 2279.017695] ? __ia32_sys_read+0xb0/0xb0 [ 2279.018052] __x64_sys_sendmmsg+0x99/0x100 [ 2279.018410] do_syscall_64+0x33/0x40 [ 2279.018726] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2279.019159] RIP: 0033:0x7f0fecadbb19 [ 2279.019477] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2279.021038] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2279.021684] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2279.022282] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2279.022881] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2279.023477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2279.024076] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 [ 2279.032182] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2279.032182] program syz-executor.3 not setting count and/or reply_len properly [ 2279.061927] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2279.061927] program syz-executor.3 not setting count and/or reply_len properly 03:02:33 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 90) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:02:33 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xe550}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:02:33 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021256cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:02:33 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe024000300210a6cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:02:33 executing program 6: umount2(&(0x7f0000000000)='./file0\x00', 0x0) unlinkat(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0x200) mount$9p_rdma(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x29002, &(0x7f0000000240)=ANY=[@ANYBLOB="7472616e733d72646d6128706f72743d3078303030a88af4f24cee30303030303030346532312c73713d3078303030303030303030303030303030f9ffffff3d3078303030303030303030303030303030312c72713d307830303030303030303030ff30303030372c63616368652c646f280414eeb29e816e3da97cf6eec2fe83652c7065726d69745f646972656374696f2c7375626a5f747970653d5d272b1a2c7375626a5f016f6c653d812c61707072616989655f747970653d696d6173eaa1507a65a3b00230520eb9"]) select(0xff37, 0x0, 0x0, 0x0, &(0x7f00000013c0)) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000100)={0x68, 0x29, 0x1, {0x1, [{{0x40, 0x2, 0x2}, 0x2, 0x3, 0x7, './file0'}, {{0x1, 0x0, 0x2}, 0xff, 0x6a, 0x7, './file0'}, {{0x20, 0x0, 0x7}, 0xfffffffffffffffe, 0x39, 0x7, './file0'}]}}, 0x68) [ 2279.891195] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2279.891195] program syz-executor.3 not setting count and/or reply_len properly [ 2279.921324] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2279.921324] program syz-executor.3 not setting count and/or reply_len properly [ 2279.962133] FAULT_INJECTION: forcing a failure. [ 2279.962133] name failslab, interval 1, probability 0, space 0, times 0 [ 2279.963125] CPU: 1 PID: 11890 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2279.963718] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2279.964421] Call Trace: [ 2279.964659] dump_stack+0x107/0x167 [ 2279.968992] should_fail.cold+0x5/0xa [ 2279.969321] ? create_object.isra.0+0x3a/0xa20 [ 2279.969713] should_failslab+0x5/0x20 [ 2279.970041] kmem_cache_alloc+0x5b/0x310 [ 2279.970389] create_object.isra.0+0x3a/0xa20 [ 2279.970760] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2279.971192] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 2279.971622] ? __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2279.972061] __alloc_skb+0xb1/0x5b0 [ 2279.972375] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2279.976831] ? ip6_mtu+0x1bb/0x3d0 [ 2279.977136] ? ip_frag_init+0x350/0x350 [ 2279.977482] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2279.977876] ? ip6_mtu+0x1e9/0x3d0 [ 2279.978179] ? ip6_setup_cork+0xfb7/0x1740 [ 2279.978540] ip6_make_skb+0x2de/0x4e0 [ 2279.978860] ? ip_frag_init+0x350/0x350 [ 2279.979198] ? ip_frag_init+0x350/0x350 [ 2279.979537] ? ip6_push_pending_frames+0xf0/0xf0 [ 2279.979947] ? ip6_dst_hoplimit+0x199/0x440 [ 2279.980313] ? lock_downgrade+0x6d0/0x6d0 [ 2279.980676] udpv6_sendmsg+0x20d3/0x2ad0 [ 2279.981042] ? ip_frag_init+0x350/0x350 [ 2279.981387] ? udp_v6_push_pending_frames+0x360/0x360 [ 2279.981823] ? SOFTIRQ_verbose+0x10/0x10 [ 2279.982178] ? lock_acquire+0x197/0x470 [ 2279.982515] ? find_held_lock+0x2c/0x110 [ 2279.982870] ? __might_fault+0xd3/0x180 [ 2279.983215] ? sock_has_perm+0x1ea/0x280 [ 2279.983577] ? __import_iovec+0x458/0x590 [ 2279.983930] ? udp_v6_push_pending_frames+0x360/0x360 [ 2279.984435] inet6_sendmsg+0x105/0x140 [ 2279.984781] ? inet6_compat_ioctl+0x320/0x320 [ 2279.985166] __sock_sendmsg+0xf2/0x190 [ 2279.985498] ____sys_sendmsg+0x334/0x870 [ 2279.985845] ? sock_write_iter+0x3d0/0x3d0 [ 2279.986202] ? do_recvmmsg+0x6d0/0x6d0 [ 2279.986535] ? SOFTIRQ_verbose+0x10/0x10 [ 2279.986883] ? mark_lock+0xf5/0x2df0 [ 2279.987204] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2279.987649] ___sys_sendmsg+0xf3/0x170 [ 2279.987980] ? sendmsg_copy_msghdr+0x160/0x160 [ 2279.988372] ? __fget_files+0x2cf/0x520 [ 2279.988717] ? lock_downgrade+0x6d0/0x6d0 [ 2279.989089] ? lock_downgrade+0x6d0/0x6d0 [ 2279.989449] ? __fget_files+0x2f8/0x520 [ 2279.989804] ? __fget_light+0xea/0x290 [ 2279.990147] __sys_sendmmsg+0x195/0x470 [ 2279.990505] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2279.990883] ? lock_downgrade+0x6d0/0x6d0 [ 2279.991254] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2279.991670] ? wait_for_completion_io+0x270/0x270 [ 2279.992097] ? rcu_read_lock_any_held+0x75/0xa0 [ 2279.992488] ? vfs_write+0x354/0xb10 [ 2279.992833] ? fput_many+0x2f/0x1a0 [ 2279.993154] ? ksys_write+0x1a9/0x260 [ 2279.993478] ? __ia32_sys_read+0xb0/0xb0 [ 2279.993837] __x64_sys_sendmmsg+0x99/0x100 [ 2279.994202] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2279.994637] do_syscall_64+0x33/0x40 [ 2279.994971] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2279.995402] RIP: 0033:0x7f9ff3490b19 [ 2279.995723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2279.997316] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2279.997981] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2279.998732] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2279.999940] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2280.000963] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2280.001563] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 [ 2280.117503] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2280.117503] program syz-executor.5 not setting count and/or reply_len properly 03:02:49 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 16) 03:02:49 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x58, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x2800018, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./mnt\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000004c0)='mnt/encrypted_dir\x00', 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000240), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, 0xfffffffffffffffc}, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000001a00)=@IORING_OP_RECVMSG={0xa, 0x5, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000019c0)={&(0x7f0000000440)=@l2, 0x80, &(0x7f0000001900)=[{&(0x7f0000000640)=""/222, 0xde}, {&(0x7f00000003c0)=""/2, 0x2}, {&(0x7f0000000500)=""/112, 0x70}, {&(0x7f0000000740)=""/128, 0x80}, {&(0x7f00000007c0)=""/117, 0x75}, {&(0x7f0000000840)=""/4096, 0x1000}, {&(0x7f0000001840)=""/166, 0xa6}], 0x7, &(0x7f0000001980)=""/63, 0x3f}, 0x0, 0x40000002, 0x1, {0x2}}, 0xdc4c) r3 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0) mount$9p_rdma(&(0x7f0000000200), &(0x7f0000000240)='./mnt\x00', &(0x7f0000000280), 0x4010444, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=rdma,port=0x0000000000004e24,timeout=0x0000000000000000,sq=0x00000H0000000009,\x00']) openat(0xffffffffffffffff, &(0x7f0000001a40)='./file2/file0\x00', 0x400, 0x112) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000001b80)=ANY=[@ANYBLOB="37b50b7f09c124e5237bd827a5ff3c85f44cc2197d7a1336652365a1eef58b8c42f6874e14c5097a38a26b9f2741b75f9a958021021141fef703aa8daff58dc6938dc5f7b7cdefe372668b1f8ac9983fac658810693ba952f49103a13ed5a59dc648108a743a0eafa62d5518eec424887ccf890f08dc28a27068da03e30ad7cf253faa327105ba6764bbfe0a2caee0fafd85d05371be674f7604ff5f06be1c691c9f659f3609c6066ea410", @ANYRES32=r0, @ANYRES32, @ANYBLOB="009a3b286a2d9e4209ec72220366d06aacf4adb3b0"]) chdir(&(0x7f0000000300)='./file2\x00') futimesat(0xffffffffffffffff, &(0x7f0000000000)='./mnt\x00', 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) fcntl$notify(r3, 0x402, 0x180000030) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001a80)=ANY=[@ANYBLOB="240000001800210c000000000000000002000000080000000000000008000500000000005a5184f6ae04b4382074acb7b531fd71e7e9ab217f8af40d882b0e6e80e8bf7bc6474d8d0aaf7741e8e36b2c657e4fac3dc4ca8eb74b411d426f8128c3da71f562bc5a01728f785f11a74ec3893aeacdfd88a823fd4c7158ee3201903083c4b331e5417de76bd3c434fa248d47c8e464ebb8753a79e13c3988187519ea6a903d35a00da8c00708d40c980d5fffa1bc5e0ffdb57ff657d8bbaae0f03b488c370a98bb0b7b1ff9b9b342d0ec105acb770333f0c42452f2fd97ae59d132fe5466da71114fe755ecf300"/246], 0x24}}, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x10001, 0x0) stat(&(0x7f0000000400)='./file1\x00', 0x0) rename(&(0x7f0000000180)='mnt/encrypted_dir\x00', &(0x7f00000001c0)='./file0\x00') 03:02:49 executing program 6: r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xca0cc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pread64(0xffffffffffffffff, &(0x7f0000000080)=""/3, 0x3, 0x20) r1 = dup2(r0, 0xffffffffffffffff) pread64(0xffffffffffffffff, &(0x7f0000000080)=""/3, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = fcntl$dupfd(r2, 0x0, r3) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x1a, 0x711, 0x0, 0x0, {0xa, 0x0, 0x2}}, 0x14}}, 0x0) connect$inet6(r4, &(0x7f0000000100)={0xa, 0x4e23, 0x5, @remote, 0x40008001}, 0x1c) perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x4, 0x1, 0x8, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x3, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0xfff, 0x4, @perf_config_ext={0x2, 0x9}, 0x2101, 0x3, 0x65b, 0x0, 0x2, 0x8, 0x0, 0x0, 0x5, 0x0, 0xe2}, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x3) r5 = socket$netlink(0x10, 0x3, 0x0) ioctl$BTRFS_IOC_SUBVOL_CREATE(r1, 0x5000940e, &(0x7f0000001e00)={{r5}, "078ca303e51a6a795fa3a853fe7ca3206f5e925ff530a272196663163bde47c7dbe52fb5742292e6760cbda612672a554d2c1d6c26ffbe9099f05d2d4c17c89ff65b99c726c6e4036e64ab0b0c7c18f04298767604b690292282bd5036d8f2365affe93a0510924268b7414f14aa044589bcb1ea3da5a403b91931c44993f33efd02872ec4b3ef2ad4502579ad94ac399ba857db53ff7d0d90a70c69cf038a4a0a58e5874bdc7fe0fd3c064d0f4d8e811d9ee3ac710b2e5b8f21e4bd449c2a74b949976bca159bad8e527715aab759b44e2a54aaf465b7b4d422c4254c524e5da4c278f6e5a5051d9e1f9756f2dbe965643d0649df4102d9ba9e1814b98da15bc9669ccf0c56e82a72c93f1fe84512f32cc5e03bc2a17be7cfab07793d811e6485d67b668762bb21dbb468dcc5a752e6a4a396fdbedbf29c0ab3a1e7f247788b7f45c7520191eac23dd6b9b2990c5165ee6b850264163b384ed79f1c11854720082fd54c3f568f7446ab546141ed3e63779ef5ee60de9b64b622ae1b0e50d4cb89a55625825cbabbc98219e13abb1f65ebadff99b63c5a22f2c53d36ce09a2c310f13e235bc1fcbeee0f07e1b5fb8a68a0a2b8d2de5d3c20323d42fa62a701413dddd229d5243322e9d5cbb1e5a0f914d9b669a634470bad187920a01e17a636ce5cb392d84910049a7ebc354bec8d9b83d86aa0bd23914adef000324f8c5d4c5e51a8220924aae1c488aeed57c94f7b2af9f3c7a973185c0dd8826a74d85a8e4695cf31fdf5dfae3d75f843328215935449492830bb42e9675fe28ea54f7ce368e7be408b8bc34f51134ced9dedca9f6941a722f760ef78baff9c81ce0c1959f1916f6a1dcf909bdbf72a9e99b5a6b67f9a8fca7ce2c8a8dbaac28f3f88b41948a7546911f2c4127074c9c18338a522f7a7117d2440ec53ac26af66f9035b16c1847525609a40c9879ed149b2e7fae45c876842d9eceb1f40ab5f3dbaa832e56789dcbde270a0a4d8748d57a566ec8afdefc80fcf7927ec3b1a9a1445d8def71760e52d592471e0fe3df3ce34cb5042df253706925556a0aca7e88c39d53797f46960b67d3d038e86e53e0f7fdd0e7aeb41fe1a2d38803902a846f289813d09c5c164bedc4421a6ae85ed2d22cd8da8b99b40c397b5a9b3d0019a449581e0b955cd402ece35d9e008ffb5d56a8fb4e0206f319d828e647eee6a28067a3e4893050611b479e08b6142fa1f85c7e100461fd1cd320b98b76046e3716820b71a2c8dfa01162d3703a35c43868736926f58bddfa51245048fcfc5115bbb08fbc42567bff9130e0f032a2965d849724a6849814687da3b9cd28fa027bae3cffa07031331d3a898696032cb940da02bf80baa835c783c9b7dd456c7878f9ba77a32763054144a6c8935f06f55fcd4d0643ec9a416f99b6ab34764a63b73c1d8d68f61331d4993c88e1344afb3889e88c43dd73aac3b3e13b95d36ccc8dfa1b7801f4b58bd6ad33e605a6a0fce5a2c93839516c02e679905e8f23920cf250b44c8045b046c2d180da7ba43318d37e531231c6492c06dfe52607fb8d109310562c7dc1232c9913bc22c6f29069c577fcfcaba728cf8cdba28913c9939c565935d217047dbef02cb27eb47f4d53e26a3eb354a6f75d62332d270206b023fd22cd7b375d7407b20319d0854e1e312fef9a9d39a2e670fe1f073fd87bd2ac6e7a7568ba459dbf1b1a4a9cc37ad87cbc5539876b0869ea2fc508a61113cdd8d244c29df125451d7c6892f608f45ca914812d34d9c291d42d2398b59dce1171ebcf5d72c7aff4e1a3b5a36aa7cce02778526a8d2bbebe89c60237fb3ae54f00ff14246baa9a461166a1dafb45e36aa591f8508a30b1d3b20cd3a4d664d9684aae39f04717aac76a55bc0be77c9f176149d59d7950ae4813c72bf6e634867ea1a1a70bb69bb11cdf276ea3b55ef059d1019b0e27042c75430e3bf74426672d24d8fe0010cd37f34f1b7a9ff4938eb1e27f28761eaca29e21cb29980d09e18f67083bc24ccefa03cb505f267ac50296ab8153cbc8b9496467218a2bf0286424b0b187837f2679f3478c35ad0fe5fcab74a4bae8956d2c42aa823bd3d612c7d90f833e60ab2a23d819fb92a878e056e7f63155bdf9938cf33f6e90b8ebe2f5556264c510d987203e91755e0488e830647f0682e404076fc46d5f477f6093a1df6bd5a5520b0d5ce1dbc45f98ce0e679e8fdb01c3b51642c00d953069b840a26bd39f4c7ff3a193c724f6b39c38357bcec807fb404433a1fc27041c67406dc6f2dead6753066f73e02cbcf3a4e81a8f81b73b8a235f841f5bd09318aa3998cbbce7db1d03102bc9a85bf042120cfac76402c7a2264962293ae9b8bbc91f18259ba4333364f6646ce951034bf413a14d0a52e56b5df41308161aab45752e76422329bbd7704989ec75fd8aedbcf2f2b8ddea28be742f264f4980133ecec0d98988f1cdda9d0f99daeb32d734ba8845601bcb79b1f1c55221814a4d18c9aa8f907ad5190ec0e5470794b53288714e29f1267551ff624a8c6da13cb08c9ded04caecc2e98bebae49951eef87a9e432db7c1e8bb11f3cbd13773711a0ccf5a9e1cc3060d4ad9fc4da6b604c76382662bc9d5b7054cc8149c64377e4488f692a0646edba87657e07e438839feca7770f1d5dfe7b2117e48eb51dfdb62ee4feefdd598070cb6fe5dde9ca20c2727e03e02cf3614ee02b9733d1ff7bb52f952886e65312123cb7f93de439938095c49345be3f96d589d0acc5a4ac70a08d0a32389a2ffeac09f111e9a52fe74d895efac41ed01324b4ca0e8475ff2f74298221d35a1fddb6d838cf4167198e54faa323524f8b6c081a43f949a2380ca66c7f41b469c4d713f73c0eb0bf55ece19963938ebd264c0c28e4c77a2ebb7eb64f6e7899b24eb1e80ce57e88b48fa52d726d8c83d9b04f817dd21158ca8c4fa11b5b8ff6fab48b91ca21ca66e0eb8132a44945e5f0c9b261b682972341dd9adedd2f141958120fc04575a60879f4e4fd424d18516a6ac5e44d6b697577b895e2e76c180aa0ecb9c4207312f1dba6f9b205b7b2fd477be96b729f150c20b9d7b5f2ec36449288c7009b502f48d799247268cbdd5df2a51b2a0d7cfc2cdfe06097acfd14f10ca10e343cdcd70c3994c92da431e25cb82bd72a263d4095f901007a562398838fdbb7fe41b7da2a4e1e4b2fc64b9f1caace22a5590e72216aa1f34700c3c24b77db2faf3b8f4a5da69b890ff25092f2f17427bc7f453021c8d57098270e9219d0e04007e3992e415694a90993fc517b529038ea96811494d7fe0fb85c312e560d62a21d6c0ae1ab33b5cf26e5c5d3c567167ff553cbe71c887235ce5b7de3c5767baedb708767ee3ae682dd575e7d3e1a8e9761cfa7b032761b319579d02a2d1c472daf603919a30a86981d8ccbaef386cf787ae35d30366912b89a8f0b61a4c977dcbe091253ff6780f64dfe294ee2e1fdf92bcd2c99e59c5f8d6d01d1f5d3a4d06fa28f7b84e05563804d4f140c224efb2c3f4c215b9c2a374af8129311cfa6389c928a0c0b2a6029c382e86a13b576f12aa819e8fbbc29c9c37ab4eec2756fccd06f6d423c666afe32990ba409707b0eb0a97fe854ef0a273c160a24992d12e01031ad913ee551a022f9e721d2a0e9f40504c1e22d94408618d28bc5dfbb9b3047111355c28bbe56530a5b8f837dd1696acc51554483e3305c2b96278a4d9a3e3a6731527c96727563cf31ff0ca0ebc287c7b037f19699b9acd23bdfe82f8ccc6694473e2074b21b48a3f2f663f3dd5bd8ab818181d43f5a37b3790cc2a9a80251329cadb42121ea556cd3c4e1626e7be99340a035a5dd025fd37d0242a704e1ce3e91733503ea714ccfba1a23603e6ac4ad0de8f0fca8fb4667b9672ebd1ef8cf4cb26f13373323f950afc580593b9fa40f21af082bd437efc66f2ebeb63e4df1b5f83931c3454e3c3c46924cb52a8ae6edec697f1c46cb95df9610a516218942ed8656e48e83d344d047fc714148ea1a366eee2727e6521a892d7fa5627ca1e256ccac1c7bb29ba5ef2e1ad27a79bdd5a01f95872d2db1ad63ce2dcb0b590118965b9bb2fb2f7c304e8c291a8bb1c1eaa9bc6184357be30d8acdc408dd813bca6b60ee89583b42c330ce8d4b3abfb5a6fd156bd2f872c1c394d5215c61668f6934a6733cc599fe711d895cd229b027f7a4fe73ba3c9357a8a0dac78a67de1d575a1ab89e708c6fdfb721ea305d259c438dd651a5ab2f1c06b6afd4473fb75c1a34d6279c0b834108c333585aa57c8763a2a9e2957c59ebbe786c116a49c1185dad2185ae7facda85ddefae0190b42769cee2921ece22c2bb3e1e3c65e1958a3d76596149c47fc718e4f3a242e4014db88f1ee1e31ec5decb577359bc2789e57ca4426a089751b9e502e331252c53a74a0c4fb858463586066acdf09042375a1d32f25bfbe22b504ab917d79e460a09ba888ea08abd125b824a7315562d7bd1f3884aeb56d5d59edce4bca064f2c196408c5d8e72c9de54154f069e38d67b06c6ca52d7e7815ed5cc2f14589f3ddac14bba99fb071ff5e61a1735039a7c57ea9f29077b1a3ca1f716daafe768763a65d507921c5f283a29320b870a19bd299c209acc06d657c667b009bd03d8149b80079bb6680bdb55bb0471dff5f202b7cdca00405e03b766af48923d5d73d8c5aabb9e5d572b7b720cae02d03255067272660b4227a5f93f6f92655831ac944c6a373b6f5a5df2bfb63ec24c125f51ecd09a6aee32292632bf3f7b2d03b2f7c72df4ae534a95ecdf3170442191f7536a556d3235718b9d9471c24cfd1ab5badd2e37f99c616842adc12fd0d9bcedcfcf5cf730ef633f0e80673bda36f466af178608626662134d37f017fa545202e194b3ed0d3869fa355584334369d918b29440b6d66fda050532fc399a4cef53e83ee36797565cf6268c363496405f8f5c4e42944b9a8bb0862fbf81e4aea8b4e9b1f4c145e61b649a7afd69f098d244d962d08945f69eff59198a0c952b19753e93f4c4be0ef32d95d9d6d88dceb22fa22aaf72b8740a9aa70f1f502359c7c551e61d04c656ebd7b7db41c3cffd109f7a92c5f04c6ce7d2c515462642499f7153f0569f1d530b55e133c889622aa6c7dbe95073345d83be7301e1279b8c975d840014db1623f1ca32b7551f6ff23322ab8ad4244fd4543fae604fbfd08952fc4b350aa4916ae635d819c6b613731ca0ff1d77dc1612d281f4ed4bbeaf23f31bf094842a4acc7f0964f71d030b3b897e6688deb02cc580b03fcb6bef01340a1b500ca183a9226bbc30558db55161eb256df1e97be647d10a08720e70a7bba68d0b2e31cadf26f1618624fc943e85039b868ff2811ed468e542ee904c609ed1b8bfd039aaec1dee204e2ee5b920edca47400fdfbf6ea90603237bf3ee1d91692e779cb9d87a338e474c9e25f9f00ac24dffb7cb2496e2a61401e11d5d4ada06cdc906c350bc43434f992cc54fd35621b41cd3f7f255755ee6bbac384a69581ca97f99a350c392614b15225a7364e90070132ebbb3287d5f7d3c4f6567ef925749a51df0ef66777a5d6f1e02a5180225f738a57c4613ebc8e8f59e4898f235d27e9dcfa7e2ca483bf8b4a41cc6eba2e6eae31e89327d95526bd8a67761349d22ecd8bbe610f5ae412e44b18db8ec2be9b4f88e44ab201a9aae69f1756e8f0e5fbae4caf92a5b5976ef9a6fbdd8b79c1255948136a431413a3e99864cf6f89087f5204a7cf"}) r6 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000300), 0x8000, 0x0) copy_file_range(0xffffffffffffffff, &(0x7f00000002c0), r6, &(0x7f0000000340)=0x3ff, 0x80000000, 0x0) io_submit(0x0, 0x0, &(0x7f0000000380)) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c0000000904010800000000000000000000000008ff034000000007"], 0x1c}, 0x1, 0x0, 0x0, 0x4040001}, 0x0) getpeername$netlink(r7, &(0x7f00000000c0), &(0x7f0000000200)=0xc) 03:02:49 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe024000300212f6cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:02:49 executing program 2: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = syz_open_dev$rtc(&(0x7f0000000040), 0x9, 0x181002) r2 = getpgrp(0xffffffffffffffff) fcntl$lock(r1, 0x7, &(0x7f0000000640)={0x0, 0x1, 0x1, 0x400, r2}) r3 = getpgid(r2) perf_event_open(0x0, r3, 0x6, r0, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$BTRFS_IOC_START_SYNC(r0, 0x80089418, &(0x7f0000000040)) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x0) fcntl$setown(r4, 0x8, 0xffffffffffffffff) close(r4) syncfs(r4) 03:02:49 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x2000, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0xfdef) r1 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r1, 0x400, 0x1) fcntl$setown(r1, 0x8, 0xffffffffffffffff) close(r1) openat(r1, &(0x7f0000000000)='./file0\x00', 0x4000, 0x24) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) 03:02:49 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xeae8}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:02:49 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 91) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) [ 2294.962898] FAULT_INJECTION: forcing a failure. [ 2294.962898] name failslab, interval 1, probability 0, space 0, times 0 [ 2294.964184] CPU: 1 PID: 11917 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2294.964774] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2294.965503] Call Trace: [ 2294.965743] dump_stack+0x107/0x167 [ 2294.966060] should_fail.cold+0x5/0xa [ 2294.966398] ? skb_clone+0x14f/0x3d0 [ 2294.966726] should_failslab+0x5/0x20 [ 2294.967058] kmem_cache_alloc+0x5b/0x310 [ 2294.967416] skb_clone+0x14f/0x3d0 [ 2294.967727] __skb_tstamp_tx+0x422/0x8d0 [ 2294.968085] __dev_queue_xmit+0x1770/0x2710 [ 2294.968464] ? find_held_lock+0x2c/0x110 [ 2294.968816] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2294.969236] ? lock_downgrade+0x6d0/0x6d0 [ 2294.969589] ? lock_acquire+0x197/0x470 [ 2294.969928] ? find_held_lock+0x2c/0x110 [ 2294.970278] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2294.970730] ip_finish_output2+0x1514/0x21f0 [ 2294.971110] ? ip_frag_next+0x9e0/0x9e0 [ 2294.971449] ? nf_hook+0x160/0x510 [ 2294.971755] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2294.972192] __ip_finish_output.part.0+0x5f3/0xb50 [ 2294.972610] ? ip_fragment.constprop.0+0x240/0x240 [ 2294.973038] ? nf_hook+0x510/0x510 [ 2294.973352] ip_output+0x2f7/0x600 [ 2294.973661] ip_local_out+0xb4/0x1a0 [ 2294.974034] iptunnel_xmit+0x591/0x8b0 [ 2294.974378] ip_tunnel_xmit+0x1248/0x2f40 [ 2294.974746] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2294.975197] ? ip_md_tunnel_xmit+0x1840/0x1840 [ 2294.975596] ? slab_free_freelist_hook+0xa9/0x180 [ 2294.976013] sit_tunnel_xmit+0xef0/0x2960 [ 2294.976369] ? find_held_lock+0x2c/0x110 [ 2294.976715] ? ipip_rcv+0x4f0/0x4f0 [ 2294.977040] ? dev_queue_xmit_nit+0x7f5/0xb00 [ 2294.977421] ? lock_downgrade+0x6d0/0x6d0 [ 2294.977777] ? tpacket_rcv+0x3960/0x3960 [ 2294.978124] ? dev_queue_xmit_nit+0x80b/0xb00 [ 2294.978515] dev_hard_start_xmit+0x1cb/0x6f0 [ 2294.978898] __dev_queue_xmit+0x17ec/0x2710 [ 2294.979270] ? find_held_lock+0x2c/0x110 [ 2294.979617] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2294.980010] ? lock_downgrade+0x6d0/0x6d0 [ 2294.980364] ? lock_acquire+0x197/0x470 [ 2294.980703] ? ip_finish_output2+0x220/0x21f0 [ 2294.981106] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2294.981558] neigh_connected_output+0x382/0x4d0 [ 2294.981963] ip_finish_output2+0x6f1/0x21f0 [ 2294.982332] ? nf_hook_slow+0xfc/0x1e0 [ 2294.982666] ? ip_frag_next+0x9e0/0x9e0 [ 2294.983005] ? nf_hook+0x160/0x510 [ 2294.983311] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2294.983750] __ip_finish_output.part.0+0x5f3/0xb50 [ 2294.984169] ? ip_fragment.constprop.0+0x240/0x240 [ 2294.984587] ? nf_hook+0x510/0x510 [ 2294.984923] ip_output+0x2f7/0x600 [ 2294.985232] ip_send_skb+0xdd/0x260 [ 2294.985547] udp_send_skb+0x6da/0x11d0 [ 2294.985888] udp_sendmsg+0x197f/0x2160 [ 2294.986221] ? ip_frag_init+0x350/0x350 [ 2294.986565] ? udp_setsockopt+0xc0/0xc0 [ 2294.986911] ? __lock_acquire+0xbb1/0x5b00 [ 2294.987292] ? handle_mm_fault+0x1a0b/0x3500 [ 2294.987665] ? lock_downgrade+0x6d0/0x6d0 [ 2294.988020] ? do_raw_spin_lock+0x121/0x260 [ 2294.988385] ? rwlock_bug.part.0+0x90/0x90 [ 2294.988745] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2294.989217] udpv6_sendmsg+0x1b30/0x2ad0 [ 2294.989575] ? udp_v6_push_pending_frames+0x360/0x360 [ 2294.990015] ? _down_write_nest_lock+0x160/0x160 [ 2294.990421] ? vmacache_update+0xce/0x140 [ 2294.990781] ? do_user_addr_fault+0x5b0/0xc60 [ 2294.991171] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2294.991615] ? exc_page_fault+0xca/0x1a0 [ 2294.991958] ? trace_hardirqs_on+0x5b/0x180 [ 2294.992323] ? exc_page_fault+0xca/0x1a0 [ 2294.992672] ? asm_exc_page_fault+0x1e/0x30 [ 2294.993055] ? sock_has_perm+0x1ea/0x280 [ 2294.993399] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2294.993842] ? copy_user_generic_string+0x2c/0x40 [ 2294.994266] ? __import_iovec+0x458/0x590 [ 2294.994620] ? udp_v6_push_pending_frames+0x360/0x360 [ 2294.995060] inet6_sendmsg+0x105/0x140 [ 2294.995392] ? inet6_compat_ioctl+0x320/0x320 [ 2294.995775] __sock_sendmsg+0xf2/0x190 [ 2294.996107] ____sys_sendmsg+0x334/0x870 [ 2294.996454] ? sock_write_iter+0x3d0/0x3d0 [ 2294.996815] ? do_recvmmsg+0x6d0/0x6d0 [ 2294.997162] ? SOFTIRQ_verbose+0x10/0x10 [ 2294.997507] ? mark_lock+0xf5/0x2df0 [ 2294.997827] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2294.998275] ___sys_sendmsg+0xf3/0x170 [ 2294.998608] ? sendmsg_copy_msghdr+0x160/0x160 [ 2294.999001] ? __fget_files+0x2cf/0x520 [ 2294.999341] ? lock_downgrade+0x6d0/0x6d0 [ 2294.999710] ? lock_downgrade+0x6d0/0x6d0 [ 2295.000082] ? __fget_files+0x2f8/0x520 [ 2295.000440] ? __fget_light+0xea/0x290 [ 2295.000790] __sys_sendmmsg+0x195/0x470 [ 2295.001160] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2295.001526] ? lock_downgrade+0x6d0/0x6d0 [ 2295.001893] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2295.002305] ? wait_for_completion_io+0x270/0x270 [ 2295.002720] ? rcu_read_lock_any_held+0x75/0xa0 [ 2295.003126] ? vfs_write+0x354/0xb10 [ 2295.003446] ? fput_many+0x2f/0x1a0 [ 2295.003758] ? ksys_write+0x1a9/0x260 [ 2295.004091] ? __ia32_sys_read+0xb0/0xb0 [ 2295.004449] __x64_sys_sendmmsg+0x99/0x100 [ 2295.004809] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2295.005258] do_syscall_64+0x33/0x40 [ 2295.005584] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2295.006019] RIP: 0033:0x7f0fecadbb19 [ 2295.006355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2295.007914] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2295.008555] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2295.009176] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2295.009795] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2295.010404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2295.011015] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 [ 2295.024280] FAULT_INJECTION: forcing a failure. [ 2295.024280] name failslab, interval 1, probability 0, space 0, times 0 [ 2295.026031] CPU: 1 PID: 11912 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2295.026646] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2295.027368] Call Trace: [ 2295.027606] dump_stack+0x107/0x167 [ 2295.027933] should_fail.cold+0x5/0xa [ 2295.028267] ? __alloc_skb+0x6d/0x5b0 [ 2295.028608] should_failslab+0x5/0x20 [ 2295.032962] kmem_cache_alloc_node+0x55/0x330 [ 2295.033358] __alloc_skb+0x6d/0x5b0 [ 2295.033683] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2295.034126] ? ip6_mtu+0x1bb/0x3d0 [ 2295.034433] ? ip_frag_init+0x350/0x350 [ 2295.034795] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2295.035199] ? ip6_mtu+0x1e9/0x3d0 [ 2295.035518] ? ip6_setup_cork+0xfb7/0x1740 [ 2295.035893] ip6_make_skb+0x2de/0x4e0 [ 2295.036222] ? ip_frag_init+0x350/0x350 [ 2295.036573] ? ip_frag_init+0x350/0x350 [ 2295.036934] ? ip6_push_pending_frames+0xf0/0xf0 [ 2295.037358] ? ip6_dst_hoplimit+0x199/0x440 [ 2295.037733] ? lock_downgrade+0x6d0/0x6d0 [ 2295.038110] udpv6_sendmsg+0x20d3/0x2ad0 [ 2295.038479] ? ip_frag_init+0x350/0x350 [ 2295.038834] ? udp_v6_push_pending_frames+0x360/0x360 [ 2295.039280] ? SOFTIRQ_verbose+0x10/0x10 [ 2295.039648] ? lock_acquire+0x197/0x470 [ 2295.040001] ? find_held_lock+0x2c/0x110 [ 2295.040353] ? __might_fault+0xd3/0x180 [ 2295.040715] ? sock_has_perm+0x1ea/0x280 [ 2295.041104] ? __import_iovec+0x458/0x590 [ 2295.041462] ? udp_v6_push_pending_frames+0x360/0x360 [ 2295.041921] inet6_sendmsg+0x105/0x140 [ 2295.042266] ? inet6_compat_ioctl+0x320/0x320 [ 2295.042653] __sock_sendmsg+0xf2/0x190 [ 2295.043001] ____sys_sendmsg+0x334/0x870 [ 2295.043346] ? sock_write_iter+0x3d0/0x3d0 [ 2295.043718] ? do_recvmmsg+0x6d0/0x6d0 [ 2295.044065] ? SOFTIRQ_verbose+0x10/0x10 [ 2295.044412] ? mark_lock+0xf5/0x2df0 [ 2295.044735] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2295.045209] ___sys_sendmsg+0xf3/0x170 [ 2295.045550] ? sendmsg_copy_msghdr+0x160/0x160 [ 2295.045958] ? __fget_files+0x2cf/0x520 [ 2295.046296] ? lock_downgrade+0x6d0/0x6d0 [ 2295.046659] ? lock_downgrade+0x6d0/0x6d0 [ 2295.047031] ? __fget_files+0x2f8/0x520 [ 2295.047381] ? __fget_light+0xea/0x290 [ 2295.047718] __sys_sendmmsg+0x195/0x470 [ 2295.048077] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2295.048459] ? lock_downgrade+0x6d0/0x6d0 [ 2295.048830] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2295.049270] ? wait_for_completion_io+0x270/0x270 [ 2295.049691] ? rcu_read_lock_any_held+0x75/0xa0 [ 2295.050097] ? vfs_write+0x354/0xb10 [ 2295.050366] 9pnet: Could not find request transport: rdma [ 2295.050419] ? fput_many+0x2f/0x1a0 [ 2295.051279] ? ksys_write+0x1a9/0x260 [ 2295.051611] ? __ia32_sys_read+0xb0/0xb0 [ 2295.051977] __x64_sys_sendmmsg+0x99/0x100 [ 2295.052350] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2295.052795] do_syscall_64+0x33/0x40 [ 2295.053139] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2295.053589] RIP: 0033:0x7f9ff3490b19 [ 2295.053912] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2295.055500] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2295.056156] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2295.056783] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2295.057412] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2295.058033] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2295.058649] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 [ 2295.082383] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1033 sclass=netlink_route_socket pid=11920 comm=syz-executor.6 [ 2295.103565] 9pnet: Could not find request transport: rdma 03:03:04 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021306cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:03:04 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 17) 03:03:04 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 92) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:03:04 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x8001, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x2110001, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file0\x00'}) openat(r1, &(0x7f00000000c0)='./file0\x00', 0x80, 0x1) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000200)='./file0\x00', 0xffffffffffffff01, 0x7, &(0x7f0000000880)=[{&(0x7f00000002c0)="72842b0b20bf10e08d29eb346e43f8ee8c15f775509c914a30bf47b684afac3eccfa7d70081e2ff2d113c51e365708930fe67533208e41144964ab0a41119f2afc345975376fdabfe6eb1f7efed175ab594fdaead38f699ee552a7bd7b3d59b460e981f045762c8a2c883945de899cf56a994232d1c919ca60b9aa12796490770550dbac5d67bc06ac201f9a185044a2b07ab4962486b14fd2a3398861916232186e36224606c3c2d0e5f54f5d5cea5618b725b88b2ca8a61617319faa84b80ada19348770fe473704fd422ceedc9d8b301381f35d38d8def0a4d2aed06a4c0a4429e0", 0xe3, 0x5}, {&(0x7f00000003c0)="64c4bf272aeca26536f729e82b0344a93481d32b20c0ac2630d30ea295f65af5f4b15cce855409a2a2c7ac05a084bae5112ae986b7864db84ae6e89cdb00fe589d02d281b8f8bec0e2c51e1613fee6716ef7868b8bd2746ac49afcb0e64e4aabd57e3aa44654ab9ae601387e0eb69566ae02d9b68b781aef2a947cbb1d3b274fcdddad2c237d73b823bc6ca1f90318ce1db13dd4003fa77bef15cba5c2e6ee03d2afa2795863da819fd519b26e8dc90d9c1166b44a65d6d4a878600ca73bf18f29827af10e", 0xc5, 0x401}, {&(0x7f00000004c0)="10071697b0a88696923054bf426b877246fa60e8ec7bfc08cdfcb68ecc5506b53cda745c7fed04471541b597f81990f97c3183e8b7e679a6a6afd84989672b83ba23cf222dfd1742", 0x48, 0x100}, {&(0x7f0000000540)="57358c524fa50b828da0622876dba6291848dc694c212a887b1ce63ed0d43f996986ce5ebb9c64307ac151605a16e9e3125c95b49f60a0c1c8b45f343cccd0ec9ebc9e7680a367bdad9ec97834ed135aa25250cbe188b8d8d6a607c1495e9be0819b1d45d1a4178d12657b300d054efb6f05518d596bf078f0292bda9b94ca17deed5309466710251dae0fa40cba0c4a990d14c142a3549834f7d645f4725479e98b9ae2dc5fa4b4b0bf7b07c9aa8c8d984ca4bfd3a66e86a33b1f66b3d76cd14a4cf4204d9ef02fd56326895c36e82cf00cda4c7df2", 0xd6, 0xb482}, {&(0x7f0000000640)="758dadc390b4c1cad8da1da968629cb5bae5791a199214dcd11f4f4c2afc69b0732d7e175330f9f6f25003c989aaa907f7df100a5a7f24b61410616faedfa46b4437b807d8523e0a6f7a1f17aec4e36c185638abc5e08e1013748217", 0x5c, 0x3}, {&(0x7f00000006c0)="de8c0306f8bfdd476040107a202090c996404f8eee80ad6c0d2a47084f54af1e5036925b7b9e520c61ce1881f2ac84a3fc57f1d0d7f84d170c0d03a69871d7d3455229b15bb54842ee997b3c86d673df9418dc7ae9b8abbf8a5b04b8201747b807964eef7f362f5453aa08bb27eb65506e547a94df443c362504d2db5b76fad1e3511927a95fa7c15fb7ef3beefc8ac8218c456c1eea2ecc4b4224ebfea0af53a4e1cd83f77ec2c6641624c0726ddb41f72966896a4238e6c4e45af1", 0xbc, 0x40}, {&(0x7f0000000780)="cd586c90953b047f4724d605aee6604eb635bc8b3bcfa40af0e35b0d13287bda45e1666724eaba18c7c425bc4eed93f3a16793af102bf56754cf3db2516c8f675a9cdcad9aedf17e6a0418d4215d3dcbcfdfc0dbf11667afac72df6ea2c3dd2e50a92348b4545f512bbdfb407bbe0d7762dc22e0a1688208c00a3f3f61876c912958a82df5f116022d257633e613f165baea850ebe8619f8244cf482fcd68a18b330e0ad9db6a70a70e32941c06f259586f779b3ef8a8956443036f485e28cf95a754a3b73ff41e1ad03543cd4c90a50d53a42552acfcd294205d03031b1631b2e8e3b86588dbef91261f2f6f97a", 0xee, 0x3}], 0x80, &(0x7f0000000940)={[{@user_xattr}, {@dioread_nolock}, {@stripe={'stripe', 0x3d, 0x7fff}}, {@user_xattr}, {@sysvgroups}], [{@subj_user={'subj_user', 0x3d, '{'}}, {@appraise}, {@hash}, {@smackfsroot={'smackfsroot', 0x3d, 'vfat\x00'}}, {@appraise}, {@uid_eq={'uid', 0x3d, 0xee01}}, {@pcr={'pcr', 0x3d, 0x19}}, {@fsuuid={'fsuuid', 0x3d, {[0x61, 0x35, 0x30, 0x65, 0x63, 0x65, 0x35, 0x39], 0x2d, [0x65, 0x63, 0x34, 0x38], 0x2d, [0x65, 0x61, 0x31, 0x31], 0x2d, [0x38, 0x32, 0x31, 0x34], 0x2d, [0x39, 0x66, 0x62, 0x34, 0x61, 0x63, 0x32, 0x38]}}}]}) write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) 03:03:04 executing program 6: sendmsg$NL80211_CMD_ABORT_SCAN(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x0, 0x300, 0x70bd27, 0x25dfdbfb, {{}, {@void, @void}}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000810}, 0x4000001) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020120000200008000f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x3e0}], 0x200009, &(0x7f0000011100)) 03:03:04 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xf080}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:03:04 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x58, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x2800018, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./mnt\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000004c0)='mnt/encrypted_dir\x00', 0x0) syz_io_uring_setup(0x4d4f, &(0x7f0000000240), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, 0xfffffffffffffffc}, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000001a00)=@IORING_OP_RECVMSG={0xa, 0x5, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000019c0)={&(0x7f0000000440)=@l2, 0x80, &(0x7f0000001900)=[{&(0x7f0000000640)=""/222, 0xde}, {&(0x7f00000003c0)=""/2, 0x2}, {&(0x7f0000000500)=""/112, 0x70}, {&(0x7f0000000740)=""/128, 0x80}, {&(0x7f00000007c0)=""/117, 0x75}, {&(0x7f0000000840)=""/4096, 0x1000}, {&(0x7f0000001840)=""/166, 0xa6}], 0x7, &(0x7f0000001980)=""/63, 0x3f}, 0x0, 0x40000002, 0x1, {0x2}}, 0xdc4c) r3 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0) mount$9p_rdma(&(0x7f0000000200), &(0x7f0000000240)='./mnt\x00', &(0x7f0000000280), 0x4010444, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=rdma,port=0x0000000000004e24,timeout=0x0000000000000000,sq=0x00000H0000000009,\x00']) openat(0xffffffffffffffff, &(0x7f0000001a40)='./file2/file0\x00', 0x400, 0x112) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000001b80)=ANY=[@ANYBLOB="37b50b7f09c124e5237bd827a5ff3c85f44cc2197d7a1336652365a1eef58b8c42f6874e14c5097a38a26b9f2741b75f9a958021021141fef703aa8daff58dc6938dc5f7b7cdefe372668b1f8ac9983fac658810693ba952f49103a13ed5a59dc648108a743a0eafa62d5518eec424887ccf890f08dc28a27068da03e30ad7cf253faa327105ba6764bbfe0a2caee0fafd85d05371be674f7604ff5f06be1c691c9f659f3609c6066ea410", @ANYRES32=r0, @ANYRES32, @ANYBLOB="009a3b286a2d9e4209ec72220366d06aacf4adb3b0"]) chdir(&(0x7f0000000300)='./file2\x00') futimesat(0xffffffffffffffff, &(0x7f0000000000)='./mnt\x00', 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) fcntl$notify(r3, 0x402, 0x180000030) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001a80)=ANY=[@ANYBLOB="240000001800210c000000000000000002000000080000000000000008000500000000005a5184f6ae04b4382074acb7b531fd71e7e9ab217f8af40d882b0e6e80e8bf7bc6474d8d0aaf7741e8e36b2c657e4fac3dc4ca8eb74b411d426f8128c3da71f562bc5a01728f785f11a74ec3893aeacdfd88a823fd4c7158ee3201903083c4b331e5417de76bd3c434fa248d47c8e464ebb8753a79e13c3988187519ea6a903d35a00da8c00708d40c980d5fffa1bc5e0ffdb57ff657d8bbaae0f03b488c370a98bb0b7b1ff9b9b342d0ec105acb770333f0c42452f2fd97ae59d132fe5466da71114fe755ecf300"/246], 0x24}}, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x10001, 0x0) stat(&(0x7f0000000400)='./file1\x00', 0x0) rename(&(0x7f0000000180)='mnt/encrypted_dir\x00', &(0x7f00000001c0)='./file0\x00') 03:03:04 executing program 2: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000000)='./file0\x00', 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) r1 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r1, 0x400, 0x1) fcntl$setown(r1, 0x8, 0xffffffffffffffff) close(r1) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000100)=ANY=[]) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) close(0xffffffffffffffff) ioctl$AUTOFS_IOC_EXPIRE_MULTI(0xffffffffffffffff, 0x40049366, &(0x7f0000000440)=0x4) pidfd_send_signal(r1, 0x3a, &(0x7f00000003c0)={0x36, 0x4, 0x18600000}, 0x0) ioctl$F2FS_IOC_SET_PIN_FILE(0xffffffffffffffff, 0x4004f50d, &(0x7f0000000100)) copy_file_range(0xffffffffffffffff, &(0x7f0000000040), 0xffffffffffffffff, &(0x7f0000000200), 0x100, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') r2 = creat(&(0x7f0000000140)='./file0\x00', 0x0) r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000280), r1) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r1, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000340)={&(0x7f00000006c0)=ANY=[@ANYBLOB="64000000c9579775fc3c86525070d9ab7e78fed4a2594908d58ff5ee2dbb6b417a758aad5e5f186025a4d46f23564366d11da4564cc298283836f43d42a8cef315bf6262eb013e3d26be5ae5ac1214ac5e2498237816308fbfdb0d8d09c63f4115a3694c8e8807add6ba72d48ce053ccc1e101ac6c754b0e7cd2898a35bc1256cce53786f4a021f30a94fbef03c1311626da5aa196902b9638d497df81cd4825fe3dc038f5687066ba41ecf483f504785aa50b9ac9328f5240c2bd7222b632c6cf2cc001fb1a10b0c91b95f3565842", @ANYRES16=r3, @ANYRES32=r0, @ANYBLOB="a83446102ec8b8abd5daa0b912585a28a0153dcfdbfd1bc3ee9ff333701a66aebdfc0029f14353d3eb0c393452facf728fef24ec6ae35d605e58740924c3ad013cdf4f9a159ea2b806019cc49d484fb1ae8e0c85a99a37bc8caa", @ANYRES64=r2, @ANYRES64, @ANYRES32], 0x64}, 0x1, 0x0, 0x0, 0x4000}, 0x24040804) [ 2310.069085] FAULT_INJECTION: forcing a failure. [ 2310.069085] name failslab, interval 1, probability 0, space 0, times 0 [ 2310.070203] CPU: 1 PID: 11949 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2310.070918] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2310.071720] Call Trace: [ 2310.071977] dump_stack+0x107/0x167 [ 2310.072319] should_fail.cold+0x5/0xa [ 2310.075815] ? create_object.isra.0+0x3a/0xa20 [ 2310.076241] should_failslab+0x5/0x20 [ 2310.076591] kmem_cache_alloc+0x5b/0x310 [ 2310.077035] ? __is_insn_slot_addr+0x14c/0x290 [ 2310.077466] create_object.isra.0+0x3a/0xa20 [ 2310.077911] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2310.078373] kmem_cache_alloc+0x159/0x310 [ 2310.078843] skb_clone+0x14f/0x3d0 [ 2310.079187] __skb_tstamp_tx+0x422/0x8d0 [ 2310.079572] __dev_queue_xmit+0x1770/0x2710 [ 2310.080032] ? find_held_lock+0x2c/0x110 [ 2310.080407] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2310.080889] ? lock_downgrade+0x6d0/0x6d0 [ 2310.081281] ? lock_acquire+0x197/0x470 [ 2310.081697] ? find_held_lock+0x2c/0x110 [ 2310.082093] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2310.082592] ip_finish_output2+0x1514/0x21f0 [ 2310.083047] ? ip_frag_next+0x9e0/0x9e0 [ 2310.083385] ? nf_hook+0x160/0x510 [ 2310.083740] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2310.084173] __ip_finish_output.part.0+0x5f3/0xb50 [ 2310.084587] ? ip_fragment.constprop.0+0x240/0x240 [ 2310.085067] ? nf_hook+0x510/0x510 [ 2310.085379] ip_output+0x2f7/0x600 [ 2310.085738] ip_local_out+0xb4/0x1a0 [ 2310.086058] iptunnel_xmit+0x591/0x8b0 [ 2310.086399] ip_tunnel_xmit+0x1248/0x2f40 [ 2310.086844] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2310.087287] ? ip_md_tunnel_xmit+0x1840/0x1840 [ 2310.087736] ? slab_free_freelist_hook+0xa9/0x180 [ 2310.088152] sit_tunnel_xmit+0xef0/0x2960 [ 2310.088510] ? find_held_lock+0x2c/0x110 [ 2310.088910] ? ipip_rcv+0x4f0/0x4f0 [ 2310.089438] ? dev_queue_xmit_nit+0x7f5/0xb00 [ 2310.089909] ? lock_downgrade+0x6d0/0x6d0 [ 2310.090294] ? tpacket_rcv+0x3960/0x3960 [ 2310.090756] ? dev_queue_xmit_nit+0x80b/0xb00 [ 2310.091184] dev_hard_start_xmit+0x1cb/0x6f0 [ 2310.091606] __dev_queue_xmit+0x17ec/0x2710 [ 2310.092068] ? find_held_lock+0x2c/0x110 [ 2310.092441] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2310.092938] ? lock_downgrade+0x6d0/0x6d0 [ 2310.093375] ? lock_acquire+0x197/0x470 [ 2310.093800] ? ip_finish_output2+0x220/0x21f0 [ 2310.094226] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2310.094831] neigh_connected_output+0x382/0x4d0 [ 2310.095277] ip_finish_output2+0x6f1/0x21f0 [ 2310.095734] ? nf_hook_slow+0xfc/0x1e0 [ 2310.096102] ? ip_frag_next+0x9e0/0x9e0 [ 2310.096472] ? nf_hook+0x160/0x510 [ 2310.096870] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2310.097356] __ip_finish_output.part.0+0x5f3/0xb50 [ 2310.097876] ? ip_fragment.constprop.0+0x240/0x240 [ 2310.098324] ? nf_hook+0x510/0x510 [ 2310.098756] ip_output+0x2f7/0x600 [ 2310.099149] ip_send_skb+0xdd/0x260 [ 2310.099494] udp_send_skb+0x6da/0x11d0 [ 2310.099936] udp_sendmsg+0x197f/0x2160 [ 2310.100304] ? ip_frag_init+0x350/0x350 [ 2310.100740] ? udp_setsockopt+0xc0/0xc0 [ 2310.101131] ? __lock_acquire+0xbb1/0x5b00 [ 2310.101553] ? handle_mm_fault+0x1a0b/0x3500 [ 2310.102016] ? lock_downgrade+0x6d0/0x6d0 [ 2310.102405] ? do_raw_spin_lock+0x121/0x260 [ 2310.102889] ? rwlock_bug.part.0+0x90/0x90 [ 2310.103288] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2310.103846] udpv6_sendmsg+0x1b30/0x2ad0 [ 2310.104242] ? udp_v6_push_pending_frames+0x360/0x360 [ 2310.104784] ? _down_write_nest_lock+0x160/0x160 [ 2310.105275] ? vmacache_update+0xce/0x140 [ 2310.105711] ? do_user_addr_fault+0x5b0/0xc60 [ 2310.106133] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2310.106614] ? exc_page_fault+0xca/0x1a0 [ 2310.107071] ? trace_hardirqs_on+0x5b/0x180 [ 2310.107467] ? exc_page_fault+0xca/0x1a0 [ 2310.107897] ? asm_exc_page_fault+0x1e/0x30 [ 2310.108289] ? sock_has_perm+0x1ea/0x280 [ 2310.108729] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2310.109226] ? copy_user_generic_string+0x2c/0x40 [ 2310.109739] ? __import_iovec+0x458/0x590 [ 2310.110124] ? udp_v6_push_pending_frames+0x360/0x360 [ 2310.110605] inet6_sendmsg+0x105/0x140 [ 2310.111049] ? inet6_compat_ioctl+0x320/0x320 [ 2310.111465] __sock_sendmsg+0xf2/0x190 [ 2310.111883] ____sys_sendmsg+0x334/0x870 [ 2310.112265] ? sock_write_iter+0x3d0/0x3d0 [ 2310.112708] ? do_recvmmsg+0x6d0/0x6d0 [ 2310.113101] ? SOFTIRQ_verbose+0x10/0x10 [ 2310.113482] ? mark_lock+0xf5/0x2df0 [ 2310.113893] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2310.114385] ___sys_sendmsg+0xf3/0x170 [ 2310.114831] ? sendmsg_copy_msghdr+0x160/0x160 [ 2310.115262] ? __fget_files+0x2cf/0x520 [ 2310.115708] ? lock_downgrade+0x6d0/0x6d0 [ 2310.115720] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2310.115720] program syz-executor.3 not setting count and/or reply_len properly [ 2310.116116] ? lock_downgrade+0x6d0/0x6d0 [ 2310.117985] ? __fget_files+0x2f8/0x520 [ 2310.118367] ? __fget_light+0xea/0x290 [ 2310.118828] __sys_sendmmsg+0x195/0x470 [ 2310.119209] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2310.119613] ? lock_downgrade+0x6d0/0x6d0 [ 2310.119714] FAULT_INJECTION: forcing a failure. [ 2310.119714] name failslab, interval 1, probability 0, space 0, times 0 [ 2310.120058] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2310.120079] ? wait_for_completion_io+0x270/0x270 [ 2310.120099] ? rcu_read_lock_any_held+0x75/0xa0 [ 2310.120113] ? vfs_write+0x354/0xb10 [ 2310.120129] ? fput_many+0x2f/0x1a0 [ 2310.120147] ? ksys_write+0x1a9/0x260 [ 2310.123435] ? __ia32_sys_read+0xb0/0xb0 [ 2310.123860] __x64_sys_sendmmsg+0x99/0x100 [ 2310.124234] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2310.124735] do_syscall_64+0x33/0x40 [ 2310.125088] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2310.125515] RIP: 0033:0x7f0fecadbb19 [ 2310.125904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2310.127515] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2310.128226] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2310.128893] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2310.129508] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2310.130178] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2310.130862] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 [ 2310.131488] CPU: 0 PID: 11947 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2310.132172] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2310.132948] Call Trace: [ 2310.133233] dump_stack+0x107/0x167 [ 2310.133596] should_fail.cold+0x5/0xa [ 2310.133996] ? __alloc_skb+0x6d/0x5b0 [ 2310.134372] should_failslab+0x5/0x20 [ 2310.134771] kmem_cache_alloc_node+0x55/0x330 [ 2310.135226] __alloc_skb+0x6d/0x5b0 [ 2310.135581] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2310.136073] ? ip6_mtu+0x1bb/0x3d0 [ 2310.136438] ? ip_frag_init+0x350/0x350 [ 2310.136866] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2310.137353] ? ip6_mtu+0x1e9/0x3d0 [ 2310.137736] ? ip6_setup_cork+0xfb7/0x1740 [ 2310.138170] ip6_make_skb+0x2de/0x4e0 [ 2310.138564] ? ip_frag_init+0x350/0x350 [ 2310.138987] ? ip_frag_init+0x350/0x350 [ 2310.139381] ? ip6_push_pending_frames+0xf0/0xf0 [ 2310.139872] ? ip6_dst_hoplimit+0x199/0x440 [ 2310.140308] ? lock_downgrade+0x6d0/0x6d0 [ 2310.140753] udpv6_sendmsg+0x20d3/0x2ad0 [ 2310.141182] ? ip_frag_init+0x350/0x350 [ 2310.141596] ? udp_v6_push_pending_frames+0x360/0x360 [ 2310.142131] ? SOFTIRQ_verbose+0x10/0x10 [ 2310.142562] ? lock_acquire+0x197/0x470 [ 2310.142976] ? find_held_lock+0x2c/0x110 [ 2310.143418] ? __might_fault+0xd3/0x180 [ 2310.143850] ? sock_has_perm+0x1ea/0x280 [ 2310.144289] ? __import_iovec+0x458/0x590 [ 2310.144720] ? udp_v6_push_pending_frames+0x360/0x360 [ 2310.145254] inet6_sendmsg+0x105/0x140 [ 2310.145682] ? inet6_compat_ioctl+0x320/0x320 [ 2310.146138] __sock_sendmsg+0xf2/0x190 [ 2310.146557] ____sys_sendmsg+0x334/0x870 [ 2310.146992] ? sock_write_iter+0x3d0/0x3d0 [ 2310.147417] ? do_recvmmsg+0x6d0/0x6d0 [ 2310.147834] ? SOFTIRQ_verbose+0x10/0x10 [ 2310.148236] ? mark_lock+0xf5/0x2df0 [ 2310.148613] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2310.149170] ___sys_sendmsg+0xf3/0x170 [ 2310.149558] ? sendmsg_copy_msghdr+0x160/0x160 [ 2310.150033] ? __fget_files+0x2cf/0x520 [ 2310.150450] ? lock_downgrade+0x6d0/0x6d0 [ 2310.150893] ? lock_downgrade+0x6d0/0x6d0 [ 2310.151332] ? __fget_files+0x2f8/0x520 [ 2310.151753] ? __fget_light+0xea/0x290 [ 2310.152159] __sys_sendmmsg+0x195/0x470 [ 2310.152584] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2310.153041] ? lock_downgrade+0x6d0/0x6d0 [ 2310.153488] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2310.153988] ? wait_for_completion_io+0x270/0x270 [ 2310.154477] ? rcu_read_lock_any_held+0x75/0xa0 [ 2310.154962] ? vfs_write+0x354/0xb10 [ 2310.155340] ? fput_many+0x2f/0x1a0 [ 2310.155742] ? ksys_write+0x1a9/0x260 [ 2310.156138] ? __ia32_sys_read+0xb0/0xb0 [ 2310.156555] __x64_sys_sendmmsg+0x99/0x100 [ 2310.157025] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2310.157538] do_syscall_64+0x33/0x40 [ 2310.157941] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2310.158460] RIP: 0033:0x7f9ff3490b19 [ 2310.158856] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2310.160721] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2310.161519] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2310.162247] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2310.162971] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2310.163706] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2310.164424] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 [ 2310.195164] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 03:03:04 executing program 6: r0 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) syz_usb_ep_write$ath9k_ep2(r0, 0x83, 0x10, &(0x7f0000000080)=@ready={0x0, 0x0, 0x8, "9870a415", {0x1, 0x3f, 0x4, 0x18, 0xa0}}) syz_usb_ep_write$ath9k_ep1(0xffffffffffffffff, 0x82, 0x0, 0x0) 03:03:04 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021b66cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:03:04 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xf618}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) [ 2310.294070] 9pnet: Could not find request transport: rdma 03:03:05 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x4, 0x1662, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = perf_event_open(0x0, 0x0, 0x0, r0, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) r3 = creat(&(0x7f0000000000)='./file2\x00', 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0x0) close(r4) sendfile(r4, r1, 0x0, 0x0) fcntl$setlease(r3, 0x400, 0x1) fcntl$setown(r3, 0x8, 0xffffffffffffffff) close(r3) ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000300)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r3, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)={0x14, 0x4, 0x1, 0x101, 0x0, 0x0, {0x2, 0x0, 0xa}, ["", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x400c000}, 0xc010) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') r5 = openat$cgroup_pressure(r2, &(0x7f0000000280)='cpu.pressure\x00', 0x2, 0x0) open_by_handle_at(r5, &(0x7f0000000540)=ANY=[@ANYBLOB="200000000800000000a6ef05c88e3c65ea6e1cbb9700006e00008001fffffe01000000070000000800000006000000af00000001"], 0x40280) creat(&(0x7f0000000140)='./file0\x00', 0x0) 03:03:05 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 93) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:03:05 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 18) 03:03:05 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f00000002c0)="aeb6906d5866010000000000000000180000991729dcd06655a39c219ae90dac9b1bc7ed19968a10aed641cb688844e8f938aa2217614174b7f9b15cbe0c1b2fbc5b851c6e05632dcd69383bdb59971de73ebece93c334395682db3c8afdba62fca5f2408bd4175f66606137e143", 0x6e, 0x10000}, {0x0, 0x0, 0x1000a00}], 0x400, &(0x7f00000000c0)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f00000000c0)='./file0\x00', 0x4, 0x1, &(0x7f0000000180)=[{&(0x7f0000000140)="5315baf33a7f42ae83e68982eeca5265690a64d75ee41829a50e42eacb906269a1", 0x21, 0x4}], 0x2000800, &(0x7f0000000340)={[{@data_err_abort}, {@grpquota}, {@bsdgroups}, {@jqfmt_vfsold}, {@jqfmt_vfsv0}, {@max_batch_time={'max_batch_time', 0x3d, 0x70d2}}, {@debug}], [{@smackfsroot={'smackfsroot', 0x3d, 'vfat\x00'}}, {@dont_hash}]}) chdir(&(0x7f0000000040)='./file0\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xd0080, 0x12c) r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) 03:03:05 executing program 5: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) syz_io_uring_setup(0x1f8, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)) pipe2(&(0x7f00000000c0), 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0) ftruncate(r3, 0x1) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, 0xffffffffffffffff, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000) syz_io_uring_submit(r4, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) r5 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000100)=0x0) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0) syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r5, 0x0, 0x0, 0x0, {}, 0x0, {0x0, r9}}, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000040)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x3, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r9}}, 0x2dc) r10 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142229, 0x0, 0x0, 0x7, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r10, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2310.653465] udc-core: couldn't find an available UDC or it's busy [ 2310.654131] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2310.682595] FAULT_INJECTION: forcing a failure. [ 2310.682595] name failslab, interval 1, probability 0, space 0, times 0 [ 2310.683971] CPU: 1 PID: 11972 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2310.684608] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2310.685386] Call Trace: [ 2310.685657] dump_stack+0x107/0x167 [ 2310.686009] should_fail.cold+0x5/0xa [ 2310.686376] should_failslab+0x5/0x20 [ 2310.686763] __kmalloc_node_track_caller+0x74/0x3b0 [ 2310.687209] ? skb_ensure_writable+0x2cb/0x450 [ 2310.687629] pskb_expand_head+0x15a/0x1040 [ 2310.688020] ? skb_checksum+0x90/0xc0 [ 2310.688365] ? __skb_checksum+0x9e0/0x9e0 [ 2310.688744] skb_ensure_writable+0x2cb/0x450 [ 2310.689165] skb_checksum_help+0x3af/0x5e0 [ 2310.689580] validate_xmit_skb.constprop.0+0xa3a/0xda0 [ 2310.690076] ? __skb_tstamp_tx+0x5db/0x8d0 [ 2310.690471] ? netdev_core_pick_tx+0x1d1/0x2f0 [ 2310.690921] __dev_queue_xmit+0x87b/0x2710 [ 2310.691325] ? find_held_lock+0x2c/0x110 [ 2310.691718] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2310.692159] ? lock_downgrade+0x6d0/0x6d0 [ 2310.692547] ? lock_acquire+0x197/0x470 [ 2310.692944] ? find_held_lock+0x2c/0x110 [ 2310.693349] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2310.693853] ip_finish_output2+0x1514/0x21f0 [ 2310.694285] ? ip_frag_next+0x9e0/0x9e0 [ 2310.694658] ? nf_hook+0x160/0x510 [ 2310.694992] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2310.695485] __ip_finish_output.part.0+0x5f3/0xb50 [ 2310.695957] ? ip_fragment.constprop.0+0x240/0x240 [ 2310.696421] ? nf_hook+0x510/0x510 [ 2310.696780] ip_output+0x2f7/0x600 [ 2310.697136] ip_local_out+0xb4/0x1a0 [ 2310.697490] iptunnel_xmit+0x591/0x8b0 [ 2310.697848] ip_tunnel_xmit+0x1248/0x2f40 [ 2310.698207] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2310.698717] ? ip_md_tunnel_xmit+0x1840/0x1840 [ 2310.699158] ? slab_free_freelist_hook+0xa9/0x180 [ 2310.699629] sit_tunnel_xmit+0xef0/0x2960 [ 2310.700037] ? find_held_lock+0x2c/0x110 [ 2310.700414] ? ipip_rcv+0x4f0/0x4f0 [ 2310.700782] ? dev_queue_xmit_nit+0x7f5/0xb00 [ 2310.701205] ? lock_downgrade+0x6d0/0x6d0 [ 2310.701591] ? tpacket_rcv+0x3960/0x3960 [ 2310.701993] ? dev_queue_xmit_nit+0x80b/0xb00 [ 2310.702420] dev_hard_start_xmit+0x1cb/0x6f0 [ 2310.702853] __dev_queue_xmit+0x17ec/0x2710 [ 2310.703273] ? find_held_lock+0x2c/0x110 [ 2310.703651] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2310.704102] ? lock_downgrade+0x6d0/0x6d0 [ 2310.704490] ? lock_acquire+0x197/0x470 [ 2310.704872] ? ip_finish_output2+0x220/0x21f0 [ 2310.709326] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2310.709847] neigh_connected_output+0x382/0x4d0 [ 2310.710291] ip_finish_output2+0x6f1/0x21f0 [ 2310.710733] ? nf_hook_slow+0xfc/0x1e0 [ 2310.711142] ? ip_frag_next+0x9e0/0x9e0 [ 2310.711561] ? nf_hook+0x160/0x510 [ 2310.711952] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2310.712492] __ip_finish_output.part.0+0x5f3/0xb50 [ 2310.713024] ? ip_fragment.constprop.0+0x240/0x240 [ 2310.713541] ? nf_hook+0x510/0x510 [ 2310.713944] ip_output+0x2f7/0x600 [ 2310.714328] ip_send_skb+0xdd/0x260 [ 2310.714731] udp_send_skb+0x6da/0x11d0 [ 2310.715158] udp_sendmsg+0x197f/0x2160 [ 2310.715577] ? ip_frag_init+0x350/0x350 [ 2310.716014] ? udp_setsockopt+0xc0/0xc0 [ 2310.716426] ? __lock_acquire+0xbb1/0x5b00 [ 2310.716869] ? handle_mm_fault+0x1a0b/0x3500 [ 2310.717286] ? lock_downgrade+0x6d0/0x6d0 [ 2310.717671] ? do_raw_spin_lock+0x121/0x260 [ 2310.718073] ? rwlock_bug.part.0+0x90/0x90 [ 2310.718456] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2310.718949] udpv6_sendmsg+0x1b30/0x2ad0 [ 2310.719338] ? udp_v6_push_pending_frames+0x360/0x360 [ 2310.719819] ? _down_write_nest_lock+0x160/0x160 [ 2310.720253] ? vmacache_update+0xce/0x140 [ 2310.720636] ? do_user_addr_fault+0x5b0/0xc60 [ 2310.721077] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2310.721558] ? exc_page_fault+0xca/0x1a0 [ 2310.721938] ? trace_hardirqs_on+0x5b/0x180 [ 2310.722336] ? exc_page_fault+0xca/0x1a0 [ 2310.722728] ? asm_exc_page_fault+0x1e/0x30 [ 2310.723126] ? sock_has_perm+0x1ea/0x280 [ 2310.723503] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2310.723995] ? copy_user_generic_string+0x2c/0x40 [ 2310.724476] ? __import_iovec+0x458/0x590 [ 2310.724873] ? udp_v6_push_pending_frames+0x360/0x360 [ 2310.725374] inet6_sendmsg+0x105/0x140 [ 2310.726003] ? inet6_compat_ioctl+0x320/0x320 [ 2310.726392] __sock_sendmsg+0xf2/0x190 [ 2310.727780] ____sys_sendmsg+0x334/0x870 [ 2310.728128] ? sock_write_iter+0x3d0/0x3d0 [ 2310.728486] ? do_recvmmsg+0x6d0/0x6d0 [ 2310.729909] ? SOFTIRQ_verbose+0x10/0x10 [ 2310.730253] ? mark_lock+0xf5/0x2df0 [ 2310.730572] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2310.732068] ___sys_sendmsg+0xf3/0x170 [ 2310.732403] ? sendmsg_copy_msghdr+0x160/0x160 [ 2310.733874] ? __fget_files+0x2cf/0x520 [ 2310.734214] ? lock_downgrade+0x6d0/0x6d0 [ 2310.734570] ? lock_downgrade+0x6d0/0x6d0 [ 2310.735976] ? __fget_files+0x2f8/0x520 [ 2310.736320] ? __fget_light+0xea/0x290 [ 2310.737729] __sys_sendmmsg+0x195/0x470 [ 2310.738079] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2310.738446] ? lock_downgrade+0x6d0/0x6d0 [ 2310.739868] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2310.740281] ? wait_for_completion_io+0x270/0x270 [ 2310.741789] ? rcu_read_lock_any_held+0x75/0xa0 [ 2310.742183] ? vfs_write+0x354/0xb10 [ 2310.742501] ? fput_many+0x2f/0x1a0 [ 2310.743863] ? ksys_write+0x1a9/0x260 [ 2310.744187] ? __ia32_sys_read+0xb0/0xb0 [ 2310.744538] __x64_sys_sendmmsg+0x99/0x100 [ 2310.745976] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2310.746409] do_syscall_64+0x33/0x40 [ 2310.747779] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2310.748212] RIP: 0033:0x7f0fecadbb19 [ 2310.748530] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2310.752171] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2310.753887] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2310.754481] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2310.756123] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2310.757798] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2310.758392] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 [ 2310.763806] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2310.763806] program syz-executor.3 not setting count and/or reply_len properly [ 2310.786402] FAULT_INJECTION: forcing a failure. [ 2310.786402] name failslab, interval 1, probability 0, space 0, times 0 [ 2310.787487] CPU: 1 PID: 11977 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2310.788064] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2310.788821] Call Trace: [ 2310.789087] dump_stack+0x107/0x167 [ 2310.789478] should_fail.cold+0x5/0xa [ 2310.789838] should_failslab+0x5/0x20 [ 2310.790239] __kmalloc_node_track_caller+0x74/0x3b0 [ 2310.790695] ? __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2310.791209] __alloc_skb+0xb1/0x5b0 [ 2310.791548] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2310.792038] ? ip6_mtu+0x1bb/0x3d0 [ 2310.792447] ? ip_frag_init+0x350/0x350 [ 2310.792839] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2310.793347] ? ip6_mtu+0x1e9/0x3d0 [ 2310.793689] ? ip6_setup_cork+0xfb7/0x1740 [ 2310.794091] ip6_make_skb+0x2de/0x4e0 [ 2310.794498] ? ip_frag_init+0x350/0x350 [ 2310.794888] ? ip_frag_init+0x350/0x350 [ 2310.795314] ? ip6_push_pending_frames+0xf0/0xf0 [ 2310.795771] ? ip6_dst_hoplimit+0x199/0x440 [ 2310.796227] ? lock_downgrade+0x6d0/0x6d0 [ 2310.796634] udpv6_sendmsg+0x20d3/0x2ad0 [ 2310.797044] ? ip_frag_init+0x350/0x350 [ 2310.797513] ? udp_v6_push_pending_frames+0x360/0x360 [ 2310.798005] ? SOFTIRQ_verbose+0x10/0x10 [ 2310.798503] ? lock_acquire+0x197/0x470 [ 2310.798888] ? find_held_lock+0x2c/0x110 [ 2310.800270] ? __might_fault+0xd3/0x180 [ 2310.800652] ? sock_has_perm+0x1ea/0x280 [ 2310.801085] ? __import_iovec+0x458/0x590 [ 2310.801529] ? udp_v6_push_pending_frames+0x360/0x360 [ 2310.802033] inet6_sendmsg+0x105/0x140 [ 2310.802447] ? inet6_compat_ioctl+0x320/0x320 [ 2310.802877] __sock_sendmsg+0xf2/0x190 [ 2310.803323] ____sys_sendmsg+0x334/0x870 [ 2310.803726] ? sock_write_iter+0x3d0/0x3d0 [ 2310.804155] ? do_recvmmsg+0x6d0/0x6d0 [ 2310.804535] ? SOFTIRQ_verbose+0x10/0x10 [ 2310.804926] ? mark_lock+0xf5/0x2df0 [ 2310.805361] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2310.805856] ___sys_sendmsg+0xf3/0x170 [ 2310.806271] ? sendmsg_copy_msghdr+0x160/0x160 [ 2310.806726] ? __fget_files+0x2cf/0x520 [ 2310.807094] ? lock_downgrade+0x6d0/0x6d0 [ 2310.807561] ? lock_downgrade+0x6d0/0x6d0 [ 2310.807956] ? __fget_files+0x2f8/0x520 [ 2310.813051] ? __fget_light+0xea/0x290 [ 2310.817243] __sys_sendmmsg+0x195/0x470 [ 2310.821239] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2310.821613] ? lock_downgrade+0x6d0/0x6d0 [ 2310.829288] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2310.829739] ? wait_for_completion_io+0x270/0x270 [ 2310.830184] ? rcu_read_lock_any_held+0x75/0xa0 [ 2310.830582] ? vfs_write+0x354/0xb10 [ 2310.830962] ? fput_many+0x2f/0x1a0 [ 2310.831272] ? ksys_write+0x1a9/0x260 [ 2310.831596] ? __ia32_sys_read+0xb0/0xb0 [ 2310.831945] __x64_sys_sendmmsg+0x99/0x100 [ 2310.832304] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2310.832738] do_syscall_64+0x33/0x40 [ 2310.833066] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2310.833510] RIP: 0033:0x7f9ff3490b19 [ 2310.833912] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2310.835584] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2310.836235] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2310.836837] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2310.837449] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2310.838050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2310.838811] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 03:03:05 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xfbb0}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:03:05 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021200ada3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) [ 2311.006502] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2311.006502] program syz-executor.3 not setting count and/or reply_len properly [ 2311.168171] udc-core: couldn't find an available UDC or it's busy [ 2311.168773] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 03:03:21 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) r2 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r2, 0x400, 0x1) fcntl$setown(r2, 0x8, 0xffffffffffffffff) close(r2) chdir(&(0x7f0000000100)='./file0\x00') ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r2, 0xc0189375, &(0x7f0000000280)={{0x1, 0x1, 0x18, r1}, './file0\x00'}) pidfd_send_signal(r3, 0x6, &(0x7f0000000200)={0xb, 0x3, 0x44723c0e}, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) 03:03:21 executing program 5: r0 = syz_io_uring_setup(0x3167, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f00000002c0)=0x0, &(0x7f0000000340)=0x0) r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r4 = dup2(r3, r3) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f00000001c0)=@l2tp={0x2, 0x0, @remote, 0x4}}, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x6f, 0xfc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x1ff}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8001}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 03:03:21 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0x20010101}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:03:21 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) sendmsg$IPVS_CMD_SET_INFO(r0, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)={0x28, 0x0, 0x2, 0x70bd2b, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0xc, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x40000}, 0x1) perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x75, 0x7, 0x20, 0x8, 0x0, 0x1ff, 0x41800, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0x2, 0x473}, 0x48801, 0xac72, 0x6e, 0x7, 0x1, 0x4, 0x3, 0x0, 0x9, 0x0, 0x3b28}, 0x0, 0x0, r0, 0x8) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) ftruncate(0xffffffffffffffff, 0x4) sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=@updsa={0x168, 0x10, 0x1, 0x0, 0x0, {{@in6=@mcast2, @in6=@private0}, {@in, 0x0, 0x32}, @in=@multicast1, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_aead={0x70, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0x120, 0x40, "976ae46d07d1812fd0664e95dee18314b91df2e10ff98153074f6a02e3550c030000001b"}}, @XFRMA_SET_MARK={0x8, 0x1d, 0x7}]}, 0x168}}, 0x0) 03:03:21 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe024000300212025da3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:03:21 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 94) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:03:21 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 19) 03:03:21 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(r0, 0x8008f513, &(0x7f0000000180)) fspick(r0, &(0x7f0000000000)='./file0\x00', 0x1) openat(r0, &(0x7f00000000c0)='./file0\x00', 0x208240, 0x1c) write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) [ 2326.501377] FAULT_INJECTION: forcing a failure. [ 2326.501377] name failslab, interval 1, probability 0, space 0, times 0 [ 2326.502364] CPU: 1 PID: 12023 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2326.502951] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2326.503649] Call Trace: [ 2326.503884] dump_stack+0x107/0x167 [ 2326.504200] should_fail.cold+0x5/0xa [ 2326.504532] ? create_object.isra.0+0x3a/0xa20 [ 2326.504924] should_failslab+0x5/0x20 [ 2326.505270] kmem_cache_alloc+0x5b/0x310 [ 2326.505624] create_object.isra.0+0x3a/0xa20 [ 2326.506000] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2326.506438] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 2326.506871] ? skb_ensure_writable+0x2cb/0x450 [ 2326.507265] pskb_expand_head+0x15a/0x1040 [ 2326.507629] ? skb_checksum+0x90/0xc0 [ 2326.507955] ? __skb_checksum+0x9e0/0x9e0 [ 2326.508316] skb_ensure_writable+0x2cb/0x450 [ 2326.508698] skb_checksum_help+0x3af/0x5e0 [ 2326.509067] validate_xmit_skb.constprop.0+0xa3a/0xda0 [ 2326.509535] ? __skb_tstamp_tx+0x5db/0x8d0 [ 2326.509895] ? netdev_core_pick_tx+0x1d1/0x2f0 [ 2326.510285] __dev_queue_xmit+0x87b/0x2710 [ 2326.510655] ? find_held_lock+0x2c/0x110 [ 2326.511004] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2326.511397] ? lock_downgrade+0x6d0/0x6d0 [ 2326.511750] ? lock_acquire+0x197/0x470 [ 2326.512089] ? find_held_lock+0x2c/0x110 [ 2326.512441] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2326.512892] ip_finish_output2+0x1514/0x21f0 [ 2326.513291] ? ip_frag_next+0x9e0/0x9e0 [ 2326.513630] ? nf_hook+0x160/0x510 [ 2326.513937] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2326.514372] __ip_finish_output.part.0+0x5f3/0xb50 [ 2326.514791] ? ip_fragment.constprop.0+0x240/0x240 [ 2326.515204] ? nf_hook+0x510/0x510 [ 2326.515519] ip_output+0x2f7/0x600 [ 2326.515829] ip_local_out+0xb4/0x1a0 [ 2326.516151] iptunnel_xmit+0x591/0x8b0 [ 2326.516493] ip_tunnel_xmit+0x1248/0x2f40 [ 2326.516861] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2326.517322] ? ip_md_tunnel_xmit+0x1840/0x1840 [ 2326.517723] ? slab_free_freelist_hook+0xa9/0x180 [ 2326.518142] sit_tunnel_xmit+0xef0/0x2960 [ 2326.518501] ? find_held_lock+0x2c/0x110 [ 2326.518848] ? ipip_rcv+0x4f0/0x4f0 [ 2326.519161] ? dev_queue_xmit_nit+0x7f5/0xb00 [ 2326.519543] ? lock_downgrade+0x6d0/0x6d0 [ 2326.519898] ? run_filter+0x4d0/0x4d0 [ 2326.520222] ? dev_queue_xmit_nit+0x80b/0xb00 [ 2326.520613] dev_hard_start_xmit+0x1cb/0x6f0 [ 2326.520997] __dev_queue_xmit+0x17ec/0x2710 [ 2326.521388] ? find_held_lock+0x2c/0x110 [ 2326.521737] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2326.522131] ? lock_downgrade+0x6d0/0x6d0 [ 2326.522485] ? lock_acquire+0x197/0x470 [ 2326.522826] ? ip_finish_output2+0x220/0x21f0 [ 2326.523214] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2326.523665] neigh_connected_output+0x382/0x4d0 [ 2326.524073] ip_finish_output2+0x6f1/0x21f0 [ 2326.524444] ? nf_hook_slow+0xfc/0x1e0 [ 2326.524778] ? ip_frag_next+0x9e0/0x9e0 [ 2326.525119] ? nf_hook+0x160/0x510 [ 2326.525446] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2326.525881] __ip_finish_output.part.0+0x5f3/0xb50 [ 2326.526297] ? ip_fragment.constprop.0+0x240/0x240 [ 2326.526715] ? nf_hook+0x510/0x510 [ 2326.527025] ip_output+0x2f7/0x600 [ 2326.527198] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2326.527198] program syz-executor.3 not setting count and/or reply_len properly [ 2326.527331] ip_send_skb+0xdd/0x260 [ 2326.529180] udp_send_skb+0x6da/0x11d0 [ 2326.529533] udp_sendmsg+0x197f/0x2160 [ 2326.529868] ? ip_frag_init+0x350/0x350 [ 2326.530213] ? udp_setsockopt+0xc0/0xc0 [ 2326.530559] ? __lock_acquire+0xbb1/0x5b00 [ 2326.530937] ? handle_mm_fault+0x1a0b/0x3500 [ 2326.531310] ? lock_downgrade+0x6d0/0x6d0 [ 2326.531663] ? do_raw_spin_lock+0x121/0x260 [ 2326.532030] ? rwlock_bug.part.0+0x90/0x90 [ 2326.532389] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2326.532839] udpv6_sendmsg+0x1b30/0x2ad0 [ 2326.533204] ? udp_v6_push_pending_frames+0x360/0x360 [ 2326.533644] ? _down_write_nest_lock+0x160/0x160 [ 2326.534049] ? vmacache_update+0xce/0x140 [ 2326.534414] ? do_user_addr_fault+0x5b0/0xc60 [ 2326.534800] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2326.535241] ? exc_page_fault+0xca/0x1a0 [ 2326.535583] ? trace_hardirqs_on+0x5b/0x180 [ 2326.535954] ? exc_page_fault+0xca/0x1a0 [ 2326.536302] ? asm_exc_page_fault+0x1e/0x30 [ 2326.536668] ? sock_has_perm+0x1ea/0x280 [ 2326.537012] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2326.537472] ? copy_user_generic_string+0x2c/0x40 [ 2326.537890] ? __import_iovec+0x458/0x590 [ 2326.538242] ? udp_v6_push_pending_frames+0x360/0x360 [ 2326.538681] inet6_sendmsg+0x105/0x140 [ 2326.539012] ? inet6_compat_ioctl+0x320/0x320 [ 2326.539391] __sock_sendmsg+0xf2/0x190 [ 2326.539724] ____sys_sendmsg+0x334/0x870 [ 2326.540070] ? sock_write_iter+0x3d0/0x3d0 [ 2326.540433] ? do_recvmmsg+0x6d0/0x6d0 [ 2326.540767] ? SOFTIRQ_verbose+0x10/0x10 [ 2326.541111] ? mark_lock+0xf5/0x2df0 [ 2326.541446] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2326.541893] ___sys_sendmsg+0xf3/0x170 [ 2326.542226] ? sendmsg_copy_msghdr+0x160/0x160 [ 2326.542617] ? __fget_files+0x2cf/0x520 [ 2326.542955] ? lock_downgrade+0x6d0/0x6d0 [ 2326.543311] ? lock_downgrade+0x6d0/0x6d0 [ 2326.543670] ? __fget_files+0x2f8/0x520 [ 2326.544015] ? __fget_light+0xea/0x290 [ 2326.544353] __sys_sendmmsg+0x195/0x470 [ 2326.544696] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2326.545062] ? lock_downgrade+0x6d0/0x6d0 [ 2326.545446] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2326.545857] ? wait_for_completion_io+0x270/0x270 [ 2326.546266] ? rcu_read_lock_any_held+0x75/0xa0 [ 2326.546658] ? vfs_write+0x354/0xb10 [ 2326.546976] ? fput_many+0x2f/0x1a0 [ 2326.547289] ? ksys_write+0x1a9/0x260 [ 2326.547613] ? __ia32_sys_read+0xb0/0xb0 [ 2326.547965] __x64_sys_sendmmsg+0x99/0x100 [ 2326.548324] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2326.548759] do_syscall_64+0x33/0x40 [ 2326.549076] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2326.549519] RIP: 0033:0x7f0fecadbb19 [ 2326.549837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2326.551353] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2326.551990] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2326.552583] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 03:03:21 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="1400000000ffff021b366155a204000007"], 0x14}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x161}) r1 = socket$inet(0x2, 0xa, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x100000001}, 0x40000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) pipe(&(0x7f0000000080)) ioctl$sock_inet_SIOCGIFNETMASK(0xffffffffffffffff, 0x891b, &(0x7f0000000040)={'veth0_to_bond\x00', {0x2, 0x0, @local}}) pipe(&(0x7f00000000c0)) [ 2326.553186] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2326.553785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2326.554379] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 03:03:21 executing program 5: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0xff, 0x1, 0x3f, 0x1, 0x0, 0x5, 0x9600, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x6, 0x2, @perf_config_ext={0x4, 0xc318}, 0x0, 0x8, 0x6, 0x2, 0xffffffffffffff81, 0x5, 0x81, 0x0, 0xfffff000, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x1c, 0x1a, 0x101, 0x0, 0x0, {}, [@generic="7b828f25ec5b"]}, 0x1c}}, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xfffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140), 0x40001, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = dup2(r3, r2) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000080)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r1, @ANYBLOB="017d3fd0f34d2a171ffeb74ec1650072"]) r6 = syz_genetlink_get_family_id$batadv(0x0, r4) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r5, &(0x7f0000000400)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=ANY=[@ANYRES64, @ANYRES16=r6, @ANYRESOCT], 0x24}, 0x1, 0x0, 0x0, 0x200040c0}, 0x14050884) [ 2326.581069] FAULT_INJECTION: forcing a failure. [ 2326.581069] name failslab, interval 1, probability 0, space 0, times 0 [ 2326.582582] CPU: 0 PID: 12020 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2326.583224] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2326.583987] Call Trace: [ 2326.584242] dump_stack+0x107/0x167 [ 2326.584582] should_fail.cold+0x5/0xa [ 2326.584941] ? create_object.isra.0+0x3a/0xa20 [ 2326.585384] should_failslab+0x5/0x20 [ 2326.585741] kmem_cache_alloc+0x5b/0x310 [ 2326.586124] create_object.isra.0+0x3a/0xa20 [ 2326.586534] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2326.587008] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 2326.587481] ? __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2326.587966] __alloc_skb+0xb1/0x5b0 [ 2326.588310] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2326.588781] ? ip6_mtu+0x1bb/0x3d0 [ 2326.589114] ? ip_frag_init+0x350/0x350 [ 2326.589511] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2326.589943] ? ip6_mtu+0x1e9/0x3d0 [ 2326.590276] ? ip6_setup_cork+0xfb7/0x1740 [ 2326.590676] ip6_make_skb+0x2de/0x4e0 [ 2326.591029] ? ip_frag_init+0x350/0x350 [ 2326.591402] ? ip_frag_init+0x350/0x350 [ 2326.591772] ? ip6_push_pending_frames+0xf0/0xf0 [ 2326.592217] ? ip6_dst_hoplimit+0x199/0x440 [ 2326.592619] ? lock_downgrade+0x6d0/0x6d0 [ 2326.593017] udpv6_sendmsg+0x20d3/0x2ad0 [ 2326.593414] ? ip_frag_init+0x350/0x350 [ 2326.593799] ? udp_v6_push_pending_frames+0x360/0x360 [ 2326.594276] ? SOFTIRQ_verbose+0x10/0x10 [ 2326.594663] ? lock_acquire+0x197/0x470 [ 2326.595033] ? find_held_lock+0x2c/0x110 [ 2326.595415] ? __might_fault+0xd3/0x180 [ 2326.595794] ? sock_has_perm+0x1ea/0x280 [ 2326.596187] ? __import_iovec+0x458/0x590 [ 2326.596571] ? udp_v6_push_pending_frames+0x360/0x360 [ 2326.597054] inet6_sendmsg+0x105/0x140 [ 2326.597432] ? inet6_compat_ioctl+0x320/0x320 [ 2326.597849] __sock_sendmsg+0xf2/0x190 [ 2326.598211] ____sys_sendmsg+0x334/0x870 [ 2326.598590] ? sock_write_iter+0x3d0/0x3d0 [ 2326.598982] ? do_recvmmsg+0x6d0/0x6d0 [ 2326.599346] ? SOFTIRQ_verbose+0x10/0x10 [ 2326.599729] ? mark_lock+0xf5/0x2df0 [ 2326.600077] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2326.600567] ___sys_sendmsg+0xf3/0x170 [ 2326.600937] ? sendmsg_copy_msghdr+0x160/0x160 [ 2326.601382] ? __fget_files+0x2cf/0x520 [ 2326.601752] ? lock_downgrade+0x6d0/0x6d0 [ 2326.602141] ? lock_downgrade+0x6d0/0x6d0 [ 2326.602530] ? __fget_files+0x2f8/0x520 [ 2326.602911] ? __fget_light+0xea/0x290 [ 2326.603278] __sys_sendmmsg+0x195/0x470 [ 2326.603652] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2326.604053] ? lock_downgrade+0x6d0/0x6d0 [ 2326.604451] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2326.604903] ? wait_for_completion_io+0x270/0x270 [ 2326.605367] ? rcu_read_lock_any_held+0x75/0xa0 [ 2326.605795] ? vfs_write+0x354/0xb10 [ 2326.606141] ? fput_many+0x2f/0x1a0 [ 2326.606479] ? ksys_write+0x1a9/0x260 [ 2326.606833] ? __ia32_sys_read+0xb0/0xb0 [ 2326.607222] __x64_sys_sendmmsg+0x99/0x100 [ 2326.607614] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2326.608087] do_syscall_64+0x33/0x40 [ 2326.608433] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2326.608905] RIP: 0033:0x7f9ff3490b19 [ 2326.609263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2326.610935] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2326.611634] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2326.612285] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2326.612938] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2326.613606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2326.614258] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 03:03:21 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 20) 03:03:21 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0x7ffff000}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:03:21 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021202eda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:03:21 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mknod(&(0x7f0000000000)='./file0\x00', 0x4, 0x401) r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) 03:03:21 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 95) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:03:21 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x8}, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1f}, 0x0, 0xf, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) [ 2326.874088] device veth0_vlan entered promiscuous mode [ 2326.895095] FAULT_INJECTION: forcing a failure. [ 2326.895095] name failslab, interval 1, probability 0, space 0, times 0 [ 2326.896404] CPU: 1 PID: 12043 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2326.897031] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2326.897806] Call Trace: [ 2326.898060] dump_stack+0x107/0x167 [ 2326.898415] should_fail.cold+0x5/0xa [ 2326.898771] ? lock_release+0x680/0x680 [ 2326.899146] ? skb_clone+0x14f/0x3d0 [ 2326.899511] should_failslab+0x5/0x20 [ 2326.899880] kmem_cache_alloc+0x5b/0x310 [ 2326.900270] skb_clone+0x14f/0x3d0 [ 2326.900622] dev_queue_xmit_nit+0x3a7/0xb00 [ 2326.901029] ? ipv6_mc_check_mld+0x1110/0x1110 [ 2326.901481] dev_hard_start_xmit+0xab/0x6f0 [ 2326.901903] __dev_queue_xmit+0x17ec/0x2710 [ 2326.902309] ? find_held_lock+0x2c/0x110 [ 2326.902689] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2326.903131] ? lock_downgrade+0x6d0/0x6d0 [ 2326.903522] ? lock_acquire+0x197/0x470 [ 2326.903906] ? find_held_lock+0x2c/0x110 [ 2326.904298] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2326.904790] ip_finish_output2+0x1514/0x21f0 [ 2326.905229] ? ip_frag_next+0x9e0/0x9e0 [ 2326.905606] ? nf_hook+0x160/0x510 [ 2326.905943] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2326.906427] __ip_finish_output.part.0+0x5f3/0xb50 [ 2326.906887] ? ip_fragment.constprop.0+0x240/0x240 [ 2326.907352] ? nf_hook+0x510/0x510 [ 2326.907700] ip_output+0x2f7/0x600 [ 2326.908042] ip_local_out+0xb4/0x1a0 [ 2326.908409] iptunnel_xmit+0x591/0x8b0 [ 2326.908790] ip_tunnel_xmit+0x1248/0x2f40 [ 2326.913203] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2326.913659] ? ip_md_tunnel_xmit+0x1840/0x1840 [ 2326.914057] ? slab_free_freelist_hook+0xa9/0x180 [ 2326.914471] sit_tunnel_xmit+0xef0/0x2960 [ 2326.914828] ? find_held_lock+0x2c/0x110 [ 2326.915171] ? ipip_rcv+0x4f0/0x4f0 [ 2326.915481] ? dev_queue_xmit_nit+0x7f5/0xb00 [ 2326.915860] ? lock_downgrade+0x6d0/0x6d0 [ 2326.916210] ? tpacket_rcv+0x3960/0x3960 [ 2326.916551] ? dev_queue_xmit_nit+0x80b/0xb00 [ 2326.916938] dev_hard_start_xmit+0x1cb/0x6f0 [ 2326.917371] __dev_queue_xmit+0x17ec/0x2710 [ 2326.917781] ? find_held_lock+0x2c/0x110 [ 2326.918161] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2326.918606] ? lock_downgrade+0x6d0/0x6d0 [ 2326.918995] ? lock_acquire+0x197/0x470 [ 2326.919371] ? ip_finish_output2+0x220/0x21f0 [ 2326.919806] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2326.920296] neigh_connected_output+0x382/0x4d0 [ 2326.920756] ip_finish_output2+0x6f1/0x21f0 [ 2326.921169] ? nf_hook_slow+0xfc/0x1e0 [ 2326.921545] ? ip_frag_next+0x9e0/0x9e0 [ 2326.921930] ? nf_hook+0x160/0x510 [ 2326.922266] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2326.922757] __ip_finish_output.part.0+0x5f3/0xb50 [ 2326.923220] ? ip_fragment.constprop.0+0x240/0x240 [ 2326.923672] ? nf_hook+0x510/0x510 [ 2326.924031] ip_output+0x2f7/0x600 [ 2326.924374] ip_send_skb+0xdd/0x260 [ 2326.924723] udp_send_skb+0x6da/0x11d0 [ 2326.925112] udp_sendmsg+0x197f/0x2160 [ 2326.925501] ? ip_frag_init+0x350/0x350 [ 2326.925884] ? udp_setsockopt+0xc0/0xc0 [ 2326.926280] ? __lock_acquire+0xbb1/0x5b00 [ 2326.926699] ? handle_mm_fault+0x1a0b/0x3500 [ 2326.927123] ? lock_downgrade+0x6d0/0x6d0 [ 2326.927510] ? do_raw_spin_lock+0x121/0x260 [ 2326.927912] ? rwlock_bug.part.0+0x90/0x90 [ 2326.928324] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2326.928824] udpv6_sendmsg+0x1b30/0x2ad0 [ 2326.929233] ? udp_v6_push_pending_frames+0x360/0x360 [ 2326.929720] ? _down_write_nest_lock+0x160/0x160 [ 2326.930164] ? vmacache_update+0xce/0x140 [ 2326.930573] ? do_user_addr_fault+0x5b0/0xc60 [ 2326.930994] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2326.931490] ? exc_page_fault+0xca/0x1a0 [ 2326.931867] ? trace_hardirqs_on+0x5b/0x180 [ 2326.932269] ? exc_page_fault+0xca/0x1a0 [ 2326.932665] ? asm_exc_page_fault+0x1e/0x30 [ 2326.933067] ? sock_has_perm+0x1ea/0x280 [ 2326.933463] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2326.933960] ? copy_user_generic_string+0x2c/0x40 [ 2326.934426] ? __import_iovec+0x458/0x590 [ 2326.934827] ? udp_v6_push_pending_frames+0x360/0x360 [ 2326.935309] inet6_sendmsg+0x105/0x140 [ 2326.935675] ? inet6_compat_ioctl+0x320/0x320 [ 2326.936105] __sock_sendmsg+0xf2/0x190 [ 2326.936494] ____sys_sendmsg+0x334/0x870 [ 2326.936893] ? sock_write_iter+0x3d0/0x3d0 [ 2326.937307] ? do_recvmmsg+0x6d0/0x6d0 [ 2326.937674] ? SOFTIRQ_verbose+0x10/0x10 [ 2326.938052] ? mark_lock+0xf5/0x2df0 [ 2326.938424] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2326.938913] ___sys_sendmsg+0xf3/0x170 [ 2326.939281] ? sendmsg_copy_msghdr+0x160/0x160 [ 2326.939723] ? __fget_files+0x2cf/0x520 [ 2326.940095] ? lock_downgrade+0x6d0/0x6d0 [ 2326.940487] ? lock_downgrade+0x6d0/0x6d0 [ 2326.940893] ? __fget_files+0x2f8/0x520 [ 2326.941287] ? __fget_light+0xea/0x290 [ 2326.941628] __sys_sendmmsg+0x195/0x470 [ 2326.941970] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2326.942339] ? lock_downgrade+0x6d0/0x6d0 [ 2326.942706] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2326.943117] ? wait_for_completion_io+0x270/0x270 [ 2326.943527] ? rcu_read_lock_any_held+0x75/0xa0 [ 2326.943920] ? vfs_write+0x354/0xb10 [ 2326.944236] ? fput_many+0x2f/0x1a0 [ 2326.944546] ? ksys_write+0x1a9/0x260 [ 2326.944870] ? __ia32_sys_read+0xb0/0xb0 [ 2326.945261] __x64_sys_sendmmsg+0x99/0x100 [ 2326.945659] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2326.946135] do_syscall_64+0x33/0x40 [ 2326.946489] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2326.946965] RIP: 0033:0x7f0fecadbb19 [ 2326.947319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2326.948984] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2326.949704] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2326.950355] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2326.950998] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2326.951647] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2326.952309] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 [ 2326.954250] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2326.954250] program syz-executor.3 not setting count and/or reply_len properly [ 2327.098341] FAULT_INJECTION: forcing a failure. [ 2327.098341] name failslab, interval 1, probability 0, space 0, times 0 [ 2327.100064] CPU: 1 PID: 12050 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2327.100679] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2327.101434] Call Trace: [ 2327.101689] dump_stack+0x107/0x167 [ 2327.102028] should_fail.cold+0x5/0xa [ 2327.102388] should_failslab+0x5/0x20 [ 2327.102741] __kmalloc_node_track_caller+0x74/0x3b0 [ 2327.103202] ? __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2327.103683] __alloc_skb+0xb1/0x5b0 [ 2327.104029] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2327.104500] ? ip6_mtu+0x1bb/0x3d0 [ 2327.104834] ? ip_frag_init+0x350/0x350 [ 2327.105226] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2327.105663] ? ip6_mtu+0x1e9/0x3d0 [ 2327.105995] ? ip6_setup_cork+0xfb7/0x1740 [ 2327.106386] ip6_make_skb+0x2de/0x4e0 [ 2327.106734] ? ip_frag_init+0x350/0x350 [ 2327.107096] ? ip_frag_init+0x350/0x350 [ 2327.107458] ? ip6_push_pending_frames+0xf0/0xf0 [ 2327.107902] ? ip6_dst_hoplimit+0x199/0x440 [ 2327.108298] ? lock_downgrade+0x6d0/0x6d0 [ 2327.108695] udpv6_sendmsg+0x20d3/0x2ad0 [ 2327.109077] ? ip_frag_init+0x350/0x350 [ 2327.109470] ? udp_v6_push_pending_frames+0x360/0x360 [ 2327.109948] ? SOFTIRQ_verbose+0x10/0x10 [ 2327.110329] ? mark_lock+0xf5/0x2df0 [ 2327.110687] ? lock_acquire+0x197/0x470 [ 2327.111053] ? find_held_lock+0x2c/0x110 [ 2327.111429] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2327.111908] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2327.112402] ? trace_hardirqs_on+0x5b/0x180 [ 2327.112813] ? sock_has_perm+0x1ea/0x280 [ 2327.113225] ? udp_v6_push_pending_frames+0x360/0x360 [ 2327.113706] inet6_sendmsg+0x105/0x140 [ 2327.114064] ? inet6_compat_ioctl+0x320/0x320 [ 2327.114430] __sock_sendmsg+0xf2/0x190 [ 2327.114755] ____sys_sendmsg+0x334/0x870 [ 2327.115109] ? sock_write_iter+0x3d0/0x3d0 [ 2327.115503] ? do_recvmmsg+0x6d0/0x6d0 [ 2327.115870] ? SOFTIRQ_verbose+0x10/0x10 [ 2327.116262] ___sys_sendmsg+0xf3/0x170 [ 2327.116629] ? sendmsg_copy_msghdr+0x160/0x160 [ 2327.117057] ? __fget_files+0x2cf/0x520 [ 2327.117426] ? lock_downgrade+0x6d0/0x6d0 [ 2327.117804] ? __fget_files+0x2f8/0x520 [ 2327.118152] ? __fget_light+0xea/0x290 [ 2327.118515] __sys_sendmmsg+0x195/0x470 [ 2327.118895] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2327.119304] ? setup_APIC_eilvt+0x2f0/0x2f0 [ 2327.119698] ? clockevents_program_event+0x131/0x360 [ 2327.120161] ? tick_program_event+0xa8/0x140 [ 2327.120568] ? hrtimer_interrupt+0x771/0x9b0 [ 2327.120973] __x64_sys_sendmmsg+0x99/0x100 [ 2327.121384] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2327.121871] do_syscall_64+0x33/0x40 [ 2327.122217] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2327.122687] RIP: 0033:0x7f9ff3490b19 [ 2327.123036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2327.124693] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2327.125408] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2327.126058] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2327.126705] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2327.127360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2327.127990] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 03:03:36 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 96) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:03:36 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 21) 03:03:36 executing program 2: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x80}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_IOC_FAIL(r0, 0x9361, 0xfffffffffffffff8) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r1, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') openat(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0x440000, 0x19) r3 = syz_open_dev$rtc(&(0x7f0000000040), 0x3, 0x4001) dup(r3) ioctl$RTC_SET_TIME(r2, 0x4024700a, &(0x7f0000000100)={0x1b, 0x2f, 0xb, 0x4, 0xb, 0x0, 0x4, 0x7, 0xffffffffffffffff}) creat(&(0x7f0000000140)='./file0\x00', 0x0) 03:03:36 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) lsetxattr$trusted_overlay_opaque(&(0x7f0000000200)='./file0\x00', &(0x7f00000018c0), &(0x7f0000001900), 0x2, 0x1) write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0xfdef) r1 = syz_open_dev$rtc(&(0x7f0000000040), 0x9, 0x181002) r2 = getpgrp(0xffffffffffffffff) fcntl$lock(r1, 0x7, &(0x7f0000000640)={0x0, 0x1, 0x1, 0x400, r2}) sendmsg$nl_generic(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000000c0)={&(0x7f00000002c0)={0x15fc, 0x12, 0x10, 0x70bd28, 0x25dfdbfb, {0x14}, [@typed={0xc, 0x67, 0x0, 0x0, @u64=0x100000001}, @typed={0x8, 0x7c, 0x0, 0x0, @pid=r2}, @nested={0x11de, 0x8a, 0x0, 0x1, [@typed={0x14, 0x7b, 0x0, 0x0, @ipv6=@private2={0xfc, 0x2, '\x00', 0x1}}, @typed={0x8, 0x1f, 0x0, 0x0, @uid=0xffffffffffffffff}, @generic="08ea031e3489195979ea2af27e45ebecfbb9b88434e71b245b8699bab5f047a8079476c479acfae5238940dc530127dc0b5cd6b08d6cc4b8da6efd0d88013e4f208281d13a41a8a5b74c9ba71161cf9b3d6deaab567119dff8e6c996894a3bb8a423acd36f9f9f8333b533af86b3ce13365bca07174efc756b8765ee4aecbeacd4859049d526eef08fdbfaf6c5cc5d18009ae875439b807a596089a88f8d0e4ea6612150fd3dd3eb9960f0ed11e20c12957ffe4cf5375dcc92b6a0105a2261193ae626aef0f907b3e42d58ace1d087754bde5fb1e3c0f1a6304dba52c42745727520bcad517a6e2a8032e7e9be245afecb0b0530d7", @typed={0x46, 0x82, 0x0, 0x0, @binary="d1163ceb698e2bd15d2d9e209021ea613b2da597e2990e60753661fb271df546f35f121cbd6262e8a9cd7541e1d0c8bb7e0c7c2ebdeafe1062abc4de7085bf263f6f"}, @typed={0x8, 0x4, 0x0, 0x0, @uid}, @generic="8bf63bf7222e01745b79395daa3d8073af1722f3411bc65f503a7d40eb4b65657dfb28bb422b6c553e4105f4e76a4861ddf86d6dad661d1ea8fbc9aa0d054e8e628b2a3438868e7c314492f415f9de184c7ffc92ad4d19028c343d35a6a0c85cd72d51d50d46162f57027402359ed1b4436296d160b309549b2f85ea185813b222a9499492f5b9c92e4354c04153782576f7f861e2f4ee171215414efa9c99c5711f83f3d44d261ff2d34f9145fe0bbeddfe88ed2913b87afb00a2b87c3bff9d008b1caa5fa7dd9ba45254d7312b31e89b1279718e9ee8c37b30a4a15c2b67997fa9e3605517714d70a9abfc5487e4937ad6ae3d3c33a11f13fd65c282f2ceaa36e9f940dc1a751b314f726424f47231b1b6e9ba3c0e1bfd2e14fe6d45c661dbfa48d1d8e489c4cef4c6fef7ede53089efbed87cbd6a0877b115f19261ac2223d0db06f56eebb53ea029cc04ebb6aa06dbfd323c960822cbe91cf0e9662ed8d6fe151586dce805bd263907add54624fb120bddd789db594c8a210a8b5032133c3ba850e0bd1e5fdeda2c785a110649a28d1d9f0f60ef0eba6317b9975cc1ced286009f87eff042947933653f8cce883325610d95d5e060bc9ef11f45c9a3cb9e747e0fe3108a2cf36022ae92b183eee4cb5937fe7ae61d28790304379823d2613655643e99d4115de437ddf61cca55e7cc6692a285b0163d5875da826e444f40eb1484f9057f05b85cfe67f4ee5350fc4957791a2b3d56a2c0c9310c738569a892acdd06af82017b0f4bd161cf2e702e513c2aa1a09f08d04b2283e9f5fd48db4dcd2e5d3ce4aa7881193dd7efc0351ce492e6777582330093d1c5a71ca37d36fd16f4546a977c7e45237a9b26e6a187ee210957a1a34756f8a37af3f83aaba2f63ac61f03f531988d8f16f2f69894f134a816fe46db3c08d9a4d685605f95ac2db851d895ef6c3ffef50cce913ada1b5183924cd408f3cfc8b6690ce0542a606076361adbec10b7bf13f354e39a570f000a4f6f9619dfc822e60dc6ebc436118d14eecaf334af4c6ccec3458b114948592eb7463287eb23722586d793b58fc707505967f0accf0810a807208179022c3f7401ae0dbef901b8ffb7e32fedf051876601d9c208d9faf515a06337a46e05ba0b1e6ca597457dabb3ec2e8c36c8efd7359c80b812ed7879f61fd871d990c3b2fc0b6b91dd03be76e7dcbfcabd6a6c06ddd3c391ea9d654f0536ea9b8fd42fece6d030628594ab924390bf6188c29bd0bff9ede165713c1df79b67d829c39b60ceb7848a0c6ce3ae7e21789e19bb64cc3b9d85eafc1add32a6a8c23c0b6670a960f4e8e0b8bb565cefde72fd6911d93067096f34dac61a09d0643f53044f3c6b3d4ec0f635389ad9ca9f4387f7d792b751ea0d8df6f8b9f59b411ecd3566c32e2d234fba01ef136425651f0759e3cf49f8b6a737751b6557d86412a51be9b52814e52f4850686efa30edd0c34d1877ab4e5712383ab25a24669168671ed2bbaabf647cbfe03153fef94c39860a06a45b1f4ab840b6f42ab588a909f9e21e95556ad82130cf5046ed54798e1cc01a7bd737f511ea97965fbddddcca131ab9b4c380f8fe00e78d5e2e8112a96f053766dcc9ed80b36400a3f664a460eed1b713d8fb619a8de936bc5fa1e09064210511688f2cf3683484eefceb561138d435a0f6b3b213071dfdadaef74dc565b94164869eb45e7f5d370079d68a05599ef1fffa39bfab127c31bebe83c35d79fea74677325d52b528cdc629f0bc95dc1be80c3ace4f31e9cafed15dcb21a17e62e1947b8006b93e2641ee0870f4f75ae1743552db458ab02b45e41bc0e54466d07b492c5f2fc01b58082881ed85d16b1a5c1882fabeee2c1703d540322d7d2d9d2f5fd0998957b16f2d9d21c13ed74acf535fd212657c3f2cd9674f3b603dbf89a925e5afd2c8cdffd760eef474fa071fed59efd9e502cfe4984e5e74c10cb8036c401ac459bb06dae28273cfe5494dde0af272fb369217f9e2ac57e2923097b6c08f48747b1aac7a61b0b27f79526af5e4b70e74fbbdd16bf3fad6d9ab20cea3403b7ec97643fea4834db3e5e1e8543ae92e4a57cf17e41408ca430a95ec8e1b3ac2bff327a01183b94eb559eb9c863d9a08142fb6e85e220b7c454b685bae987fb547d853392e03a73077058e5dace5d28bf47068e672fa7c9ddde7e3f1606bbaa59d5c4a7a6576454eb580ff3849b60de7877a1f26f653f3e1f220310cc942ac136a6d084ce424d1f8708150fab394615e8cf4e84359a08291c387e146312e9f9c5888ba9cf25b91303fb44e0558a83ed23acbde1b18366ed291dcc53747209699a847eb1e3d813ebdb5f0dc282a8abf16ff7e41199b382de07bc0096c5454836511bcb376490c23983401eb8b13b54b15fa2096abe9fcc04f042b0d96128471bbee0385e55467cbb0d8b2a3bf3a885703bc76c8772b8b03b1cfc58e51ed8ca1c6f738d8827ce5b8fe2ee86a84bd452e12bd208db489483f18ef96e950bd8b4f029840221e1de31008689b5ca02fe4387668f9eb5a572bb15627c5caf317ed495929a9cee744a9faf67468ed3c90526ab5df5c085df7973503d279dd7937f1fc8519e5cdd54ec41a1dd2aeb60d27b24fe7e2b99ef116e3f62fc49123cf5c9428ddde92ae27699b8e8b01b87e3b27a663f2779e136ac73740adf124f9b5d6d4f16a31698cf973205eefbf16ad3052a33918946735183540577fefe26e0ac659e990af89d6f288c8d54ea2ba98533ca7b455787639f3a3237472d3953eaa14bcda31c4cce964abc15dae43792615b500de6095d30655c9edb62a2499bf5cc2a7c872c81531ce510d0e7781b40fdc2ff87e14c12ecaf07b5f910fe1c118013a7ed47787383b3a2eebf8f19769e85345a2435d7793fef48a10dde7e114bb2b437020b640df3deafeda78653b09ad1f2e001b93b1f8c1b3fc4d733e000a547b57cb1429a806fd1ae0b0e5eb5cbd1663b7d1f911b4d0ce2bf759405f683a0964a5a76796c035f3ccf4be136e3552eecfb42f1f1d4d46792121e6396b72e4aadfa7e24b014fc21879e10d86f62df15d426be3bb79e5518f824d67025010f0227673ffb7a3859cb31a3c0738c7013fdd219e27b7768498cc30920b5999d68300ca82db430dde32132b4f3453b427229a9752538e15fca3e7019b1993ef8b09b16e354b9987a881f143d708aa6b1a01c1e9e782bdc8f0092ecd077eed8a378a206430b25d90d174a414fc9ef7c611cd4d2bb78694cf981ee42437ef3afd1da5fffbd8b65e3161fd79535b55c0b59a85d3f6b39b74dc2d08566975028c472aca5a9babcfc613cc897a3e98b44ca2266b8e11c086ddd24a36ba876220c9d582460dd4ef07d49252d7eeeb0e0762a8fac5db3948de1dd090ac8f4af8a6143b33004605bdfd8948c61c2ebeca1cdcadd360213a3111972b5e57200f10161058700a6b94336868d55fb326de466884d4ffc6fe4928c2e6995d248dcafd3237fd59240f3ab5c704950833bf35cb20965b5254bf2870e6cdbbabf29cdb628fe145d920d7716b44bec07e889d5b22fa095205383a03126e642deedd9927832e88994e890b8843d0126d52c7fbb795ddcd9045cfde5d0be508d5070a6847377111cb5b507862e892b7599b81838fe5959e7e7643bab4fcb617f30567534340127fe44e59e2959d7c0d3cf15fd7a77684790efc3aa68a942ae488419779f69d2ac42e643f6cc88f95fd650a8570e9725a11603e6a9a537632654b2550cb78fbecee43bcb5f01fa969955dafce968e25710b5044e11f7406d8913a4188cf2a0b3e5addb727db7805463b40315b7200c0f6026d16866e22652d791da52ddf1d3787c7ed0f092ba3f19059a6cf50f1828810a16c4f47f4c369d5e451dc8254e11c048b0940fc33670bbce71d7ec36c7ee8e8860f363663425427bea4110e0aebc3244b1a4328afad02ca11eacaa1f8d52fbcf689d92baaa9affa4797061ef78dc2ef76a313459a60384ff2e7081a35b77c8b2538edf6e7cbb677a7b3fc83831ea97984298727b1ef00953ebf74f7ab2a4beb7d9ae61042c9185b44fe461f2cde26640eb0981d9ed73cf1bab5fce6ab769494f0d5fbb26b244f23649584eea9a8d9ac572f053e667209d464c6499fa327cebca288c98faca3bb1d45c26606370c90b1b9361a9f7dcb44cdec5dc4bcc668de58e1814845399cfee3188576ece2d42089cc84b4235a5d2a39bfcbf49419ee25992fc1b2eb4274820e60e9525e9be9289d4cd46c954db1c1f21eab6d0a401ffdf9b15f6961376578a2e745749ed37d94f941f619a1ca96abbdfc1e5738ed515347f94ae04172d870e8646e0e576cf50866b94faee8656070b49050cbc554c2ae594bc9f8d36e0a47060a9ddaa4f698475ed0fe59c467520f7438263b99dfa518b2cc8a62c12ac35d64c32c9d0d1f2f59d385cb23f198859a2bc996c542d7c1bbf4f45380777aaabc45c7c1bf652ee2e7a65f4b25731454b6067c0017077e8f3d772bce72c0f2622921c7692e9ce2e4394da1f0e1ab25491fc85a37213daeae9009c0b570c12911f528552ef43db26392a38646c0b50ec931fb49230ae7d6542f32ea0aef4e76d1908f84e51cc00d15da14ddec77a30aebdd176c10b7e8ecc15b34ee91b68c0a548a522d5f333d344c5e57d6698745da3dacb4e219a0e79f93739767577c88c42fc424daa24b365524d81a3408530ce56369c98f33bfffdaf406aad20897a2accf3555066dd21fa770c739638bc52c3a79c72e2389614622df81cd6d0734bc07bb7ace1849344685a2ca63cc10b2116f2d8e6f4e8dce95e34eeb4f5d5ff7cd9b4880e1c3cfb5bdd099b1329808991ad8b2f9af2ccfdcf51cab6d0cdf4d420d3ecacb5dba79849a252708c2a0b2f524aff3f868e03c60dac72ed0b7e7870124743ea564c7a0564d1bd4139fba58d20f986503afdd52159fb447f8827881f82cd95dec9691cd12b48faf018662f04956c180a6f456ce85bfe7dbd17c9ca67c2346c50923dad216eff57d73146a093033574f2176b0f11bfaa513a43fd81faec0e1d820c539590683bbbf1d3f1c1b7ad7e5ee6884f0ce3764247bbe08dce7f395806871cab2e2915be90392527f3f9ee4546dc253007477133fa46a7999cdedfd92b31caf74982734c4b7d9c2c387a8ff53b27876ec70822197d8eac4aead5224eadf16f2de5de53a8aecb5a49e0c475c2d0cfd11318e9509807ef3fcfb90dc07251fb9044c0674d28e63093e0b3811a95f4e3f0383f61364403edad54c037420e80d58bc947e498009200155830a799aa90e696efb8de32e0fd6c908f23bd04db955aaca709db743829bed57ce9ef50d808f636997a9d49043cc272c54d4b03cb9eba16e5d846a67a42129736d7e52a26d668e635afb0fc49d858733cadaca59454c7777a5a42fce5d38b62a8599d4bc8913d46ae84440dcd8eaf2074a0c69f1a9757eed6a0c8e4479fe8f9cf4538afe815e7fdeda6acb7e1c443780e435cba939debfefb334b1ab5f9dfc40e22012c73a3e67ffc8147fc6c8374f401a400f6d2e17d7531938a6d7466ff21ecd01ba378853a9a5259d5dbf2f919688ad36aef42c6361037e04ae3c7a48b85688c1bc1781ec4ddc8dad4d97b10f3176453ff41965d91d574db83c98070ba2a7e5ff15e44d767ca74963142dcff4705fb47ad814e22af02c3db14ab3c7c10961118c56a8ffb205d7994d92d3eff0a8cca511ac33d74bed1de31b44fab84c8ec8df4af95f2fb15382aabe", @typed={0x8, 0x53, 0x0, 0x0, @u32=0x1}, @typed={0x14, 0x3d, 0x0, 0x0, @ipv6=@loopback}, @generic="c9ba44e31555bb2fac7ec5ae1976aa6637fbf8cf8cd97154f793622b724f69d4bbefcb76204b7b2b437177d1c48a8159b0f159c0fb9059a18a146922f85b5570e1cf2e57be04ddd56091e1f3a05b04a158ce983b86", @typed={0x8, 0x4e, 0x0, 0x0, @str='!-/\x00'}]}, @generic="f946c2c2e315c74c1b0361eeb76277f517ede0e4c1512376be4ecb9d9cc175b5e2114f8ad2f4feed3f47ccde5009c7cfdad470f1cf50553724ffc464685a042f9e9e1984990f6bfcd70621df3b21bbd2bacb31bbbe04f2ed937bc7b9b651de0e1f2137f82eb305b7ba0b82174f7014f68084399222dbcb546be16d876de800f43e685297ca5c1b74094dd54a80c7e3e7df590163b9177c5ceaa2b96a126cf281fec77e02ad8acda18b453e7de0410f0c8b3c9cb406c6", @generic="1b1713bdc7592656709849bee9aa9514e43753eedb55c0b6f74582c3237c546eaf6f6fd2fa15109d8c90742f626e354d6b0775c5ede599ab702579ecc277c586c16ada8506d3b09516c9e1a16c2290bf19991fd8f8c65335168bfa43c74b93f554e121de6a9629a1778adc25a472363df88d339c64d6f57baa499ecbed350d5b6d5fa3316a426ea7214363109c520f6fac526d0a8df861eecd30b00c47451af1036982e3ba26690f3513e91146c5af051568159644ff2ba5d131686f73f3f9d020e59f6f9d29508e878fdb3907dae0", @nested={0xc2, 0x33, 0x0, 0x1, [@typed={0x4, 0x90}, @generic="a71a0ac5caa3d204ea55be41acb98554edb727cf529b7ad563912b9bc35d530743882b7ce6102207ffcd6a956886b858ece57159b9584d5cf4f603a9f28c9feb50a86ac44fc065b82df76bc49bb45af3b2e14ba3dbe134e367e1b1dbfde8de68374a96cee456daf1f910d4af41f59f27b562450de4de996184a31a7989e91f1330a6e49bcddcb5b6edaf3691bf3ac481607c67b18535532ade54", @typed={0x9, 0x15, 0x0, 0x0, @str='vfat\x00'}, @typed={0x14, 0x77, 0x0, 0x0, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}]}, @typed={0xc, 0x47, 0x0, 0x0, @u64=0x8}, @nested={0x19b, 0xb, 0x0, 0x1, [@generic=']ma', @generic="fe36a9376c0324fe785f2b8f3ffee0fd1dc04433e6eab33b92f7d1627caefaaacbb3e7329033f9cc62d80fb7b8374ecca30c1020bad9a68ce6e5dad4095685587ae19cafb9ddd840d6aa06483a7b0474873a53965cc521ab83afce752e619a313f77ca8dda6bf8edb3618141abaa0871970ad8b71db32172b58fd5717d6c7922e5c2f3eb09741a05eb515cf88c26f5080cce9c09674c0fc0fe212eb8", @generic="99d792f6cf499f1759b3690817224a64255d8130a6cfd75111d5abca20ba82be3153197fba8ededf557c7d8382ec090e6d928a013d044ff503dcc82854a71d03e32f7f688fe5790833abd3db116889b4ff74d08b7a8451b6e1cc3f78ad6cfa7c8b035068ad01758d869327f1927abca0a03f30a0eba51425686289fb7e9e", @generic="6a274e3d95d5b7e3eb9f3f177d6db1642dae6d0e9b9f680cb5741fd466bd4cb6e13950104c60aad7f55558ceceda766bf7e97e", @generic="65681b10b2e12874345c5eb5f29fab7ed37e6d7a2fa569b84d12f7b63542bb751213f7782b2413b0945d30d9b7923c72a0d89984e270eb53cf0b4d8186503f10b8a23068376d1a"]}]}, 0x15fc}, 0x1, 0x0, 0x0, 0x4000004}, 0x4) 03:03:36 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0x7ffffff7}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:03:36 executing program 6: syz_mount_image$msdos(0x0, 0x0, 0x1, 0x2, &(0x7f0000000100)=[{&(0x7f0000000000)="a24803234763", 0x6, 0x4}, {&(0x7f0000000040)="5fb074576a165396600dd9bfb09be72dad77b01cdf65af30678551ea30fe52ef2654b4cc2c1314b3303197f00dccabd812b9c59562d1927421f176e06f923eab2fe613ffde887f563378c8f77c2a0ddaeef22d58802cc48072ce2a07ed827d2b31a413814ae914fa66b6e844e697e2b2cf8477c5ab73d511732b439ce64537db9856813081b7b0810206bfeb0ed3fc057aba93541a0dfdefdb5d43808eeb38a5e956e93888d902220af38dee3e40f9072589d89ce6fa7498c9", 0xff3c, 0x7f}], 0x0, 0x0) 03:03:36 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021204cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:03:36 executing program 5: r0 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r0, 0x400, 0x1) r1 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r1, 0x400, 0x1) fcntl$setown(r1, 0x8, 0xffffffffffffffff) close(r1) pwrite64(r1, &(0x7f0000000240)="a7a01eb7d6902364b3f916240fda460e3d961b6a34ef069b0d7a8a27656b0b754719a56a8ee20cc71129995119769fcd0792e60abd598a9ee20621cc7fae495c062faf972ed4b6f00782fdfbfd7d44ccd1e072a47b0dfb7959c9ab50c9ea7584deef5ba787573e96eed60c2917f9b2e63282b7ed66be19f2b97f2aa98a67d4292efdab40b53cf8bd1d88945551c417f285782f41a943f2d5b852a0c9a85ead14f5ce736dbf1f73f38c3cb0da6e1cbc2847eb56505b95bc85136ad500c8b7d410", 0xc0, 0x3e) fcntl$setown(r0, 0x8, 0xffffffffffffffff) close(r0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000340)=""/222, 0xde}, {&(0x7f0000000080)=""/147, 0x93}, {&(0x7f0000000140)=""/146, 0x92}], 0x3, 0x0, 0x0) [ 2341.983892] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2341.983892] program syz-executor.3 not setting count and/or reply_len properly [ 2342.003544] FAULT_INJECTION: forcing a failure. [ 2342.003544] name failslab, interval 1, probability 0, space 0, times 0 [ 2342.004606] CPU: 1 PID: 12079 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2342.005278] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2342.006061] Call Trace: [ 2342.006349] dump_stack+0x107/0x167 [ 2342.006747] should_fail.cold+0x5/0xa [ 2342.007075] ? lock_release+0x680/0x680 [ 2342.007488] ? skb_clone+0x14f/0x3d0 [ 2342.007859] should_failslab+0x5/0x20 [ 2342.008232] kmem_cache_alloc+0x5b/0x310 [ 2342.008583] skb_clone+0x14f/0x3d0 [ 2342.008938] dev_queue_xmit_nit+0x3a7/0xb00 [ 2342.009379] ? ipv6_mc_check_mld+0x1110/0x1110 [ 2342.009826] dev_hard_start_xmit+0xab/0x6f0 [ 2342.010257] __dev_queue_xmit+0x17ec/0x2710 [ 2342.010703] ? find_held_lock+0x2c/0x110 [ 2342.011056] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2342.011516] ? lock_downgrade+0x6d0/0x6d0 [ 2342.011921] ? lock_acquire+0x197/0x470 [ 2342.012308] ? find_held_lock+0x2c/0x110 [ 2342.012708] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2342.013209] ip_finish_output2+0x1514/0x21f0 [ 2342.013657] ? ip_frag_next+0x9e0/0x9e0 [ 2342.014008] ? nf_hook+0x160/0x510 [ 2342.014369] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2342.014879] __ip_finish_output.part.0+0x5f3/0xb50 [ 2342.015388] ? ip_fragment.constprop.0+0x240/0x240 [ 2342.015853] ? nf_hook+0x510/0x510 [ 2342.016217] ip_output+0x2f7/0x600 [ 2342.016526] ip_local_out+0xb4/0x1a0 [ 2342.016906] iptunnel_xmit+0x591/0x8b0 [ 2342.017307] ip_tunnel_xmit+0x1248/0x2f40 [ 2342.017737] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2342.018236] ? ip_md_tunnel_xmit+0x1840/0x1840 [ 2342.018709] ? slab_free_freelist_hook+0xa9/0x180 [ 2342.019203] sit_tunnel_xmit+0xef0/0x2960 [ 2342.019565] ? find_held_lock+0x2c/0x110 [ 2342.019962] ? ipip_rcv+0x4f0/0x4f0 [ 2342.020328] ? dev_queue_xmit_nit+0x7f5/0xb00 [ 2342.020763] ? lock_downgrade+0x6d0/0x6d0 [ 2342.023839] ? tpacket_rcv+0x3960/0x3960 [ 2342.024247] ? dev_queue_xmit_nit+0x80b/0xb00 [ 2342.024686] dev_hard_start_xmit+0x1cb/0x6f0 [ 2342.025074] __dev_queue_xmit+0x17ec/0x2710 [ 2342.025533] ? find_held_lock+0x2c/0x110 [ 2342.025933] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2342.026376] ? lock_downgrade+0x6d0/0x6d0 [ 2342.026780] ? lock_acquire+0x197/0x470 [ 2342.027210] ? ip_finish_output2+0x220/0x21f0 [ 2342.027600] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2342.028162] neigh_connected_output+0x382/0x4d0 [ 2342.028576] ip_finish_output2+0x6f1/0x21f0 [ 2342.029002] ? nf_hook_slow+0xfc/0x1e0 [ 2342.029394] ? ip_frag_next+0x9e0/0x9e0 [ 2342.029792] ? nf_hook+0x160/0x510 [ 2342.030099] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2342.030580] __ip_finish_output.part.0+0x5f3/0xb50 [ 2342.031049] ? ip_fragment.constprop.0+0x240/0x240 [ 2342.031533] ? nf_hook+0x510/0x510 [ 2342.031922] ip_output+0x2f7/0x600 [ 2342.032282] ip_send_skb+0xdd/0x260 [ 2342.032599] udp_send_skb+0x6da/0x11d0 [ 2342.032999] udp_sendmsg+0x197f/0x2160 [ 2342.033402] ? ip_frag_init+0x350/0x350 [ 2342.033802] ? udp_setsockopt+0xc0/0xc0 [ 2342.034202] ? __lock_acquire+0xbb1/0x5b00 [ 2342.034581] ? handle_mm_fault+0x1a0b/0x3500 [ 2342.035003] ? lock_downgrade+0x6d0/0x6d0 [ 2342.035431] ? do_raw_spin_lock+0x121/0x260 [ 2342.035879] ? rwlock_bug.part.0+0x90/0x90 [ 2342.036320] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2342.036830] udpv6_sendmsg+0x1b30/0x2ad0 [ 2342.037240] ? udp_v6_push_pending_frames+0x360/0x360 [ 2342.037744] ? _down_write_nest_lock+0x160/0x160 [ 2342.038199] ? vmacache_update+0xce/0x140 [ 2342.038561] ? do_user_addr_fault+0x5b0/0xc60 [ 2342.039001] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2342.039521] ? exc_page_fault+0xca/0x1a0 [ 2342.039939] ? trace_hardirqs_on+0x5b/0x180 [ 2342.040355] ? exc_page_fault+0xca/0x1a0 [ 2342.040792] ? asm_exc_page_fault+0x1e/0x30 [ 2342.041210] ? sock_has_perm+0x1ea/0x280 [ 2342.041568] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2342.042307] ? copy_user_generic_string+0x2c/0x40 [ 2342.042781] ? __import_iovec+0x458/0x590 [ 2342.043211] ? udp_v6_push_pending_frames+0x360/0x360 [ 2342.043740] inet6_sendmsg+0x105/0x140 [ 2342.044071] ? inet6_compat_ioctl+0x320/0x320 [ 2342.044502] __sock_sendmsg+0xf2/0x190 [ 2342.044922] ____sys_sendmsg+0x334/0x870 [ 2342.045329] ? sock_write_iter+0x3d0/0x3d0 [ 2342.045743] ? do_recvmmsg+0x6d0/0x6d0 [ 2342.046080] ? SOFTIRQ_verbose+0x10/0x10 [ 2342.046474] ? mark_lock+0xf5/0x2df0 [ 2342.046849] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2342.047376] ___sys_sendmsg+0xf3/0x170 [ 2342.047761] ? sendmsg_copy_msghdr+0x160/0x160 [ 2342.048208] ? __fget_files+0x2cf/0x520 [ 2342.048547] ? lock_downgrade+0x6d0/0x6d0 [ 2342.048983] ? lock_downgrade+0x6d0/0x6d0 [ 2342.049406] ? __fget_files+0x2f8/0x520 [ 2342.049806] ? __fget_light+0xea/0x290 [ 2342.050197] __sys_sendmmsg+0x195/0x470 [ 2342.050544] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2342.050959] ? lock_downgrade+0x6d0/0x6d0 [ 2342.051404] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2342.051873] ? wait_for_completion_io+0x270/0x270 [ 2342.052336] ? rcu_read_lock_any_held+0x75/0xa0 [ 2342.052812] ? vfs_write+0x354/0xb10 [ 2342.053185] ? fput_many+0x2f/0x1a0 [ 2342.053520] ? ksys_write+0x1a9/0x260 [ 2342.053908] ? __ia32_sys_read+0xb0/0xb0 [ 2342.054314] __x64_sys_sendmmsg+0x99/0x100 [ 2342.054725] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2342.055235] do_syscall_64+0x33/0x40 [ 2342.055552] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2342.056036] RIP: 0033:0x7f0fecadbb19 [ 2342.056402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2342.058185] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2342.058876] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2342.059550] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2342.060244] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2342.060920] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2342.061582] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 [ 2342.063549] FAULT_INJECTION: forcing a failure. [ 2342.063549] name failslab, interval 1, probability 0, space 0, times 0 [ 2342.064884] CPU: 0 PID: 12077 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2342.065569] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2342.066333] Call Trace: [ 2342.066586] dump_stack+0x107/0x167 [ 2342.066929] should_fail.cold+0x5/0xa [ 2342.067288] ? create_object.isra.0+0x3a/0xa20 [ 2342.067719] should_failslab+0x5/0x20 [ 2342.068083] kmem_cache_alloc+0x5b/0x310 [ 2342.068473] create_object.isra.0+0x3a/0xa20 [ 2342.068895] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2342.069393] kmem_cache_alloc_node+0x169/0x330 [ 2342.069825] __alloc_skb+0x6d/0x5b0 [ 2342.070175] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2342.070651] ? ip6_mtu+0x1bb/0x3d0 [ 2342.070988] ? ip_frag_init+0x350/0x350 [ 2342.071364] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2342.071798] ? ip6_mtu+0x1e9/0x3d0 [ 2342.072130] ? ip6_setup_cork+0xfb7/0x1740 [ 2342.072522] ip6_make_skb+0x2de/0x4e0 [ 2342.072877] ? ip_frag_init+0x350/0x350 [ 2342.073248] ? ip_frag_init+0x350/0x350 [ 2342.073633] ? ip6_push_pending_frames+0xf0/0xf0 [ 2342.074083] ? ip6_dst_hoplimit+0x199/0x440 [ 2342.074484] ? lock_downgrade+0x6d0/0x6d0 [ 2342.074881] udpv6_sendmsg+0x20d3/0x2ad0 [ 2342.075263] ? ip_frag_init+0x350/0x350 [ 2342.075640] ? udp_v6_push_pending_frames+0x360/0x360 [ 2342.076118] ? SOFTIRQ_verbose+0x10/0x10 [ 2342.076506] ? lock_acquire+0x197/0x470 [ 2342.076880] ? find_held_lock+0x2c/0x110 [ 2342.077262] ? __might_fault+0xd3/0x180 [ 2342.077652] ? sock_has_perm+0x1ea/0x280 [ 2342.078047] ? __import_iovec+0x458/0x590 [ 2342.078432] ? udp_v6_push_pending_frames+0x360/0x360 [ 2342.078916] inet6_sendmsg+0x105/0x140 [ 2342.079279] ? inet6_compat_ioctl+0x320/0x320 [ 2342.079697] __sock_sendmsg+0xf2/0x190 [ 2342.080058] ____sys_sendmsg+0x334/0x870 [ 2342.080438] ? sock_write_iter+0x3d0/0x3d0 [ 2342.080829] ? do_recvmmsg+0x6d0/0x6d0 [ 2342.081192] ? SOFTIRQ_verbose+0x10/0x10 [ 2342.081586] ? mark_lock+0xf5/0x2df0 [ 2342.081938] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2342.082423] ___sys_sendmsg+0xf3/0x170 [ 2342.082787] ? sendmsg_copy_msghdr+0x160/0x160 [ 2342.083213] ? __fget_files+0x2cf/0x520 [ 2342.083583] ? lock_downgrade+0x6d0/0x6d0 [ 2342.083977] ? lock_downgrade+0x6d0/0x6d0 [ 2342.084365] ? __fget_files+0x2f8/0x520 [ 2342.084741] ? __fget_light+0xea/0x290 [ 2342.085113] __sys_sendmmsg+0x195/0x470 [ 2342.085496] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2342.085899] ? lock_downgrade+0x6d0/0x6d0 [ 2342.086299] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2342.086750] ? wait_for_completion_io+0x270/0x270 [ 2342.087201] ? rcu_read_lock_any_held+0x75/0xa0 [ 2342.087633] ? vfs_write+0x354/0xb10 [ 2342.087981] ? fput_many+0x2f/0x1a0 [ 2342.088322] ? ksys_write+0x1a9/0x260 [ 2342.088678] ? __ia32_sys_read+0xb0/0xb0 [ 2342.089060] __x64_sys_sendmmsg+0x99/0x100 [ 2342.089468] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2342.089944] do_syscall_64+0x33/0x40 [ 2342.090288] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2342.090761] RIP: 0033:0x7f9ff3490b19 [ 2342.091107] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2342.092786] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2342.093497] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2342.094151] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2342.094807] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2342.095465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2342.096117] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 03:03:36 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe024000300212075da3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:03:36 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) ftruncate(r0, 0x4) r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x13, r0, 0x0) r2 = syz_io_uring_setup(0x4, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x3}, 0x4000, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r4, &(0x7f0000000180)=@IORING_OP_SEND={0x1a, 0x2, 0x0, r0, 0x0, &(0x7f0000000280), 0x0, 0x8080, 0x1}, 0x0) fsetxattr$security_capability(r0, &(0x7f0000000200), &(0x7f00000002c0)=@v2={0x2000000, [{0x1ff, 0x6}, {0x1, 0xa91}]}, 0x14, 0x1) r5 = syz_io_uring_complete(r3) clock_gettime(0x4cb2bebf400ec18d, &(0x7f0000000400)) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r6 = socket$inet6(0xa, 0x3, 0x2) setsockopt$inet6_int(r6, 0x29, 0x7, &(0x7f0000000880), 0x4) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x3, 0x0, r6, 0x0, &(0x7f0000000440)="8ee2309c47995455ec7dced68eb160c46014b839663252e10fdc61f5e2e2fd88054934d706470c49e1ecb5911b279caf9597c38f7138e265a9c0895eb5c08249a2c2fffbb7cf7c5a067a39e016d7a7be11e2a0359da88dd80144d1175f50989065d52c715c0fec711859e0ef0d7a51407b3c7d181c7a613c92ee0fb23ccfcc9ad88560cba56f1d1efc1e673619d9a31f9815bd4010524cce05589faff0ede4bcae4f0a79b2c7bf7721c3abcb4c37089fe8606a8293f7106711070be0505b1fa4c390dd60589e10d91df26fd0e49770", 0xcf, 0x2001, 0x0, {0x0, r7}}, 0x2) io_uring_enter(r2, 0x7ae7, 0xc5bc, 0x0, &(0x7f0000000280)={[0x7f]}, 0x8) getdents(r5, &(0x7f00000001c0)=""/52, 0x34) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000a, 0x80010, r0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r8, 0xffffffffffff56c0, 0x0, 0x1f}, 0x2) creat(&(0x7f0000000100)='./file0\x00', 0x32) 03:03:36 executing program 5: pwrite64(0xffffffffffffffff, &(0x7f00000000c0)="04", 0x1, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, 0xffffffffffffffff, 0x80, &(0x7f0000000180)=@sco={0x1f, @none}}, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) r4 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) r5 = fcntl$dupfd(r0, 0x406, r1) sendmsg$NL80211_CMD_DEL_PMKSA(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000080)={&(0x7f0000000400)={0x58, r2, 0x2, 0x70bd2d, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_PMKID={0x14, 0x55, "fbf5db7c151570a9d4f4aeac2cb14a15"}, @NL80211_ATTR_PMK_REAUTH_THRESHOLD={0x5, 0x120, 0x60}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_PMK={0x14, 0xfe, "75461ea7d4abdcb377e3d723fc711f10"}, @NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0x101}]}, 0x58}, 0x1, 0x0, 0x0, 0x40000}, 0x20040020) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0xfc, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180", @nested={0xd0, 0x6b, 0x0, 0x1, [@typed={0x8, 0x64, 0x0, 0x0, @u32=0x20}, @generic="140b7d59ed6110cc169977326f740fe26a493e472e6853077f4f360b654770310dbeb3db468dd46c5cfaa0f2826310f77b703e78932b683853dfb0ee797816fd56897b7a751d40fdc6e51e902d11b782f527ee632e0e896ddc5510fcdacd8213043b95bf0d46ff98bd26fa1025f044b4fbebab57924b4c265c2b1fd1efeb5598777c77b1dc9458fc45f921c196d40bfc00b58f3bb8", @generic="5cdd2df7ad2516c501f14bc874d91dff837b48df934e01cc42f8d981e5d25082b3c4459499914fead6112d8dc6824a"]}, @generic="a24768b5ecd6c28942d2d09eddcddf3bc771"]}, 0xfc}}, 0x0) sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f00000005c0)=ANY=[@ANYRESDEC=r2, @ANYRES16=r0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r3, @ANYBLOB="0c009900060000001b0000000c009900b7080000790000000c002380050005000a0000001c002380060010000300000008001500fb00000005001100"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r4, 0xc0189372, &(0x7f0000000380)={{0x1, 0x1, 0x18, r0, {0x2}}, './file0\x00'}) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f0000000680)='nl80211\x00') dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000) sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0) 03:03:36 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xfffffdef}], 0x1}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:03:36 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') r1 = creat(&(0x7f0000000140)='./file0\x00', 0x0) r2 = openat$sr(0xffffffffffffff9c, 0x0, 0xe8b02, 0x0) r3 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0xffffffff, 0x0, 0xfffffffe, 0x0, 0x0, r2}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000040)=0x0) r6 = socket$inet_tcp(0x2, 0x1, 0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x3}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r3, 0x0) r7 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r3, 0x8000000) syz_io_uring_submit(r7, r5, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) getsockopt$inet_tcp_int(r1, 0x6, 0x18, &(0x7f0000000100), &(0x7f0000000240)=0x4) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_FALLOCATE={0x11, 0x1, 0x0, @fd_index=0x7, 0x0, 0x0, 0xfc, 0x0, 0x0, {0x0, r8}}, 0x3) 03:03:36 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 97) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:03:36 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 22) 03:03:37 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(r0, &(0x7f0000000000)='./file0\x00', 0x50d002, 0x42) r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) [ 2342.674463] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2342.674463] program syz-executor.3 not setting count and/or reply_len properly 03:03:37 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe0240003002120b6da3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:03:37 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x2}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) [ 2342.830733] FAULT_INJECTION: forcing a failure. [ 2342.830733] name failslab, interval 1, probability 0, space 0, times 0 [ 2342.831724] CPU: 1 PID: 12109 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2342.832310] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2342.833012] Call Trace: [ 2342.833250] dump_stack+0x107/0x167 [ 2342.833583] should_fail.cold+0x5/0xa [ 2342.833919] ? skb_clone+0x14f/0x3d0 [ 2342.834251] should_failslab+0x5/0x20 [ 2342.834583] kmem_cache_alloc+0x5b/0x310 [ 2342.834941] skb_clone+0x14f/0x3d0 [ 2342.835253] __skb_tstamp_tx+0x422/0x8d0 [ 2342.835606] ? dev_queue_xmit_nit+0x80b/0xb00 [ 2342.835997] loopback_xmit+0x299/0x5e0 [ 2342.836340] dev_hard_start_xmit+0x1cb/0x6f0 [ 2342.836727] __dev_queue_xmit+0x17ec/0x2710 [ 2342.837107] ? find_held_lock+0x2c/0x110 [ 2342.837478] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2342.837876] ? lock_downgrade+0x6d0/0x6d0 [ 2342.838234] ? lock_acquire+0x197/0x470 [ 2342.838575] ? find_held_lock+0x2c/0x110 [ 2342.838931] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2342.839385] ip_finish_output2+0x1514/0x21f0 [ 2342.839770] ? ip_frag_next+0x9e0/0x9e0 [ 2342.840113] ? nf_hook+0x160/0x510 [ 2342.840421] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2342.840861] __ip_finish_output.part.0+0x5f3/0xb50 [ 2342.841284] ? ip_fragment.constprop.0+0x240/0x240 [ 2342.857765] ? nf_hook+0x510/0x510 [ 2342.858105] ip_output+0x2f7/0x600 [ 2342.858441] ip_local_out+0xb4/0x1a0 [ 2342.858786] iptunnel_xmit+0x591/0x8b0 [ 2342.859157] ip_tunnel_xmit+0x1248/0x2f40 [ 2342.859554] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2342.860028] ? ip_md_tunnel_xmit+0x1840/0x1840 [ 2342.860459] ? slab_free_freelist_hook+0xa9/0x180 [ 2342.860908] sit_tunnel_xmit+0xef0/0x2960 [ 2342.861293] ? find_held_lock+0x2c/0x110 [ 2342.861679] ? ipip_rcv+0x4f0/0x4f0 [ 2342.862014] ? dev_queue_xmit_nit+0x7f5/0xb00 [ 2342.862428] ? lock_downgrade+0x6d0/0x6d0 [ 2342.862805] ? dev_queue_xmit_nit+0x80b/0xb00 [ 2342.863226] dev_hard_start_xmit+0x1cb/0x6f0 [ 2342.863636] __dev_queue_xmit+0x17ec/0x2710 [ 2342.864035] ? find_held_lock+0x2c/0x110 [ 2342.864406] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2342.864820] ? lock_downgrade+0x6d0/0x6d0 [ 2342.865196] ? lock_acquire+0x197/0x470 [ 2342.865573] ? ip_finish_output2+0x220/0x21f0 [ 2342.865984] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2342.866464] neigh_connected_output+0x382/0x4d0 [ 2342.866898] ip_finish_output2+0x6f1/0x21f0 [ 2342.867292] ? nf_hook_slow+0xfc/0x1e0 [ 2342.867645] ? ip_frag_next+0x9e0/0x9e0 [ 2342.868005] ? nf_hook+0x160/0x510 [ 2342.868331] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2342.868791] __ip_finish_output.part.0+0x5f3/0xb50 [ 2342.869236] ? ip_fragment.constprop.0+0x240/0x240 [ 2342.869694] ? nf_hook+0x510/0x510 [ 2342.870031] ip_output+0x2f7/0x600 [ 2342.870361] ip_send_skb+0xdd/0x260 [ 2342.870697] udp_send_skb+0x6da/0x11d0 [ 2342.871062] udp_sendmsg+0x197f/0x2160 [ 2342.871420] ? ip_frag_init+0x350/0x350 [ 2342.871791] ? udp_setsockopt+0xc0/0xc0 [ 2342.872163] ? __lock_acquire+0xbb1/0x5b00 [ 2342.872578] ? handle_mm_fault+0x1a0b/0x3500 [ 2342.872975] ? lock_downgrade+0x6d0/0x6d0 [ 2342.873368] ? do_raw_spin_lock+0x121/0x260 [ 2342.873758] ? rwlock_bug.part.0+0x90/0x90 [ 2342.874143] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2342.874626] udpv6_sendmsg+0x1b30/0x2ad0 [ 2342.875012] ? udp_v6_push_pending_frames+0x360/0x360 [ 2342.875482] ? _down_write_nest_lock+0x160/0x160 [ 2342.875911] ? vmacache_update+0xce/0x140 [ 2342.876296] ? do_user_addr_fault+0x5b0/0xc60 [ 2342.876705] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2342.877175] ? exc_page_fault+0xca/0x1a0 [ 2342.877551] ? trace_hardirqs_on+0x5b/0x180 [ 2342.877940] ? exc_page_fault+0xca/0x1a0 [ 2342.878311] ? asm_exc_page_fault+0x1e/0x30 [ 2342.878703] ? sock_has_perm+0x1ea/0x280 [ 2342.879070] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2342.879540] ? copy_user_generic_string+0x2c/0x40 [ 2342.879986] ? __import_iovec+0x458/0x590 [ 2342.880361] ? udp_v6_push_pending_frames+0x360/0x360 [ 2342.880829] inet6_sendmsg+0x105/0x140 [ 2342.881186] ? inet6_compat_ioctl+0x320/0x320 [ 2342.881612] __sock_sendmsg+0xf2/0x190 [ 2342.881967] ____sys_sendmsg+0x334/0x870 [ 2342.882339] ? sock_write_iter+0x3d0/0x3d0 [ 2342.882719] ? do_recvmmsg+0x6d0/0x6d0 [ 2342.883076] ? SOFTIRQ_verbose+0x10/0x10 [ 2342.883441] ? mark_lock+0xf5/0x2df0 [ 2342.883786] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2342.884263] ___sys_sendmsg+0xf3/0x170 [ 2342.884625] ? sendmsg_copy_msghdr+0x160/0x160 [ 2342.885042] ? __fget_files+0x2cf/0x520 [ 2342.885420] ? lock_downgrade+0x6d0/0x6d0 [ 2342.885802] ? lock_downgrade+0x6d0/0x6d0 [ 2342.886187] ? __fget_files+0x2f8/0x520 [ 2342.886557] ? __fget_light+0xea/0x290 [ 2342.886919] __sys_sendmmsg+0x195/0x470 [ 2342.887289] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2342.887681] ? lock_downgrade+0x6d0/0x6d0 [ 2342.888075] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2342.888520] ? wait_for_completion_io+0x270/0x270 [ 2342.888957] ? rcu_read_lock_any_held+0x75/0xa0 [ 2342.893411] ? vfs_write+0x354/0xb10 [ 2342.893754] ? fput_many+0x2f/0x1a0 [ 2342.894090] ? ksys_write+0x1a9/0x260 [ 2342.894443] ? __ia32_sys_read+0xb0/0xb0 [ 2342.894821] __x64_sys_sendmmsg+0x99/0x100 [ 2342.895206] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2342.895670] do_syscall_64+0x33/0x40 [ 2342.896009] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2342.896472] RIP: 0033:0x7f0fecadbb19 [ 2342.896813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2342.898436] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2342.899113] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2342.899744] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2342.900374] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2342.901004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2342.901648] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 [ 2342.917536] FAULT_INJECTION: forcing a failure. [ 2342.917536] name failslab, interval 1, probability 0, space 0, times 0 [ 2342.919035] CPU: 1 PID: 12112 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2342.919655] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2342.920385] Call Trace: [ 2342.920631] dump_stack+0x107/0x167 [ 2342.920963] should_fail.cold+0x5/0xa [ 2342.921329] should_failslab+0x5/0x20 [ 2342.921682] __kmalloc_node_track_caller+0x74/0x3b0 [ 2342.922132] ? __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2342.922607] __alloc_skb+0xb1/0x5b0 [ 2342.922945] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2342.923404] ? ip6_mtu+0x1bb/0x3d0 [ 2342.923729] ? ip_frag_init+0x350/0x350 [ 2342.924101] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2342.924530] ? ip6_mtu+0x1e9/0x3d0 [ 2342.924856] ? ip6_setup_cork+0xfb7/0x1740 [ 2342.925242] ip6_make_skb+0x2de/0x4e0 [ 2342.925603] ? ip_frag_init+0x350/0x350 [ 2342.925969] ? ip_frag_init+0x350/0x350 [ 2342.926338] ? ip6_push_pending_frames+0xf0/0xf0 [ 2342.926770] ? ip6_dst_hoplimit+0x199/0x440 [ 2342.927162] ? lock_downgrade+0x6d0/0x6d0 [ 2342.927553] udpv6_sendmsg+0x20d3/0x2ad0 [ 2342.927927] ? ip_frag_init+0x350/0x350 [ 2342.928298] ? udp_v6_push_pending_frames+0x360/0x360 [ 2342.928768] ? SOFTIRQ_verbose+0x10/0x10 [ 2342.929147] ? lock_acquire+0x197/0x470 [ 2342.929518] ? find_held_lock+0x2c/0x110 [ 2342.929890] ? __might_fault+0xd3/0x180 [ 2342.930262] ? sock_has_perm+0x1ea/0x280 [ 2342.930653] ? __import_iovec+0x458/0x590 [ 2342.931027] ? udp_v6_push_pending_frames+0x360/0x360 [ 2342.931492] inet6_sendmsg+0x105/0x140 [ 2342.931845] ? inet6_compat_ioctl+0x320/0x320 [ 2342.932249] __sock_sendmsg+0xf2/0x190 [ 2342.932609] ____sys_sendmsg+0x334/0x870 [ 2342.932980] ? sock_write_iter+0x3d0/0x3d0 [ 2342.933375] ? do_recvmmsg+0x6d0/0x6d0 [ 2342.933739] ? SOFTIRQ_verbose+0x10/0x10 [ 2342.934104] ? mark_lock+0xf5/0x2df0 [ 2342.934447] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2342.934924] ___sys_sendmsg+0xf3/0x170 [ 2342.935283] ? sendmsg_copy_msghdr+0x160/0x160 [ 2342.935706] ? __fget_files+0x2cf/0x520 [ 2342.936067] ? lock_downgrade+0x6d0/0x6d0 [ 2342.936454] ? lock_downgrade+0x6d0/0x6d0 [ 2342.936837] ? __fget_files+0x2f8/0x520 [ 2342.937207] ? __fget_light+0xea/0x290 [ 2342.937579] __sys_sendmmsg+0x195/0x470 [ 2342.937947] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2342.938339] ? lock_downgrade+0x6d0/0x6d0 [ 2342.938733] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2342.939173] ? wait_for_completion_io+0x270/0x270 [ 2342.939609] ? rcu_read_lock_any_held+0x75/0xa0 [ 2342.940026] ? vfs_write+0x354/0xb10 [ 2342.940367] ? fput_many+0x2f/0x1a0 [ 2342.940700] ? ksys_write+0x1a9/0x260 [ 2342.941045] ? __ia32_sys_read+0xb0/0xb0 [ 2342.941446] __x64_sys_sendmmsg+0x99/0x100 [ 2342.941832] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2342.942298] do_syscall_64+0x33/0x40 [ 2342.942636] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2342.943106] RIP: 0033:0x7f9ff3490b19 [ 2342.943446] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2342.945062] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2342.945756] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2342.946390] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2342.947024] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2342.947656] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2342.948290] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 [ 2343.081017] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2343.081017] program syz-executor.3 not setting count and/or reply_len properly 03:03:52 executing program 6: pwrite64(0xffffffffffffffff, &(0x7f00000000c0)="04", 0x1, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, 0xffffffffffffffff, 0x80, &(0x7f0000000180)=@sco={0x1f, @none}}, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) r4 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) r5 = fcntl$dupfd(r0, 0x406, r1) sendmsg$NL80211_CMD_DEL_PMKSA(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000080)={&(0x7f0000000400)={0x58, r2, 0x2, 0x70bd2d, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_PMKID={0x14, 0x55, "fbf5db7c151570a9d4f4aeac2cb14a15"}, @NL80211_ATTR_PMK_REAUTH_THRESHOLD={0x5, 0x120, 0x60}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_PMK={0x14, 0xfe, "75461ea7d4abdcb377e3d723fc711f10"}, @NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0x101}]}, 0x58}, 0x1, 0x0, 0x0, 0x40000}, 0x20040020) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0xfc, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180", @nested={0xd0, 0x6b, 0x0, 0x1, [@typed={0x8, 0x64, 0x0, 0x0, @u32=0x20}, @generic="140b7d59ed6110cc169977326f740fe26a493e472e6853077f4f360b654770310dbeb3db468dd46c5cfaa0f2826310f77b703e78932b683853dfb0ee797816fd56897b7a751d40fdc6e51e902d11b782f527ee632e0e896ddc5510fcdacd8213043b95bf0d46ff98bd26fa1025f044b4fbebab57924b4c265c2b1fd1efeb5598777c77b1dc9458fc45f921c196d40bfc00b58f3bb8", @generic="5cdd2df7ad2516c501f14bc874d91dff837b48df934e01cc42f8d981e5d25082b3c4459499914fead6112d8dc6824a"]}, @generic="a24768b5ecd6c28942d2d09eddcddf3bc771"]}, 0xfc}}, 0x0) sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f00000005c0)=ANY=[@ANYRESDEC=r2, @ANYRES16=r0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r3, @ANYBLOB="0c009900060000001b0000000c009900b7080000790000000c002380050005000a0000001c002380060010000300000008001500fb00000005001100"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r4, 0xc0189372, &(0x7f0000000380)={{0x1, 0x1, 0x18, r0, {0x2}}, './file0\x00'}) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f0000000680)='nl80211\x00') dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000) sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0) 03:03:52 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x10000000}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000000040), 0x8, 0x100) fcntl$F_GET_RW_HINT(r1, 0x40b, &(0x7f0000000100)) ioctl$MON_IOCT_RING_SIZE(r1, 0x9204, 0x11e9ac) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) ioctl$MON_IOCT_RING_SIZE(r1, 0x9204, 0x46dd4) 03:03:52 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x3}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:03:52 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda0a5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:03:52 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 98) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:03:52 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x89a340, 0x140) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) 03:03:52 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 23) 03:03:52 executing program 5: pwrite64(0xffffffffffffffff, &(0x7f00000000c0)="04", 0x1, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, 0xffffffffffffffff, 0x80, &(0x7f0000000180)=@sco={0x1f, @none}}, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) r4 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) r5 = fcntl$dupfd(r0, 0x406, r1) sendmsg$NL80211_CMD_DEL_PMKSA(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000080)={&(0x7f0000000400)={0x58, r2, 0x2, 0x70bd2d, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_PMKID={0x14, 0x55, "fbf5db7c151570a9d4f4aeac2cb14a15"}, @NL80211_ATTR_PMK_REAUTH_THRESHOLD={0x5, 0x120, 0x60}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_PMK={0x14, 0xfe, "75461ea7d4abdcb377e3d723fc711f10"}, @NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0x101}]}, 0x58}, 0x1, 0x0, 0x0, 0x40000}, 0x20040020) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0xfc, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180", @nested={0xd0, 0x6b, 0x0, 0x1, [@typed={0x8, 0x64, 0x0, 0x0, @u32=0x20}, @generic="140b7d59ed6110cc169977326f740fe26a493e472e6853077f4f360b654770310dbeb3db468dd46c5cfaa0f2826310f77b703e78932b683853dfb0ee797816fd56897b7a751d40fdc6e51e902d11b782f527ee632e0e896ddc5510fcdacd8213043b95bf0d46ff98bd26fa1025f044b4fbebab57924b4c265c2b1fd1efeb5598777c77b1dc9458fc45f921c196d40bfc00b58f3bb8", @generic="5cdd2df7ad2516c501f14bc874d91dff837b48df934e01cc42f8d981e5d25082b3c4459499914fead6112d8dc6824a"]}, @generic="a24768b5ecd6c28942d2d09eddcddf3bc771"]}, 0xfc}}, 0x0) sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f00000005c0)=ANY=[@ANYRESDEC=r2, @ANYRES16=r0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r3, @ANYBLOB="0c009900060000001b0000000c009900b7080000790000000c002380050005000a0000001c002380060010000300000008001500fb00000005001100"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r4, 0xc0189372, &(0x7f0000000380)={{0x1, 0x1, 0x18, r0, {0x2}}, './file0\x00'}) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f0000000680)='nl80211\x00') dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000) sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0) [ 2357.836391] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2357.836391] program syz-executor.3 not setting count and/or reply_len properly [ 2357.879756] FAULT_INJECTION: forcing a failure. [ 2357.879756] name failslab, interval 1, probability 0, space 0, times 0 [ 2357.880848] CPU: 1 PID: 12143 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2357.885669] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2357.886463] Call Trace: [ 2357.886719] dump_stack+0x107/0x167 [ 2357.887063] should_fail.cold+0x5/0xa [ 2357.887466] ? create_object.isra.0+0x3a/0xa20 [ 2357.887882] should_failslab+0x5/0x20 [ 2357.888287] kmem_cache_alloc+0x5b/0x310 [ 2357.888676] create_object.isra.0+0x3a/0xa20 [ 2357.889074] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2357.889635] kmem_cache_alloc+0x159/0x310 [ 2357.890025] skb_clone+0x14f/0x3d0 [ 2357.890415] __skb_tstamp_tx+0x422/0x8d0 [ 2357.890812] ? dev_queue_xmit_nit+0x80b/0xb00 [ 2357.891245] loopback_xmit+0x299/0x5e0 [ 2357.891580] dev_hard_start_xmit+0x1cb/0x6f0 [ 2357.891958] __dev_queue_xmit+0x17ec/0x2710 [ 2357.892378] ? find_held_lock+0x2c/0x110 [ 2357.892723] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2357.893178] ? lock_downgrade+0x6d0/0x6d0 [ 2357.893556] ? lock_acquire+0x197/0x470 [ 2357.893896] ? find_held_lock+0x2c/0x110 [ 2357.894292] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2357.894740] ip_finish_output2+0x1514/0x21f0 [ 2357.895160] ? ip_frag_next+0x9e0/0x9e0 [ 2357.895504] ? nf_hook+0x160/0x510 [ 2357.895809] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2357.896286] __ip_finish_output.part.0+0x5f3/0xb50 [ 2357.896709] ? ip_fragment.constprop.0+0x240/0x240 [ 2357.897192] ? nf_hook+0x510/0x510 [ 2357.897541] ip_output+0x2f7/0x600 [ 2357.897852] ip_local_out+0xb4/0x1a0 [ 2357.898222] iptunnel_xmit+0x591/0x8b0 [ 2357.898562] ip_tunnel_xmit+0x1248/0x2f40 [ 2357.898926] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2357.899413] ? ip_md_tunnel_xmit+0x1840/0x1840 [ 2357.899812] ? slab_free_freelist_hook+0xa9/0x180 [ 2357.900274] sit_tunnel_xmit+0xef0/0x2960 [ 2357.900633] ? find_held_lock+0x2c/0x110 [ 2357.900982] ? ipip_rcv+0x4f0/0x4f0 [ 2357.901363] ? dev_queue_xmit_nit+0x7f5/0xb00 [ 2357.901789] ? lock_downgrade+0x6d0/0x6d0 [ 2357.902190] ? tpacket_rcv+0x3960/0x3960 [ 2357.902532] ? dev_queue_xmit_nit+0x80b/0xb00 [ 2357.902919] dev_hard_start_xmit+0x1cb/0x6f0 [ 2357.903344] __dev_queue_xmit+0x17ec/0x2710 [ 2357.903720] ? find_held_lock+0x2c/0x110 [ 2357.904063] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2357.904499] ? lock_downgrade+0x6d0/0x6d0 [ 2357.904849] ? lock_acquire+0x197/0x470 [ 2357.905259] ? ip_finish_output2+0x220/0x21f0 [ 2357.905684] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2357.906206] neigh_connected_output+0x382/0x4d0 [ 2357.906609] ip_finish_output2+0x6f1/0x21f0 [ 2357.906983] ? nf_hook_slow+0xfc/0x1e0 [ 2357.907359] ? ip_frag_next+0x9e0/0x9e0 [ 2357.907697] ? nf_hook+0x160/0x510 [ 2357.908000] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2357.908475] __ip_finish_output.part.0+0x5f3/0xb50 [ 2357.908893] ? ip_fragment.constprop.0+0x240/0x240 [ 2357.909374] ? nf_hook+0x510/0x510 [ 2357.909726] ip_output+0x2f7/0x600 [ 2357.910034] ip_send_skb+0xdd/0x260 [ 2357.910430] udp_send_skb+0x6da/0x11d0 [ 2357.910770] udp_sendmsg+0x197f/0x2160 [ 2357.911140] ? ip_frag_init+0x350/0x350 [ 2357.911494] ? udp_setsockopt+0xc0/0xc0 [ 2357.911838] ? __lock_acquire+0xbb1/0x5b00 [ 2357.912260] ? handle_mm_fault+0x1a0b/0x3500 [ 2357.912634] ? lock_downgrade+0x6d0/0x6d0 [ 2357.912986] ? do_raw_spin_lock+0x121/0x260 [ 2357.913426] ? rwlock_bug.part.0+0x90/0x90 [ 2357.913823] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2357.914318] udpv6_sendmsg+0x1b30/0x2ad0 [ 2357.914675] ? udp_v6_push_pending_frames+0x360/0x360 [ 2357.915150] ? _down_write_nest_lock+0x160/0x160 [ 2357.915560] ? vmacache_update+0xce/0x140 [ 2357.915920] ? do_user_addr_fault+0x5b0/0xc60 [ 2357.916348] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2357.916791] ? exc_page_fault+0xca/0x1a0 [ 2357.917208] ? trace_hardirqs_on+0x5b/0x180 [ 2357.917609] ? exc_page_fault+0xca/0x1a0 [ 2357.917958] ? asm_exc_page_fault+0x1e/0x30 [ 2357.918368] ? sock_has_perm+0x1ea/0x280 [ 2357.918712] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2357.919199] ? copy_user_generic_string+0x2c/0x40 [ 2357.919615] ? __import_iovec+0x458/0x590 [ 2357.919966] ? udp_v6_push_pending_frames+0x360/0x360 [ 2357.920450] inet6_sendmsg+0x105/0x140 [ 2357.920782] ? inet6_compat_ioctl+0x320/0x320 [ 2357.921232] __sock_sendmsg+0xf2/0x190 [ 2357.921603] ____sys_sendmsg+0x334/0x870 [ 2357.921951] ? sock_write_iter+0x3d0/0x3d0 [ 2357.922354] ? do_recvmmsg+0x6d0/0x6d0 [ 2357.922689] ? SOFTIRQ_verbose+0x10/0x10 [ 2357.923031] ? mark_lock+0xf5/0x2df0 [ 2357.923394] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2357.923843] ___sys_sendmsg+0xf3/0x170 [ 2357.924220] ? sendmsg_copy_msghdr+0x160/0x160 [ 2357.924610] ? __fget_files+0x2cf/0x520 [ 2357.924948] ? lock_downgrade+0x6d0/0x6d0 [ 2357.925375] ? lock_downgrade+0x6d0/0x6d0 [ 2357.925766] ? __fget_files+0x2f8/0x520 [ 2357.926152] ? __fget_light+0xea/0x290 [ 2357.926498] __sys_sendmmsg+0x195/0x470 [ 2357.926846] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2357.927282] ? lock_downgrade+0x6d0/0x6d0 [ 2357.927647] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2357.928055] ? wait_for_completion_io+0x270/0x270 [ 2357.928510] ? rcu_read_lock_any_held+0x75/0xa0 [ 2357.928902] ? vfs_write+0x354/0xb10 [ 2357.929292] ? fput_many+0x2f/0x1a0 [ 2357.929634] ? ksys_write+0x1a9/0x260 [ 2357.929959] ? __ia32_sys_read+0xb0/0xb0 [ 2357.930353] __x64_sys_sendmmsg+0x99/0x100 [ 2357.930708] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2357.931184] do_syscall_64+0x33/0x40 [ 2357.931500] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2357.931934] RIP: 0033:0x7f0fecadbb19 [ 2357.932294] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2357.933915] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2357.934596] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2357.935241] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2357.935836] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2357.936472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2357.937071] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 [ 2357.942406] FAULT_INJECTION: forcing a failure. [ 2357.942406] name failslab, interval 1, probability 0, space 0, times 0 [ 2357.943525] CPU: 1 PID: 12141 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2357.944174] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2357.945616] Call Trace: [ 2357.945844] dump_stack+0x107/0x167 [ 2357.946199] should_fail.cold+0x5/0xa [ 2357.946523] ? create_object.isra.0+0x3a/0xa20 [ 2357.946910] should_failslab+0x5/0x20 [ 2357.947286] kmem_cache_alloc+0x5b/0x310 [ 2357.947634] create_object.isra.0+0x3a/0xa20 [ 2357.948005] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2357.948512] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 2357.948941] ? __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2357.949464] __alloc_skb+0xb1/0x5b0 [ 2357.949833] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2357.950354] ? ip6_mtu+0x1bb/0x3d0 [ 2357.950687] ? ip_frag_init+0x350/0x350 [ 2357.951073] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2357.951591] ? ip6_mtu+0x1e9/0x3d0 [ 2357.951924] ? ip6_setup_cork+0xfb7/0x1740 [ 2357.952364] ip6_make_skb+0x2de/0x4e0 [ 2357.952729] ? ip_frag_init+0x350/0x350 [ 2357.953176] ? ip_frag_init+0x350/0x350 [ 2357.953587] ? ip6_push_pending_frames+0xf0/0xf0 [ 2357.954028] ? ip6_dst_hoplimit+0x199/0x440 [ 2357.954484] ? lock_downgrade+0x6d0/0x6d0 [ 2357.954888] udpv6_sendmsg+0x20d3/0x2ad0 [ 2357.955326] ? ip_frag_init+0x350/0x350 [ 2357.955719] ? udp_v6_push_pending_frames+0x360/0x360 [ 2357.956252] ? SOFTIRQ_verbose+0x10/0x10 [ 2357.956640] ? lock_acquire+0x197/0x470 [ 2357.957014] ? find_held_lock+0x2c/0x110 [ 2357.957482] ? __might_fault+0xd3/0x180 [ 2357.957870] ? sock_has_perm+0x1ea/0x280 [ 2357.958332] ? __import_iovec+0x458/0x590 [ 2357.958718] ? udp_v6_push_pending_frames+0x360/0x360 [ 2357.959247] inet6_sendmsg+0x105/0x140 [ 2357.959608] ? inet6_compat_ioctl+0x320/0x320 [ 2357.960020] __sock_sendmsg+0xf2/0x190 [ 2357.960445] ____sys_sendmsg+0x334/0x870 [ 2357.960826] ? sock_write_iter+0x3d0/0x3d0 [ 2357.961295] ? do_recvmmsg+0x6d0/0x6d0 [ 2357.961687] ? SOFTIRQ_verbose+0x10/0x10 [ 2357.962070] ? mark_lock+0xf5/0x2df0 [ 2357.962483] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2357.962967] ___sys_sendmsg+0xf3/0x170 [ 2357.963381] ? sendmsg_copy_msghdr+0x160/0x160 [ 2357.963823] ? __fget_files+0x2cf/0x520 [ 2357.964250] ? lock_downgrade+0x6d0/0x6d0 [ 2357.964640] ? lock_downgrade+0x6d0/0x6d0 [ 2357.965045] ? __fget_files+0x2f8/0x520 [ 2357.965512] ? __fget_light+0xea/0x290 [ 2357.965895] __sys_sendmmsg+0x195/0x470 [ 2357.966327] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2357.966726] ? lock_downgrade+0x6d0/0x6d0 [ 2357.967174] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2357.968627] ? wait_for_completion_io+0x270/0x270 [ 2357.969072] ? rcu_read_lock_any_held+0x75/0xa0 [ 2357.969617] ? vfs_write+0x354/0xb10 [ 2357.969963] ? fput_many+0x2f/0x1a0 [ 2357.970348] ? ksys_write+0x1a9/0x260 [ 2357.970670] ? __ia32_sys_read+0xb0/0xb0 [ 2357.971043] __x64_sys_sendmmsg+0x99/0x100 [ 2357.971497] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2357.971967] do_syscall_64+0x33/0x40 [ 2357.972371] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2357.972850] RIP: 0033:0x7f9ff3490b19 [ 2357.973282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2357.974988] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2357.975735] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2357.976437] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2357.977094] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2357.977841] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2357.978541] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 03:03:52 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda255e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:03:52 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4327, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffc, 0xf90}, 0x0, 0x8003, 0x0, 0x0, 0x20, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000200)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) fcntl$setstatus(r1, 0x4, 0xc00) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) open_by_handle_at(r0, &(0x7f0000000700)=ANY=[@ANYBLOB="10ed000002ddc2b67d883b43d9ffffff00000060fdffffff9a5ec44c0708b56561d063a3e487436014bbcf26d5014e9e82c748f9940aed005aa12485a28178cab9c569cfbd9c97f5ec301474dca041b9fc78623e7015681256fdd67ef406a5d920400219b7f599aa01486241b461f18fb4167ddd80cc79898622b4236101f14ca9758f9ebcbbb2237fe52b2fffc9f6af8443dd0d40d5468862b9a7508d1c3b9a8535e6a4280c06ebccdb07ec11cf063323e3e0dd28c83ea2c7fd197f86ce15161ebf89440f94f47624d9a6bdea9db194001764e3f358a40b431aa799224ccf52a9ef803d408c1268ee7f97e4420aba37d59c01db887933d144de221300733a18d3d4d2bbae32a86f9e45c02011d0e52ec97d188e260dd9eb7c0ee9fb11985231ee7833b1c2dd82983680972ec4804c0891f5e492711190d0537a81a66b2aa7e0a24e9301792fc797891e506637153c7a0edbbb80e6f38909cb8808afc767ce82f9dd6232b2294c1abfdde782502777f572d97fccdcbdb1dba12fdcad1bbad916cc1561a2a85d9b9264b005c0d73ab1bf5e905b6401d7fb5801d798ff53f53c76d0a9058651c9e02ea2a12b455c450c14de50cd6b1c72bc72d8133ad5efaf967f780018b2611009052edd7699117b9240ff6e20916672560f5f73540147398daaab1a4623a8e48b4fccbec59cc4aac412aa151bca8b7ff64cfb4913f8397f33369401df8cb506c054906dced5726dab"], 0x8e880) fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r2, 0x8914, &(0x7f0000000140)={'lo\x00'}) r3 = socket$packet(0x11, 0x2, 0x300) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'lo\x00', 0x0}) bind$packet(r3, &(0x7f0000000040)={0x11, 0xe9, r5, 0x1, 0x0, 0x6, @multicast}, 0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8914, &(0x7f0000000140)={'lo\x00'}) sendmsg$inet6(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000001c0)="cf", 0xfffffdef}], 0x1}, 0x10044001) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f00000000c0)={0xaa5, 0x9, 0x9, 0xfffffffd, 0x11b2}) 03:03:52 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x4}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:03:52 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 24) 03:03:52 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 99) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:03:52 executing program 5: r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x2000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f0000000080)={0x0, r0, 0x0, 0x0, 0x0, 0xa6219d3}) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='coredump_filter\x00') readv(r1, &(0x7f0000002a80)=[{&(0x7f0000000740)=""/216, 0xd8}], 0x1) openat(r1, &(0x7f0000000000)='./file0\x00', 0x44002, 0x120) r2 = dup2(0xffffffffffffffff, 0xffffffffffffffff) r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) fadvise64(r3, 0x0, 0x0, 0x4) r4 = socket$inet6_udp(0xa, 0x2, 0x0) r5 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r5, 0x400, 0x1) fcntl$setown(r5, 0x8, 0xffffffffffffffff) close(r5) signalfd4(r5, &(0x7f0000000040)={[0x8]}, 0x8, 0x80000) sendmmsg$inet6(r4, &(0x7f0000001940)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@hopopts_2292={{0x58, 0x29, 0x36, {0x0, 0x7, '\x00', [@jumbo={0xc2, 0x4, 0x2}, @generic={0xff, 0x1f, "35427e7c98ef2d1e3d5063f9f9530d74da5b1b9fe68a9ef6905368d58e13a3"}, @hao={0xc9, 0x10, @ipv4={'\x00', '\xff\xff', @empty}}, @jumbo={0xc2, 0x4, 0x2946}]}}}, @hopopts_2292={{0x18}}], 0x70}}], 0x2, 0x20000000) ioctl$BTRFS_IOC_SUBVOL_CREATE(r2, 0x5000940e, &(0x7f0000003e40)={{}, "8535192a409db1c5da772c130156658f6956d1227856791d860c7085a79b54e3637239fd5bc6da3c00b911567125a87fb7db4511a9fb3086fb25dc6c5740f4150d9871f7f772d294b8f24a93348d3ee385eea13c086e54193fa2761a2200d4a1b94ebdd5a5c750c06ed328019ab4900b5cc00ee276432b1d174cacdab6f0ed8d112820d18958f72a5335c8c71174a85c0ce184eed413dbdf5add1e64357e3e844e2af54809721c8d9a7a80467187c43b19c12fa5f7a72da2cd09d43967c4e211aae6812bef7ed4e937beda6863b096422d5dbb222a2dc2ee5cb656e7456e5fc61980e6627f7acd78123273d58214502345100567c7481eab37c038c892065a7779e8cf17834dced073636d79009d593437d64371e78ce1ad842fb94e5d6e8c82d8b3150f42d032baed523ddb2170f695c25c4099f38180315bb3248cb3ff6201265a42ed0faa32074801a7857610e8add070fd8301ad986da7e243dde93dcd2fd00ad6475a5127d1500d5f3beec51b016c86ac73f3c3003ddb5c4da23b60a706e0d9f4148cc3f4c614e00ffadb67b908673a76a175d86665aae59b0e25292546bef65218b9bcf453b1b86008e7833ea0bb0f304c613fae00e6a4d20e5e147ad3734c56b2c0be689c8f34955d67ad34eb468b6c700f71b24b04e9cf4b820d42c4cb50f6e191abad9db2bd5a62bf12047f03b63a07b8d01fc5ab8d569af49f54d582b843e3be62251de4dc68a53f5b718518a6d8f8b38191211816f462165934cc72b324d2a1b1f1a8e8522b7cc1b18937e06df9e02fd2770ba4b1538abc8386de3b890a0f8c30fca8c8c6e491812cd2d3376b06c29ed5dcfcb182cf5d0304556ee2ea9b3e20b37373e5d4f644334ecd3786a12d4f9ed36eaedec19206d642a97f73a6830839ce0001f6edb3bec7e4df5fe125eb9e0fbd49efebf14c673bd07cc6a1d9316d13476c1e57f479cf9b630dab3460335b860ed634f627d28308bc25f8ef78e5d614b2001dd30ea56dc3ee1fd694822eccf6ebdb7fe93b0e4b4d553b4613665df6c8069b0681cdb0e1c02a6a4fa6503fcbf56c8b087bd02190e0fd9653aaf9fe4479d55eba402bd3c822b9db6e96b25e3a8beb04f327b915cf69226d1c6c99d1c877886bc9dff27f5713ad9b62292ed54e0063a04e5f3e3970eb2077a2b7c7cf795afc4b8a3d1886d69f0da7ccef41f1d158aadb3469018f7698dca34cbc068389106ca550601ffbd0fb5d388c45255b83ca0160f8a29e2254b2bfd1a5ea9bb16f1fd08d5b001b9db477cdd76bdbb43f7789b9005bb51b7a67be29e506ba2313fa4842c592f09377c378247d4d379f5c331bacb514019ad2620c6992deb50ba88dacaedf27415562c04824be927e9bebd99915efdb7921b1e1ce6bf4ffb08896bb90eab1f05ff836eab3065da2818907d2ce2f6c46eb1cdbd50be5702946f969f988e9c03cc1dcd909131f9e5163da455f8428d5445f123a32dc9c8c4ebaec641ef9f3889327bc167d7d9e0eb4a8d80ae13929d370b3af3e0265567167b3201067faad01520bb9a1f983f0a07a58f2cf884a7ac1f61794b37b75f4e229843224af337dc8bf10d1a7cfd20a62bcf295ff360ba18dbe67548212293029ab4069f8fd35bcaa484ace1be3053bf7b213e47ce04297dc320c54a65938feac12f5e5c3cca78661c92299adfc9491fd1d71c0e6b1d0243e7614c0f17bc7cd926038d3dd7ce68e1f9ae8f8de05b1daa01880e25a46611b5cbde8d45b3903f2a3323802a324a89916e5c92de078c5adcad6259c26a678d9d99de1ac6071ba30cdff7cb3f71b193b4ec33b65ec77381890a5897a54f0075e1eb663935fe2c639178dca49b159118445a9530480fd20fb7321d0e8b95a09d47371cf360864d2b8e5211a05ced3e8d42f543e6390fe2dcfa618b8f2eb05d385b67d232d4982f719434a745636495da8340121eb5cd534506279dce26db09a3871ef7926a110f13f26ce55c45d76be766b6db0e6ac95bfc59252da16b8f860d50a0987843f06047ddeae79e35ed7dc8d21194a932a4567dfca9c53e6b71b7782bbcacbb11045d837ddba23f54af61e76759f951090ecd8005ad7859456a87e4787c1380a4c91c5837f8bb431527a17ee765cd98689d306db5e7fe678792ddea8f5cb0043959ea2abb385fa38976fe83d6bca31586fd895377d059ed8e612c7cf4f505d0dc7f9e1cbf646b13208019ee785600cc554a80685cb9629b6224b6f0060bfcb04e64e6815fa24a967a44945bbc5d36a0620bb6b305b66ab22d79d03541b1b711a399be49ef8ec1122eb73ef94c17759fc375da1956ba725bab5bb7133ed93145b1d3971c19f1c66400166a323cc99ac8fa41eaffff3cea760a6969f92e71e1cefe811ec312d4572ea7db3a6622716c2287dc2f7a5f736a0486ba8519e8338adfd0ea0394a094ecf7895ea993f42cc9c7280e24f3bf4cf4f232c5698ab34dcf41722ba1d01ab9b417e918c642890d19053ee52cdbc35927031129511f32182b17fdfc2d1b3ed5364aa4420b43f711765ad3f292fa0c82546e0e9679427b4808a22d337a62898b6d87b55cda1e66938493c1279d382e476290b79691cfba56e3568fe589aa9b70398cddacbe486e529edab7dabfc33ec1fc0d00e1c231e59a680ca78dbeb382fd819a23ef1d8521856805d9172b4754382676512f2d20d4b250bb9dffd96b92336f0d714c640b7dc409894593e34e5e270051f9b0a3b17949ccfb4f376d794210ed375338e6bcfe62582aded15e19249e6385eef51385cdf4a430caa74dc3bf06c8dd792c85186a0a5240ad343f19bc3e5313c2930230a2fbbf23d837222750a4994ad99eacd0419e4c2a0ade280af5485b1fa77f2616f321755cf5af3cfab6aaf75ce08ef23320d6b15dbc447a29b4f41391bc6bba36f0a3cc975f218600c5bec1b90d707dd09c749901a0fac3700001d4a2f23d41428a8a24395ced8fd530d99a87c85915892587ef4bf3b0533f9289e7c12fbb873da51e66c82491f57b0b9e6585740f65a8fe88affefa20e12693ecdb000b505c028a276634856723eabbcf4b56f67b0da586e57eb6061e583624f4cec132283c7a177a7447fe3c2542f098cd8a969e0c600eafea2f0705fa632fbcd31ab1236e386ea573fbb49d2b3da7f5a0823d2dee5fad439477b6a4c0948e21626439204fb3e1ab4014243440491b8292632a3cc53efa3dc4b975c32711644b1a93a43397cb42236d4abb29913adf5c66f2fad1d548885f53fd3915298c7e20bf8e0775a8ea76bba69247cfe91abea1ebacf0660fbe53ba7af4957415355dcaa0f47e66fb311e5bb61b3d52dade29c429cdcbb88fda4fa38f631e89b9433e57ecbbb129784791509fdd4810db8214c8d49c033aff8e5f1b794acab78c01fd6ffc642bed41e0f0f73add3274836aa20174906cd56eb2960ebb276c22af42222e5002ed883ab7fc7a3bfeab8fc8f3b66e81ac7de0709adca6452c12bdff6404fc95ce6c68cfe20a76bc91bcb5c98d60a14706f9ceb88fcdd6ab5d02dfd47f75ce6c01a16a4ec3120dff2267901052d7ed2ed3a0ad3bbd87eb3495a817729e701bd49c13ddee4e88b73913f0d33c793251827ddc9af0863d9a5e4c1c1932c5d942d255f80e67a33d3c901ea476d8d89346fe28aa9c8e12e4c8fc43c676d9a55911b5ae300296b2ba02ee532bc7ab75e9e7057a932b373cdf6a85b0f9555dd02684d3c13ce1cf72fbc50075025b846ffe25b4dd4ab35c992e42be4c21c23a8076286a90f7bd61e0322bb2c87c40c851b0bf18f9d4a9cdde558a08ebd7f5e4937c86b466cdae27f94cba381814ebf7d02bcca6286bf301603fdbb62fbefebf5b8d9e2fa158052e15b9337e69ce1828faf26a7209ddc201be7aaa75a6b29dec6d6a3bb1525755c142b7240b20c436ba803ec125528cbf0fc5a890b3f540cfc63547a6be50fbed1743380c3322d1cd5a73274d966b2a204dfcfe62e63019eb466c26056c33a14ad36f3bb18602d93756dabb89c51f73d66e14f6d1b456c3651b66f9f5ab3758ea507fce34dd208816cff527eb84efeb053180e07ebc541642d90fb1048aa9be2ae679603cb540da8a802d2c8d87cea3123a57d24fb2399a2be80290ada3bc42e39dc344d4e5061c0adcf92251d56b06f77bb59abd10484c9186161c61b38760dfeaec3a0ba5363ea2d41e679654702f5d78679ccc1d56a1ce3f263818786741d44a92c0dfa90e408a80c424622a22ec47937d31228e39115a1a165aeede9df71fb2f2b5a587b82b46089e6edecc2e27c6185741725b77536388ecae9ec412eab776fc4fd48f5f8509c37c93c9432c416c77e3f97d2855e0c1316f6fcd1c02c3fa124873aaf492e5e368a71d7d0c660269ca9135e70e98e2bdb6dca9279b7689b2997012e5f42be6d3c7e35428d95bd484a7d86af2da8537fab54000fc87a8cdc953ba482982ad2742cc1b5143725734beb12403be78c16a1d5069700ee37fdd1ac57794726e66b073047b498ec65e58c106729c4118bb8cf5a0261ae800156d9daa25c879003c0fe8076ffd11dc46a2981cba56cfcc9e8b8c72fa933b579161fec0742cad412fa2263e2d4bece5b31a9e6d68e58f2bdac08b0af6fc8ef321e04e37d598e3fafa89d9abdad563e8b347c4fe188cce816fbe0fe97515134599dc4fbf5511899a60534b43b4b954b73005fc27a6d7f6044e5e3465411ac37aab316f82312777e6f66e09cc23d9e1c6e9d4d5b89cf2f951b730c240c2d2cecf63cbc3ac81b54117c2cfad3df59dde7a182599883200c6eb34ebad090f9a0289c548ebd7dfd49e25ac52927dec8da757b1c90bc6422d2e59ac986daee220cd772392081dfcd599c15208c0f81be3352e57463b2fbc4948c921dbcbd9fe70e4b62f48a930c4b7796190d25cead8119fc7eb1a9f2e9a9484cd168ee8f7c86487cb9a7199117cf70c10a7291bb9af881b0a0ab39c56a2b3eed6db5b9a28cedaffa928a6a861b23dda8537d5ad843d58c1ea0a295c03c282a93c378c0fffc83c88fb598322a1281431f4c012822e410b798364f754b75c113ee03c2e92617bcd21cbf904508ef886810454c8df0889a344e656f2c4ecb353a5a0f84088201712b88fcdf987d87e327aa17d0d3950af91aefce729d42aedf400b86b365889ec8461e164cf9c85c8169026604eaf29acd8dd3ecb31b0cfc15d0cf4067d8401ddb999ba2babdb4449ed21c14f8ff114bc6f3d33798d6ca953d3d422a40fcf9da1337eaba819efbb42a23d64aff593bf2e274a409ab3e081abc781fe999b979cfbc4a93895b46e5976c42731f4694b04490be6ef004932bd253b6fdd7ac4798529be6b9ae7157903eb151255875e5005725da15df1f9bd2afdf35686122d85c39f2568d74797d371cc4b82e54c2f936ffcea08df9de19fdd07f7e0c0804c958cb18c630ae563c7c8d3f9625e92625ccfbd58a2e4d69771c97477a25bd4dfd3d5f518a666d6a52aaa75975e903ad1ec52f58b0b6bc782e790653cc3da5f8cf6ae75c2e748c936e9294c779e611ba67a0d33413b91f750f7436dce2ade74a4a3f034605388603ab3e1f74933f3621039b7dbcf80738ef1646837334ee8f211c0b3f78b2e910f4d29fe5e94eba6f2414db53b7fbd86c1419221cc199d72505d0ea34930a10f89768bc06639fd3e513c09842aa32c5b01918ab076a52dc3ca62083d2516831a8118672f92befcb1e64bbc85685eecc2d11245355d23de442153285e765713c096ab3a71e27754f"}) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r3, 0xc018937a, &(0x7f0000000140)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r4, @ANYBLOB="ff2100e3000000002e2f66696c653000"]) socket$netlink(0x10, 0x3, 0x13) [ 2358.849843] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2358.849843] program syz-executor.3 not setting count and/or reply_len properly [ 2358.889396] FAULT_INJECTION: forcing a failure. [ 2358.889396] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2358.891819] CPU: 0 PID: 12169 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2358.892459] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2358.893229] Call Trace: [ 2358.893488] dump_stack+0x107/0x167 [ 2358.893833] should_fail.cold+0x5/0xa [ 2358.894194] __alloc_pages_nodemask+0x182/0x600 [ 2358.894630] ? lock_chain_count+0x20/0x20 [ 2358.895018] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 2358.895590] alloc_pages_vma+0xbb/0x410 [ 2358.895966] wp_page_copy+0xee7/0x1f00 [ 2358.896338] ? print_bad_pte+0x5a0/0x5a0 [ 2358.896716] ? lock_downgrade+0x6d0/0x6d0 [ 2358.897101] ? vm_normal_page+0x162/0x2e0 [ 2358.897501] ? count_memcg_event_mm.part.0+0x10f/0x2f0 [ 2358.898005] do_wp_page+0x27b/0x1390 [ 2358.898359] handle_mm_fault+0x1cc7/0x3500 [ 2358.898763] ? __schedule+0x82c/0x1ea0 [ 2358.899127] ? __pmd_alloc+0x5e0/0x5e0 [ 2358.899497] ? vmacache_find+0x55/0x2a0 [ 2358.899877] do_user_addr_fault+0x56e/0xc60 [ 2358.900288] exc_page_fault+0xa2/0x1a0 [ 2358.900652] asm_exc_page_fault+0x1e/0x30 [ 2358.901042] RIP: 0010:__put_user_nocheck_4+0x3/0x11 [ 2358.901514] Code: 00 00 48 39 d9 73 54 0f 01 cb 66 89 01 31 c9 0f 01 ca e9 81 32 1d 02 90 48 bb fd ef ff ff ff 7f 00 00 48 39 d9 73 34 0f 01 cb <89> 01 31 c9 0f 01 ca e9 62 32 1d 02 66 90 48 bb f9 ef ff ff ff 7f [ 2358.903199] RSP: 0018:ffff88804983fcf0 EFLAGS: 00050293 [ 2358.903695] RAX: 0000000000000000 RBX: 00007fffffffeffd RCX: 0000000020004d38 [ 2358.904349] RDX: 0000000000040000 RSI: ffffffff8310dea2 RDI: ffff888016d90938 [ 2358.905006] RBP: 0000000000040000 R08: 0000000000000000 R09: 0000000000000000 [ 2358.905676] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000000 [ 2358.906330] R13: 0000000020004d00 R14: 000000000000002f R15: 000000000000002e [ 2358.906998] ? __sys_sendmmsg+0x1c2/0x470 [ 2358.907385] __sys_sendmmsg+0x1cf/0x470 [ 2358.907759] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2358.908159] ? lock_downgrade+0x6d0/0x6d0 [ 2358.908557] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2358.909006] ? wait_for_completion_io+0x270/0x270 [ 2358.909463] ? rcu_read_lock_any_held+0x75/0xa0 [ 2358.909903] ? vfs_write+0x354/0xb10 [ 2358.910250] ? fput_many+0x2f/0x1a0 [ 2358.910595] ? ksys_write+0x1a9/0x260 [ 2358.910949] ? __ia32_sys_read+0xb0/0xb0 [ 2358.911333] __x64_sys_sendmmsg+0x99/0x100 [ 2358.911726] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2358.912201] do_syscall_64+0x33/0x40 [ 2358.912550] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2358.913026] RIP: 0033:0x7f0fecadbb19 [ 2358.913372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2358.915069] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2358.915772] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2358.916431] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2358.917089] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2358.917762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2358.918421] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 [ 2358.974331] FAULT_INJECTION: forcing a failure. [ 2358.974331] name failslab, interval 1, probability 0, space 0, times 0 [ 2358.976021] CPU: 0 PID: 12176 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2358.976666] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2358.977432] Call Trace: [ 2358.981708] dump_stack+0x107/0x167 [ 2358.982048] should_fail.cold+0x5/0xa [ 2358.982405] should_failslab+0x5/0x20 [ 2358.982759] __kmalloc_node_track_caller+0x74/0x3b0 [ 2358.983222] ? __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2358.983703] __alloc_skb+0xb1/0x5b0 [ 2358.984044] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2358.984513] ? ip6_mtu+0x1bb/0x3d0 [ 2358.984846] ? ip_frag_init+0x350/0x350 [ 2358.985223] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2358.985667] ? ip6_mtu+0x1e9/0x3d0 [ 2358.985997] ? ip6_setup_cork+0xfb7/0x1740 [ 2358.986389] ip6_make_skb+0x2de/0x4e0 [ 2358.986746] ? ip_frag_init+0x350/0x350 [ 2358.987117] ? ip_frag_init+0x350/0x350 [ 2358.987484] ? ip6_push_pending_frames+0xf0/0xf0 [ 2358.987927] ? ip6_dst_hoplimit+0x199/0x440 [ 2358.988323] ? lock_downgrade+0x6d0/0x6d0 [ 2358.988717] udpv6_sendmsg+0x20d3/0x2ad0 [ 2358.989095] ? ip_frag_init+0x350/0x350 [ 2358.989478] ? udp_v6_push_pending_frames+0x360/0x360 [ 2358.989966] ? SOFTIRQ_verbose+0x10/0x10 [ 2358.990352] ? lock_acquire+0x197/0x470 [ 2358.990718] ? find_held_lock+0x2c/0x110 [ 2358.991097] ? __might_fault+0xd3/0x180 [ 2358.991474] ? sock_has_perm+0x1ea/0x280 [ 2358.991869] ? __import_iovec+0x458/0x590 [ 2358.992253] ? udp_v6_push_pending_frames+0x360/0x360 [ 2358.992732] inet6_sendmsg+0x105/0x140 [ 2358.993093] ? inet6_compat_ioctl+0x320/0x320 [ 2358.993517] __sock_sendmsg+0xf2/0x190 [ 2358.993878] ____sys_sendmsg+0x334/0x870 [ 2358.994256] ? sock_write_iter+0x3d0/0x3d0 [ 2358.994645] ? do_recvmmsg+0x6d0/0x6d0 [ 2358.995008] ? SOFTIRQ_verbose+0x10/0x10 [ 2358.995383] ? mark_lock+0xf5/0x2df0 [ 2358.995731] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2358.996216] ___sys_sendmsg+0xf3/0x170 [ 2358.996576] ? sendmsg_copy_msghdr+0x160/0x160 [ 2358.997003] ? __fget_files+0x2cf/0x520 [ 2358.997370] ? lock_downgrade+0x6d0/0x6d0 [ 2358.997770] ? lock_downgrade+0x6d0/0x6d0 [ 2358.998158] ? __fget_files+0x2f8/0x520 [ 2358.998531] ? __fget_light+0xea/0x290 [ 2358.998898] __sys_sendmmsg+0x195/0x470 [ 2358.999270] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2358.999669] ? lock_downgrade+0x6d0/0x6d0 [ 2359.000063] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2359.000511] ? wait_for_completion_io+0x270/0x270 [ 2359.000956] ? rcu_read_lock_any_held+0x75/0xa0 [ 2359.001382] ? vfs_write+0x354/0xb10 [ 2359.001734] ? fput_many+0x2f/0x1a0 [ 2359.002072] ? ksys_write+0x1a9/0x260 [ 2359.002423] ? __ia32_sys_read+0xb0/0xb0 [ 2359.002801] __x64_sys_sendmmsg+0x99/0x100 [ 2359.003189] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2359.003659] do_syscall_64+0x33/0x40 [ 2359.004002] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2359.004469] RIP: 0033:0x7f9ff3490b19 [ 2359.004811] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2359.006497] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2359.007198] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2359.007846] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2359.008495] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2359.009147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2359.009809] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 03:04:08 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x40002, 0x98) r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) lstat(&(0x7f00000000c0)='./file0\x00', &(0x7f00000002c0)) write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) 03:04:08 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) (fail_nth: 100) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:04:08 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x6}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:04:08 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x1}, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) connect(r0, &(0x7f0000000200)=@caif=@dbg={0x25, 0x29, 0x20}, 0x80) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) 03:04:08 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cdab65e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:04:08 executing program 6: syz_extract_tcp_res$synack(0x0, 0x1, 0x0) sendmsg$IEEE802154_LLSEC_SETPARAMS(0xffffffffffffffff, 0x0, 0x8800) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000240), 0x8802, 0x0) sendmsg$IEEE802154_LIST_PHY(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x700, 0x70bd26, 0x25dfdbfe, {}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4040}, 0x44001) ioctl$EVIOCGMTSLOTS(r0, 0x8040450a, &(0x7f0000000100)) syz_emit_ethernet(0x22, &(0x7f0000000100)={@broadcast, @multicast, @val={@val={0x9100, 0x2, 0x1, 0x4}, {0x8100, 0x2, 0x1, 0x2}}, {@generic={0x1c, "d9c3fcb697aa2f7b1d5aabd1"}}}, &(0x7f0000000140)={0x0, 0x1, [0x37b, 0x2ed, 0x27, 0x5e9]}) 03:04:08 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 25) 03:04:08 executing program 5: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000000)={0x8020}) r2 = dup(r1) accept$inet6(0xffffffffffffffff, 0x0, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout_data(r3, 0x107, 0xd, &(0x7f0000000080)={0x0, 0x0}, 0x10) r4 = add_key$keyring(&(0x7f0000000640), &(0x7f0000000680)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) add_key$keyring(&(0x7f00000005c0), &(0x7f0000000600)={'syz', 0x1}, 0x0, 0x0, r4) getsockopt$sock_buf(r3, 0x1, 0x1a, &(0x7f0000000700)=""/4096, &(0x7f0000001700)=0x1000) finit_module(r2, &(0x7f0000000040)='}$\x00', 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x24, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(r5, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) sendmsg$NL80211_CMD_GET_MPP(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x28, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x28}}, 0x0) sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000080), 0xc, &(0x7f00000000c0)={&(0x7f0000001840)=ANY=[@ANYBLOB="a8000000", @ANYRES16=0x0, @ANYBLOB="10002bbd7000fcdbdf25210000000c009900010000000c0000000600f700060000000a00f50050505050505000000600980006000000540084800a4821a53be1d775b30000002c0006800800000007000000080002000200000008000300050000000800030002000000080002000900000008fe010054fe2b39e1a2b5d83c51db2984000000080002008000000008000200ff0700000ce0290072060303030303030a00f50050505050505000005b38e84e46580266d3a49cf475320b2e7d9193afa3a28b4c738f6926e0dff45f5cd2affd2020613b5684db70b43beabd72a439c4a80a6c2a5bcc02ea"], 0xa8}, 0x1, 0x0, 0x0, 0x240000d0}, 0x4011) openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x24500, 0x0) readv(r0, &(0x7f00000004c0)=[{&(0x7f0000001e00)=""/4096, 0x1000}, {&(0x7f0000002e00)=""/4096, 0x1000}, {&(0x7f00000001c0)=""/63, 0x3f}, {&(0x7f0000000200)=""/40, 0x28}, {&(0x7f0000003e00)=""/4096, 0x1000}, {&(0x7f0000000300)=""/160, 0xa0}, {&(0x7f00000003c0)=""/33, 0x21}, {&(0x7f0000000400)=""/148, 0x94}], 0x8) [ 2374.346477] FAULT_INJECTION: forcing a failure. [ 2374.346477] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2374.347640] CPU: 1 PID: 12198 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2374.348242] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2374.348983] Call Trace: [ 2374.349220] dump_stack+0x107/0x167 [ 2374.349538] should_fail.cold+0x5/0xa [ 2374.349919] __alloc_pages_nodemask+0x182/0x600 [ 2374.350264] FAULT_INJECTION: forcing a failure. [ 2374.350264] name failslab, interval 1, probability 0, space 0, times 0 [ 2374.350315] ? lock_chain_count+0x20/0x20 [ 2374.352683] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 2374.353228] alloc_pages_vma+0xbb/0x410 [ 2374.353572] wp_page_copy+0xee7/0x1f00 [ 2374.353956] ? print_bad_pte+0x5a0/0x5a0 [ 2374.354310] ? lock_downgrade+0x6d0/0x6d0 [ 2374.354664] ? vm_normal_page+0x162/0x2e0 [ 2374.355049] ? count_memcg_event_mm.part.0+0x10f/0x2f0 [ 2374.355499] do_wp_page+0x27b/0x1390 [ 2374.355829] handle_mm_fault+0x1cc7/0x3500 [ 2374.356213] ? __lock_acquire+0x1657/0x5b00 [ 2374.356583] ? __pmd_alloc+0x5e0/0x5e0 [ 2374.356941] ? vmacache_find+0x55/0x2a0 [ 2374.357304] do_user_addr_fault+0x56e/0xc60 [ 2374.357693] exc_page_fault+0xa2/0x1a0 [ 2374.358045] asm_exc_page_fault+0x1e/0x30 [ 2374.358415] RIP: 0010:__put_user_nocheck_4+0x3/0x11 [ 2374.358849] Code: 00 00 48 39 d9 73 54 0f 01 cb 66 89 01 31 c9 0f 01 ca e9 81 32 1d 02 90 48 bb fd ef ff ff ff 7f 00 00 48 39 d9 73 34 0f 01 cb <89> 01 31 c9 0f 01 ca e9 62 32 1d 02 66 90 48 bb f9 ef ff ff ff 7f [ 2374.360422] RSP: 0018:ffff888048cbfcf0 EFLAGS: 00050293 [ 2374.360885] RAX: 0000000000000000 RBX: 00007fffffffeffd RCX: 0000000020004d38 [ 2374.361501] RDX: 0000000000040000 RSI: ffffffff8310dea2 RDI: ffff888019e1bdb8 [ 2374.362135] RBP: 0000000000040000 R08: 0000000000000000 R09: 0000000000000000 [ 2374.362754] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000000 [ 2374.363363] R13: 0000000020004d00 R14: 000000000000002f R15: 000000000000002e [ 2374.364006] ? __sys_sendmmsg+0x1c2/0x470 [ 2374.364362] __sys_sendmmsg+0x1cf/0x470 [ 2374.364722] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2374.365100] ? lock_downgrade+0x6d0/0x6d0 [ 2374.365464] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2374.365926] ? wait_for_completion_io+0x270/0x270 [ 2374.366339] ? rcu_read_lock_any_held+0x75/0xa0 [ 2374.366752] ? vfs_write+0x354/0xb10 [ 2374.367081] ? fput_many+0x2f/0x1a0 [ 2374.367390] ? ksys_write+0x1a9/0x260 [ 2374.367721] ? __ia32_sys_read+0xb0/0xb0 [ 2374.368097] __x64_sys_sendmmsg+0x99/0x100 [ 2374.368456] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2374.368923] do_syscall_64+0x33/0x40 [ 2374.369246] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2374.369699] RIP: 0033:0x7f0fecadbb19 [ 2374.370043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2374.371596] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2374.372266] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2374.372878] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2374.373490] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2374.374144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2374.374746] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 [ 2374.375392] CPU: 0 PID: 12192 Comm: syz-executor.0 Not tainted 5.10.226 #1 [ 2374.376150] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2374.376965] Call Trace: [ 2374.377266] dump_stack+0x107/0x167 [ 2374.377614] should_fail.cold+0x5/0xa [ 2374.378043] ? create_object.isra.0+0x3a/0xa20 [ 2374.378530] should_failslab+0x5/0x20 [ 2374.378960] kmem_cache_alloc+0x5b/0x310 [ 2374.379426] create_object.isra.0+0x3a/0xa20 [ 2374.379906] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2374.380223] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2374.380223] program syz-executor.3 not setting count and/or reply_len properly [ 2374.380448] kmem_cache_alloc_node+0x169/0x330 [ 2374.380470] __alloc_skb+0x6d/0x5b0 [ 2374.382650] __ip6_append_data.isra.0+0x2ce8/0x3a70 [ 2374.383340] ? ip6_mtu+0x1bb/0x3d0 [ 2374.383686] ? ip_frag_init+0x350/0x350 [ 2374.384185] ? ip6_finish_output2+0x1fe0/0x1fe0 [ 2374.384617] ? ip6_mtu+0x1e9/0x3d0 [ 2374.384994] ? ip6_setup_cork+0xfb7/0x1740 [ 2374.385433] ip6_make_skb+0x2de/0x4e0 [ 2374.385869] ? ip_frag_init+0x350/0x350 [ 2374.386302] ? ip_frag_init+0x350/0x350 [ 2374.386672] ? ip6_push_pending_frames+0xf0/0xf0 [ 2374.387253] ? ip6_dst_hoplimit+0x199/0x440 [ 2374.387654] ? lock_downgrade+0x6d0/0x6d0 [ 2374.388170] udpv6_sendmsg+0x20d3/0x2ad0 [ 2374.388565] ? ip_frag_init+0x350/0x350 [ 2374.388987] ? udp_v6_push_pending_frames+0x360/0x360 [ 2374.389504] ? SOFTIRQ_verbose+0x10/0x10 [ 2374.389960] ? lock_acquire+0x197/0x470 [ 2374.390383] ? find_held_lock+0x2c/0x110 [ 2374.390818] ? __might_fault+0xd3/0x180 [ 2374.391278] ? sock_has_perm+0x1ea/0x280 [ 2374.391676] ? __import_iovec+0x458/0x590 [ 2374.392157] ? udp_v6_push_pending_frames+0x360/0x360 [ 2374.392641] inet6_sendmsg+0x105/0x140 [ 2374.393073] ? inet6_compat_ioctl+0x320/0x320 [ 2374.393567] __sock_sendmsg+0xf2/0x190 [ 2374.396998] ____sys_sendmsg+0x334/0x870 [ 2374.397425] ? sock_write_iter+0x3d0/0x3d0 [ 2374.397913] ? do_recvmmsg+0x6d0/0x6d0 [ 2374.398332] ? SOFTIRQ_verbose+0x10/0x10 [ 2374.398751] ? mark_lock+0xf5/0x2df0 [ 2374.399149] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2374.399643] ___sys_sendmsg+0xf3/0x170 [ 2374.400057] ? sendmsg_copy_msghdr+0x160/0x160 [ 2374.400562] ? __fget_files+0x2cf/0x520 [ 2374.400985] ? lock_downgrade+0x6d0/0x6d0 [ 2374.401419] ? lock_downgrade+0x6d0/0x6d0 [ 2374.401870] ? __fget_files+0x2f8/0x520 [ 2374.402291] ? __fget_light+0xea/0x290 [ 2374.402658] __sys_sendmmsg+0x195/0x470 [ 2374.403147] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2374.403557] ? lock_downgrade+0x6d0/0x6d0 [ 2374.404001] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2374.404525] ? wait_for_completion_io+0x270/0x270 [ 2374.405026] ? rcu_read_lock_any_held+0x75/0xa0 [ 2374.405511] ? vfs_write+0x354/0xb10 [ 2374.405928] ? fput_many+0x2f/0x1a0 [ 2374.406321] ? ksys_write+0x1a9/0x260 [ 2374.406676] ? __ia32_sys_read+0xb0/0xb0 [ 2374.407175] __x64_sys_sendmmsg+0x99/0x100 [ 2374.407569] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2374.408088] do_syscall_64+0x33/0x40 [ 2374.408510] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2374.409034] RIP: 0033:0x7f9ff3490b19 [ 2374.409441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2374.411329] RSP: 002b:00007f9ff0a06188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2374.412205] RAX: ffffffffffffffda RBX: 00007f9ff35a3f60 RCX: 00007f9ff3490b19 [ 2374.413306] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005 [ 2374.414033] RBP: 00007f9ff0a061d0 R08: 0000000000000000 R09: 0000000000000000 [ 2374.414805] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 2374.415509] R13: 00007fff56876fef R14: 00007f9ff0a06300 R15: 0000000000022000 03:04:09 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 26) 03:04:09 executing program 2: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x40000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$sr(0xffffffffffffff9c, 0x0, 0xe8b02, 0x0) r2 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0xffffffff, 0x0, 0xfffffffe, 0x0, 0x0, r1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000040)=0x0) r5 = socket$inet_tcp(0x2, 0x1, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000300)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x3}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r2, 0x8000000) syz_io_uring_submit(r6, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) r7 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000240), 0x1c043, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f0000000280)=@IORING_OP_SPLICE={0x1e, 0x4, 0x0, @fd_index=0xa, 0xffffffffffffffe1, {0x0, r7}, 0x9, 0x2, 0x1, {0x0, 0x0, r0}}, 0x45d) r8 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r8, 0x0) r9 = openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) r10 = openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r8, 0xc0189379, &(0x7f0000000040)={{0x1, 0x1, 0x18, r8}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r10, 0xc018937d, &(0x7f0000000200)=ANY=[@ANYBLOB="00000000010200001800b966", @ANYRES32=0xffffffffffffffff, @ANYBLOB="02000000000000002e2f66696c653000"]) dup3(r9, r12, 0x0) openat(r11, &(0x7f0000000100)='./file0\x00', 0x2, 0x80) creat(&(0x7f0000000140)='./file0\x00', 0x0) 03:04:09 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3bb65672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:04:09 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) r0 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r0, 0x400, 0x1) fcntl$setown(r0, 0x8, 0xffffffffffffffff) close(r0) getdents(r0, &(0x7f0000000000)=""/60, 0x3c) 03:04:09 executing program 6: r0 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r0, 0x400, 0x1) fcntl$setown(r0, 0x8, 0xffffffffffffffff) close(r0) r1 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r1, 0x400, 0x1) fcntl$setown(r1, 0x8, 0xffffffffffffffff) close(r1) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40, 0x2, &(0x7f0000000000)=[{&(0x7f0000000140)="8ff9a758220b474dd179c2cf84596cbce11ee2f91fa8b48b7b3bcb7f31966030c64582435ff68452f8bba135168bd0ae2b5ea123193c5cba84c8e08f4871bb59b91d3b33f156c20d28f6e9bd8db16b32cc5b477d2fd09e82d25d29dcb93e01d6b2670fa682321e7c5815891faf079c1566302ed1a2a32b1a04c0629356446fc6d2e3b5ac5c827249d0e1bc6547505fba6f86ec7854fd452e2a4198eb14394c767b4cb6239e4c4e9892c65b812b109b05c01c6c1a561d3e84c2344db21c7838fcb63b4027a10e878d30ecb7c6469135cdb177ee64dfd67a1eaecd8bd7", 0xdc, 0xfffffffffffffffb}, {&(0x7f0000000240)="f371f0bfb5104e0f091846a194de104517b90000000000000000ebd129be595cc79fe9792fadbf4bb4fca17144e692f284523340d10840eb0260f68528f0aa1d9931a0a2c2759f6b193f80445bafff9ff5edf69757ac2d0fe13a97a26ffc2328072833f368b4fad3aaa3b7caec17da9092fa42a4ed45abbeb284e71740b306c5ee1d65941676f569bbb98390a873c4ff6be91c062189b15a5c0918edba9b6e0ce9dd9907c2ed1f7d657775b3ffe3ca18e07b6c293a8649e4f8dd36c08d53ec5e6e74acd7", 0xc4, 0x7}], 0x10000, &(0x7f0000000480)=ANY=[@ANYRESOCT=r0, @ANYRESDEC=r1, @ANYBLOB="e4d2b118d5ffb26c9fe29ab39e", @ANYBLOB="ba534d1e801132fd98d5c8035522dbf05c5290e9a54ad6cc2ebd587b7ee024c0ee6f34c906f9be87d8214279ee549c8f5b223e9c0e3e56111a66e40b9466188ab49428e9a41aaa97ed561ce9", @ANYBLOB="60db53109d4ebe90bdc72adf1e21b50ebfc7a3d9c0d01a9c5ed2935bffb2c64bae10e99ca788003af944412cb6ae8f9805a2740bcd45356ebd6a78838a98baff2560771b3489da3a1f1b1dbaec74b6904507b3a2b0a8b63c4c19fa0854d87f9e915a31df6f45464c5069aeef7d8689aa69e237e3c4", @ANYRESOCT]) 03:04:09 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:04:09 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x8}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:04:09 executing program 5: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000000)={0x8020}) r2 = dup(r1) accept$inet6(0xffffffffffffffff, 0x0, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout_data(r3, 0x107, 0xd, &(0x7f0000000080)={0x0, 0x0}, 0x10) r4 = add_key$keyring(&(0x7f0000000640), &(0x7f0000000680)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) add_key$keyring(&(0x7f00000005c0), &(0x7f0000000600)={'syz', 0x1}, 0x0, 0x0, r4) getsockopt$sock_buf(r3, 0x1, 0x1a, &(0x7f0000000700)=""/4096, &(0x7f0000001700)=0x1000) finit_module(r2, &(0x7f0000000040)='}$\x00', 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x24, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(r5, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) sendmsg$NL80211_CMD_GET_MPP(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x28, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x28}}, 0x0) sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000080), 0xc, &(0x7f00000000c0)={&(0x7f0000001840)=ANY=[@ANYBLOB="a8000000", @ANYRES16=0x0, @ANYBLOB="10002bbd7000fcdbdf25210000000c009900010000000c0000000600f700060000000a00f50050505050505000000600980006000000540084800a4821a53be1d775b30000002c0006800800000007000000080002000200000008000300050000000800030002000000080002000900000008fe010054fe2b39e1a2b5d83c51db2984000000080002008000000008000200ff0700000ce0290072060303030303030a00f50050505050505000005b38e84e46580266d3a49cf475320b2e7d9193afa3a28b4c738f6926e0dff45f5cd2affd2020613b5684db70b43beabd72a439c4a80a6c2a5bcc02ea"], 0xa8}, 0x1, 0x0, 0x0, 0x240000d0}, 0x4011) openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x24500, 0x0) readv(r0, &(0x7f00000004c0)=[{&(0x7f0000001e00)=""/4096, 0x1000}, {&(0x7f0000002e00)=""/4096, 0x1000}, {&(0x7f00000001c0)=""/63, 0x3f}, {&(0x7f0000000200)=""/40, 0x28}, {&(0x7f0000003e00)=""/4096, 0x1000}, {&(0x7f0000000300)=""/160, 0xa0}, {&(0x7f00000003c0)=""/33, 0x21}, {&(0x7f0000000400)=""/148, 0x94}], 0x8) [ 2374.809596] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2374.809596] program syz-executor.3 not setting count and/or reply_len properly 03:04:09 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5eb672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) [ 2374.876336] FAULT_INJECTION: forcing a failure. [ 2374.876336] name failslab, interval 1, probability 0, space 0, times 0 [ 2374.877403] CPU: 0 PID: 12221 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2374.878101] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2374.878925] Call Trace: [ 2374.879204] dump_stack+0x107/0x167 [ 2374.879580] should_fail.cold+0x5/0xa [ 2374.879973] ? __fib_lookup+0xf7/0x160 [ 2374.880370] ? dst_alloc+0x9e/0x5d0 [ 2374.880745] should_failslab+0x5/0x20 [ 2374.881132] kmem_cache_alloc+0x5b/0x310 [ 2374.881554] dst_alloc+0x9e/0x5d0 [ 2374.881948] rt_dst_alloc+0x73/0x440 [ 2374.882332] ip_route_output_key_hash_rcu+0x93d/0x2a90 [ 2374.882878] ip_route_output_key_hash+0x18d/0x340 [ 2374.883370] ? ip_route_output_key_hash_rcu+0x2a90/0x2a90 [ 2374.883955] ? lock_downgrade+0x6d0/0x6d0 [ 2374.884394] ? udp_send_skb+0x76d/0x11d0 [ 2374.884807] ip_route_output_flow+0x23/0x150 [ 2374.885254] udp_sendmsg+0x16f2/0x2160 [ 2374.885667] ? ip_frag_init+0x350/0x350 [ 2374.886091] ? lockdep_next_lockchain+0x20/0x30 [ 2374.886569] ? udp_setsockopt+0xc0/0xc0 [ 2374.886969] ? mark_lock+0xf5/0x2df0 [ 2374.887354] ? lock_chain_count+0x20/0x20 [ 2374.887778] ? mark_lock+0xf5/0x2df0 [ 2374.888171] ? mark_lock+0xf5/0x2df0 [ 2374.888551] ? lock_chain_count+0x20/0x20 [ 2374.888976] ? lock_chain_count+0x20/0x20 [ 2374.889392] ? mark_lock+0xf5/0x2df0 [ 2374.889801] ? lock_chain_count+0x20/0x20 [ 2374.890223] ? prep_new_page+0x16d/0x1d0 [ 2374.890634] ? lock_chain_count+0x20/0x20 [ 2374.891067] ? __lock_acquire+0x1657/0x5b00 [ 2374.891512] udpv6_sendmsg+0x1b30/0x2ad0 [ 2374.891930] ? __lock_acquire+0x1657/0x5b00 [ 2374.892378] ? udp_v6_push_pending_frames+0x360/0x360 [ 2374.892904] ? lock_acquire+0x197/0x470 [ 2374.893314] ? find_held_lock+0x2c/0x110 [ 2374.893760] ? lock_acquire+0x197/0x470 [ 2374.894135] ? find_held_lock+0x2c/0x110 [ 2374.894513] ? __might_fault+0xd3/0x180 [ 2374.894884] ? lock_downgrade+0x6d0/0x6d0 [ 2374.895274] ? sock_has_perm+0x1ea/0x280 [ 2374.895649] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2374.896143] ? __import_iovec+0x458/0x590 [ 2374.896543] ? udp_v6_push_pending_frames+0x360/0x360 [ 2374.897024] inet6_sendmsg+0x105/0x140 [ 2374.897385] ? inet6_compat_ioctl+0x320/0x320 [ 2374.897838] __sock_sendmsg+0xf2/0x190 [ 2374.898199] ____sys_sendmsg+0x334/0x870 [ 2374.898574] ? sock_write_iter+0x3d0/0x3d0 [ 2374.898971] ? do_recvmmsg+0x6d0/0x6d0 [ 2374.899327] ? handle_mm_fault+0x9e9/0x3500 [ 2374.899727] ? __lock_acquire+0x1657/0x5b00 [ 2374.900123] ? find_held_lock+0x2c/0x110 [ 2374.900508] ___sys_sendmsg+0xf3/0x170 [ 2374.900868] ? sendmsg_copy_msghdr+0x160/0x160 [ 2374.901283] ? vmacache_find+0x55/0x2a0 [ 2374.901669] ? do_user_addr_fault+0x5b0/0xc60 [ 2374.902085] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2374.902562] ? exc_page_fault+0xca/0x1a0 [ 2374.902936] ? trace_hardirqs_on+0x5b/0x180 [ 2374.903333] ? exc_page_fault+0xca/0x1a0 [ 2374.903716] ? asm_exc_page_fault+0x1e/0x30 [ 2374.904126] __sys_sendmmsg+0x195/0x470 [ 2374.904496] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2374.904892] ? lock_downgrade+0x6d0/0x6d0 [ 2374.905289] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2374.905763] ? wait_for_completion_io+0x270/0x270 [ 2374.906214] ? rcu_read_lock_any_held+0x75/0xa0 [ 2374.906645] ? vfs_write+0x354/0xb10 [ 2374.906990] ? fput_many+0x2f/0x1a0 [ 2374.907326] ? ksys_write+0x1a9/0x260 [ 2374.907684] ? __ia32_sys_read+0xb0/0xb0 [ 2374.908070] __x64_sys_sendmmsg+0x99/0x100 [ 2374.908462] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2374.908935] do_syscall_64+0x33/0x40 [ 2374.909275] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2374.909774] RIP: 0033:0x7f0fecadbb19 [ 2374.910150] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2374.911956] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2374.912715] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2374.913422] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2374.914141] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2374.914853] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2374.915563] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 03:04:09 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 27) [ 2374.994498] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 2375.064805] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 2375.212599] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2375.212599] program syz-executor.3 not setting count and/or reply_len properly [ 2375.237992] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2375.237992] program syz-executor.3 not setting count and/or reply_len properly [ 2375.340929] FAULT_INJECTION: forcing a failure. [ 2375.340929] name failslab, interval 1, probability 0, space 0, times 0 [ 2375.343261] CPU: 0 PID: 12244 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2375.344766] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2375.346830] Call Trace: [ 2375.347432] dump_stack+0x107/0x167 [ 2375.348251] should_fail.cold+0x5/0xa [ 2375.349066] ? create_object.isra.0+0x3a/0xa20 [ 2375.350024] should_failslab+0x5/0x20 [ 2375.350453] kmem_cache_alloc+0x5b/0x310 [ 2375.350923] create_object.isra.0+0x3a/0xa20 [ 2375.351435] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2375.352002] kmem_cache_alloc+0x159/0x310 [ 2375.353424] dst_alloc+0x9e/0x5d0 [ 2375.353890] rt_dst_alloc+0x73/0x440 [ 2375.354320] ip_route_output_key_hash_rcu+0x93d/0x2a90 [ 2375.354903] ip_route_output_key_hash+0x18d/0x340 [ 2375.355460] ? ip_route_output_key_hash_rcu+0x2a90/0x2a90 [ 2375.356065] ? lock_downgrade+0x6d0/0x6d0 [ 2375.356532] ? udp_send_skb+0x76d/0x11d0 [ 2375.356999] ip_route_output_flow+0x23/0x150 [ 2375.357499] udp_sendmsg+0x16f2/0x2160 [ 2375.358001] ? ip_frag_init+0x350/0x350 [ 2375.358450] ? lockdep_next_lockchain+0x20/0x30 [ 2375.358971] ? udp_setsockopt+0xc0/0xc0 [ 2375.359439] ? mark_lock+0xf5/0x2df0 [ 2375.359873] ? lock_chain_count+0x20/0x20 [ 2375.360335] ? mark_lock+0xf5/0x2df0 [ 2375.360762] ? mark_lock+0xf5/0x2df0 [ 2375.361195] ? lock_chain_count+0x20/0x20 [ 2375.361607] ? lock_chain_count+0x20/0x20 [ 2375.362166] ? mark_lock+0xf5/0x2df0 [ 2375.362544] ? lock_chain_count+0x20/0x20 [ 2375.363501] ? prep_new_page+0x16d/0x1d0 [ 2375.364037] ? lock_chain_count+0x20/0x20 [ 2375.364565] ? __lock_acquire+0x1657/0x5b00 [ 2375.365161] udpv6_sendmsg+0x1b30/0x2ad0 [ 2375.365634] ? __lock_acquire+0x1657/0x5b00 [ 2375.366261] ? udp_v6_push_pending_frames+0x360/0x360 [ 2375.366901] ? lock_acquire+0x197/0x470 [ 2375.367419] ? find_held_lock+0x2c/0x110 [ 2375.367943] ? lock_acquire+0x197/0x470 [ 2375.368441] ? find_held_lock+0x2c/0x110 [ 2375.368954] ? __might_fault+0xd3/0x180 [ 2375.369452] ? lock_downgrade+0x6d0/0x6d0 [ 2375.370014] ? sock_has_perm+0x1ea/0x280 [ 2375.370522] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2375.371237] ? __import_iovec+0x458/0x590 [ 2375.371750] ? udp_v6_push_pending_frames+0x360/0x360 [ 2375.372382] inet6_sendmsg+0x105/0x140 [ 2375.372875] ? inet6_compat_ioctl+0x320/0x320 [ 2375.373459] __sock_sendmsg+0xf2/0x190 [ 2375.374532] ____sys_sendmsg+0x334/0x870 [ 2375.376129] ? sock_write_iter+0x3d0/0x3d0 [ 2375.376571] ? do_recvmmsg+0x6d0/0x6d0 [ 2375.377490] ? handle_mm_fault+0x9e9/0x3500 [ 2375.378014] ? find_held_lock+0x2c/0x110 [ 2375.379024] ___sys_sendmsg+0xf3/0x170 [ 2375.379462] ? sendmsg_copy_msghdr+0x160/0x160 [ 2375.380531] ? vmacache_find+0x55/0x2a0 [ 2375.381013] ? do_user_addr_fault+0x5b0/0xc60 [ 2375.382076] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2375.382616] ? exc_page_fault+0xca/0x1a0 [ 2375.383084] ? trace_hardirqs_on+0x5b/0x180 [ 2375.383525] ? exc_page_fault+0xca/0x1a0 [ 2375.384026] ? asm_exc_page_fault+0x1e/0x30 [ 2375.384487] __sys_sendmmsg+0x195/0x470 [ 2375.384944] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2375.385386] ? lock_downgrade+0x6d0/0x6d0 [ 2375.385889] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2375.387022] ? wait_for_completion_io+0x270/0x270 [ 2375.387562] ? rcu_read_lock_any_held+0x75/0xa0 [ 2375.388653] ? vfs_write+0x354/0xb10 [ 2375.389544] ? fput_many+0x2f/0x1a0 [ 2375.390530] ? ksys_write+0x1a9/0x260 [ 2375.391041] ? __ia32_sys_read+0xb0/0xb0 [ 2375.391535] __x64_sys_sendmmsg+0x99/0x100 [ 2375.392105] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2375.392757] do_syscall_64+0x33/0x40 [ 2375.393225] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2375.394584] RIP: 0033:0x7f0fecadbb19 [ 2375.395078] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2375.397239] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2375.398166] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2375.399031] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2375.399917] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2375.400808] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2375.401632] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 03:04:25 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x500}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:04:25 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 28) 03:04:25 executing program 5: syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000000)={0x8020}) r2 = dup(r1) accept$inet6(0xffffffffffffffff, 0x0, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout_data(r3, 0x107, 0xd, &(0x7f0000000080)={0x0, 0x0}, 0x10) r4 = add_key$keyring(&(0x7f0000000640), &(0x7f0000000680)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) add_key$keyring(&(0x7f00000005c0), &(0x7f0000000600)={'syz', 0x1}, 0x0, 0x0, r4) getsockopt$sock_buf(r3, 0x1, 0x1a, &(0x7f0000000700)=""/4096, &(0x7f0000001700)=0x1000) finit_module(r2, &(0x7f0000000040)='}$\x00', 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x24, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(r5, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) sendmsg$NL80211_CMD_GET_MPP(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x28, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x28}}, 0x0) sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000080), 0xc, &(0x7f00000000c0)={&(0x7f0000001840)=ANY=[@ANYBLOB="a8000000", @ANYRES16=0x0, @ANYBLOB="10002bbd7000fcdbdf25210000000c009900010000000c0000000600f700060000000a00f50050505050505000000600980006000000540084800a4821a53be1d775b30000002c0006800800000007000000080002000200000008000300050000000800030002000000080002000900000008fe010054fe2b39e1a2b5d83c51db2984000000080002008000000008000200ff0700000ce0290072060303030303030a00f50050505050505000005b38e84e46580266d3a49cf475320b2e7d9193afa3a28b4c738f6926e0dff45f5cd2affd2020613b5684db70b43beabd72a439c4a80a6c2a5bcc02ea"], 0xa8}, 0x1, 0x0, 0x0, 0x240000d0}, 0x4011) openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x24500, 0x0) readv(r0, &(0x7f00000004c0)=[{&(0x7f0000001e00)=""/4096, 0x1000}, {&(0x7f0000002e00)=""/4096, 0x1000}, {&(0x7f00000001c0)=""/63, 0x3f}, {&(0x7f0000000200)=""/40, 0x28}, {&(0x7f0000003e00)=""/4096, 0x1000}, {&(0x7f0000000300)=""/160, 0xa0}, {&(0x7f00000003c0)=""/33, 0x21}, {&(0x7f0000000400)=""/148, 0x94}], 0x8) 03:04:25 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc703854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:04:25 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x181300, 0x10) r2 = openat$cgroup_subtree(r1, &(0x7f0000000000), 0x2, 0x0) sendfile(r0, r2, 0x0, 0xad) 03:04:25 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e560ab89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:04:25 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0xdffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x3, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) r3 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0) writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000200)="af", 0x1}], 0x1) sendmsg$TIPC_CMD_SET_LINK_TOL(r3, 0x0, 0x80) fallocate(r3, 0x0, 0x10001, 0x100) ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000040)={0x0, r3, 0x2}) ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40082404, &(0x7f0000000240)=0x10001) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000040)=0x1, 0x4) getpgid(0x0) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @empty}, 0x1c) 03:04:25 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) r1 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r1, 0x400, 0x1) fcntl$setown(r1, 0x8, 0xffffffffffffffff) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x200002, 0x0) ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r2, 0x80286722, &(0x7f00000002c0)={&(0x7f0000000280)=""/21, 0x15, 0xfffffff9, 0x7}) close(r1) fallocate(r1, 0xa, 0x5, 0x9) r3 = openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) fcntl$getownex(r3, 0x10, &(0x7f0000000340)) r4 = openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="050000000000000000000200000008000300", @ANYRES32=r7, @ANYBLOB="f46ae725000000001600000000000000"], 0x2c}}, 0x0) sendmsg$NL80211_CMD_AUTHENTICATE(r4, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f0000000380)={0xe4, r6, 0x100, 0x70bd29, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x580, 0x51}}}}, [@chandef_params=[@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x6}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x1}], @key_params=[@NL80211_ATTR_KEY_SEQ={0x13, 0xa, "f7793d4bb9ecb7ca92dba9ed9f612e"}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x2}], @NL80211_ATTR_MAC={0xa, 0x6, @random="c00d88ea066f"}, @NL80211_ATTR_SSID={0x24, 0x34, @random="db69825d2a694e88b8dd43e201602fb023b7adf45040ed714b0d26597b8edd54"}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @chandef_params=[@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x3}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x4c743bfbd993898e}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x15cc}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x340}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xa}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x9}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x26}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x24}], @NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x3}]}, 0xe4}, 0x1, 0x0, 0x0, 0x94}, 0x20000800) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) [ 2390.486429] FAULT_INJECTION: forcing a failure. [ 2390.486429] name failslab, interval 1, probability 0, space 0, times 0 [ 2390.488626] CPU: 1 PID: 12258 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2390.489861] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2390.490552] Call Trace: [ 2390.490833] dump_stack+0x107/0x167 [ 2390.491151] should_fail.cold+0x5/0xa [ 2390.491477] ? __alloc_skb+0x6d/0x5b0 [ 2390.491855] should_failslab+0x5/0x20 [ 2390.492182] kmem_cache_alloc_node+0x55/0x330 [ 2390.492562] __alloc_skb+0x6d/0x5b0 [ 2390.492965] alloc_skb_with_frags+0x92/0x570 [ 2390.493344] sock_alloc_send_pskb+0x7af/0x930 [ 2390.493812] ? sk_alloc+0x350/0x350 [ 2390.494131] ? SOFTIRQ_verbose+0x10/0x10 [ 2390.494477] ? lock_release+0x680/0x680 [ 2390.494922] ? find_held_lock+0x2c/0x110 [ 2390.495276] __ip_append_data+0x1628/0x3310 [ 2390.495646] ? lock_downgrade+0x6d0/0x6d0 [ 2390.496381] ? do_raw_spin_lock+0x121/0x260 [ 2390.496795] ? ip_frag_init+0x350/0x350 [ 2390.497142] ? ip_finish_output+0x330/0x330 [ 2390.497508] ? ip_route_output_key_hash+0x1a4/0x340 [ 2390.498001] ? __sock_tx_timestamp+0xa3/0xc0 [ 2390.498379] ip_make_skb+0x22a/0x2a0 [ 2390.498761] ? ip_frag_init+0x350/0x350 [ 2390.499111] ? ip_flush_pending_frames+0x20/0x20 [ 2390.499516] ? lock_downgrade+0x6d0/0x6d0 [ 2390.499918] ? xfrm_lookup_route+0x65/0x210 [ 2390.500288] udp_sendmsg+0x193f/0x2160 [ 2390.500624] ? ip_frag_init+0x350/0x350 [ 2390.501014] ? udp_setsockopt+0xc0/0xc0 [ 2390.501365] ? mark_lock+0xf5/0x2df0 [ 2390.501684] ? mark_lock+0xf5/0x2df0 [ 2390.502066] ? lock_chain_count+0x20/0x20 [ 2390.502416] ? lock_chain_count+0x20/0x20 [ 2390.502865] ? __lock_acquire+0x1657/0x5b00 [ 2390.503236] udpv6_sendmsg+0x1b30/0x2ad0 [ 2390.503582] ? __lock_acquire+0x1657/0x5b00 [ 2390.504023] ? udp_v6_push_pending_frames+0x360/0x360 [ 2390.504464] ? lock_acquire+0x197/0x470 [ 2390.504853] ? find_held_lock+0x2c/0x110 [ 2390.505204] ? lock_acquire+0x197/0x470 [ 2390.505540] ? find_held_lock+0x2c/0x110 [ 2390.505956] ? __might_fault+0xd3/0x180 [ 2390.506292] ? lock_downgrade+0x6d0/0x6d0 [ 2390.506644] ? sock_has_perm+0x1ea/0x280 [ 2390.507033] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2390.507482] ? __import_iovec+0x458/0x590 [ 2390.507904] ? udp_v6_push_pending_frames+0x360/0x360 [ 2390.508342] inet6_sendmsg+0x105/0x140 [ 2390.508673] ? inet6_compat_ioctl+0x320/0x320 [ 2390.508989] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2390.508989] program syz-executor.3 not setting count and/or reply_len properly [ 2390.509097] __sock_sendmsg+0xf2/0x190 [ 2390.511098] ____sys_sendmsg+0x334/0x870 [ 2390.511444] ? sock_write_iter+0x3d0/0x3d0 [ 2390.511871] ? do_recvmmsg+0x6d0/0x6d0 [ 2390.512198] ? handle_mm_fault+0x9e9/0x3500 [ 2390.512564] ? find_held_lock+0x2c/0x110 [ 2390.512962] ___sys_sendmsg+0xf3/0x170 [ 2390.513301] ? sendmsg_copy_msghdr+0x160/0x160 [ 2390.513682] ? vmacache_find+0x55/0x2a0 [ 2390.514124] ? do_user_addr_fault+0x5b0/0xc60 [ 2390.514503] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2390.514987] ? exc_page_fault+0xca/0x1a0 [ 2390.515328] ? trace_hardirqs_on+0x5b/0x180 [ 2390.515689] ? exc_page_fault+0xca/0x1a0 [ 2390.516108] ? asm_exc_page_fault+0x1e/0x30 [ 2390.516485] __sys_sendmmsg+0x195/0x470 [ 2390.516874] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2390.517245] ? lock_downgrade+0x6d0/0x6d0 [ 2390.517608] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2390.518080] ? wait_for_completion_io+0x270/0x270 [ 2390.518491] ? rcu_read_lock_any_held+0x75/0xa0 [ 2390.518936] ? vfs_write+0x354/0xb10 [ 2390.519257] ? fput_many+0x2f/0x1a0 [ 2390.519566] ? ksys_write+0x1a9/0x260 [ 2390.519937] ? __ia32_sys_read+0xb0/0xb0 [ 2390.520291] __x64_sys_sendmmsg+0x99/0x100 [ 2390.520647] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2390.521148] do_syscall_64+0x33/0x40 [ 2390.521464] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2390.521953] RIP: 0033:0x7f0fecadbb19 [ 2390.522275] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2390.523888] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2390.524526] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2390.525165] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2390.525857] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2390.526452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2390.527090] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 [ 2390.542409] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2390.542409] program syz-executor.3 not setting count and/or reply_len properly [ 2390.554568] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2390.579481] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'. 03:04:25 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5625b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:04:25 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x902}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:04:25 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 29) 03:04:25 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0) ftruncate(r0, 0x1000003) r1 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$bt_hci(r1, 0x88, 0x64, 0x0, &(0x7f0000000040)) close(0xffffffffffffffff) fsetxattr$security_capability(r0, 0x0, 0x0, 0x0, 0x0) r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_config_ext={0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x28, 0x10, 0x1, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}, @nested={0xc, 0x0, 0x0, 0x1, [@typed={0x8, 0x2b, 0x0, 0x0, @u32}]}]}, 0x28}}, 0x0) write$binfmt_elf64(r0, &(0x7f00000001c0)=ANY=[], 0xfdef) fchmod(r2, 0x54) openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x400102, 0x0) r4 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r4, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) 03:04:25 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x2, 0x0, &(0x7f0000000240), 0x24000, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r1, 0x400, 0x1) fcntl$setown(r1, 0x8, 0xffffffffffffffff) close(r1) sendmsg$inet(r1, &(0x7f00000006c0)={&(0x7f0000000540)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000000600)=[{&(0x7f0000000580)="a7eeb759cd324228cc972ac7972ab554b1acaf1fa5583e48690f6a16007ef7aacb8018dad7", 0x25}], 0x1, &(0x7f0000000640)=[@ip_ttl={{0x14, 0x0, 0x2, 0x1}}, @ip_ttl={{0x14, 0x0, 0x2, 0x10001}}, @ip_ttl={{0x14, 0x0, 0x2, 0x20}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xb7}}], 0x60}, 0x800) r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) write$binfmt_elf64(r2, &(0x7f0000000180)=ANY=[], 0xfdef) ioctl$NS_GET_OWNER_UID(r2, 0xb704, &(0x7f00000003c0)=0x0) getsockopt$EBT_SO_GET_INFO(r2, 0x0, 0x80, &(0x7f00000004c0)={'broute\x00', 0x0, 0x0, 0x0, [0xfffffffffffffff7, 0x1f, 0x4, 0x3, 0x20]}, &(0x7f0000000240)=0x78) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x3, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="bb5921c281e79f86094710fb786f0a3f5eb79c94ce98327e6d28fc659e080c70ea22a7f4633f9210d7e4dc715e75ff66461f10af08416c61d77d5ba946aaaf889dbec1e27d38d8f0d000773cc3ae903b8ea02bb2473990207c674a13d4209d02846d3eff0e543ffb7ec29b832019aaf6be74", 0x72, 0x80}, {&(0x7f00000002c0)}], 0x1242040, &(0x7f0000000400)=ANY=[@ANYBLOB='iocharset?\x00859-15,uid>', @ANYRESDEC=r3, @ANYBLOB=',smackfsroot=y\x00,uid<', @ANYRESDEC, @ANYBLOB="2c736d61636b66736465663d247d87255c2c736d61636b6673726f6f743d5d401a21285d5c2a2c666f776e65723d", @ANYRESDEC=0xee01, @ANYBLOB=',\x00']) mount$9p_rdma(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', &(0x7f0000000200), 0x1000, &(0x7f00000002c0)={'trans=rdma,', {'port', 0x3d, 0x4e24}, 0x2c, {[{@sq={'sq', 0x3d, 0x5}}, {@common=@dfltuid={'dfltuid', 0x3d, 0xffffffffffffffff}}, {@common=@version_9p2000}, {@rq={'rq', 0x3d, 0x6}}, {@sq={'sq', 0x3d, 0x5}}, {@rq={'rq', 0x3d, 0x7}}, {@common=@access_uid={'access', 0x3d, r3}}, {@timeout={'timeout', 0x3d, 0x1}}], [{@subj_type}, {@mask={'mask', 0x3d, '^MAY_READ'}}, {@func={'func', 0x3d, 'MODULE_CHECK'}}, {@permit_directio}, {@dont_appraise}]}}) connect$inet6(r0, &(0x7f0000000400)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmmsg$sock(r0, &(0x7f0000001d80)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)=[@timestamping={{0x14, 0x1, 0x25, 0xffff}}], 0x18}}], 0x2, 0x0) removexattr(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)=@random={'system.', 'vfat\x00'}) r4 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) write$binfmt_elf64(r4, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) [ 2390.660064] TCP: request_sock_TCPv6: Possible SYN flooding on port 20000. Sending cookies. Check SNMP counters. 03:04:25 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc704854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) [ 2390.834046] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2390.834046] program syz-executor.3 not setting count and/or reply_len properly [ 2390.834291] FAULT_INJECTION: forcing a failure. [ 2390.834291] name failslab, interval 1, probability 0, space 0, times 0 [ 2390.836790] CPU: 1 PID: 12284 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2390.837369] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2390.838138] Call Trace: [ 2390.838378] dump_stack+0x107/0x167 [ 2390.838689] should_fail.cold+0x5/0xa [ 2390.839073] ? create_object.isra.0+0x3a/0xa20 [ 2390.839461] should_failslab+0x5/0x20 [ 2390.839861] kmem_cache_alloc+0x5b/0x310 [ 2390.840209] create_object.isra.0+0x3a/0xa20 [ 2390.840581] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2390.841063] kmem_cache_alloc_node+0x169/0x330 [ 2390.841455] __alloc_skb+0x6d/0x5b0 [ 2390.841829] alloc_skb_with_frags+0x92/0x570 [ 2390.842230] sock_alloc_send_pskb+0x7af/0x930 [ 2390.843335] ? sk_alloc+0x350/0x350 [ 2390.843648] ? SOFTIRQ_verbose+0x10/0x10 [ 2390.844069] ? lock_release+0x680/0x680 [ 2390.844405] ? find_held_lock+0x2c/0x110 [ 2390.844811] __ip_append_data+0x1628/0x3310 [ 2390.845181] ? lock_downgrade+0x6d0/0x6d0 [ 2390.845533] ? do_raw_spin_lock+0x121/0x260 [ 2390.845951] ? ip_frag_init+0x350/0x350 [ 2390.846296] ? ip_finish_output+0x330/0x330 [ 2390.846814] ? ip_route_output_key_hash+0x1a4/0x340 [ 2390.847289] ? __sock_tx_timestamp+0xa3/0xc0 [ 2390.847666] ip_make_skb+0x22a/0x2a0 [ 2390.848030] ? ip_frag_init+0x350/0x350 [ 2390.848368] ? ip_flush_pending_frames+0x20/0x20 [ 2390.848857] ? lock_downgrade+0x6d0/0x6d0 [ 2390.849211] ? xfrm_lookup_route+0x65/0x210 [ 2390.849578] udp_sendmsg+0x193f/0x2160 [ 2390.850025] ? ip_frag_init+0x350/0x350 [ 2390.850395] ? udp_setsockopt+0xc0/0xc0 [ 2390.850780] ? mark_lock+0xf5/0x2df0 [ 2390.851100] ? lock_chain_count+0x20/0x20 [ 2390.851449] ? mark_lock+0xf5/0x2df0 [ 2390.851890] ? mark_lock+0xf5/0x2df0 [ 2390.852206] ? lock_chain_count+0x20/0x20 [ 2390.852615] ? lock_chain_count+0x20/0x20 [ 2390.853047] ? prep_new_page+0x16d/0x1d0 [ 2390.853391] ? lock_chain_count+0x20/0x20 [ 2390.853829] ? __lock_acquire+0x1657/0x5b00 [ 2390.854828] udpv6_sendmsg+0x1b30/0x2ad0 [ 2390.855178] ? __lock_acquire+0x1657/0x5b00 [ 2390.855549] ? udp_v6_push_pending_frames+0x360/0x360 [ 2390.856035] ? lock_acquire+0x197/0x470 [ 2390.856371] ? find_held_lock+0x2c/0x110 [ 2390.856796] ? lock_acquire+0x197/0x470 [ 2390.857133] ? find_held_lock+0x2c/0x110 [ 2390.857478] ? __might_fault+0xd3/0x180 [ 2390.857970] ? lock_downgrade+0x6d0/0x6d0 [ 2390.858338] ? sock_has_perm+0x1ea/0x280 [ 2390.858767] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2390.859215] ? __import_iovec+0x458/0x590 [ 2390.859565] ? udp_v6_push_pending_frames+0x360/0x360 [ 2390.860049] inet6_sendmsg+0x105/0x140 [ 2390.860379] ? inet6_compat_ioctl+0x320/0x320 [ 2390.860840] __sock_sendmsg+0xf2/0x190 [ 2390.861170] ____sys_sendmsg+0x334/0x870 [ 2390.861514] ? sock_write_iter+0x3d0/0x3d0 [ 2390.862001] ? do_recvmmsg+0x6d0/0x6d0 [ 2390.862354] ? handle_mm_fault+0x9e9/0x3500 [ 2390.864908] ? __lock_acquire+0x1657/0x5b00 [ 2390.865293] ? find_held_lock+0x2c/0x110 [ 2390.865663] ___sys_sendmsg+0xf3/0x170 [ 2390.866101] ? sendmsg_copy_msghdr+0x160/0x160 [ 2390.866504] ? vmacache_find+0x55/0x2a0 [ 2390.866923] ? do_user_addr_fault+0x5b0/0xc60 [ 2390.867330] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2390.868645] ? exc_page_fault+0xca/0x1a0 [ 2390.869573] ? trace_hardirqs_on+0x5b/0x180 [ 2390.870603] ? exc_page_fault+0xca/0x1a0 [ 2390.871539] ? asm_exc_page_fault+0x1e/0x30 [ 2390.872658] __sys_sendmmsg+0x195/0x470 [ 2390.873572] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2390.874598] ? lock_downgrade+0x6d0/0x6d0 [ 2390.875563] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2390.876658] ? wait_for_completion_io+0x270/0x270 [ 2390.877816] ? rcu_read_lock_any_held+0x75/0xa0 [ 2390.878235] ? vfs_write+0x354/0xb10 [ 2390.878566] ? fput_many+0x2f/0x1a0 [ 2390.878941] ? ksys_write+0x1a9/0x260 [ 2390.879281] ? __ia32_sys_read+0xb0/0xb0 [ 2390.879647] __x64_sys_sendmmsg+0x99/0x100 [ 2390.882347] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2390.882885] do_syscall_64+0x33/0x40 [ 2390.883213] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2390.883812] RIP: 0033:0x7f0fecadbb19 [ 2390.884137] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2390.885971] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2390.886611] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2390.887306] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2390.888657] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2390.889296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2390.889959] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 [ 2390.917242] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2391.010025] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. 03:04:40 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 30) 03:04:40 executing program 2: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x0, 0x94, 0x40, 0x0, 0x0, 0x8, 0x40000, 0x8, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, @perf_bp={&(0x7f0000000200), 0xc}, 0x800, 0x0, 0x5, 0x6, 0x101, 0x0, 0x73a9, 0x0, 0x4, 0x0, 0x5}, 0x0, 0xc, r0, 0x1) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r1, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) rename(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000100)='./file0\x00') 03:04:40 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1202}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:04:40 executing program 5: mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x2000000000000000}, 0x11010}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = pkey_alloc(0x0, 0x0) r1 = pkey_alloc(0x0, 0x5) pkey_mprotect(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, r1) openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x6a8600, 0x0) munmap(&(0x7f0000fee000/0x4000)=nil, 0x4000) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, 0x0) pkey_mprotect(&(0x7f0000fed000/0x13000)=nil, 0x13000, 0x0, r0) mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x3) pkey_mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000004, 0xffffffffffffffff) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x45800) readv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000140)=""/29, 0xe}, {&(0x7f0000000180)=""/128, 0x80}], 0x2) pkey_mprotect(&(0x7f0000fed000/0x13000)=nil, 0x13000, 0x0, 0xffffffffffffffff) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f00000004c0)=0x9) pkey_mprotect(&(0x7f0000ff6000/0x3000)=nil, 0x3000, 0x2000008, r1) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000080)) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105941, 0x80) r2 = creat(&(0x7f0000000000)='./file1\x00', 0x0) fallocate(r2, 0x0, 0x0, 0x8800000) 03:04:40 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e56b6b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:04:40 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17, 0x1}, {0x0, 0x0, 0x8}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200000, 0x4) r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) 03:04:40 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d040900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:04:40 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080000d9f4655fdaf2655fdaf4655f000000000000060004", 0x1d, 0x2200}], 0x0, &(0x7f00000005c0)=ANY=[]) chroot(&(0x7f0000000180)='./file0\x00') r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f00000001c0)={0x8, 0x2c, 0xb, 0x1e, 0xa, 0x401, 0x2, 0x136}) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x9, 0x0, 0x84, 0x4, 0x62, 0x1}) ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000000)={0x9, 0x0, 0x0, 0xc, 0x4}) r2 = dup2(0xffffffffffffffff, r1) syz_io_uring_setup(0x2bc5, &(0x7f00000004c0)={0x0, 0x52e7, 0x1d}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x6, 0x8, 0x65, 0x6, 0x0, 0x1, 0x1085, 0x1d, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x192f, 0x4, @perf_config_ext={0x80, 0x3}, 0x3000, 0x1ff, 0x8, 0x2, 0x0, 0x4, 0xfff9, 0x0, 0xfff}, 0x0, 0xb, r0, 0xd) r3 = accept$inet(r2, &(0x7f0000000080)={0x2, 0x0, @multicast1}, &(0x7f00000000c0)=0x10) ioctl$FIONCLEX(r3, 0x5450) umount2(&(0x7f0000000040)='./file0\x00', 0x0) creat(0x0, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) close(r4) write(r4, &(0x7f0000000380)="ccf6a517e64c6a83f0b8dd5a873a85b53245b0bcc1969a29a632fc00470ae93ab196255db590146fa2004c98092923cdb06c71ed3e2e5ec7ac80bbea590370996b32e192bad4e1b589964b070aefffc7a7ed71f52dcc8dedd67c5a016fe567b2a151f378147090effa238d79f5e3ce3cb61583cff44678b25273010343ca78d9a034af89264e4594ee2d30c6fed313c0a330a4e153d60aba0a3d655c08ef8227e76edd486cdc733d7cbfa2c7a9ed2fee3bdc4670a4be81e4d01371c296800795dabfd5049770f2b81d106cc33fae", 0xce) [ 2405.874864] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2405.874864] program syz-executor.3 not setting count and/or reply_len properly [ 2405.880215] FAULT_INJECTION: forcing a failure. [ 2405.880215] name failslab, interval 1, probability 0, space 0, times 0 [ 2405.881378] CPU: 0 PID: 12313 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2405.882038] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2405.882805] Call Trace: [ 2405.883060] dump_stack+0x107/0x167 [ 2405.883407] should_fail.cold+0x5/0xa [ 2405.883773] should_failslab+0x5/0x20 [ 2405.884132] __kmalloc_node_track_caller+0x74/0x3b0 [ 2405.884599] ? alloc_skb_with_frags+0x92/0x570 [ 2405.885029] __alloc_skb+0xb1/0x5b0 [ 2405.885375] alloc_skb_with_frags+0x92/0x570 [ 2405.885797] sock_alloc_send_pskb+0x7af/0x930 [ 2405.886239] ? sk_alloc+0x350/0x350 [ 2405.886583] ? SOFTIRQ_verbose+0x10/0x10 [ 2405.886966] ? lock_release+0x680/0x680 [ 2405.887337] ? find_held_lock+0x2c/0x110 [ 2405.887728] __ip_append_data+0x1628/0x3310 [ 2405.888141] ? lock_downgrade+0x6d0/0x6d0 [ 2405.888530] ? do_raw_spin_lock+0x121/0x260 [ 2405.888936] ? ip_frag_init+0x350/0x350 [ 2405.889315] ? ip_finish_output+0x330/0x330 [ 2405.889719] ? ip_route_output_key_hash+0x1a4/0x340 [ 2405.890197] ? __sock_tx_timestamp+0xa3/0xc0 [ 2405.890614] ip_make_skb+0x22a/0x2a0 [ 2405.890967] ? ip_frag_init+0x350/0x350 [ 2405.891348] ? ip_flush_pending_frames+0x20/0x20 [ 2405.891797] ? lock_downgrade+0x6d0/0x6d0 [ 2405.892193] ? xfrm_lookup_route+0x65/0x210 [ 2405.892602] udp_sendmsg+0x193f/0x2160 [ 2405.892974] ? ip_frag_init+0x350/0x350 [ 2405.893355] ? udp_setsockopt+0xc0/0xc0 [ 2405.893728] ? mark_lock+0xf5/0x2df0 [ 2405.894098] ? lock_chain_count+0x20/0x20 [ 2405.894487] ? mark_lock+0xf5/0x2df0 [ 2405.894841] ? mark_lock+0xf5/0x2df0 [ 2405.895189] ? lock_chain_count+0x20/0x20 [ 2405.895580] ? lock_chain_count+0x20/0x20 [ 2405.895974] ? prep_new_page+0x16d/0x1d0 [ 2405.896355] ? lock_chain_count+0x20/0x20 [ 2405.896756] ? __lock_acquire+0x1657/0x5b00 [ 2405.897187] udpv6_sendmsg+0x1b30/0x2ad0 [ 2405.897645] ? __lock_acquire+0x1657/0x5b00 [ 2405.898072] ? udp_v6_push_pending_frames+0x360/0x360 [ 2405.898560] ? lock_acquire+0x197/0x470 [ 2405.898931] ? find_held_lock+0x2c/0x110 [ 2405.899315] ? lock_acquire+0x197/0x470 [ 2405.899685] ? find_held_lock+0x2c/0x110 [ 2405.900066] ? __might_fault+0xd3/0x180 [ 2405.900436] ? lock_downgrade+0x6d0/0x6d0 [ 2405.900825] ? sock_has_perm+0x1ea/0x280 [ 2405.901202] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2405.901697] ? __import_iovec+0x458/0x590 [ 2405.902134] ? udp_v6_push_pending_frames+0x360/0x360 [ 2405.902616] inet6_sendmsg+0x105/0x140 [ 2405.902979] ? inet6_compat_ioctl+0x320/0x320 [ 2405.903394] __sock_sendmsg+0xf2/0x190 [ 2405.903757] ____sys_sendmsg+0x334/0x870 [ 2405.904137] ? sock_write_iter+0x3d0/0x3d0 [ 2405.904529] ? do_recvmmsg+0x6d0/0x6d0 [ 2405.904890] ? handle_mm_fault+0x9e9/0x3500 [ 2405.905292] ? __lock_acquire+0x1657/0x5b00 [ 2405.905692] ? find_held_lock+0x2c/0x110 [ 2405.906090] ___sys_sendmsg+0xf3/0x170 [ 2405.906454] ? sendmsg_copy_msghdr+0x160/0x160 [ 2405.906875] ? vmacache_find+0x55/0x2a0 [ 2405.907253] ? do_user_addr_fault+0x5b0/0xc60 [ 2405.907672] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2405.908156] ? exc_page_fault+0xca/0x1a0 [ 2405.908533] ? trace_hardirqs_on+0x5b/0x180 [ 2405.908933] ? exc_page_fault+0xca/0x1a0 [ 2405.909313] ? asm_exc_page_fault+0x1e/0x30 [ 2405.909726] __sys_sendmmsg+0x195/0x470 [ 2405.910116] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2405.910517] ? lock_downgrade+0x6d0/0x6d0 [ 2405.910916] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2405.911366] ? wait_for_completion_io+0x270/0x270 [ 2405.911816] ? rcu_read_lock_any_held+0x75/0xa0 [ 2405.912246] ? vfs_write+0x354/0xb10 [ 2405.912594] ? fput_many+0x2f/0x1a0 [ 2405.912935] ? ksys_write+0x1a9/0x260 [ 2405.913289] ? __ia32_sys_read+0xb0/0xb0 [ 2405.913673] __x64_sys_sendmmsg+0x99/0x100 [ 2405.914082] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2405.914558] do_syscall_64+0x33/0x40 [ 2405.914905] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2405.915377] RIP: 0033:0x7f0fecadbb19 [ 2405.915723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2405.917407] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2405.918120] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2405.918776] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2405.919433] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2405.920089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2405.920746] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 [ 2405.977205] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue [ 2406.006320] EXT4-fs (loop6): re-mounted. Opts: (null) 03:04:40 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1b02}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:04:40 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000040)='./file0\x00', 0x220) 03:04:40 executing program 4: syz_usb_connect$hid(0x2, 0x3f, &(0x7f00000000c0)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0xff, 0x56a, 0x323, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x0, 0xc0, 0x4, [{{0x9, 0x4, 0x0, 0x2, 0x2, 0x3, 0x1, 0x3, 0x40, {0x9, 0x21, 0x4297, 0x8b, 0x1, {0x22, 0xa2a}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0x80, 0x20, 0x7}}, [{{0x9, 0x5, 0x2, 0x3, 0x400, 0x1, 0x2, 0x80}}]}}}]}}]}}, &(0x7f0000000200)={0xa, &(0x7f0000000180)={0xa, 0x6, 0x310, 0x2, 0x5, 0x4, 0xff, 0x5}, 0x4f, &(0x7f0000000280)={0x5, 0xf, 0x4f, 0x6, [@ext_cap={0x7, 0x10, 0x2, 0x10, 0x5, 0x6, 0x3}, @ext_cap={0x7, 0x10, 0x2, 0x2, 0xf, 0x5, 0x6}, @ssp_cap={0x1c, 0x10, 0xa, 0x3, 0x4, 0x24f, 0xf00, 0x80, [0xff0000, 0xff3f0f, 0xf, 0xf]}, @wireless={0xb, 0x10, 0x1, 0x8, 0x1, 0x8, 0x1f, 0x7, 0x1f}, @wireless={0xb, 0x10, 0x1, 0xe, 0x20, 0x9, 0xfd, 0x7fff, 0x16}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x2, 0x6, 0x2, 0xd61}]}, 0x1, [{0x93, &(0x7f0000000300)=@string={0x93, 0x3, "73bec86d091bcb5c87e893fe5eccf501e52db8a064b802caa0f7a2654310b8d0cd224754ea0a5d38270f01759364d06f74d9e2f5f031378d7595b7a05025dc451ca8d07f4d92c38ec1464b44ca9333023b1f01d0ab48c6bf6d5e75a8fcd2d2f12709adf63bc01f2dab5cc2535e18a5db9eec8bb9f5debc54faa55a52c800404a1fbd85a72c7ae293dd2c6e43defe20bf62"}}]}) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x342, 0x1) write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) syz_usb_connect$hid(0x0, 0x36, &(0x7f00000003c0)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0xff, 0x56a, 0x22, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x3, 0x40, 0xfe, [{{0x9, 0x4, 0x0, 0x20, 0x2, 0x3, 0x1, 0x1, 0x3, {0x9, 0x21, 0x0, 0x8, 0x1, {0x22, 0x464}}, {{{0x9, 0x5, 0x81, 0x3, 0x10, 0x7, 0x7f, 0x80}}}}}]}}]}}, &(0x7f0000000780)={0xa, &(0x7f0000000400)={0xa, 0x6, 0x110, 0x3d, 0xc0, 0x80, 0x10, 0x82}, 0x85, &(0x7f0000000440)={0x5, 0xf, 0x85, 0x2, [@ss_container_id={0x14, 0x10, 0x4, 0x2, "63382af1fe158a774119d53e3a175268"}, @generic={0x6c, 0x10, 0x3, "711349e89002e80110eeaae58ca7074066d031ad43e2a807a3426fc9d0f657bfa23f6546ad2eb5752ec15bb95bc4955f9828f965b628ee5836fcfc5da3fc0c36292f1815153a32f7412ce7b04b3878135d46f72e6a4b2be58e14836aaca714df2dd36b0a4b92cd2c44"}]}, 0x7, [{0x4, &(0x7f0000000500)=@lang_id={0x4, 0x3, 0x407}}, {0x4, &(0x7f0000000540)=@lang_id={0x4, 0x3, 0x421}}, {0x35, &(0x7f0000000580)=@string={0x35, 0x3, "6838525cb19fdb68ff96c49b80703060e5438b73ed04f7ffb2c8c63c0c03d04ff886725cd6940e575d3399bc9c0c3333a86748"}}, {0x4, &(0x7f00000005c0)=@lang_id={0x4, 0x3, 0x427}}, {0x4, &(0x7f0000000600)=@lang_id={0x4, 0x3, 0x80c}}, {0xe6, &(0x7f0000000640)=@string={0xe6, 0x3, "83a69cffef7120de830c7f955518085496dc8f59a7339f7a845c19860c062c8f2d85e25098159d18df51a4e0a832b62bab143f0127d0161907267255c87f49cc0f2e64928e14b7550c67c95c6dcc47ca34a58170a040f6cc2375ceb617efa87264c74f63300c0fd8a9edd1fa0f2e89f9225f99e2cb89bde686435008b0a46521cd86a7296ef91bf95ecd10dff14ed53399abbfe6b9653a167814e9fd67fedefc06d4a4923bf8fe7f2d20ae165315f46ed34d8c4813071d65be544d1c5a716550455d7992599ebec054a38193bc5e170fb0ab4536bac79704e6a02eb50812bd6e06ca3165"}}, {0x36, &(0x7f0000000740)=@string={0x36, 0x3, "6ee1da888b40abca04b8879531e29ffe23e1efb83b95177441efc42d3a5fe561be2446e26538d3f0cb7f450b092f32d81e262ac4"}}]}) 03:04:40 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b8b6eddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:04:40 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext={0x800}, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r1}, &(0x7f0000000340)) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b68, 0x0) fcntl$dupfd(r3, 0x406, r0) timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x16, 0xd01}, 0x14}}, 0x0) read(r4, &(0x7f0000000080)=""/65, 0x41) timer_gettime(r2, &(0x7f0000000080)) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="000507000000000000003000"]) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) statx(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x4000, 0x80, &(0x7f0000000240)) 03:04:40 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d060900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:04:40 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080000d9f4655fdaf2655fdaf4655f000000000000060004", 0x1d, 0x2200}], 0x0, &(0x7f00000005c0)=ANY=[]) chroot(&(0x7f0000000180)='./file0\x00') r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f00000001c0)={0x8, 0x2c, 0xb, 0x1e, 0xa, 0x401, 0x2, 0x136}) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x9, 0x0, 0x84, 0x4, 0x62, 0x1}) ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000000)={0x9, 0x0, 0x0, 0xc, 0x4}) r2 = dup2(0xffffffffffffffff, r1) syz_io_uring_setup(0x2bc5, &(0x7f00000004c0)={0x0, 0x52e7, 0x1d}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x6, 0x8, 0x65, 0x6, 0x0, 0x1, 0x1085, 0x1d, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x192f, 0x4, @perf_config_ext={0x80, 0x3}, 0x3000, 0x1ff, 0x8, 0x2, 0x0, 0x4, 0xfff9, 0x0, 0xfff}, 0x0, 0xb, r0, 0xd) r3 = accept$inet(r2, &(0x7f0000000080)={0x2, 0x0, @multicast1}, &(0x7f00000000c0)=0x10) ioctl$FIONCLEX(r3, 0x5450) umount2(&(0x7f0000000040)='./file0\x00', 0x0) creat(0x0, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) close(r4) write(r4, &(0x7f0000000380)="ccf6a517e64c6a83f0b8dd5a873a85b53245b0bcc1969a29a632fc00470ae93ab196255db590146fa2004c98092923cdb06c71ed3e2e5ec7ac80bbea590370996b32e192bad4e1b589964b070aefffc7a7ed71f52dcc8dedd67c5a016fe567b2a151f378147090effa238d79f5e3ce3cb61583cff44678b25273010343ca78d9a034af89264e4594ee2d30c6fed313c0a330a4e153d60aba0a3d655c08ef8227e76edd486cdc733d7cbfa2c7a9ed2fee3bdc4670a4be81e4d01371c296800795dabfd5049770f2b81d106cc33fae", 0xce) [ 2406.164280] udc-core: couldn't find an available UDC or it's busy [ 2406.164914] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 03:04:40 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x2402}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) [ 2406.175536] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2406.175536] program syz-executor.3 not setting count and/or reply_len properly 03:04:40 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 31) [ 2406.204220] udc-core: couldn't find an available UDC or it's busy [ 2406.204974] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 03:04:40 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb30535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) [ 2406.271278] FAULT_INJECTION: forcing a failure. [ 2406.271278] name failslab, interval 1, probability 0, space 0, times 0 [ 2406.272390] CPU: 0 PID: 12354 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2406.273163] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2406.273935] Call Trace: [ 2406.274198] dump_stack+0x107/0x167 [ 2406.274551] should_fail.cold+0x5/0xa [ 2406.274910] ? create_object.isra.0+0x3a/0xa20 [ 2406.275339] should_failslab+0x5/0x20 [ 2406.275693] kmem_cache_alloc+0x5b/0x310 [ 2406.276074] create_object.isra.0+0x3a/0xa20 [ 2406.276479] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2406.276955] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 2406.277441] ? alloc_skb_with_frags+0x92/0x570 [ 2406.277869] __alloc_skb+0xb1/0x5b0 [ 2406.278229] alloc_skb_with_frags+0x92/0x570 [ 2406.278641] ? sock_alloc_send_pskb+0x9c/0x930 [ 2406.279068] sock_alloc_send_pskb+0x7af/0x930 [ 2406.279500] ? sk_alloc+0x350/0x350 [ 2406.279840] ? SOFTIRQ_verbose+0x10/0x10 [ 2406.280223] ? lock_release+0x680/0x680 [ 2406.280592] ? find_held_lock+0x2c/0x110 [ 2406.280983] __ip_append_data+0x1628/0x3310 [ 2406.281393] ? lock_downgrade+0x6d0/0x6d0 [ 2406.281787] ? do_raw_spin_lock+0x121/0x260 [ 2406.282209] ? ip_frag_init+0x350/0x350 [ 2406.282589] ? ip_finish_output+0x330/0x330 [ 2406.283000] ? ip_route_output_key_hash+0x1a4/0x340 [ 2406.283474] ? __sock_tx_timestamp+0xa3/0xc0 [ 2406.283893] ip_make_skb+0x22a/0x2a0 [ 2406.284251] ? ip_frag_init+0x350/0x350 [ 2406.284634] ? ip_flush_pending_frames+0x20/0x20 [ 2406.285086] ? lock_downgrade+0x6d0/0x6d0 [ 2406.285485] ? xfrm_lookup_route+0x65/0x210 [ 2406.285914] udp_sendmsg+0x193f/0x2160 [ 2406.286290] ? ip_frag_init+0x350/0x350 [ 2406.286678] ? udp_setsockopt+0xc0/0xc0 [ 2406.287052] ? mark_lock+0xf5/0x2df0 [ 2406.287413] ? lock_chain_count+0x20/0x20 [ 2406.287810] ? mark_lock+0xf5/0x2df0 [ 2406.288167] ? mark_lock+0xf5/0x2df0 [ 2406.288519] ? lock_chain_count+0x20/0x20 [ 2406.288911] ? lock_chain_count+0x20/0x20 [ 2406.289303] ? prep_new_page+0x16d/0x1d0 [ 2406.289688] ? lock_chain_count+0x20/0x20 [ 2406.290109] ? __lock_acquire+0x1657/0x5b00 [ 2406.290522] udpv6_sendmsg+0x1b30/0x2ad0 [ 2406.290912] ? __lock_acquire+0x1657/0x5b00 [ 2406.291322] ? udp_v6_push_pending_frames+0x360/0x360 [ 2406.291808] ? lock_acquire+0x197/0x470 [ 2406.292177] ? find_held_lock+0x2c/0x110 [ 2406.292557] ? lock_acquire+0x197/0x470 [ 2406.292930] ? find_held_lock+0x2c/0x110 [ 2406.293310] ? __might_fault+0xd3/0x180 [ 2406.293679] ? lock_downgrade+0x6d0/0x6d0 [ 2406.294091] ? sock_has_perm+0x1ea/0x280 [ 2406.294479] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2406.294982] ? __import_iovec+0x458/0x590 [ 2406.295375] ? udp_v6_push_pending_frames+0x360/0x360 [ 2406.295856] inet6_sendmsg+0x105/0x140 [ 2406.296218] ? inet6_compat_ioctl+0x320/0x320 [ 2406.296635] __sock_sendmsg+0xf2/0x190 [ 2406.296997] ____sys_sendmsg+0x334/0x870 [ 2406.297376] ? sock_write_iter+0x3d0/0x3d0 [ 2406.297768] ? do_recvmmsg+0x6d0/0x6d0 [ 2406.298139] ? handle_mm_fault+0x9e9/0x3500 [ 2406.298544] ? __lock_acquire+0x1657/0x5b00 [ 2406.298953] ? find_held_lock+0x2c/0x110 [ 2406.299340] ___sys_sendmsg+0xf3/0x170 [ 2406.299708] ? sendmsg_copy_msghdr+0x160/0x160 [ 2406.300129] ? vmacache_find+0x55/0x2a0 [ 2406.300509] ? do_user_addr_fault+0x5b0/0xc60 [ 2406.300931] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2406.301417] ? exc_page_fault+0xca/0x1a0 [ 2406.301798] ? trace_hardirqs_on+0x5b/0x180 [ 2406.302230] ? exc_page_fault+0xca/0x1a0 [ 2406.302610] ? asm_exc_page_fault+0x1e/0x30 [ 2406.303021] __sys_sendmmsg+0x195/0x470 [ 2406.303400] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2406.303801] ? lock_downgrade+0x6d0/0x6d0 [ 2406.304196] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2406.304670] ? wait_for_completion_io+0x270/0x270 [ 2406.305135] ? rcu_read_lock_any_held+0x75/0xa0 [ 2406.305564] ? vfs_write+0x354/0xb10 [ 2406.305942] ? fput_many+0x2f/0x1a0 [ 2406.306287] ? ksys_write+0x1a9/0x260 [ 2406.306647] ? __ia32_sys_read+0xb0/0xb0 [ 2406.307048] __x64_sys_sendmmsg+0x99/0x100 [ 2406.307440] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2406.307938] do_syscall_64+0x33/0x40 [ 2406.308284] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2406.308769] RIP: 0033:0x7f0fecadbb19 [ 2406.309124] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2406.310873] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2406.311578] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2406.312233] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2406.312885] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2406.313537] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2406.314202] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 [ 2406.382028] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue [ 2406.442474] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2406.442474] program syz-executor.3 not setting count and/or reply_len properly [ 2406.717322] udc-core: couldn't find an available UDC or it's busy [ 2406.718459] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 2406.721511] udc-core: couldn't find an available UDC or it's busy [ 2406.722668] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 03:04:56 executing program 5: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000440)=[{&(0x7f0000000040)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {0x0}, {0x0, 0x0, 0xffffffffddfffff8}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000011600)="ed41000000080000dff46552e0f4655fe0f4655f000000000000040004", 0x1d, 0x2100}], 0x0, &(0x7f0000000140)) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x1ed982, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0x8}}, './file0\x00'}) r1 = syz_open_dev$loop(&(0x7f0000000080), 0x4, 0x48042) ioctl$LOOP_SET_FD(r1, 0x4c00, r0) r2 = syz_open_dev$sg(&(0x7f0000000180), 0x4000000, 0x180) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r2, {0x1}}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000100000018000000d75839e3ca5869a423a5057d4a6be0f7d4f10ffc50dabfbf7dea7f039c2772c025ece864b836eb620137f4de06af046b3728d0d98e3b57f9b3a0a803278b68b326920d13806bd5f3b61e14bb9a6b8fde07b3d5b2d50a5a9ed4d9d78d687bf2003b6c7dcadd4921c9e9d06dcdfa1f5317194658fd8d47dcdbb90f482a994b4f2cdc6ee86c538157e92e64eafcdfbc15cde3ba860caed9e0d5847b894c", @ANYRES32, @ANYBLOB="01000000000000002e2f66696c653000"]) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0xc03c2, 0x40) writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000200)="af", 0x1}], 0x1) signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f00000004c0)=ANY=[@ANYRES32]) 03:04:56 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sr(0xffffffffffffff9c, 0x0, 0xe8b02, 0x0) r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0xffffffff, 0x0, 0xfffffffe, 0x0, 0x0, r0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000040)=0x0) r4 = socket$inet_tcp(0x2, 0x1, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x3}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000) syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) syz_io_uring_submit(0x0, r3, &(0x7f0000000200)=@IORING_OP_OPENAT2={0x1c, 0x5, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x22, 0x8}, &(0x7f0000000100)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x8) r6 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r6, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) 03:04:56 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0xfdef) open$dir(&(0x7f0000000000)='./file0\x00', 0x100, 0x22) 03:04:56 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddbb6535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:04:56 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 32) 03:04:56 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d290900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:04:56 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080000d9f4655fdaf2655fdaf4655f000000000000060004", 0x1d, 0x2200}], 0x0, &(0x7f00000005c0)=ANY=[]) chroot(&(0x7f0000000180)='./file0\x00') r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f00000001c0)={0x8, 0x2c, 0xb, 0x1e, 0xa, 0x401, 0x2, 0x136}) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x9, 0x0, 0x84, 0x4, 0x62, 0x1}) ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000000)={0x9, 0x0, 0x0, 0xc, 0x4}) r2 = dup2(0xffffffffffffffff, r1) syz_io_uring_setup(0x2bc5, &(0x7f00000004c0)={0x0, 0x52e7, 0x1d}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x6, 0x8, 0x65, 0x6, 0x0, 0x1, 0x1085, 0x1d, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x192f, 0x4, @perf_config_ext={0x80, 0x3}, 0x3000, 0x1ff, 0x8, 0x2, 0x0, 0x4, 0xfff9, 0x0, 0xfff}, 0x0, 0xb, r0, 0xd) r3 = accept$inet(r2, &(0x7f0000000080)={0x2, 0x0, @multicast1}, &(0x7f00000000c0)=0x10) ioctl$FIONCLEX(r3, 0x5450) umount2(&(0x7f0000000040)='./file0\x00', 0x0) creat(0x0, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) close(r4) write(r4, &(0x7f0000000380)="ccf6a517e64c6a83f0b8dd5a873a85b53245b0bcc1969a29a632fc00470ae93ab196255db590146fa2004c98092923cdb06c71ed3e2e5ec7ac80bbea590370996b32e192bad4e1b589964b070aefffc7a7ed71f52dcc8dedd67c5a016fe567b2a151f378147090effa238d79f5e3ce3cb61583cff44678b25273010343ca78d9a034af89264e4594ee2d30c6fed313c0a330a4e153d60aba0a3d655c08ef8227e76edd486cdc733d7cbfa2c7a9ed2fee3bdc4670a4be81e4d01371c296800795dabfd5049770f2b81d106cc33fae", 0xce) 03:04:56 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x2d02}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) [ 2422.138624] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2422.138624] program syz-executor.3 not setting count and/or reply_len properly [ 2422.164454] FAULT_INJECTION: forcing a failure. [ 2422.164454] name failslab, interval 1, probability 0, space 0, times 0 [ 2422.166588] CPU: 0 PID: 12387 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2422.168301] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2422.170115] Call Trace: [ 2422.170375] dump_stack+0x107/0x167 [ 2422.171803] should_fail.cold+0x5/0xa [ 2422.172164] ? skb_clone+0x14f/0x3d0 [ 2422.172516] should_failslab+0x5/0x20 [ 2422.173927] kmem_cache_alloc+0x5b/0x310 [ 2422.174324] skb_clone+0x14f/0x3d0 [ 2422.174659] __skb_tstamp_tx+0x422/0x8d0 [ 2422.176121] __dev_queue_xmit+0x1770/0x2710 [ 2422.176527] ? find_held_lock+0x2c/0x110 [ 2422.177959] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2422.178402] ? lock_downgrade+0x6d0/0x6d0 [ 2422.179870] ? lock_acquire+0x197/0x470 [ 2422.180241] ? ip_finish_output2+0x220/0x21f0 [ 2422.180661] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2422.182217] neigh_connected_output+0x382/0x4d0 [ 2422.182655] ip_finish_output2+0x6f1/0x21f0 [ 2422.184143] ? nf_hook_slow+0xfc/0x1e0 [ 2422.184508] ? ip_frag_next+0x9e0/0x9e0 [ 2422.185935] ? nf_hook+0x160/0x510 [ 2422.186287] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2422.187843] __ip_finish_output.part.0+0x5f3/0xb50 [ 2422.188296] ? ip_fragment.constprop.0+0x240/0x240 [ 2422.189798] ? nf_hook+0x510/0x510 [ 2422.190146] ip_output+0x2f7/0x600 [ 2422.190483] ip_send_skb+0xdd/0x260 [ 2422.191915] udp_send_skb+0x6da/0x11d0 [ 2422.192287] udp_sendmsg+0x197f/0x2160 [ 2422.192653] ? ip_frag_init+0x350/0x350 [ 2422.193954] ? udp_setsockopt+0xc0/0xc0 [ 2422.194356] ? mark_lock+0xf5/0x2df0 [ 2422.194910] ? mark_lock+0xf5/0x2df0 [ 2422.195256] ? lock_chain_count+0x20/0x20 [ 2422.195643] ? lock_chain_count+0x20/0x20 [ 2422.196154] ? __lock_acquire+0x1657/0x5b00 [ 2422.196561] udpv6_sendmsg+0x1b30/0x2ad0 [ 2422.197134] ? __lock_acquire+0x1657/0x5b00 [ 2422.197543] ? udp_v6_push_pending_frames+0x360/0x360 [ 2422.198121] ? lock_acquire+0x197/0x470 [ 2422.198492] ? find_held_lock+0x2c/0x110 [ 2422.199087] ? lock_acquire+0x197/0x470 [ 2422.199454] ? find_held_lock+0x2c/0x110 [ 2422.200303] ? __might_fault+0xd3/0x180 [ 2422.200765] ? lock_downgrade+0x6d0/0x6d0 [ 2422.201322] ? sock_has_perm+0x1ea/0x280 [ 2422.201742] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2422.202417] ? __import_iovec+0x458/0x590 [ 2422.202845] ? udp_v6_push_pending_frames+0x360/0x360 [ 2422.203491] inet6_sendmsg+0x105/0x140 [ 2422.203927] ? inet6_compat_ioctl+0x320/0x320 [ 2422.204507] __sock_sendmsg+0xf2/0x190 [ 2422.204910] ____sys_sendmsg+0x334/0x870 [ 2422.205287] ? sock_write_iter+0x3d0/0x3d0 [ 2422.205879] ? do_recvmmsg+0x6d0/0x6d0 [ 2422.206258] ? handle_mm_fault+0x9e9/0x3500 [ 2422.206842] ? __lock_acquire+0x1657/0x5b00 [ 2422.207243] ? find_held_lock+0x2c/0x110 [ 2422.207802] ___sys_sendmsg+0xf3/0x170 [ 2422.208523] ? sendmsg_copy_msghdr+0x160/0x160 [ 2422.209421] ? vmacache_find+0x55/0x2a0 [ 2422.209842] ? do_user_addr_fault+0x5b0/0xc60 [ 2422.210433] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2422.210965] ? exc_page_fault+0xca/0x1a0 [ 2422.211500] ? trace_hardirqs_on+0x5b/0x180 [ 2422.211938] ? exc_page_fault+0xca/0x1a0 [ 2422.212482] ? asm_exc_page_fault+0x1e/0x30 [ 2422.212936] __sys_sendmmsg+0x195/0x470 [ 2422.213473] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2422.213948] ? lock_downgrade+0x6d0/0x6d0 [ 2422.214516] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2422.215012] ? wait_for_completion_io+0x270/0x270 [ 2422.215636] ? rcu_read_lock_any_held+0x75/0xa0 [ 2422.216074] ? vfs_write+0x354/0xb10 [ 2422.216419] ? fput_many+0x2f/0x1a0 [ 2422.216937] ? ksys_write+0x1a9/0x260 [ 2422.217289] ? __ia32_sys_read+0xb0/0xb0 [ 2422.217874] __x64_sys_sendmmsg+0x99/0x100 [ 2422.218282] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2422.218997] do_syscall_64+0x33/0x40 [ 2422.219341] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2422.220008] RIP: 0033:0x7f0fecadbb19 [ 2422.220363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2422.222440] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2422.223337] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2422.224691] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2422.225346] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2422.226214] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2422.227040] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 03:04:57 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a0a5fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) [ 2422.452033] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2422.452033] program syz-executor.3 not setting count and/or reply_len properly 03:05:13 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 33) 03:05:13 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x3602}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:05:13 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a255fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:05:13 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000400)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a02}, {&(0x7f00000002c0)="267035257e10ab98fb89c9b83815614fc887e09ba3a9771f88ded298ef52a843a8fd1be5fb3c59f5fcc2154abe6d4207c52fdd62e75ce664854c83615ea4a7fcffcc9f", 0x43, 0x81}, {&(0x7f0000000000)="66bfcf890e051e63d70651d61da106226f9078e74a6db41013b2d3f642bd939480b007771f07", 0x26, 0x8}, {&(0x7f0000000340)="8d17f751a0de37b86a4d38e0c45a4bf5fa8f461387df01418ad0cb4dc15fd08ebcac7610f14b862fa020d89e70c3d228fe0fe46c871795e95347344447306b49b3657a69c18c7f34c1ea73cc347fdccfa5b0a3087f0c6d4fbc903afa64cbb4b94a28d078d999315b9d0aff257ac7d4cd618d6ea6e5e84a82dbbfe8819f41e171e5", 0x81, 0x1}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) 03:05:13 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2b0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:05:13 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080000d9f4655fdaf2655fdaf4655f000000000000060004", 0x1d, 0x2200}], 0x0, &(0x7f00000005c0)=ANY=[]) chroot(&(0x7f0000000180)='./file0\x00') r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f00000001c0)={0x8, 0x2c, 0xb, 0x1e, 0xa, 0x401, 0x2, 0x136}) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x9, 0x0, 0x84, 0x4, 0x62, 0x1}) ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000000)={0x9, 0x0, 0x0, 0xc, 0x4}) r2 = dup2(0xffffffffffffffff, r1) syz_io_uring_setup(0x2bc5, &(0x7f00000004c0)={0x0, 0x52e7, 0x1d}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x6, 0x8, 0x65, 0x6, 0x0, 0x1, 0x1085, 0x1d, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x192f, 0x4, @perf_config_ext={0x80, 0x3}, 0x3000, 0x1ff, 0x8, 0x2, 0x0, 0x4, 0xfff9, 0x0, 0xfff}, 0x0, 0xb, r0, 0xd) r3 = accept$inet(r2, &(0x7f0000000080)={0x2, 0x0, @multicast1}, &(0x7f00000000c0)=0x10) ioctl$FIONCLEX(r3, 0x5450) umount2(&(0x7f0000000040)='./file0\x00', 0x0) creat(0x0, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) close(r4) write(r4, &(0x7f0000000380)="ccf6a517e64c6a83f0b8dd5a873a85b53245b0bcc1969a29a632fc00470ae93ab196255db590146fa2004c98092923cdb06c71ed3e2e5ec7ac80bbea590370996b32e192bad4e1b589964b070aefffc7a7ed71f52dcc8dedd67c5a016fe567b2a151f378147090effa238d79f5e3ce3cb61583cff44678b25273010343ca78d9a034af89264e4594ee2d30c6fed313c0a330a4e153d60aba0a3d655c08ef8227e76edd486cdc733d7cbfa2c7a9ed2fee3bdc4670a4be81e4d01371c296800795dabfd5049770f2b81d106cc33fae", 0xce) 03:05:13 executing program 2: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000400)={0x2, 0x80, 0xc0, 0x0, 0x1, 0x6, 0x0, 0x5, 0x80, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x3, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x7, 0x1, @perf_config_ext={0xffff, 0x9}, 0x58440, 0x400, 0x4, 0x3, 0xba4, 0x6, 0x6, 0x0, 0x2, 0x0, 0x80000000}, 0xffffffffffffffff, 0xc, 0xffffffffffffffff, 0x2) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) fcntl$setlease(r0, 0x400, 0x1) r2 = perf_event_open(0x0, 0x0, 0x0, r1, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) write$sndseq(0xffffffffffffffff, &(0x7f0000000280)=[{0x81, 0x6, 0x1, 0x3, @time={0x81, 0x6}, {0x1}, {0x3, 0x9}, @queue={0x8, {0x9}}}, {0xf7, 0x4, 0x7, 0xfc, @tick=0x80, {0x8, 0x80}, {0x4, 0x7}, @raw32={[0x5, 0x1, 0x7fff]}}, {0x6, 0x4, 0x5, 0x4, @time={0x5, 0x1ffe00}, {0xd7, 0x7f}, {0x6}, @quote={{0x1, 0xfb}, 0x9, &(0x7f0000000040)={0x9, 0x9, 0x7, 0x0, @tick=0x8, {0x7, 0x3}, {0x20, 0x8}, @result={0x8, 0x2}}}}, {0x0, 0x6, 0x1, 0x8, @tick=0x149b, {0x40, 0x81}, {0x0, 0x4}, @raw32={[0x4, 0x6372, 0x6]}}, {0x2, 0x7, 0x8a, 0x26, @time={0x5b3, 0x5fc}, {0x8, 0x5}, {0x5, 0x70}, @addr={0x5, 0x5}}, {0x4, 0x40, 0x40, 0x5, @tick=0xd490, {0x4, 0x1}, {0x5, 0x8}, @ext={0x41, &(0x7f0000000200)="775bd32a6bc5204a6d0deddfa3144d6fa4ff6db7a8a7a0b302de440c8686fd1fb4944791cd70ba25c0602f20ae795f245fb3653ee2f2e3d98cda68129f10ed71da"}}, {0x4, 0x3f, 0x1, 0x1, @time={0x6}, {0x0, 0x2}, {0x72, 0x10}, @time=@time={0x2}}], 0xc4) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000001980), 0x2040, 0x0) perf_event_open(&(0x7f0000000380)={0x3, 0x80, 0x7f, 0x9, 0xb9, 0x81, 0x0, 0x9, 0x4, 0x9, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1ca, 0x0, @perf_bp={&(0x7f0000000100), 0x8}, 0x2000, 0x8, 0x8, 0x1, 0x7c, 0x479, 0xfff8, 0x0, 0x1f, 0x0, 0x1}, 0xffffffffffffffff, 0xc, r3, 0x3) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) close(r4) fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) ioctl$FIONCLEX(r2, 0x5450) 03:05:13 executing program 5: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d060900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) [ 2438.729637] FAULT_INJECTION: forcing a failure. [ 2438.729637] name failslab, interval 1, probability 0, space 0, times 0 [ 2438.732536] CPU: 0 PID: 12426 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2438.734616] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2438.736382] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2438.736382] program syz-executor.3 not setting count and/or reply_len properly [ 2438.736793] Call Trace: [ 2438.736825] dump_stack+0x107/0x167 [ 2438.736843] should_fail.cold+0x5/0xa [ 2438.741213] ? create_object.isra.0+0x3a/0xa20 [ 2438.742423] should_failslab+0x5/0x20 [ 2438.743455] kmem_cache_alloc+0x5b/0x310 [ 2438.744468] ? mark_lock+0xf5/0x2df0 [ 2438.745409] create_object.isra.0+0x3a/0xa20 [ 2438.746568] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2438.747833] kmem_cache_alloc+0x159/0x310 [ 2438.748855] skb_clone+0x14f/0x3d0 [ 2438.749656] __skb_tstamp_tx+0x422/0x8d0 [ 2438.750790] __dev_queue_xmit+0x1770/0x2710 [ 2438.751837] ? find_held_lock+0x2c/0x110 [ 2438.752828] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2438.753918] ? lock_downgrade+0x6d0/0x6d0 [ 2438.755008] ? lock_acquire+0x197/0x470 [ 2438.755968] ? ip_finish_output2+0x220/0x21f0 [ 2438.757060] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2438.758389] neigh_connected_output+0x382/0x4d0 [ 2438.759581] ip_finish_output2+0x6f1/0x21f0 [ 2438.760676] ? nf_hook_slow+0xfc/0x1e0 [ 2438.761641] ? ip_frag_next+0x9e0/0x9e0 [ 2438.762601] ? nf_hook+0x160/0x510 [ 2438.763455] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2438.764670] __ip_finish_output.part.0+0x5f3/0xb50 [ 2438.765905] ? ip_fragment.constprop.0+0x240/0x240 [ 2438.767073] ? nf_hook+0x510/0x510 [ 2438.767949] ip_output+0x2f7/0x600 [ 2438.769178] ip_send_skb+0xdd/0x260 [ 2438.770070] udp_send_skb+0x6da/0x11d0 [ 2438.771036] udp_sendmsg+0x197f/0x2160 [ 2438.771989] ? ip_frag_init+0x350/0x350 [ 2438.772978] ? udp_setsockopt+0xc0/0xc0 [ 2438.773941] ? mark_lock+0xf5/0x2df0 [ 2438.774853] ? lock_chain_count+0x20/0x20 [ 2438.775858] ? mark_lock+0xf5/0x2df0 [ 2438.776761] ? mark_lock+0xf5/0x2df0 [ 2438.777616] ? lock_chain_count+0x20/0x20 [ 2438.778622] ? lock_chain_count+0x20/0x20 [ 2438.779636] ? prep_new_page+0x16d/0x1d0 [ 2438.780619] ? lock_chain_count+0x20/0x20 [ 2438.781648] ? __lock_acquire+0x1657/0x5b00 [ 2438.782737] udpv6_sendmsg+0x1b30/0x2ad0 [ 2438.783668] ? __lock_acquire+0x1657/0x5b00 [ 2438.784765] ? udp_v6_push_pending_frames+0x360/0x360 [ 2438.786002] ? lock_acquire+0x197/0x470 [ 2438.786960] ? find_held_lock+0x2c/0x110 [ 2438.787945] ? lock_acquire+0x197/0x470 [ 2438.788924] ? find_held_lock+0x2c/0x110 [ 2438.791566] ? __might_fault+0xd3/0x180 [ 2438.792579] ? lock_downgrade+0x6d0/0x6d0 [ 2438.793721] ? sock_has_perm+0x1ea/0x280 [ 2438.794792] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2438.796236] ? __import_iovec+0x458/0x590 [ 2438.797297] ? udp_v6_push_pending_frames+0x360/0x360 [ 2438.798648] inet6_sendmsg+0x105/0x140 [ 2438.799653] ? inet6_compat_ioctl+0x320/0x320 [ 2438.800805] __sock_sendmsg+0xf2/0x190 [ 2438.801735] ____sys_sendmsg+0x334/0x870 [ 2438.802677] ? sock_write_iter+0x3d0/0x3d0 [ 2438.806106] ? do_recvmmsg+0x6d0/0x6d0 [ 2438.807050] ? handle_mm_fault+0x9e9/0x3500 [ 2438.808084] ? __lock_acquire+0x1657/0x5b00 [ 2438.809132] ? find_held_lock+0x2c/0x110 [ 2438.810117] ___sys_sendmsg+0xf3/0x170 [ 2438.811146] ? sendmsg_copy_msghdr+0x160/0x160 [ 2438.812310] ? vmacache_find+0x55/0x2a0 [ 2438.813342] ? do_user_addr_fault+0x5b0/0xc60 [ 2438.814476] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2438.815942] ? exc_page_fault+0xca/0x1a0 [ 2438.817067] ? trace_hardirqs_on+0x5b/0x180 [ 2438.818202] ? exc_page_fault+0xca/0x1a0 [ 2438.819278] ? asm_exc_page_fault+0x1e/0x30 [ 2438.820402] __sys_sendmmsg+0x195/0x470 [ 2438.821465] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2438.822750] ? lock_downgrade+0x6d0/0x6d0 [ 2438.823780] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2438.824989] ? wait_for_completion_io+0x270/0x270 [ 2438.826194] ? rcu_read_lock_any_held+0x75/0xa0 [ 2438.827335] ? vfs_write+0x354/0xb10 [ 2438.828254] ? fput_many+0x2f/0x1a0 [ 2438.829185] ? ksys_write+0x1a9/0x260 [ 2438.830136] ? __ia32_sys_read+0xb0/0xb0 [ 2438.831160] __x64_sys_sendmmsg+0x99/0x100 [ 2438.832195] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2438.833472] do_syscall_64+0x33/0x40 [ 2438.834407] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2438.835658] RIP: 0033:0x7f0fecadbb19 [ 2438.836573] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2438.841461] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2438.843363] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2438.845128] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2438.846960] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2438.848673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2438.850480] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 03:05:13 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2ab65fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:05:13 executing program 5: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d060900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:05:13 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x3f02}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) [ 2438.931261] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue 03:05:13 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0xfdef) openat(r0, &(0x7f0000000000)='./file0\x00', 0x408201, 0xd) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) 03:05:13 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffca77}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) pidfd_send_signal(r0, 0x7, &(0x7f0000000200)={0x34, 0xffff, 0x200}, 0x0) r1 = openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) openat(r1, &(0x7f0000000040)='./file0\x00', 0x630800, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) 03:05:13 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2f0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) [ 2438.968518] EXT4-fs (loop6): re-mounted. Opts: (null) [ 2438.991515] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2438.991515] program syz-executor.3 not setting count and/or reply_len properly 03:05:13 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080000d9f4655fdaf2655fdaf4655f000000000000060004", 0x1d, 0x2200}], 0x0, &(0x7f00000005c0)=ANY=[]) chroot(&(0x7f0000000180)='./file0\x00') r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f00000001c0)={0x8, 0x2c, 0xb, 0x1e, 0xa, 0x401, 0x2, 0x136}) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x9, 0x0, 0x84, 0x4, 0x62, 0x1}) ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000000)={0x9, 0x0, 0x0, 0xc, 0x4}) r2 = dup2(0xffffffffffffffff, r1) syz_io_uring_setup(0x2bc5, &(0x7f00000004c0)={0x0, 0x52e7, 0x1d}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x6, 0x8, 0x65, 0x6, 0x0, 0x1, 0x1085, 0x1d, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x192f, 0x4, @perf_config_ext={0x80, 0x3}, 0x3000, 0x1ff, 0x8, 0x2, 0x0, 0x4, 0xfff9, 0x0, 0xfff}, 0x0, 0xb, r0, 0xd) r3 = accept$inet(r2, &(0x7f0000000080)={0x2, 0x0, @multicast1}, &(0x7f00000000c0)=0x10) ioctl$FIONCLEX(r3, 0x5450) umount2(&(0x7f0000000040)='./file0\x00', 0x0) creat(0x0, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) close(r4) 03:05:13 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 34) 03:05:13 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a530abd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) [ 2439.156816] FAULT_INJECTION: forcing a failure. [ 2439.156816] name failslab, interval 1, probability 0, space 0, times 0 [ 2439.159494] CPU: 0 PID: 12462 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2439.161047] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2439.162923] Call Trace: [ 2439.163515] dump_stack+0x107/0x167 [ 2439.164330] should_fail.cold+0x5/0xa [ 2439.165184] ? lock_release+0x680/0x680 [ 2439.166078] ? skb_clone+0x14f/0x3d0 [ 2439.166925] should_failslab+0x5/0x20 [ 2439.167777] kmem_cache_alloc+0x5b/0x310 [ 2439.168684] ? lock_downgrade+0x6d0/0x6d0 [ 2439.169613] skb_clone+0x14f/0x3d0 [ 2439.170424] dev_queue_xmit_nit+0x3a7/0xb00 [ 2439.171393] ? ipv6_mc_check_mld+0x1110/0x1110 [ 2439.172424] dev_hard_start_xmit+0xab/0x6f0 [ 2439.173393] __dev_queue_xmit+0x17ec/0x2710 [ 2439.174375] ? find_held_lock+0x2c/0x110 [ 2439.175285] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2439.176311] ? lock_downgrade+0x6d0/0x6d0 [ 2439.177235] ? lock_acquire+0x197/0x470 [ 2439.178127] ? ip_finish_output2+0x220/0x21f0 [ 2439.179147] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2439.180326] neigh_connected_output+0x382/0x4d0 [ 2439.181373] ip_finish_output2+0x6f1/0x21f0 [ 2439.182350] ? nf_hook_slow+0xfc/0x1e0 [ 2439.183225] ? ip_frag_next+0x9e0/0x9e0 [ 2439.184128] ? nf_hook+0x160/0x510 [ 2439.184922] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2439.186059] __ip_finish_output.part.0+0x5f3/0xb50 [ 2439.187190] ? ip_fragment.constprop.0+0x240/0x240 [ 2439.188303] ? nf_hook+0x510/0x510 [ 2439.189116] ip_output+0x2f7/0x600 [ 2439.189916] ip_send_skb+0xdd/0x260 [ 2439.190743] udp_send_skb+0x6da/0x11d0 [ 2439.191625] udp_sendmsg+0x197f/0x2160 [ 2439.192495] ? ip_frag_init+0x350/0x350 [ 2439.193407] ? udp_setsockopt+0xc0/0xc0 [ 2439.194303] ? mark_lock+0xf5/0x2df0 [ 2439.195140] ? lock_chain_count+0x20/0x20 [ 2439.196074] ? mark_lock+0xf5/0x2df0 [ 2439.196909] ? mark_lock+0xf5/0x2df0 [ 2439.197741] ? lock_chain_count+0x20/0x20 [ 2439.200282] ? lock_chain_count+0x20/0x20 [ 2439.201319] ? prep_new_page+0x16d/0x1d0 [ 2439.202299] ? lock_chain_count+0x20/0x20 [ 2439.203292] ? __lock_acquire+0x1657/0x5b00 [ 2439.204318] udpv6_sendmsg+0x1b30/0x2ad0 [ 2439.205319] ? __lock_acquire+0x1657/0x5b00 [ 2439.206550] ? udp_v6_push_pending_frames+0x360/0x360 [ 2439.207713] ? lock_acquire+0x197/0x470 [ 2439.208597] ? find_held_lock+0x2c/0x110 [ 2439.209506] ? lock_acquire+0x197/0x470 [ 2439.210404] ? find_held_lock+0x2c/0x110 [ 2439.211312] ? __might_fault+0xd3/0x180 [ 2439.212198] ? lock_downgrade+0x6d0/0x6d0 [ 2439.213124] ? sock_has_perm+0x1ea/0x280 [ 2439.214031] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2439.215214] ? __import_iovec+0x458/0x590 [ 2439.216140] ? udp_v6_push_pending_frames+0x360/0x360 [ 2439.217296] inet6_sendmsg+0x105/0x140 [ 2439.218168] ? inet6_compat_ioctl+0x320/0x320 [ 2439.219187] __sock_sendmsg+0xf2/0x190 [ 2439.220060] ____sys_sendmsg+0x334/0x870 [ 2439.221070] ? sock_write_iter+0x3d0/0x3d0 [ 2439.222092] ? do_recvmmsg+0x6d0/0x6d0 [ 2439.223028] ? handle_mm_fault+0x9e9/0x3500 [ 2439.224050] ? __lock_acquire+0x1657/0x5b00 [ 2439.225075] ? find_held_lock+0x2c/0x110 [ 2439.226078] ___sys_sendmsg+0xf3/0x170 [ 2439.227081] ? sendmsg_copy_msghdr+0x160/0x160 [ 2439.228179] ? vmacache_find+0x55/0x2a0 [ 2439.229140] ? do_user_addr_fault+0x5b0/0xc60 [ 2439.230201] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2439.231436] ? exc_page_fault+0xca/0x1a0 [ 2439.232423] ? trace_hardirqs_on+0x5b/0x180 [ 2439.233482] ? exc_page_fault+0xca/0x1a0 [ 2439.234406] ? asm_exc_page_fault+0x1e/0x30 [ 2439.235384] __sys_sendmmsg+0x195/0x470 [ 2439.236282] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2439.237246] ? lock_downgrade+0x6d0/0x6d0 [ 2439.238190] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2439.239282] ? wait_for_completion_io+0x270/0x270 [ 2439.240365] ? rcu_read_lock_any_held+0x75/0xa0 [ 2439.241400] ? vfs_write+0x354/0xb10 [ 2439.242236] ? fput_many+0x2f/0x1a0 [ 2439.243054] ? ksys_write+0x1a9/0x260 [ 2439.243905] ? __ia32_sys_read+0xb0/0xb0 [ 2439.244824] __x64_sys_sendmmsg+0x99/0x100 [ 2439.245771] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2439.246936] do_syscall_64+0x33/0x40 [ 2439.247780] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2439.248927] RIP: 0033:0x7f0fecadbb19 [ 2439.249760] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2439.253906] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2439.258844] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2439.259527] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2439.260200] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2439.260857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2439.261509] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 03:05:13 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) accept(r1, &(0x7f00000002c0)=@ethernet={0x0, @remote}, &(0x7f00000000c0)=0x80) write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) 03:05:13 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x4802}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:05:13 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a0a5fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) [ 2439.306240] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2439.306240] program syz-executor.3 not setting count and/or reply_len properly 03:05:14 executing program 2: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r1, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') r3 = creat(&(0x7f0000000140)='./file0\x00', 0x0) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000040)={0x0}, &(0x7f0000000100)=0xc) perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x5, 0x0, 0x7, 0x1, 0x0, 0x1, 0x0, 0x6, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0x3, 0x80000001}, 0x2000, 0x3d, 0x3, 0x0, 0x1, 0x5, 0x2, 0x0, 0x9, 0x0, 0x4b6000000000}, r4, 0x2, r2, 0x1) r5 = openat$cgroup_subtree(r3, &(0x7f0000000300), 0x2, 0x0) mount$cgroup(0x0, &(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x800000, &(0x7f00000003c0)={[{@cpuset_v2_mode}, {}, {@xattr}], [{@context={'context', 0x3d, 'user_u'}}, {@smackfshat={'smackfshat', 0x3d, ',-'}}, {@smackfsfloor={'smackfsfloor', 0x3d, 'cgroup.subtree_control\x00'}}, {@dont_appraise}, {@obj_user={'obj_user', 0x3d, ')@[$-'}}, {@mask={'mask', 0x3d, '^MAY_APPEND'}}, {@subj_type={'subj_type', 0x3d, ',-.'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '{-'}}, {@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}]}) fallocate(r5, 0x12, 0x7, 0x2) r6 = syz_open_dev$rtc(&(0x7f0000000040), 0x9, 0x181002) r7 = getpgrp(0xffffffffffffffff) fcntl$lock(r6, 0x7, &(0x7f0000000640)={0x0, 0x1, 0x1, 0x400, r7}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x19, 0x6, 0x0, 0x0, 0x4, 0x12041, 0xb, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x100000, 0xdff}, 0x400, 0x4, 0x800, 0x1, 0xfff, 0x8, 0xdbac, 0x0, 0x3, 0x0, 0x2000000000000000}, r7, 0x5, r0, 0x8) [ 2439.333118] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue [ 2439.348253] EXT4-fs (loop6): re-mounted. Opts: (null) 03:05:14 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 35) 03:05:14 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a5325bd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) [ 2439.420060] cgroup: Unknown subsys name 'smackfshat' [ 2439.426181] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2439.426181] program syz-executor.5 not setting count and/or reply_len properly 03:05:14 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d3a0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) [ 2439.467273] cgroup: Unknown subsys name 'smackfshat' [ 2439.488941] FAULT_INJECTION: forcing a failure. [ 2439.488941] name failslab, interval 1, probability 0, space 0, times 0 [ 2439.490065] CPU: 1 PID: 12486 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2439.490751] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2439.491562] Call Trace: [ 2439.491830] dump_stack+0x107/0x167 [ 2439.492194] should_fail.cold+0x5/0xa [ 2439.492573] ? create_object.isra.0+0x3a/0xa20 [ 2439.493037] should_failslab+0x5/0x20 [ 2439.493420] kmem_cache_alloc+0x5b/0x310 [ 2439.494366] ? lock_acquire+0x197/0x470 [ 2439.495136] create_object.isra.0+0x3a/0xa20 [ 2439.496204] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2439.497482] kmem_cache_alloc+0x159/0x310 [ 2439.498436] ? lock_downgrade+0x6d0/0x6d0 [ 2439.499395] skb_clone+0x14f/0x3d0 [ 2439.500221] dev_queue_xmit_nit+0x3a7/0xb00 [ 2439.501219] ? ipv6_mc_check_mld+0x1110/0x1110 [ 2439.502275] dev_hard_start_xmit+0xab/0x6f0 [ 2439.503269] __dev_queue_xmit+0x17ec/0x2710 [ 2439.504278] ? find_held_lock+0x2c/0x110 [ 2439.505217] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2439.506270] ? lock_downgrade+0x6d0/0x6d0 [ 2439.507228] ? lock_acquire+0x197/0x470 [ 2439.508138] ? ip_finish_output2+0x220/0x21f0 [ 2439.509159] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2439.510350] neigh_connected_output+0x382/0x4d0 [ 2439.511424] ip_finish_output2+0x6f1/0x21f0 [ 2439.512424] ? nf_hook_slow+0xfc/0x1e0 [ 2439.513329] ? ip_frag_next+0x9e0/0x9e0 [ 2439.514244] ? nf_hook+0x160/0x510 [ 2439.515067] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2439.515117] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2439.515117] program syz-executor.3 not setting count and/or reply_len properly [ 2439.516234] __ip_finish_output.part.0+0x5f3/0xb50 [ 2439.516251] ? ip_fragment.constprop.0+0x240/0x240 [ 2439.516262] ? nf_hook+0x510/0x510 [ 2439.516284] ip_output+0x2f7/0x600 [ 2439.516301] ip_send_skb+0xdd/0x260 [ 2439.516318] udp_send_skb+0x6da/0x11d0 [ 2439.516341] udp_sendmsg+0x197f/0x2160 [ 2439.516357] ? ip_frag_init+0x350/0x350 [ 2439.516389] ? udp_setsockopt+0xc0/0xc0 [ 2439.527912] ? mark_lock+0xf5/0x2df0 [ 2439.528855] ? lock_chain_count+0x20/0x20 [ 2439.529803] ? mark_lock+0xf5/0x2df0 [ 2439.530655] ? mark_lock+0xf5/0x2df0 [ 2439.531510] ? lock_chain_count+0x20/0x20 [ 2439.532459] ? lock_chain_count+0x20/0x20 [ 2439.533411] ? prep_new_page+0x16d/0x1d0 [ 2439.534356] ? lock_chain_count+0x20/0x20 [ 2439.535314] ? __lock_acquire+0x1657/0x5b00 [ 2439.536311] udpv6_sendmsg+0x1b30/0x2ad0 [ 2439.537235] ? __lock_acquire+0x1657/0x5b00 [ 2439.538230] ? udp_v6_push_pending_frames+0x360/0x360 [ 2439.539436] ? lock_acquire+0x197/0x470 [ 2439.540339] ? find_held_lock+0x2c/0x110 [ 2439.541271] ? lock_acquire+0x197/0x470 [ 2439.542181] ? find_held_lock+0x2c/0x110 [ 2439.543124] ? __might_fault+0xd3/0x180 [ 2439.544042] ? lock_downgrade+0x6d0/0x6d0 [ 2439.544991] ? sock_has_perm+0x1ea/0x280 [ 2439.545918] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2439.547139] ? __import_iovec+0x458/0x590 [ 2439.548085] ? udp_v6_push_pending_frames+0x360/0x360 [ 2439.549271] inet6_sendmsg+0x105/0x140 [ 2439.550158] ? inet6_compat_ioctl+0x320/0x320 [ 2439.551186] __sock_sendmsg+0xf2/0x190 [ 2439.552065] ____sys_sendmsg+0x334/0x870 [ 2439.552986] ? sock_write_iter+0x3d0/0x3d0 [ 2439.553949] ? do_recvmmsg+0x6d0/0x6d0 [ 2439.554850] ? handle_mm_fault+0x9e9/0x3500 [ 2439.555838] ? __lock_acquire+0x1657/0x5b00 [ 2439.556839] ? find_held_lock+0x2c/0x110 [ 2439.557777] ___sys_sendmsg+0xf3/0x170 [ 2439.558677] ? sendmsg_copy_msghdr+0x160/0x160 [ 2439.559726] ? vmacache_find+0x55/0x2a0 [ 2439.560645] ? do_user_addr_fault+0x5b0/0xc60 [ 2439.561671] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2439.562870] ? exc_page_fault+0xca/0x1a0 [ 2439.563796] ? trace_hardirqs_on+0x5b/0x180 [ 2439.564772] ? exc_page_fault+0xca/0x1a0 [ 2439.565700] ? asm_exc_page_fault+0x1e/0x30 [ 2439.566700] __sys_sendmmsg+0x195/0x470 [ 2439.567612] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2439.568589] ? lock_downgrade+0x6d0/0x6d0 [ 2439.569549] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2439.574435] ? wait_for_completion_io+0x270/0x270 [ 2439.574857] ? rcu_read_lock_any_held+0x75/0xa0 [ 2439.575250] ? vfs_write+0x354/0xb10 [ 2439.575570] ? fput_many+0x2f/0x1a0 [ 2439.575882] ? ksys_write+0x1a9/0x260 [ 2439.576207] ? __ia32_sys_read+0xb0/0xb0 [ 2439.576562] __x64_sys_sendmmsg+0x99/0x100 [ 2439.576923] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2439.577357] do_syscall_64+0x33/0x40 [ 2439.577677] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2439.578112] RIP: 0033:0x7f0fecadbb19 [ 2439.578468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2439.580005] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2439.580649] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2439.581247] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2439.581844] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2439.582477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2439.583075] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 03:05:29 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d3c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:05:29 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 36) 03:05:29 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x8003}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x200000000000, 0xffffffffffffffff, 0x8) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) r1 = syz_open_dev$rtc(&(0x7f0000000040), 0x9, 0x181002) perf_event_open(&(0x7f0000000200)={0x0, 0x80, 0x9, 0xc9, 0x80, 0x0, 0x0, 0x5, 0x2011, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={&(0x7f0000000100), 0x1}, 0x1, 0x1, 0x1, 0x6, 0x3, 0x1, 0x1ff, 0x0, 0x2, 0x0, 0x9}, 0x0, 0x7, 0xffffffffffffffff, 0x2) r2 = getpgrp(0xffffffffffffffff) fcntl$lock(r1, 0x7, &(0x7f0000000640)={0x0, 0x1, 0x1, 0x400, r2}) fcntl$lock(r0, 0x6, &(0x7f0000000040)={0x0, 0x2, 0xdd91000000000, 0x1f, r2}) fallocate(0xffffffffffffffff, 0x34, 0x0, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11c80, 0x10b) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) 03:05:29 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x5102}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:05:29 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080000d9f4655fdaf2655fdaf4655f000000000000060004", 0x1d, 0x2200}], 0x0, &(0x7f00000005c0)=ANY=[]) chroot(&(0x7f0000000180)='./file0\x00') r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f00000001c0)={0x8, 0x2c, 0xb, 0x1e, 0xa, 0x401, 0x2, 0x136}) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x9, 0x0, 0x84, 0x4, 0x62, 0x1}) ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000000)={0x9, 0x0, 0x0, 0xc, 0x4}) r2 = dup2(0xffffffffffffffff, r1) syz_io_uring_setup(0x2bc5, &(0x7f00000004c0)={0x0, 0x52e7, 0x1d}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x6, 0x8, 0x65, 0x6, 0x0, 0x1, 0x1085, 0x1d, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x192f, 0x4, @perf_config_ext={0x80, 0x3}, 0x3000, 0x1ff, 0x8, 0x2, 0x0, 0x4, 0xfff9, 0x0, 0xfff}, 0x0, 0xb, r0, 0xd) r3 = accept$inet(r2, &(0x7f0000000080)={0x2, 0x0, @multicast1}, &(0x7f00000000c0)=0x10) ioctl$FIONCLEX(r3, 0x5450) umount2(&(0x7f0000000040)='./file0\x00', 0x0) creat(0x0, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:05:29 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r0, 0x400, 0x1) fcntl$setown(r0, 0x8, 0xffffffffffffffff) close(r0) r1 = openat(r0, &(0x7f0000000280)='./file0\x00', 0x342, 0x4) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) 03:05:29 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a53b6bd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:05:29 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000200000006000000000008000080000020000000e2f4655fe2f4655f0100ffff53ef010001000000e2f4655f000000000000000001000000000000000b0000000001000008000000d24201001283", 0x66, 0x400}, {&(0x7f0000010100)="0000000000000000000000009b94b11e46934f5489a26265ae170793010040", 0x1f, 0x4e0}], 0x1, &(0x7f0000014d00)=ANY=[@ANYBLOB='@']) r0 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r0, 0x400, 0x1) fcntl$setown(r0, 0x8, 0xffffffffffffffff) close(r0) readlinkat(r0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)=""/127, 0x7f) rename(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00') ioctl$FITRIM(r0, 0xc0185879, &(0x7f00000001c0)={0x20e7596b, 0x9, 0x46b797ee}) [ 2454.837543] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2454.837543] program syz-executor.3 not setting count and/or reply_len properly [ 2454.838483] FAULT_INJECTION: forcing a failure. [ 2454.838483] name failslab, interval 1, probability 0, space 0, times 0 [ 2454.838502] CPU: 1 PID: 12510 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2454.838510] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2454.838515] Call Trace: [ 2454.838536] dump_stack+0x107/0x167 [ 2454.838552] should_fail.cold+0x5/0xa [ 2454.838570] ? __fib_lookup+0xf7/0x160 [ 2454.838586] ? dst_alloc+0x9e/0x5d0 [ 2454.838603] should_failslab+0x5/0x20 [ 2454.838618] kmem_cache_alloc+0x5b/0x310 [ 2454.838636] dst_alloc+0x9e/0x5d0 [ 2454.838654] rt_dst_alloc+0x73/0x440 [ 2454.838672] ip_route_output_key_hash_rcu+0x93d/0x2a90 [ 2454.838693] ip_route_output_key_hash+0x18d/0x340 [ 2454.838707] ? ip_route_output_key_hash_rcu+0x2a90/0x2a90 [ 2454.838720] ? neigh_connected_output+0x382/0x4d0 [ 2454.838732] ? ip_finish_output2+0x6f1/0x21f0 [ 2454.838745] ? __ip_finish_output.part.0+0x5f3/0xb50 [ 2454.838762] ? __sock_sendmsg+0xf2/0x190 [ 2454.838773] ? ____sys_sendmsg+0x334/0x870 [ 2454.838785] ? ___sys_sendmsg+0xf3/0x170 [ 2454.838796] ? __sys_sendmmsg+0x195/0x470 [ 2454.838808] ? __x64_sys_sendmmsg+0x99/0x100 [ 2454.838819] ? do_syscall_64+0x33/0x40 [ 2454.838832] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2454.838848] ip_route_output_flow+0x23/0x150 [ 2454.838864] ip_tunnel_xmit+0x70e/0x2f40 [ 2454.838889] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2454.838902] ? ip_md_tunnel_xmit+0x1840/0x1840 [ 2454.838926] ? slab_free_freelist_hook+0xa9/0x180 [ 2454.838948] sit_tunnel_xmit+0xef0/0x2960 [ 2454.838966] ? find_held_lock+0x2c/0x110 [ 2454.838979] ? ipip_rcv+0x4f0/0x4f0 [ 2454.838993] ? dev_queue_xmit_nit+0x7f5/0xb00 [ 2454.839006] ? lock_downgrade+0x6d0/0x6d0 [ 2454.839019] ? dev_queue_xmit_nit+0x80b/0xb00 [ 2454.839041] dev_hard_start_xmit+0x1cb/0x6f0 [ 2454.839061] __dev_queue_xmit+0x17ec/0x2710 [ 2454.839079] ? find_held_lock+0x2c/0x110 [ 2454.839092] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2454.839108] ? lock_downgrade+0x6d0/0x6d0 [ 2454.839121] ? lock_acquire+0x197/0x470 [ 2454.839134] ? ip_finish_output2+0x220/0x21f0 [ 2454.839152] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2454.839170] neigh_connected_output+0x382/0x4d0 [ 2454.839193] ip_finish_output2+0x6f1/0x21f0 [ 2454.839209] ? nf_hook_slow+0xfc/0x1e0 [ 2454.839223] ? ip_frag_next+0x9e0/0x9e0 [ 2454.839236] ? nf_hook+0x160/0x510 [ 2454.839251] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2454.839268] __ip_finish_output.part.0+0x5f3/0xb50 [ 2454.839284] ? ip_fragment.constprop.0+0x240/0x240 [ 2454.839295] ? nf_hook+0x510/0x510 [ 2454.839317] ip_output+0x2f7/0x600 [ 2454.839334] ip_send_skb+0xdd/0x260 [ 2454.839352] udp_send_skb+0x6da/0x11d0 [ 2454.839375] udp_sendmsg+0x197f/0x2160 [ 2454.839392] ? ip_frag_init+0x350/0x350 [ 2454.839412] ? udp_setsockopt+0xc0/0xc0 [ 2454.839424] ? mark_lock+0xf5/0x2df0 [ 2454.839442] ? lock_chain_count+0x20/0x20 [ 2454.839456] ? mark_lock+0xf5/0x2df0 [ 2454.839472] ? mark_lock+0xf5/0x2df0 [ 2454.839484] ? lock_chain_count+0x20/0x20 [ 2454.839497] ? lock_chain_count+0x20/0x20 [ 2454.839515] ? prep_new_page+0x16d/0x1d0 [ 2454.839528] ? lock_chain_count+0x20/0x20 [ 2454.839552] ? __lock_acquire+0x1657/0x5b00 [ 2454.839571] udpv6_sendmsg+0x1b30/0x2ad0 [ 2454.839586] ? __lock_acquire+0x1657/0x5b00 [ 2454.839608] ? udp_v6_push_pending_frames+0x360/0x360 [ 2454.839628] ? lock_acquire+0x197/0x470 [ 2454.839640] ? find_held_lock+0x2c/0x110 [ 2454.839660] ? lock_acquire+0x197/0x470 [ 2454.839672] ? find_held_lock+0x2c/0x110 [ 2454.839689] ? __might_fault+0xd3/0x180 [ 2454.839702] ? lock_downgrade+0x6d0/0x6d0 [ 2454.839718] ? sock_has_perm+0x1ea/0x280 [ 2454.839731] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2454.839761] ? __import_iovec+0x458/0x590 [ 2454.839775] ? udp_v6_push_pending_frames+0x360/0x360 [ 2454.839793] inet6_sendmsg+0x105/0x140 [ 2454.839806] ? inet6_compat_ioctl+0x320/0x320 [ 2454.839818] __sock_sendmsg+0xf2/0x190 [ 2454.839832] ____sys_sendmsg+0x334/0x870 [ 2454.839847] ? sock_write_iter+0x3d0/0x3d0 [ 2454.839859] ? do_recvmmsg+0x6d0/0x6d0 [ 2454.839870] ? handle_mm_fault+0x9e9/0x3500 [ 2454.839887] ? find_held_lock+0x2c/0x110 [ 2454.839908] ___sys_sendmsg+0xf3/0x170 [ 2454.839923] ? sendmsg_copy_msghdr+0x160/0x160 [ 2454.839934] ? vmacache_find+0x55/0x2a0 [ 2454.839957] ? do_user_addr_fault+0x5b0/0xc60 [ 2454.839973] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2454.839985] ? exc_page_fault+0xca/0x1a0 [ 2454.839996] ? trace_hardirqs_on+0x5b/0x180 [ 2454.840009] ? exc_page_fault+0xca/0x1a0 [ 2454.840024] ? asm_exc_page_fault+0x1e/0x30 [ 2454.840052] __sys_sendmmsg+0x195/0x470 [ 2454.840070] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2454.840083] ? lock_downgrade+0x6d0/0x6d0 [ 2454.840112] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2454.840129] ? wait_for_completion_io+0x270/0x270 [ 2454.840145] ? rcu_read_lock_any_held+0x75/0xa0 [ 2454.840158] ? vfs_write+0x354/0xb10 [ 2454.840172] ? fput_many+0x2f/0x1a0 [ 2454.840186] ? ksys_write+0x1a9/0x260 [ 2454.840199] ? __ia32_sys_read+0xb0/0xb0 [ 2454.840219] __x64_sys_sendmmsg+0x99/0x100 [ 2454.840232] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2454.840243] do_syscall_64+0x33/0x40 [ 2454.840255] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2454.840264] RIP: 0033:0x7f0fecadbb19 [ 2454.840278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2454.840285] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2454.840300] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2454.840308] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2454.840315] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2454.840323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2454.840331] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 [ 2454.935122] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2454.935122] program syz-executor.3 not setting count and/or reply_len properly 03:05:29 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x5a02}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:05:46 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x6302}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:05:46 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0406006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:05:46 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$rtc(&(0x7f0000000040), 0x9, 0x181002) r1 = getpgrp(0xffffffffffffffff) fcntl$lock(r0, 0x7, &(0x7f0000000640)={0x0, 0x1, 0x1, 0x400, r1}) perf_event_open(&(0x7f0000000200)={0x3, 0x80, 0x7b, 0x9, 0x81, 0x6, 0x0, 0x3, 0x40080, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x4, 0x1, @perf_bp={&(0x7f0000000040), 0x53fbeed56c5e0e5f}, 0x0, 0x8, 0x0, 0x7, 0x4, 0x6, 0xd4af, 0x0, 0x6, 0x0, 0x2}, r1, 0xa, 0xffffffffffffffff, 0xa) r2 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r2, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) 03:05:46 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0xfdef) r1 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r1, 0x400, 0x1) fcntl$setown(r1, 0x8, 0xffffffffffffffff) close(r1) mkdirat(r1, &(0x7f0000000000)='./file0\x00', 0x10) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) 03:05:46 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 37) 03:05:46 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080000d9f4655fdaf2655fdaf4655f000000000000060004", 0x1d, 0x2200}], 0x0, &(0x7f00000005c0)=ANY=[]) chroot(&(0x7f0000000180)='./file0\x00') r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f00000001c0)={0x8, 0x2c, 0xb, 0x1e, 0xa, 0x401, 0x2, 0x136}) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x9, 0x0, 0x84, 0x4, 0x62, 0x1}) ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000000)={0x9, 0x0, 0x0, 0xc, 0x4}) r2 = dup2(0xffffffffffffffff, r1) syz_io_uring_setup(0x2bc5, &(0x7f00000004c0)={0x0, 0x52e7, 0x1d}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x6, 0x8, 0x65, 0x6, 0x0, 0x1, 0x1085, 0x1d, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x192f, 0x4, @perf_config_ext={0x80, 0x3}, 0x3000, 0x1ff, 0x8, 0x2, 0x0, 0x4, 0xfff9, 0x0, 0xfff}, 0x0, 0xb, r0, 0xd) r3 = accept$inet(r2, &(0x7f0000000080)={0x2, 0x0, @multicast1}, &(0x7f00000000c0)=0x10) ioctl$FIONCLEX(r3, 0x5450) umount2(&(0x7f0000000040)='./file0\x00', 0x0) creat(0x0, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:05:46 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0902a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:05:46 executing program 5: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d3c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) [ 2472.109982] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2472.109982] program syz-executor.3 not setting count and/or reply_len properly [ 2472.136141] FAULT_INJECTION: forcing a failure. [ 2472.136141] name failslab, interval 1, probability 0, space 0, times 0 [ 2472.137318] CPU: 0 PID: 12548 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2472.137879] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2472.138605] Call Trace: [ 2472.138860] dump_stack+0x107/0x167 [ 2472.139201] should_fail.cold+0x5/0xa [ 2472.139558] ? create_object.isra.0+0x3a/0xa20 [ 2472.139983] should_failslab+0x5/0x20 [ 2472.140341] kmem_cache_alloc+0x5b/0x310 [ 2472.140723] create_object.isra.0+0x3a/0xa20 [ 2472.141132] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2472.141606] kmem_cache_alloc+0x159/0x310 [ 2472.141997] dst_alloc+0x9e/0x5d0 [ 2472.142326] rt_dst_alloc+0x73/0x440 [ 2472.142933] ip_route_output_key_hash_rcu+0x93d/0x2a90 [ 2472.143922] ip_route_output_key_hash+0x18d/0x340 [ 2472.144877] ? ip_route_output_key_hash_rcu+0x2a90/0x2a90 [ 2472.145924] ? neigh_connected_output+0x382/0x4d0 [ 2472.146916] ? ip_finish_output2+0x6f1/0x21f0 [ 2472.147749] ? __ip_finish_output.part.0+0x5f3/0xb50 [ 2472.148749] ? __sock_sendmsg+0xf2/0x190 [ 2472.149535] ? ____sys_sendmsg+0x334/0x870 [ 2472.150292] ? ___sys_sendmsg+0xf3/0x170 [ 2472.150844] ? __sys_sendmmsg+0x195/0x470 [ 2472.151227] ? __x64_sys_sendmmsg+0x99/0x100 [ 2472.151666] ? do_syscall_64+0x33/0x40 [ 2472.152029] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2472.152525] ip_route_output_flow+0x23/0x150 [ 2472.152966] ip_tunnel_xmit+0x70e/0x2f40 [ 2472.153355] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2472.153865] ? ip_md_tunnel_xmit+0x1840/0x1840 [ 2472.154310] ? slab_free_freelist_hook+0xa9/0x180 [ 2472.154817] sit_tunnel_xmit+0xef0/0x2960 [ 2472.155242] ? find_held_lock+0x2c/0x110 [ 2472.155620] ? ipip_rcv+0x4f0/0x4f0 [ 2472.155959] ? dev_queue_xmit_nit+0x7f5/0xb00 [ 2472.156416] ? lock_downgrade+0x6d0/0x6d0 [ 2472.156801] ? tpacket_rcv+0x3960/0x3960 [ 2472.157176] ? dev_queue_xmit_nit+0x80b/0xb00 [ 2472.157631] dev_hard_start_xmit+0x1cb/0x6f0 [ 2472.158047] __dev_queue_xmit+0x17ec/0x2710 [ 2472.158481] ? find_held_lock+0x2c/0x110 [ 2472.158927] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2472.159354] ? lock_downgrade+0x6d0/0x6d0 [ 2472.159772] ? lock_acquire+0x197/0x470 [ 2472.160142] ? ip_finish_output2+0x220/0x21f0 [ 2472.160561] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2472.161081] neigh_connected_output+0x382/0x4d0 [ 2472.161522] ip_finish_output2+0x6f1/0x21f0 [ 2472.161956] ? nf_hook_slow+0xfc/0x1e0 [ 2472.162320] ? ip_frag_next+0x9e0/0x9e0 [ 2472.162919] ? nf_hook+0x160/0x510 [ 2472.163648] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2472.164559] __ip_finish_output.part.0+0x5f3/0xb50 [ 2472.165437] ? ip_fragment.constprop.0+0x240/0x240 [ 2472.166308] ? nf_hook+0x510/0x510 [ 2472.166814] ip_output+0x2f7/0x600 [ 2472.167185] ip_send_skb+0xdd/0x260 [ 2472.167556] udp_send_skb+0x6da/0x11d0 [ 2472.167966] udp_sendmsg+0x197f/0x2160 [ 2472.168383] ? ip_frag_init+0x350/0x350 [ 2472.168797] ? udp_setsockopt+0xc0/0xc0 [ 2472.169220] ? lock_chain_count+0x20/0x20 [ 2472.169647] ? mark_lock+0xf5/0x2df0 [ 2472.170018] ? mark_lock+0xf5/0x2df0 [ 2472.170411] ? lock_chain_count+0x20/0x20 [ 2472.170910] ? mark_lock+0xf5/0x2df0 [ 2472.171310] udpv6_sendmsg+0x1b30/0x2ad0 [ 2472.171722] ? __lock_acquire+0x1657/0x5b00 [ 2472.172181] ? udp_v6_push_pending_frames+0x360/0x360 [ 2472.172712] ? find_held_lock+0x2c/0x110 [ 2472.173148] ? lock_acquire+0x197/0x470 [ 2472.173550] ? find_held_lock+0x2c/0x110 [ 2472.173965] ? __might_fault+0xd3/0x180 [ 2472.174379] ? lock_downgrade+0x6d0/0x6d0 [ 2472.175201] ? sock_has_perm+0x1ea/0x280 [ 2472.176004] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2472.177072] ? __import_iovec+0x458/0x590 [ 2472.177912] ? udp_v6_push_pending_frames+0x360/0x360 [ 2472.179042] inet6_sendmsg+0x105/0x140 [ 2472.179828] ? inet6_compat_ioctl+0x320/0x320 [ 2472.180746] __sock_sendmsg+0xf2/0x190 [ 2472.181553] ____sys_sendmsg+0x334/0x870 [ 2472.182389] ? sock_write_iter+0x3d0/0x3d0 [ 2472.183441] ? do_recvmmsg+0x6d0/0x6d0 [ 2472.184252] ? handle_mm_fault+0x9e9/0x3500 [ 2472.185149] ? find_held_lock+0x2c/0x110 [ 2472.185984] ___sys_sendmsg+0xf3/0x170 [ 2472.186874] ? sendmsg_copy_msghdr+0x160/0x160 [ 2472.187814] ? vmacache_find+0x55/0x2a0 [ 2472.188652] ? do_user_addr_fault+0x5b0/0xc60 [ 2472.189587] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2472.190638] ? exc_page_fault+0xca/0x1a0 [ 2472.191048] ? trace_hardirqs_on+0x5b/0x180 [ 2472.191496] ? exc_page_fault+0xca/0x1a0 [ 2472.191912] ? asm_exc_page_fault+0x1e/0x30 [ 2472.192376] __sys_sendmmsg+0x195/0x470 [ 2472.192770] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2472.193221] ? lock_downgrade+0x6d0/0x6d0 [ 2472.193648] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2472.194097] ? wait_for_completion_io+0x270/0x270 [ 2472.194557] ? rcu_read_lock_any_held+0x75/0xa0 [ 2472.195619] ? vfs_write+0x354/0xb10 [ 2472.196284] ? fput_many+0x2f/0x1a0 [ 2472.196931] ? ksys_write+0x1a9/0x260 [ 2472.197611] ? __ia32_sys_read+0xb0/0xb0 [ 2472.198339] __x64_sys_sendmmsg+0x99/0x100 [ 2472.199308] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2472.200339] do_syscall_64+0x33/0x40 [ 2472.201004] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2472.201970] RIP: 0033:0x7f0fecadbb19 [ 2472.202806] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2472.206622] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2472.207395] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2472.208110] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2472.208826] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2472.209543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2472.210263] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 03:05:46 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0806006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) [ 2472.288904] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue 03:05:47 executing program 5: syz_emit_ethernet(0x4e, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa08004a0000400000000000339078ac14141432b97ba566583f9e8f7cbbac1e0001890fb000000000ffffffff7f00000189030000000000000000189078040000000000000000000000000000003c2112921aaba936cccb081408d514369c556d79ccce6b7423490514dac5519eea0458abfccc380321280517989b98a6f428867dc99fdd07b630720289f55fb4304b4a58cb1097eff8fe8cbab1d33d2e282931462b6c7ea730166cc81963d69bc6cbc6c3f8910a3a06a1db6ee8f6c8e41598f881fbfdbc6cbe3adb90b8ca3a89be06f6fbafcd08335a4972409c0fb3b07ca82a4ca0efd496294e73f35e28f3aa96c11c685b16e79d2c4cfa2f25f2236ba900ffb803565c61622755a5019e39c17fe181078feb9e69f568fd700572c097b2975a0486a02fd0541d1e152d6f58971d96b48eeef70a51"], 0x0) syz_emit_ethernet(0xfffffe85, &(0x7f0000000080)={@remote, @random="fe0000000034", @val={@val={0x9100, 0x7, 0x1, 0x1}, {0x8100, 0x1, 0x1, 0x3}}, {@mpls_mc={0x8848, {[{0x1ff, 0x0, 0x1}, {0x7, 0x0, 0x1}, {0xd2, 0x0, 0x1}, {0x8001, 0x0, 0x1}, {0x2}, {0x2, 0x0, 0x1}, {0x6, 0x0, 0x1}], @ipv4=@udp={{0x0, 0x4, 0x0, 0x3c, 0x0, 0x68, 0x0, 0x4, 0x11, 0x0, @local, @multicast1, {[@timestamp_prespec={0x44, 0x0, 0x5c, 0x3, 0x2, [{@multicast2, 0x4}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x8}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}, {@private=0xa010101, 0x4f43}]}, @noop, @noop, @lsrr={0x83, 0x0, 0x2e, [@initdev={0xac, 0x1e, 0x1, 0x0}, @loopback, @multicast1, @empty]}, @ssrr={0x89, 0x0, 0x8a, [@local, @dev={0xac, 0x14, 0x14, 0x21}, @multicast1, @empty, @loopback, @local]}, @lsrr={0x83, 0x0, 0xa3, [@loopback]}, @timestamp_prespec={0x44, 0x0, 0x7b, 0x3, 0xe, [{@loopback, 0x62eecd65}, {@loopback, 0x8}, {@local, 0x7}, {@remote, 0x3}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0xb778}, {@rand_addr=0x64010102, 0xffffff02}]}, @ssrr={0x89, 0x0, 0xa6, [@multicast1, @loopback, @multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, @loopback, @broadcast, @empty, @private=0xa010102, @loopback, @private=0xa010102]}, @lsrr={0x83, 0x0, 0xe3, [@initdev={0xac, 0x1e, 0x0, 0x0}, @local, @multicast1, @empty, @rand_addr=0x64010101, @multicast2]}]}}, {0x4e20, 0x4e20, 0x0, 0x0, @gue={{0x0, 0x0, 0x1, 0x0, 0x0, @void}, "c9701aee23171b4796f6d7e5d44c47e61ae981bf3904627c1b1c28"}}}}}}}, 0x0) syz_emit_ethernet(0x1a, &(0x7f0000000000)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @val={@void, {0x8100, 0x4, 0x1, 0x3}}, {@llc_tr={0x11, {@llc={0x0, 0x4, "80", "3d23129d19"}}}}}, &(0x7f0000000040)={0x1, 0x4, [0x162, 0x362, 0x5d7, 0xdbe]}) 03:05:47 executing program 2: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r1, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000100)) r2 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r2, 0x400, 0x1) fcntl$setown(r2, 0x8, 0xffffffffffffffff) close(r2) sendmsg$nl_generic(r2, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000240)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000002e0000022dbd702a4100290adb5b9652288e5f22fedbdf15170000999ed0a7e3e38afccea3693880d9512bdb93a56b4a62f2cc1c0e29b4bccc193efdf01fdb94f8184a7488d806cdac324c8d63ebebbf63f5303125"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x80) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) close(r4) ioctl$SG_IO(r4, 0x2285, &(0x7f0000000400)={0x53, 0xfffffffffffffffd, 0x1, 0x0, @buffer={0x0, 0x40, &(0x7f00000002c0)=""/64}, &(0x7f0000000300)='F', &(0x7f0000000340)=""/77, 0x1f, 0x1, 0xffffffffffffffff, &(0x7f00000003c0)}) creat(&(0x7f0000000140)='./file0\x00', 0x0) fallocate(r3, 0x1, 0xe251, 0x80000001) 03:05:47 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x8000, 0x8) write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) 03:05:47 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x6c02}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) [ 2472.374133] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2472.374133] program syz-executor.3 not setting count and/or reply_len properly 03:05:47 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0903a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:05:47 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080000d9f4655fdaf2655fdaf4655f000000000000060004", 0x1d, 0x2200}], 0x0, &(0x7f00000005c0)=ANY=[]) chroot(&(0x7f0000000180)='./file0\x00') r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f00000001c0)={0x8, 0x2c, 0xb, 0x1e, 0xa, 0x401, 0x2, 0x136}) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x9, 0x0, 0x84, 0x4, 0x62, 0x1}) ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000000)={0x9, 0x0, 0x0, 0xc, 0x4}) r2 = dup2(0xffffffffffffffff, r1) syz_io_uring_setup(0x2bc5, &(0x7f00000004c0)={0x0, 0x52e7, 0x1d}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x6, 0x8, 0x65, 0x6, 0x0, 0x1, 0x1085, 0x1d, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x192f, 0x4, @perf_config_ext={0x80, 0x3}, 0x3000, 0x1ff, 0x8, 0x2, 0x0, 0x4, 0xfff9, 0x0, 0xfff}, 0x0, 0xb, r0, 0xd) r3 = accept$inet(r2, &(0x7f0000000080)={0x2, 0x0, @multicast1}, &(0x7f00000000c0)=0x10) ioctl$FIONCLEX(r3, 0x5450) umount2(&(0x7f0000000040)='./file0\x00', 0x0) creat(0x0, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:05:47 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 38) [ 2472.394199] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2472.394199] program syz-executor.3 not setting count and/or reply_len properly 03:05:47 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd3006006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) [ 2472.509321] FAULT_INJECTION: forcing a failure. [ 2472.509321] name failslab, interval 1, probability 0, space 0, times 0 [ 2472.510380] CPU: 1 PID: 12573 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2472.511016] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2472.511763] Call Trace: [ 2472.512014] dump_stack+0x107/0x167 [ 2472.512363] should_fail.cold+0x5/0xa [ 2472.512725] ? create_object.isra.0+0x3a/0xa20 [ 2472.513160] should_failslab+0x5/0x20 [ 2472.513515] kmem_cache_alloc+0x5b/0x310 [ 2472.513899] create_object.isra.0+0x3a/0xa20 [ 2472.514320] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2472.514813] kmem_cache_alloc+0x159/0x310 [ 2472.515221] dst_alloc+0x9e/0x5d0 [ 2472.515546] rt_dst_alloc+0x73/0x440 [ 2472.515896] ip_route_output_key_hash_rcu+0x93d/0x2a90 [ 2472.516402] ip_route_output_key_hash+0x18d/0x340 [ 2472.516847] ? ip_route_output_key_hash_rcu+0x2a90/0x2a90 [ 2472.517363] ? neigh_connected_output+0x382/0x4d0 [ 2472.517808] ? ip_finish_output2+0x6f1/0x21f0 [ 2472.518231] ? __ip_finish_output.part.0+0x5f3/0xb50 [ 2472.518722] ? __sock_sendmsg+0xf2/0x190 [ 2472.519104] ? ____sys_sendmsg+0x334/0x870 [ 2472.519503] ? ___sys_sendmsg+0xf3/0x170 [ 2472.519881] ? __sys_sendmmsg+0x195/0x470 [ 2472.520279] ? __x64_sys_sendmmsg+0x99/0x100 [ 2472.520690] ? do_syscall_64+0x33/0x40 [ 2472.521043] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2472.521536] ip_route_output_flow+0x23/0x150 [ 2472.521953] ip_tunnel_xmit+0x70e/0x2f40 [ 2472.522362] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2472.522865] ? ip_md_tunnel_xmit+0x1840/0x1840 [ 2472.523326] ? slab_free_freelist_hook+0xa9/0x180 [ 2472.523785] sit_tunnel_xmit+0xef0/0x2960 [ 2472.524184] ? find_held_lock+0x2c/0x110 [ 2472.524565] ? ipip_rcv+0x4f0/0x4f0 [ 2472.524911] ? dev_queue_xmit_nit+0x7f5/0xb00 [ 2472.525345] ? lock_downgrade+0x6d0/0x6d0 [ 2472.525734] ? dev_queue_xmit_nit+0x80b/0xb00 [ 2472.526171] dev_hard_start_xmit+0x1cb/0x6f0 [ 2472.526621] __dev_queue_xmit+0x17ec/0x2710 [ 2472.527031] ? find_held_lock+0x2c/0x110 [ 2472.527443] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2472.527878] ? lock_downgrade+0x6d0/0x6d0 [ 2472.528278] ? lock_acquire+0x197/0x470 [ 2472.528675] ? ip_finish_output2+0x220/0x21f0 [ 2472.529103] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2472.529613] neigh_connected_output+0x382/0x4d0 [ 2472.530059] ip_finish_output2+0x6f1/0x21f0 [ 2472.530480] ? nf_hook_slow+0xfc/0x1e0 [ 2472.530879] ? ip_frag_next+0x9e0/0x9e0 [ 2472.531266] ? nf_hook+0x160/0x510 [ 2472.531616] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2472.532110] __ip_finish_output.part.0+0x5f3/0xb50 [ 2472.532587] ? ip_fragment.constprop.0+0x240/0x240 [ 2472.533051] ? nf_hook+0x510/0x510 [ 2472.533410] ip_output+0x2f7/0x600 [ 2472.533763] ip_send_skb+0xdd/0x260 [ 2472.534134] udp_send_skb+0x6da/0x11d0 [ 2472.534517] udp_sendmsg+0x197f/0x2160 [ 2472.534916] ? ip_frag_init+0x350/0x350 [ 2472.535324] ? udp_setsockopt+0xc0/0xc0 [ 2472.535700] ? mark_lock+0xf5/0x2df0 [ 2472.536064] ? lock_chain_count+0x20/0x20 [ 2472.536478] ? lock_chain_count+0x20/0x20 [ 2472.536867] ? mark_lock+0xf5/0x2df0 [ 2472.537243] ? mark_lock+0xf5/0x2df0 [ 2472.537604] ? lock_chain_count+0x20/0x20 [ 2472.538030] ? mark_lock+0xf5/0x2df0 [ 2472.538411] udpv6_sendmsg+0x1b30/0x2ad0 [ 2472.538811] ? __lock_acquire+0x1657/0x5b00 [ 2472.539246] ? udp_v6_push_pending_frames+0x360/0x360 [ 2472.539745] ? find_held_lock+0x2c/0x110 [ 2472.540145] ? lock_acquire+0x197/0x470 [ 2472.540525] ? find_held_lock+0x2c/0x110 [ 2472.540925] ? __might_fault+0xd3/0x180 [ 2472.541320] ? lock_downgrade+0x6d0/0x6d0 [ 2472.541712] ? sock_has_perm+0x1ea/0x280 [ 2472.542109] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2472.542634] ? __import_iovec+0x458/0x590 [ 2472.543039] ? udp_v6_push_pending_frames+0x360/0x360 [ 2472.543542] inet6_sendmsg+0x105/0x140 [ 2472.543910] ? inet6_compat_ioctl+0x320/0x320 [ 2472.544352] __sock_sendmsg+0xf2/0x190 [ 2472.544734] ____sys_sendmsg+0x334/0x870 [ 2472.545135] ? sock_write_iter+0x3d0/0x3d0 [ 2472.545534] ? do_recvmmsg+0x6d0/0x6d0 [ 2472.545909] ? handle_mm_fault+0x9e9/0x3500 [ 2472.546341] ? find_held_lock+0x2c/0x110 [ 2472.546755] ___sys_sendmsg+0xf3/0x170 [ 2472.547132] ? sendmsg_copy_msghdr+0x160/0x160 [ 2472.547568] ? vmacache_find+0x55/0x2a0 [ 2472.547965] ? do_user_addr_fault+0x5b0/0xc60 [ 2472.548406] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2472.548909] ? exc_page_fault+0xca/0x1a0 [ 2472.549303] ? trace_hardirqs_on+0x5b/0x180 [ 2472.549717] ? exc_page_fault+0xca/0x1a0 [ 2472.550121] ? asm_exc_page_fault+0x1e/0x30 [ 2472.550559] __sys_sendmmsg+0x195/0x470 [ 2472.550950] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2472.551378] ? lock_downgrade+0x6d0/0x6d0 [ 2472.551792] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2472.552272] ? wait_for_completion_io+0x270/0x270 [ 2472.552723] ? rcu_read_lock_any_held+0x75/0xa0 [ 2472.553163] ? vfs_write+0x354/0xb10 [ 2472.553525] ? fput_many+0x2f/0x1a0 [ 2472.553861] ? ksys_write+0x1a9/0x260 [ 2472.554232] ? __ia32_sys_read+0xb0/0xb0 [ 2472.554628] __x64_sys_sendmmsg+0x99/0x100 [ 2472.555026] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2472.555504] do_syscall_64+0x33/0x40 [ 2472.555853] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2472.556334] RIP: 0033:0x7f0fecadbb19 [ 2472.556713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2472.558404] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2472.559162] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2472.559833] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2472.560506] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2472.561209] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2472.561859] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 [ 2472.570736] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2472.570736] program syz-executor.3 not setting count and/or reply_len properly 03:05:47 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbdb606006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) [ 2472.679472] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue 03:05:47 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r0, 0xf502, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000340)='setgroups\x00') sendmsg$802154_raw(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x24, @none={0x0, 0x2}}, 0x14, &(0x7f00000000c0)={&(0x7f0000000040)="42fd6189c0f668a7bb13e6291debcba71297246ea40cd79053cbb898b2c27d9f35cc1445ba5468cf9c10b145b6c426f12bec8fb16cbbd460eb65c2200fd6fbdf33f77b0da165d8a0c5fb661556a8f7ca7c", 0x51}, 0x1, 0x0, 0x0, 0x4000040}, 0x808) r2 = epoll_create1(0x0) dup2(r2, r1) [ 2472.735709] EXT4-fs (loop6): re-mounted. Opts: (null) 03:05:47 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 39) 03:05:47 executing program 4: syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffc, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e666174001f0801000470000000f801", 0x17, 0xfffffffffffffff7}, {0x0, 0x0, 0x801000a00}], 0x40000, &(0x7f0000000000)=ANY=[@ANYRESOCT]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) 03:05:47 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x7502}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:05:47 executing program 2: perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, @perf_config_ext, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x50082, 0x0) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = getpgrp(0xffffffffffffffff) perf_event_open(&(0x7f0000000200)={0x5, 0x80, 0x2, 0x5, 0x1, 0x20, 0x0, 0x80000001, 0x1000, 0x4, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, 0x5, @perf_bp={&(0x7f0000000100), 0x8}, 0x22, 0x166, 0x2, 0x2, 0x9ecc, 0x4, 0x6, 0x0, 0x7fff, 0x0, 0x972}, r2, 0x10, r1, 0x3) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') r3 = creat(&(0x7f0000000140)='./file0\x00', 0x0) ioctl$SCSI_IOCTL_START_UNIT(r3, 0x5) r4 = syz_open_dev$rtc(&(0x7f0000000040), 0x9, 0x181002) r5 = getpgrp(0xffffffffffffffff) r6 = syz_open_dev$rtc(&(0x7f0000000040), 0x9, 0x181002) r7 = getpgrp(0xffffffffffffffff) fcntl$lock(r6, 0x7, &(0x7f0000000640)={0x0, 0x0, 0x1, 0x400, r7}) perf_event_open(&(0x7f00000002c0)={0x5, 0x80, 0x40, 0x1f, 0x17, 0x20, 0x0, 0x2, 0x41000, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000280), 0x1}, 0xa840, 0x20, 0x2, 0x1, 0x1f, 0x23, 0x401, 0x0, 0x2, 0x0, 0x2}, r7, 0x3, 0xffffffffffffffff, 0x1) fcntl$lock(r4, 0x7, &(0x7f0000000640)={0x0, 0x1, 0x1, 0x400, r5}) syncfs(0xffffffffffffffff) ptrace$pokeuser(0x6, r5, 0x1, 0x7458) [ 2472.786882] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2472.786882] program syz-executor.3 not setting count and/or reply_len properly [ 2472.825533] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2472.825533] program syz-executor.3 not setting count and/or reply_len properly [ 2472.885208] FAULT_INJECTION: forcing a failure. [ 2472.885208] name failslab, interval 1, probability 0, space 0, times 0 [ 2472.886347] CPU: 0 PID: 12605 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2472.887039] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2472.887850] Call Trace: [ 2472.888137] dump_stack+0x107/0x167 [ 2472.888504] should_fail.cold+0x5/0xa [ 2472.888889] ? __build_flow_key.constprop.0+0x1df/0x660 [ 2472.889436] ? create_object.isra.0+0x3a/0xa20 [ 2472.889944] should_failslab+0x5/0x20 [ 2472.890365] kmem_cache_alloc+0x5b/0x310 [ 2472.890886] ? ip_rt_update_pmtu+0x2e8/0xaa0 [ 2472.891346] create_object.isra.0+0x3a/0xa20 [ 2472.891789] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2472.892317] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 2472.892823] ? ip_tunnel_xmit+0xedf/0x2f40 [ 2472.893261] ? __ip_finish_output.part.0+0x5f3/0xb50 [ 2472.893774] pskb_expand_head+0x15a/0x1040 [ 2472.894220] ? tnl_update_pmtu+0x381/0x1450 [ 2472.894680] ip_tunnel_xmit+0xedf/0x2f40 [ 2472.895114] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2472.895646] ? ip_md_tunnel_xmit+0x1840/0x1840 [ 2472.896121] ? slab_free_freelist_hook+0xa9/0x180 [ 2472.896605] sit_tunnel_xmit+0xef0/0x2960 [ 2472.897033] ? find_held_lock+0x2c/0x110 [ 2472.897456] ? ipip_rcv+0x4f0/0x4f0 [ 2472.897843] ? dev_queue_xmit_nit+0x7f5/0xb00 [ 2472.898307] ? lock_downgrade+0x6d0/0x6d0 [ 2472.898741] ? dev_queue_xmit_nit+0x80b/0xb00 [ 2472.899216] dev_hard_start_xmit+0x1cb/0x6f0 [ 2472.899673] __dev_queue_xmit+0x17ec/0x2710 [ 2472.900121] ? find_held_lock+0x2c/0x110 [ 2472.900545] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2472.901008] ? lock_downgrade+0x6d0/0x6d0 [ 2472.901440] ? lock_acquire+0x197/0x470 [ 2472.901868] ? ip_finish_output2+0x220/0x21f0 [ 2472.902340] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2472.902906] neigh_connected_output+0x382/0x4d0 [ 2472.903392] ip_finish_output2+0x6f1/0x21f0 [ 2472.903826] ? nf_hook_slow+0xfc/0x1e0 [ 2472.904248] ? ip_frag_next+0x9e0/0x9e0 [ 2472.904647] ? nf_hook+0x160/0x510 [ 2472.905020] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2472.905551] __ip_finish_output.part.0+0x5f3/0xb50 [ 2472.906059] ? ip_fragment.constprop.0+0x240/0x240 [ 2472.906579] ? nf_hook+0x510/0x510 [ 2472.906959] ip_output+0x2f7/0x600 [ 2472.907351] ip_send_skb+0xdd/0x260 [ 2472.907742] udp_send_skb+0x6da/0x11d0 [ 2472.908157] udp_sendmsg+0x197f/0x2160 [ 2472.908554] ? ip_frag_init+0x350/0x350 [ 2472.908987] ? udp_setsockopt+0xc0/0xc0 [ 2472.909399] ? mark_lock+0xf5/0x2df0 [ 2472.909798] ? lock_chain_count+0x20/0x20 [ 2472.910253] ? mark_lock+0xf5/0x2df0 [ 2472.910658] ? mark_lock+0xf5/0x2df0 [ 2472.911056] ? lock_chain_count+0x20/0x20 [ 2472.911480] ? lock_chain_count+0x20/0x20 [ 2472.911865] ? prep_new_page+0x16d/0x1d0 [ 2472.912289] ? lock_chain_count+0x20/0x20 [ 2472.912721] ? __lock_acquire+0x1657/0x5b00 [ 2472.913177] udpv6_sendmsg+0x1b30/0x2ad0 [ 2472.913603] ? __lock_acquire+0x1657/0x5b00 [ 2472.914051] ? udp_v6_push_pending_frames+0x360/0x360 [ 2472.914612] ? lock_acquire+0x197/0x470 [ 2472.915029] ? find_held_lock+0x2c/0x110 [ 2472.915469] ? lock_acquire+0x197/0x470 [ 2472.915878] ? find_held_lock+0x2c/0x110 [ 2472.916309] ? __might_fault+0xd3/0x180 [ 2472.916727] ? lock_downgrade+0x6d0/0x6d0 [ 2472.917161] ? sock_has_perm+0x1ea/0x280 [ 2472.917570] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2472.918126] ? __import_iovec+0x458/0x590 [ 2472.918559] ? udp_v6_push_pending_frames+0x360/0x360 [ 2472.919120] inet6_sendmsg+0x105/0x140 [ 2472.919525] ? inet6_compat_ioctl+0x320/0x320 [ 2472.919992] __sock_sendmsg+0xf2/0x190 [ 2472.920402] ____sys_sendmsg+0x334/0x870 [ 2472.920817] ? sock_write_iter+0x3d0/0x3d0 [ 2472.921269] ? do_recvmmsg+0x6d0/0x6d0 [ 2472.921662] ? handle_mm_fault+0x9e9/0x3500 [ 2472.922125] ? find_held_lock+0x2c/0x110 [ 2472.922564] ___sys_sendmsg+0xf3/0x170 [ 2472.922980] ? sendmsg_copy_msghdr+0x160/0x160 [ 2472.923464] ? vmacache_find+0x55/0x2a0 [ 2472.923882] ? do_user_addr_fault+0x5b0/0xc60 [ 2472.924363] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2472.924887] ? exc_page_fault+0xca/0x1a0 [ 2472.925310] ? trace_hardirqs_on+0x5b/0x180 [ 2472.925759] ? exc_page_fault+0xca/0x1a0 [ 2472.926186] ? asm_exc_page_fault+0x1e/0x30 [ 2472.926682] __sys_sendmmsg+0x195/0x470 [ 2472.927104] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2472.927552] ? lock_downgrade+0x6d0/0x6d0 [ 2472.927999] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2472.928503] ? wait_for_completion_io+0x270/0x270 [ 2472.929016] ? rcu_read_lock_any_held+0x75/0xa0 [ 2472.929494] ? vfs_write+0x354/0xb10 [ 2472.929901] ? fput_many+0x2f/0x1a0 [ 2472.930285] ? ksys_write+0x1a9/0x260 [ 2472.930701] ? __ia32_sys_read+0xb0/0xb0 [ 2472.931157] __x64_sys_sendmmsg+0x99/0x100 [ 2472.931584] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2472.932132] do_syscall_64+0x33/0x40 [ 2472.932516] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2472.933042] RIP: 0033:0x7f0fecadbb19 [ 2472.933442] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2472.935338] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2472.936093] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2472.936833] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2472.937563] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2472.938267] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2472.939028] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 03:06:02 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) 03:06:02 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0705006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:06:02 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x11, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={&(0x7f0000000280), 0x4}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = openat2(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', &(0x7f0000000200)={0x801, 0x101, 0x1}, 0x18) ioctl$TIOCGPTPEER(r1, 0x5441, 0x242b9bc5) ioctl$AUTOFS_DEV_IOCTL_VERSION(r0, 0xc0189371, &(0x7f00000002c0)=ANY=[@ANYBLOB="01000000015d3086b7040055999efe3e96310fee1a9a61ef638e5c11a0482ce10f2f7ed06c80e8b640b0dd4d1271e0f5430808da599bbfaf4ca209780eef6b", @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file0/file0\x00']) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xa, 0x0, r3) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd_index=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r3}}, 0xfffffffd) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) 03:06:02 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 40) 03:06:02 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x40000, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', 0x0, 0x40000, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x82040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x8000, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r0 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r0, 0x400, 0x1) fcntl$setown(r0, 0x8, 0xffffffffffffffff) close(r0) unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000140)={'lo\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000180)={@local, 0x0, r4}) ioctl$sock_SIOCGIFINDEX(r1, 0x8914, &(0x7f0000000140)={'lo\x00'}) chroot(&(0x7f0000000000)='\x00') 03:06:02 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x7e02}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:06:02 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080000d9f4655fdaf2655fdaf4655f000000000000060004", 0x1d, 0x2200}], 0x0, &(0x7f00000005c0)=ANY=[]) chroot(&(0x7f0000000180)='./file0\x00') r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f00000001c0)={0x8, 0x2c, 0xb, 0x1e, 0xa, 0x401, 0x2, 0x136}) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x9, 0x0, 0x84, 0x4, 0x62, 0x1}) ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000000)={0x9, 0x0, 0x0, 0xc, 0x4}) r2 = dup2(0xffffffffffffffff, r1) syz_io_uring_setup(0x2bc5, &(0x7f00000004c0)={0x0, 0x52e7, 0x1d}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x6, 0x8, 0x65, 0x6, 0x0, 0x1, 0x1085, 0x1d, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x192f, 0x4, @perf_config_ext={0x80, 0x3}, 0x3000, 0x1ff, 0x8, 0x2, 0x0, 0x4, 0xfff9, 0x0, 0xfff}, 0x0, 0xb, r0, 0xd) r3 = accept$inet(r2, &(0x7f0000000080)={0x2, 0x0, @multicast1}, &(0x7f00000000c0)=0x10) ioctl$FIONCLEX(r3, 0x5450) umount2(&(0x7f0000000040)='./file0\x00', 0x0) creat(0x0, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) 03:06:02 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0904a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) [ 2487.565331] FAULT_INJECTION: forcing a failure. [ 2487.565331] name failslab, interval 1, probability 0, space 0, times 0 [ 2487.566740] CPU: 0 PID: 12628 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2487.567438] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2487.568412] Call Trace: [ 2487.568716] dump_stack+0x107/0x167 [ 2487.569140] should_fail.cold+0x5/0xa [ 2487.569508] ? skb_clone+0x14f/0x3d0 [ 2487.569913] should_failslab+0x5/0x20 [ 2487.570345] kmem_cache_alloc+0x5b/0x310 [ 2487.570829] skb_clone+0x14f/0x3d0 [ 2487.571211] __skb_tstamp_tx+0x422/0x8d0 [ 2487.571594] __dev_queue_xmit+0x1770/0x2710 [ 2487.572088] ? find_held_lock+0x2c/0x110 [ 2487.572475] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2487.572960] ? lock_downgrade+0x6d0/0x6d0 [ 2487.573395] ? lock_acquire+0x197/0x470 [ 2487.573817] ? find_held_lock+0x2c/0x110 [ 2487.574244] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2487.574820] ip_finish_output2+0x1514/0x21f0 [ 2487.575310] ? ip_frag_next+0x9e0/0x9e0 [ 2487.575729] ? nf_hook+0x160/0x510 [ 2487.576104] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2487.576586] __ip_finish_output.part.0+0x5f3/0xb50 [ 2487.577138] ? ip_fragment.constprop.0+0x240/0x240 [ 2487.577592] ? nf_hook+0x510/0x510 [ 2487.577983] ip_output+0x2f7/0x600 [ 2487.578365] ip_local_out+0xb4/0x1a0 [ 2487.578805] iptunnel_xmit+0x591/0x8b0 [ 2487.579229] ip_tunnel_xmit+0x1248/0x2f40 [ 2487.579628] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2487.580230] ? ip_md_tunnel_xmit+0x1840/0x1840 [ 2487.580715] ? slab_free_freelist_hook+0xa9/0x180 [ 2487.581226] sit_tunnel_xmit+0xef0/0x2960 [ 2487.581618] ? find_held_lock+0x2c/0x110 [ 2487.582046] ? ipip_rcv+0x4f0/0x4f0 [ 2487.584161] ? dev_queue_xmit_nit+0x7f5/0xb00 [ 2487.584576] ? lock_downgrade+0x6d0/0x6d0 [ 2487.585017] ? dev_queue_xmit_nit+0x80b/0xb00 [ 2487.585519] dev_hard_start_xmit+0x1cb/0x6f0 [ 2487.585986] __dev_queue_xmit+0x17ec/0x2710 [ 2487.586437] ? find_held_lock+0x2c/0x110 [ 2487.586883] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2487.587356] ? lock_downgrade+0x6d0/0x6d0 [ 2487.587817] ? lock_acquire+0x197/0x470 [ 2487.588237] ? ip_finish_output2+0x220/0x21f0 [ 2487.588657] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2487.589254] neigh_connected_output+0x382/0x4d0 [ 2487.589806] ip_finish_output2+0x6f1/0x21f0 [ 2487.590279] ? nf_hook_slow+0xfc/0x1e0 [ 2487.590644] ? ip_frag_next+0x9e0/0x9e0 [ 2487.598921] ? nf_hook+0x160/0x510 [ 2487.599271] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2487.599786] __ip_finish_output.part.0+0x5f3/0xb50 [ 2487.600283] ? ip_fragment.constprop.0+0x240/0x240 [ 2487.600771] ? nf_hook+0x510/0x510 [ 2487.601146] ip_output+0x2f7/0x600 [ 2487.601520] ip_send_skb+0xdd/0x260 [ 2487.601884] udp_send_skb+0x6da/0x11d0 [ 2487.602282] udp_sendmsg+0x197f/0x2160 [ 2487.602682] ? ip_frag_init+0x350/0x350 [ 2487.603111] ? udp_setsockopt+0xc0/0xc0 [ 2487.603501] ? mark_lock+0xf5/0x2df0 [ 2487.603881] ? lock_chain_count+0x20/0x20 [ 2487.604301] ? mark_lock+0xf5/0x2df0 [ 2487.604681] ? mark_lock+0xf5/0x2df0 [ 2487.605062] ? lock_chain_count+0x20/0x20 [ 2487.605463] ? lock_chain_count+0x20/0x20 [ 2487.605893] ? prep_new_page+0x16d/0x1d0 [ 2487.606291] ? lock_chain_count+0x20/0x20 [ 2487.606730] ? __lock_acquire+0x1657/0x5b00 [ 2487.607162] udpv6_sendmsg+0x1b30/0x2ad0 [ 2487.607560] ? __lock_acquire+0x1657/0x5b00 [ 2487.607977] ? udp_v6_push_pending_frames+0x360/0x360 [ 2487.608471] ? lock_acquire+0x197/0x470 [ 2487.608873] ? find_held_lock+0x2c/0x110 [ 2487.609290] ? lock_acquire+0x197/0x470 [ 2487.609665] ? find_held_lock+0x2c/0x110 [ 2487.610090] ? __might_fault+0xd3/0x180 [ 2487.610497] ? lock_downgrade+0x6d0/0x6d0 [ 2487.610935] ? sock_has_perm+0x1ea/0x280 [ 2487.611359] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2487.611898] ? __import_iovec+0x458/0x590 [ 2487.612332] ? udp_v6_push_pending_frames+0x360/0x360 [ 2487.612852] inet6_sendmsg+0x105/0x140 [ 2487.613259] ? inet6_compat_ioctl+0x320/0x320 [ 2487.613693] __sock_sendmsg+0xf2/0x190 [ 2487.614082] ____sys_sendmsg+0x334/0x870 [ 2487.614491] ? sock_write_iter+0x3d0/0x3d0 [ 2487.614911] ? do_recvmmsg+0x6d0/0x6d0 [ 2487.615295] ? handle_mm_fault+0x9e9/0x3500 [ 2487.615721] ? find_held_lock+0x2c/0x110 [ 2487.616148] ___sys_sendmsg+0xf3/0x170 [ 2487.616532] ? sendmsg_copy_msghdr+0x160/0x160 [ 2487.616979] ? vmacache_find+0x55/0x2a0 [ 2487.617403] ? do_user_addr_fault+0x5b0/0xc60 [ 2487.617855] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2487.618314] ? exc_page_fault+0xca/0x1a0 [ 2487.618635] ? trace_hardirqs_on+0x5b/0x180 [ 2487.619102] ? exc_page_fault+0xca/0x1a0 [ 2487.619543] ? asm_exc_page_fault+0x1e/0x30 [ 2487.620003] __sys_sendmmsg+0x195/0x470 [ 2487.620433] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2487.620878] ? lock_downgrade+0x6d0/0x6d0 [ 2487.621337] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2487.621835] ? wait_for_completion_io+0x270/0x270 [ 2487.622336] ? rcu_read_lock_any_held+0x75/0xa0 [ 2487.622847] ? vfs_write+0x354/0xb10 [ 2487.623245] ? fput_many+0x2f/0x1a0 [ 2487.623623] ? ksys_write+0x1a9/0x260 [ 2487.624010] ? __ia32_sys_read+0xb0/0xb0 [ 2487.624446] __x64_sys_sendmmsg+0x99/0x100 [ 2487.624881] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2487.625415] do_syscall_64+0x33/0x40 [ 2487.625804] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2487.626336] RIP: 0033:0x7f0fecadbb19 [ 2487.626728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2487.628569] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2487.629349] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2487.630071] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2487.630809] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2487.631541] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2487.632271] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 [ 2487.650947] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2487.650947] program syz-executor.3 not setting count and/or reply_len properly [ 2487.663112] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue [ 2487.680003] EXT4-fs (loop6): re-mounted. Opts: (null) 03:06:17 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080000d9f4655fdaf2655fdaf4655f000000000000060004", 0x1d, 0x2200}], 0x0, &(0x7f00000005c0)=ANY=[]) chroot(&(0x7f0000000180)='./file0\x00') r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f00000001c0)={0x8, 0x2c, 0xb, 0x1e, 0xa, 0x401, 0x2, 0x136}) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x9, 0x0, 0x84, 0x4, 0x62, 0x1}) ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000000)={0x9, 0x0, 0x0, 0xc, 0x4}) r2 = dup2(0xffffffffffffffff, r1) syz_io_uring_setup(0x2bc5, &(0x7f00000004c0)={0x0, 0x52e7, 0x1d}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x6, 0x8, 0x65, 0x6, 0x0, 0x1, 0x1085, 0x1d, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x192f, 0x4, @perf_config_ext={0x80, 0x3}, 0x3000, 0x1ff, 0x8, 0x2, 0x0, 0x4, 0xfff9, 0x0, 0xfff}, 0x0, 0xb, r0, 0xd) r3 = accept$inet(r2, &(0x7f0000000080)={0x2, 0x0, @multicast1}, &(0x7f00000000c0)=0x10) ioctl$FIONCLEX(r3, 0x5450) umount2(&(0x7f0000000040)='./file0\x00', 0x0) creat(0x0, 0x0) creat(&(0x7f0000000000)='./file2\x00', 0x0) 03:06:17 executing program 5: r0 = socket$inet6_udp(0xa, 0x2, 0x0) stat(&(0x7f0000000580)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0}) fremovexattr(r0, &(0x7f0000000000)=@random={'btrfs.', '\x00'}) setresuid(0xffffffffffffffff, r1, 0x0) connect$inet6(r0, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000004980)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000003e00)=[@hopopts={{0x18}}], 0x18}}], 0x2, 0x0) 03:06:17 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') stat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setxattr$system_posix_acl(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='system.posix_acl_access\x00', &(0x7f0000000480)={{}, {}, [], {}, [{0x8, 0x0, r0}], {0x10, 0x6}}, 0x2c, 0x0) r1 = syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000200)='./file0\x00', 0xc000, 0x3, &(0x7f0000000ac0)=[{&(0x7f0000000940)="508ed962aa5893073ba5ca05384580122fa0eb36382d76da6126d23490047bed27eccd6cdbb15edd3a5a1916e51f3ebebbdc34c81dccf64f1cc562107f54dc8ce858c8e81354f5dc7ea93c18a8dda421c91d1e4c08524c073ccab8dbc4c28d4f36c0e5e494f0ae04379ef3f078cbef78", 0x70, 0x10000}, {&(0x7f00000009c0)="0bdbf29636de02bf623391c7566728823bbf7930480e5137bc133ac56517440d96e7223f192688d349b1b899401fef0aa4e5032ac6bec669fcaec99869080779a1", 0x41, 0x3}, {&(0x7f0000000a40)="50873244bbaccf57961919272e01dd6ffa4ee2fe9c07fe286cfca97c6f48d80893960afd5c7d0302617c37f733641079e75a4d8a14a1ba8a931fec70899a5e0a661e0303940b43f830bffab659d4aaf4881ed4b661b3217cc0f9fa6b1bc9bcf620737d755162cd48e4ef84ab28f334fcb7f131ba6a2329aa1ca53801", 0x7c, 0x100}], 0x2, &(0x7f0000000b40)=ANY=[@ANYBLOB='dots,dots,gid=', @ANYRESHEX=r0, @ANYBLOB="2c646f74732c61756469742c6d61736b3d5e4d41595f455845432c736d61636b6673726f6f743d2d2f2c5d292b247d2d2b297dd4000000000000006578743d756e636f6e66696e65645f752c66736d616769633d3078303030303030303030303030303030362c00"]) r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) r3 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r3, 0x400, 0x1) fcntl$setown(r3, 0x8, 0xffffffffffffffff) close(r3) openat(r3, &(0x7f0000000d00)='./file2\x00', 0x349d00, 0x84) write$binfmt_elf64(r2, &(0x7f0000000180)=ANY=[], 0xfdef) ioctl$FS_IOC_MEASURE_VERITY(r1, 0xc0046686, &(0x7f0000000d40)={0x1, 0xb4, "b002e3e8eb08536e044977d1f3812d8aeef8d36ad44364955806900cd2ea05829ca5c039f8b23353aeb29623ee4b1cd3b05db1517f02b1593bd148ad6b76d9334f7fae5a738ff998b6977dfa4f49aaf582d043ecf6976e070ea449304954748a84079c2335542b9a752b4d1c6e336c689aaeab07e71a88aef41abc74b6bbba89a0e19d2b7400a1e65048e7c56a7779eb4d78f4858f480521ebfff663b7443791133827ec245ecdf5bf8de04f8735ac410faa4f40"}) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) close(r4) sendmmsg$sock(r4, &(0x7f00000000c0)=[{{0x0, 0x0, &(0x7f0000000800)=[{&(0x7f00000002c0)="bfd7b20c5f26e6f8ce9972e606edee905fdeffc279bb8bd874b31d8da143d2907318b6202d30c1230eed11fb871a4f09fa8f83cf633012791b406242e893e6db4127d4045306173ceb6948a8f737b4600066026d8f344431daa25c344faaa4c86a791030a46a3de95c8edfc0b85c0cc1bbfb7e53b2544471b803c8bdf16c8640db071f2c5cdf4ff5c4f8cc86312d5843536e24fbf00d7e", 0x97}, {&(0x7f0000000380)="9f6fbee40dcd78908b396d11899788b158f474b689e64ee34d0b632eb942538e1310fd9da2c6add4013fc96d3dcc46c2d90e7567280487c0ce0a1187946d8464fc937aef5aa2b72cb0c3afb00b4c27b2c9aab903196777def430f19eb39e1091ff21b51d8eba5deb99c34585fee48ffde4d036e713e87a98f4ac5567bc74d3b59040b5d6d84d4db301cab43c62980f4604f8503ad2ee7c2820ad2cb5a3133391b2b8e716d89054a91f598ef4aef421bc6c564a5abdf3051a79454a7b9e52434d12a4eedbfdb1c8b39c8a325589d018f92459bc863060aae3738cc1fcbbc13f23f2bedd2ea477e24edb2dcc427684423768953e58ae2bb3e63549", 0xfa}, {&(0x7f0000000480)="bfd10ed4b61094c4bcb54c8d70d8a0b071d80a7ddb541b2798b63ec4bd8412646f34f55816b0b265ab1d9182cc26041f23a7670474c0d70ba4e2743275f27ed3c23838cbc939cdb42af2f55f284ce4cc1da89ad6688359a348c7c504da38c0b81b56cbdb9d84870c9854679dc72393ece37199724e46af558019ab82e5ffd1f63d83f3a22a30b8f5a0533265a81efa9e1960acfa2d02edc0763020dc77d4cb6b6f4e159e9c0e6c665f129131832c2c91705a9ed38dd4af0037a6ca3abf0497012f2280a23f2dadf17dcab826d96b30736cecb5341892dc6c5c8f", 0xda}, {&(0x7f0000000000)="45be2dfd843687c59d8f17a4786003a0bc8220c9ae", 0x15}, {&(0x7f0000000580)="d82d379f06651d3f5edfbb92c5a57a50282533f05387ea894f9498c6291ab7cbedc5f4c422b7b91da41dd18a13353ecd86f9e49111c76f6827c2fcc1fe14b51073bd7420a79be535216a76d7266f25f5e14617e6ac01a18f54427397bb05bffdf79110089916f15035ca809018470a944d90271cd852fe71ecc1", 0x7a}, {&(0x7f0000000600)="aec050530d6d5b7ca27300f5dcd6407284a96febe97603541bea4b533d9d3cff5c01179258bd7c60213c762fb268237d5d40741d5d8f78a2e1e48b27e018932117c057a028d3dd3e06c22322dfcaa10259bf89aa62695d223f8e7f44027b912d0650d82640956b16be657c4127a447217cf6e9ef6a29ba1090932a52a7573d43882ed7006f7d94cd990d30565f95535b61090691b0bd8c4926bfab340cd3dd4f32fcc4aae618390acdcc3504ede7db143bbea5a7ea76bd78bf41ec722dede984388ffb53b75a8e7585533065e3", 0xcd}, {&(0x7f0000000700)="f1d2923f1834576e83c8b17798eeb80f8f04644d8f72cacce14b1eea2f0145a690bccf91bb4ec6542686c9f0e53c599b95235faf7529de5a9d10838451318c3625c57002b9b98bedfe6e990415007da776f96a46f68e58788790ddca26ffd675cb253ae54683af71c04a895bfbd010bd53c6c3cec0a5573da6bc1c4ce0fc6e5efcb544deacc02745dbcee5b70fc33b3b75a8063800e38309a4258d513b40ff84cf3181901ce0e99e7b668376df4105f31caaf9d7afe05adbed0868f6bd16a553e2253d4367cf8f25ff1d395ce7d0f0f12feedeb591e8645783e5c343353cf65df1712972", 0xe4}], 0x7, &(0x7f0000000880)=[@txtime={{0x18, 0x1, 0x3d, 0x4}}, @txtime={{0x18, 0x1, 0x3d, 0x3}}, @timestamping={{0x14, 0x1, 0x25, 0x5}}, @txtime={{0x18}}, @mark={{0x14, 0x1, 0x24, 0x1}}, @timestamping={{0x14, 0x1, 0x25, 0x9}}, @mark={{0x14, 0x1, 0x24, 0x3}}, @mark={{0x14, 0x1, 0x24, 0xb32}}], 0xc0}}], 0x1, 0x2000c005) sendmsg$NFNL_MSG_COMPAT_GET(r2, &(0x7f0000000cc0)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000c80)={&(0x7f0000000c40)=ANY=[@ANYBLOB="1c000000000b010400000000000046d2eed700090800024000000003"], 0x1c}, 0x1, 0x0, 0x0, 0x5f4ba28bb21e22f0}, 0x4004095) truncate(&(0x7f00000001c0)='./file0\x00', 0x7) 03:06:17 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0709006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:06:17 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x8702}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:06:17 executing program 2: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r1, 0x0) write(r0, &(0x7f0000000200)="a497e22f9699b3bcefd11dc2d876b915abc85751ca7c2b5b20d94d35053e10cf16b4fb6b59a7b892e12165996dd3126b6a4084a1e08370d54d116a03bd2ed9c64a2b50da8f1b2b91f7d83b2c7268164bf352f170f666846687ab064f4258093d45e7f655e6bba7ce660768ae1499660dfd0a2ffc3ed41707b948bc3c4b4bbe7b034fd3ac9498662e75e9e3e95b9225c5a64c7307befd9d57ba053a25045b7cf44cbfd8c2ada2798270c51fb6f4c57d15f6046e5d39655ecf8e5f427e096e7107cf4babdd6af91c2afcaf74d48c2a56b4bed226ee99213aed9fbc5df6423d4382ead725aa98aaf9a21a6c0730b6cd0183f8d9", 0xf2) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) r3 = epoll_create1(0x80000) pread64(r3, &(0x7f0000000100)=""/35, 0x23, 0x8) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') unlinkat(r2, &(0x7f0000000380)='./file0\x00', 0x200) newfstatat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000300), 0x100) creat(&(0x7f0000000140)='./file0\x00', 0x0) 03:06:17 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 41) 03:06:17 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0905a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) [ 2502.578524] FAULT_INJECTION: forcing a failure. [ 2502.578524] name failslab, interval 1, probability 0, space 0, times 0 [ 2502.579633] CPU: 0 PID: 12661 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2502.580290] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2502.581094] Call Trace: [ 2502.581347] dump_stack+0x107/0x167 [ 2502.581715] should_fail.cold+0x5/0xa [ 2502.582093] ? skb_clone+0x14f/0x3d0 [ 2502.582478] should_failslab+0x5/0x20 [ 2502.582846] kmem_cache_alloc+0x5b/0x310 [ 2502.583148] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2502.583148] program syz-executor.3 not setting count and/or reply_len properly [ 2502.583260] skb_clone+0x14f/0x3d0 [ 2502.586873] __skb_tstamp_tx+0x422/0x8d0 [ 2502.587273] __dev_queue_xmit+0x1770/0x2710 [ 2502.587686] ? find_held_lock+0x2c/0x110 [ 2502.588093] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2502.588519] ? lock_downgrade+0x6d0/0x6d0 [ 2502.588925] ? lock_acquire+0x197/0x470 [ 2502.589293] ? find_held_lock+0x2c/0x110 [ 2502.589674] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2502.590183] ip_finish_output2+0x1514/0x21f0 [ 2502.590614] ? ip_frag_next+0x9e0/0x9e0 [ 2502.591034] ? nf_hook+0x160/0x510 [ 2502.591370] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2502.591842] __ip_finish_output.part.0+0x5f3/0xb50 [ 2502.592313] ? ip_fragment.constprop.0+0x240/0x240 [ 2502.592764] ? nf_hook+0x510/0x510 [ 2502.593117] ip_output+0x2f7/0x600 [ 2502.593454] ip_local_out+0xb4/0x1a0 [ 2502.593803] iptunnel_xmit+0x591/0x8b0 [ 2502.594188] ip_tunnel_xmit+0x1248/0x2f40 [ 2502.594587] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2502.595092] ? ip_md_tunnel_xmit+0x1840/0x1840 [ 2502.595545] ? slab_free_freelist_hook+0xa9/0x180 [ 2502.595999] sit_tunnel_xmit+0xef0/0x2960 [ 2502.596402] ? find_held_lock+0x2c/0x110 [ 2502.596779] ? ipip_rcv+0x4f0/0x4f0 [ 2502.597117] ? dev_queue_xmit_nit+0x7f5/0xb00 [ 2502.597544] ? lock_downgrade+0x6d0/0x6d0 [ 2502.597932] ? dev_queue_xmit_nit+0x80b/0xb00 [ 2502.598361] dev_hard_start_xmit+0x1cb/0x6f0 [ 2502.598789] __dev_queue_xmit+0x17ec/0x2710 [ 2502.599214] ? find_held_lock+0x2c/0x110 [ 2502.599607] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2502.600031] ? lock_downgrade+0x6d0/0x6d0 [ 2502.600416] ? lock_acquire+0x197/0x470 [ 2502.600798] ? ip_finish_output2+0x220/0x21f0 [ 2502.601216] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2502.601721] neigh_connected_output+0x382/0x4d0 [ 2502.602162] ip_finish_output2+0x6f1/0x21f0 03:06:17 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0730006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) [ 2502.602579] ? nf_hook_slow+0xfc/0x1e0 [ 2502.602975] ? ip_frag_next+0x9e0/0x9e0 [ 2502.603344] ? nf_hook+0x160/0x510 [ 2502.603697] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2502.614890] __ip_finish_output.part.0+0x5f3/0xb50 [ 2502.615344] ? ip_fragment.constprop.0+0x240/0x240 [ 2502.615799] ? nf_hook+0x510/0x510 [ 2502.616136] ip_output+0x2f7/0x600 [ 2502.616469] ip_send_skb+0xdd/0x260 [ 2502.616815] udp_send_skb+0x6da/0x11d0 [ 2502.617183] udp_sendmsg+0x197f/0x2160 [ 2502.617546] ? ip_frag_init+0x350/0x350 [ 2502.617923] ? udp_setsockopt+0xc0/0xc0 [ 2502.618286] ? mark_lock+0xf5/0x2df0 [ 2502.618637] ? lock_chain_count+0x20/0x20 [ 2502.619036] ? mark_lock+0xf5/0x2df0 [ 2502.619382] ? mark_lock+0xf5/0x2df0 [ 2502.619726] ? lock_chain_count+0x20/0x20 [ 2502.620112] ? lock_chain_count+0x20/0x20 [ 2502.620498] ? prep_new_page+0x16d/0x1d0 [ 2502.620873] ? lock_chain_count+0x20/0x20 [ 2502.621268] ? __lock_acquire+0x1657/0x5b00 [ 2502.621671] udpv6_sendmsg+0x1b30/0x2ad0 [ 2502.622050] ? __lock_acquire+0x1657/0x5b00 [ 2502.622456] ? udp_v6_push_pending_frames+0x360/0x360 [ 2502.622951] ? lock_acquire+0x197/0x470 [ 2502.623317] ? find_held_lock+0x2c/0x110 [ 2502.623699] ? lock_acquire+0x197/0x470 [ 2502.624064] ? find_held_lock+0x2c/0x110 [ 2502.624442] ? __might_fault+0xd3/0x180 [ 2502.624813] ? lock_downgrade+0x6d0/0x6d0 [ 2502.625196] ? sock_has_perm+0x1ea/0x280 [ 2502.625571] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2502.626060] ? __import_iovec+0x458/0x590 [ 2502.626440] ? udp_v6_push_pending_frames+0x360/0x360 [ 2502.626936] inet6_sendmsg+0x105/0x140 [ 2502.627295] ? inet6_compat_ioctl+0x320/0x320 [ 2502.627714] __sock_sendmsg+0xf2/0x190 [ 2502.628074] ____sys_sendmsg+0x334/0x870 [ 2502.628450] ? sock_write_iter+0x3d0/0x3d0 [ 2502.628841] ? do_recvmmsg+0x6d0/0x6d0 [ 2502.629202] ? handle_mm_fault+0x9e9/0x3500 [ 2502.629601] ? __lock_acquire+0x1657/0x5b00 [ 2502.629999] ? find_held_lock+0x2c/0x110 [ 2502.630381] ___sys_sendmsg+0xf3/0x170 [ 2502.630741] ? sendmsg_copy_msghdr+0x160/0x160 [ 2502.631173] ? vmacache_find+0x55/0x2a0 [ 2502.631551] ? do_user_addr_fault+0x5b0/0xc60 [ 2502.631967] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2502.632448] ? exc_page_fault+0xca/0x1a0 [ 2502.632822] ? trace_hardirqs_on+0x5b/0x180 [ 2502.633217] ? exc_page_fault+0xca/0x1a0 [ 2502.633598] ? asm_exc_page_fault+0x1e/0x30 [ 2502.634011] __sys_sendmmsg+0x195/0x470 [ 2502.634381] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2502.634781] ? lock_downgrade+0x6d0/0x6d0 [ 2502.635190] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2502.635637] ? wait_for_completion_io+0x270/0x270 [ 2502.636081] ? rcu_read_lock_any_held+0x75/0xa0 [ 2502.636507] ? vfs_write+0x354/0xb10 [ 2502.636852] ? fput_many+0x2f/0x1a0 [ 2502.637188] ? ksys_write+0x1a9/0x260 [ 2502.637539] ? __ia32_sys_read+0xb0/0xb0 [ 2502.637923] __x64_sys_sendmmsg+0x99/0x100 [ 2502.638311] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2502.638784] do_syscall_64+0x33/0x40 [ 2502.639144] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2502.639611] RIP: 0033:0x7f0fecadbb19 [ 2502.639953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2502.641613] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2502.642307] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2502.646982] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2502.647629] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2502.648277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2502.648927] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 [ 2502.753300] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue 03:06:17 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) r1 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r1, 0x400, 0x1) fcntl$setown(r1, 0x8, 0xffffffffffffffff) close(r1) pwrite64(r1, &(0x7f0000000200)="0077c367ee98bb81615dcd5e55088fb7e75b8ebbd075ca6720b158c187d3165137cb4021bd5d9c73d218af7c8397119a51b9d57a1cad4d9f84bb65369abe3f72d2d5579743fcc58fbdff0829b7053e1fbc5e31baae38b6e1934c60099b31642446255a502a7d4dfd7934555e625bed17cd82b43eed5b6bd577888188075d75ea5650da22abdee24f4d032a9c8c5e33d2f9bc477abac5cb7d225ab6e2b9782899604e5a8a47ec45e526a084ca81ef3ab02400138b392728e2e65d8ffecbcd72f77c2d636b4d5badcc5a7a43cbc7193ef2", 0xd0, 0x2) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0) perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x4, 0xbb, 0x80, 0xdf, 0x0, 0x40, 0x6100, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x9, 0x2, @perf_bp={&(0x7f0000000040), 0x5}, 0x500e1, 0x3, 0x4000000, 0x1, 0xc07, 0x40000000, 0xcfc2, 0x0, 0x8, 0x0, 0x9}, 0x0, 0x7, r2, 0x3) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) 03:06:17 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x9002}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) [ 2502.798451] EXT4-fs (loop6): re-mounted. Opts: (null) 03:06:17 executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, 0x0) timer_delete(0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) timer_settime(r0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r3) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f0000000140)={'wpan0\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x1c, r4, 0x609, 0x0, 0x0, {0x24}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r6}]}, 0x1c}}, 0x0) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r7) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_GET_WPAN_PHY(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x4c, r2, 0x400, 0x3, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}]}, 0x4c}}, 0x4000000) timer_settime(0x0, 0x0, &(0x7f0000000300)={{}, {0x77359400}}, &(0x7f0000000380)) 03:06:17 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 42) 03:06:17 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0906a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:06:17 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080000d9f4655fdaf2655fdaf4655f000000000000060004", 0x1d, 0x2200}], 0x0, &(0x7f00000005c0)=ANY=[]) chroot(&(0x7f0000000180)='./file0\x00') r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f00000001c0)={0x8, 0x2c, 0xb, 0x1e, 0xa, 0x401, 0x2, 0x136}) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x9, 0x0, 0x84, 0x4, 0x62, 0x1}) ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000000)={0x9, 0x0, 0x0, 0xc, 0x4}) r2 = dup2(0xffffffffffffffff, r1) syz_io_uring_setup(0x2bc5, &(0x7f00000004c0)={0x0, 0x52e7, 0x1d}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x6, 0x8, 0x65, 0x6, 0x0, 0x1, 0x1085, 0x1d, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x192f, 0x4, @perf_config_ext={0x80, 0x3}, 0x3000, 0x1ff, 0x8, 0x2, 0x0, 0x4, 0xfff9, 0x0, 0xfff}, 0x0, 0xb, r0, 0xd) r3 = accept$inet(r2, &(0x7f0000000080)={0x2, 0x0, @multicast1}, &(0x7f00000000c0)=0x10) ioctl$FIONCLEX(r3, 0x5450) umount2(&(0x7f0000000040)='./file0\x00', 0x0) creat(0x0, 0x0) [ 2503.013650] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2503.013650] program syz-executor.3 not setting count and/or reply_len properly 03:06:17 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) r1 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r1, 0x400, 0x1) fcntl$setown(r1, 0x8, 0xffffffffffffffff) close(r1) linkat(r1, &(0x7f0000000000)='./file2\x00', 0xffffffffffffffff, &(0x7f00000000c0)='./file2\x00', 0x0) 03:06:17 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd07b6006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) [ 2503.259006] FAULT_INJECTION: forcing a failure. [ 2503.259006] name failslab, interval 1, probability 0, space 0, times 0 [ 2503.260011] CPU: 1 PID: 12702 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2503.260598] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2503.261299] Call Trace: [ 2503.261532] dump_stack+0x107/0x167 [ 2503.261845] should_fail.cold+0x5/0xa [ 2503.262179] should_failslab+0x5/0x20 [ 2503.262507] __kmalloc_node_track_caller+0x74/0x3b0 [ 2503.262946] ? skb_ensure_writable+0x2cb/0x450 [ 2503.263342] pskb_expand_head+0x15a/0x1040 [ 2503.263706] ? skb_checksum+0x90/0xc0 [ 2503.264033] ? __skb_checksum+0x9e0/0x9e0 [ 2503.264390] skb_ensure_writable+0x2cb/0x450 [ 2503.264774] skb_checksum_help+0x3af/0x5e0 [ 2503.265142] validate_xmit_skb.constprop.0+0xa3a/0xda0 [ 2503.265588] ? __skb_tstamp_tx+0x5db/0x8d0 [ 2503.265949] ? netdev_core_pick_tx+0x1d1/0x2f0 [ 2503.266351] __dev_queue_xmit+0x87b/0x2710 [ 2503.266732] ? find_held_lock+0x2c/0x110 [ 2503.267096] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2503.267488] ? lock_downgrade+0x6d0/0x6d0 [ 2503.267844] ? lock_acquire+0x197/0x470 [ 2503.268183] ? find_held_lock+0x2c/0x110 [ 2503.268535] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2503.268987] ip_finish_output2+0x1514/0x21f0 [ 2503.269372] ? ip_frag_next+0x9e0/0x9e0 [ 2503.269717] ? nf_hook+0x160/0x510 [ 2503.270024] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2503.270466] __ip_finish_output.part.0+0x5f3/0xb50 [ 2503.270895] ? ip_fragment.constprop.0+0x240/0x240 [ 2503.271315] ? nf_hook+0x510/0x510 [ 2503.271629] ip_output+0x2f7/0x600 [ 2503.271939] ip_local_out+0xb4/0x1a0 [ 2503.272261] iptunnel_xmit+0x591/0x8b0 [ 2503.272606] ip_tunnel_xmit+0x1248/0x2f40 [ 2503.272974] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2503.273419] ? ip_md_tunnel_xmit+0x1840/0x1840 [ 2503.273822] ? slab_free_freelist_hook+0xa9/0x180 [ 2503.274240] sit_tunnel_xmit+0xef0/0x2960 [ 2503.274602] ? find_held_lock+0x2c/0x110 [ 2503.274963] ? ipip_rcv+0x4f0/0x4f0 [ 2503.275276] ? dev_queue_xmit_nit+0x7f5/0xb00 [ 2503.275660] ? lock_downgrade+0x6d0/0x6d0 [ 2503.276016] ? dev_queue_xmit_nit+0x80b/0xb00 [ 2503.276408] dev_hard_start_xmit+0x1cb/0x6f0 [ 2503.276790] __dev_queue_xmit+0x17ec/0x2710 [ 2503.277162] ? find_held_lock+0x2c/0x110 [ 2503.277509] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2503.277901] ? lock_downgrade+0x6d0/0x6d0 [ 2503.278253] ? lock_acquire+0x197/0x470 [ 2503.278592] ? ip_finish_output2+0x220/0x21f0 [ 2503.278989] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2503.279437] neigh_connected_output+0x382/0x4d0 [ 2503.279845] ip_finish_output2+0x6f1/0x21f0 [ 2503.280214] ? nf_hook_slow+0xfc/0x1e0 [ 2503.280550] ? ip_frag_next+0x9e0/0x9e0 [ 2503.280895] ? nf_hook+0x160/0x510 [ 2503.281201] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2503.281638] __ip_finish_output.part.0+0x5f3/0xb50 [ 2503.282058] ? ip_fragment.constprop.0+0x240/0x240 [ 2503.282471] ? nf_hook+0x510/0x510 [ 2503.282787] ip_output+0x2f7/0x600 [ 2503.283108] ip_send_skb+0xdd/0x260 [ 2503.283423] udp_send_skb+0x6da/0x11d0 [ 2503.283767] udp_sendmsg+0x197f/0x2160 [ 2503.284104] ? ip_frag_init+0x350/0x350 [ 2503.284451] ? udp_setsockopt+0xc0/0xc0 [ 2503.284789] ? mark_lock+0xf5/0x2df0 [ 2503.285113] ? lock_chain_count+0x20/0x20 [ 2503.285470] ? mark_lock+0xf5/0x2df0 [ 2503.285793] ? mark_lock+0xf5/0x2df0 [ 2503.286112] ? lock_chain_count+0x20/0x20 [ 2503.286466] ? lock_chain_count+0x20/0x20 [ 2503.286828] ? prep_new_page+0x16d/0x1d0 [ 2503.287191] ? lock_chain_count+0x20/0x20 [ 2503.287558] ? __lock_acquire+0x1657/0x5b00 [ 2503.287933] udpv6_sendmsg+0x1b30/0x2ad0 [ 2503.288283] ? __lock_acquire+0x1657/0x5b00 [ 2503.288660] ? udp_v6_push_pending_frames+0x360/0x360 [ 2503.289108] ? lock_acquire+0x197/0x470 [ 2503.289446] ? find_held_lock+0x2c/0x110 [ 2503.289801] ? lock_acquire+0x197/0x470 [ 2503.290141] ? find_held_lock+0x2c/0x110 [ 2503.290496] ? __might_fault+0xd3/0x180 [ 2503.290842] ? lock_downgrade+0x6d0/0x6d0 [ 2503.291203] ? sock_has_perm+0x1ea/0x280 [ 2503.291552] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2503.292009] ? __import_iovec+0x458/0x590 [ 2503.292364] ? udp_v6_push_pending_frames+0x360/0x360 [ 2503.292807] inet6_sendmsg+0x105/0x140 [ 2503.293140] ? inet6_compat_ioctl+0x320/0x320 [ 2503.293523] __sock_sendmsg+0xf2/0x190 [ 2503.293857] ____sys_sendmsg+0x334/0x870 [ 2503.294206] ? sock_write_iter+0x3d0/0x3d0 [ 2503.294567] ? do_recvmmsg+0x6d0/0x6d0 [ 2503.294912] ? handle_mm_fault+0x9e9/0x3500 [ 2503.295284] ? __lock_acquire+0x1657/0x5b00 [ 2503.295655] ? find_held_lock+0x2c/0x110 [ 2503.296012] ___sys_sendmsg+0xf3/0x170 [ 2503.296354] ? sendmsg_copy_msghdr+0x160/0x160 [ 2503.296741] ? vmacache_find+0x55/0x2a0 [ 2503.297091] ? do_user_addr_fault+0x5b0/0xc60 [ 2503.297477] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2503.297925] ? exc_page_fault+0xca/0x1a0 [ 2503.298270] ? trace_hardirqs_on+0x5b/0x180 [ 2503.298637] ? exc_page_fault+0xca/0x1a0 [ 2503.299004] ? asm_exc_page_fault+0x1e/0x30 [ 2503.299387] __sys_sendmmsg+0x195/0x470 [ 2503.299733] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2503.300103] ? lock_downgrade+0x6d0/0x6d0 [ 2503.300474] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2503.300890] ? wait_for_completion_io+0x270/0x270 [ 2503.303177] ? rcu_read_lock_any_held+0x75/0xa0 [ 2503.303677] ? vfs_write+0x354/0xb10 [ 2503.304003] ? fput_many+0x2f/0x1a0 [ 2503.304317] ? ksys_write+0x1a9/0x260 [ 2503.304818] ? __ia32_sys_read+0xb0/0xb0 [ 2503.305170] __x64_sys_sendmmsg+0x99/0x100 [ 2503.305528] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2503.306069] do_syscall_64+0x33/0x40 [ 2503.306387] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2503.306953] RIP: 0033:0x7f0fecadbb19 [ 2503.307270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2503.308796] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2503.309429] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2503.310023] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2503.310617] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2503.311224] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2503.311818] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 03:06:18 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x9902}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:06:18 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) r1 = openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) r3 = accept$inet(r2, &(0x7f0000000200)={0x2, 0x0, @loopback}, &(0x7f0000000240)=0x10) ioctl(r3, 0x81, &(0x7f0000000280)="765f1daadf79b7e57cc8eefef3719ff7b8f9d2a4c254f15a87115ae80a47e000f37b5f158b0014dfcbd2dc4b9f6deec95cabeba1fae9d8d331ebbd5174fe6bd691a65c7ff4389a1d94e9b6f176aaf2a8bf69d8dbf0b4b9355a61ab68c782e82f7d151af7ad46e095b42e890024da589e13030f0f66c6d0a8f0853cc7e48e8bbb611d433cebcbc3") rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) r5 = pidfd_getfd(r2, r4, 0x0) openat(r5, &(0x7f0000000100)='./file2\x00', 0x24000, 0x6a) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) close(r4) sendfile(r4, r1, &(0x7f0000000040)=0x4, 0x8000000000000) creat(&(0x7f0000000140)='./file0\x00', 0x0) [ 2503.361713] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2503.361713] program syz-executor.3 not setting count and/or reply_len properly [ 2503.384498] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue 03:06:18 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 43) [ 2503.405559] EXT4-fs (loop6): re-mounted. Opts: (null) 03:06:18 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706000aff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) [ 2503.490210] FAULT_INJECTION: forcing a failure. [ 2503.490210] name failslab, interval 1, probability 0, space 0, times 0 [ 2503.491245] CPU: 1 PID: 12727 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2503.491834] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2503.492531] Call Trace: [ 2503.492767] dump_stack+0x107/0x167 [ 2503.493091] should_fail.cold+0x5/0xa [ 2503.493430] ? create_object.isra.0+0x3a/0xa20 [ 2503.493821] should_failslab+0x5/0x20 [ 2503.494150] kmem_cache_alloc+0x5b/0x310 [ 2503.494502] create_object.isra.0+0x3a/0xa20 [ 2503.494888] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2503.495327] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 2503.495761] ? skb_ensure_writable+0x2cb/0x450 [ 2503.496157] pskb_expand_head+0x15a/0x1040 [ 2503.496523] ? skb_checksum+0x90/0xc0 [ 2503.496877] ? __skb_checksum+0x9e0/0x9e0 [ 2503.497304] skb_ensure_writable+0x2cb/0x450 [ 2503.497686] skb_checksum_help+0x3af/0x5e0 [ 2503.498055] validate_xmit_skb.constprop.0+0xa3a/0xda0 [ 2503.498498] ? __skb_tstamp_tx+0x5db/0x8d0 [ 2503.498866] ? netdev_core_pick_tx+0x1d1/0x2f0 [ 2503.499260] __dev_queue_xmit+0x87b/0x2710 [ 2503.499628] ? find_held_lock+0x2c/0x110 [ 2503.499974] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2503.500365] ? lock_downgrade+0x6d0/0x6d0 [ 2503.500718] ? lock_acquire+0x197/0x470 [ 2503.501057] ? find_held_lock+0x2c/0x110 [ 2503.501409] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2503.501859] ip_finish_output2+0x1514/0x21f0 [ 2503.502239] ? ip_frag_next+0x9e0/0x9e0 [ 2503.502578] ? nf_hook+0x160/0x510 [ 2503.502891] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2503.503328] __ip_finish_output.part.0+0x5f3/0xb50 [ 2503.503749] ? ip_fragment.constprop.0+0x240/0x240 [ 2503.504162] ? nf_hook+0x510/0x510 [ 2503.504476] ip_output+0x2f7/0x600 [ 2503.504786] ip_local_out+0xb4/0x1a0 [ 2503.505107] iptunnel_xmit+0x591/0x8b0 [ 2503.505449] ip_tunnel_xmit+0x1248/0x2f40 [ 2503.505817] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2503.508266] ? ip_md_tunnel_xmit+0x1840/0x1840 [ 2503.508776] ? slab_free_freelist_hook+0xa9/0x180 [ 2503.509189] sit_tunnel_xmit+0xef0/0x2960 [ 2503.509546] ? find_held_lock+0x2c/0x110 [ 2503.510069] ? ipip_rcv+0x4f0/0x4f0 [ 2503.510379] ? dev_queue_xmit_nit+0x7f5/0xb00 [ 2503.510877] ? lock_downgrade+0x6d0/0x6d0 [ 2503.511235] ? tpacket_rcv+0x3960/0x3960 [ 2503.511704] ? dev_queue_xmit_nit+0x80b/0xb00 [ 2503.512097] dev_hard_start_xmit+0x1cb/0x6f0 [ 2503.512476] __dev_queue_xmit+0x17ec/0x2710 [ 2503.512846] ? find_held_lock+0x2c/0x110 [ 2503.513190] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2503.513578] ? lock_downgrade+0x6d0/0x6d0 [ 2503.513926] ? lock_acquire+0x197/0x470 [ 2503.514263] ? ip_finish_output2+0x220/0x21f0 [ 2503.514647] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2503.515109] neigh_connected_output+0x382/0x4d0 [ 2503.515514] ip_finish_output2+0x6f1/0x21f0 [ 2503.515881] ? nf_hook_slow+0xfc/0x1e0 [ 2503.516212] ? ip_frag_next+0x9e0/0x9e0 [ 2503.516752] ? nf_hook+0x160/0x510 [ 2503.517055] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2503.517487] __ip_finish_output.part.0+0x5f3/0xb50 [ 2503.517904] ? ip_fragment.constprop.0+0x240/0x240 [ 2503.518321] ? nf_hook+0x510/0x510 [ 2503.518633] ip_output+0x2f7/0x600 [ 2503.518954] ip_send_skb+0xdd/0x260 [ 2503.519268] udp_send_skb+0x6da/0x11d0 [ 2503.519610] udp_sendmsg+0x197f/0x2160 [ 2503.519945] ? ip_frag_init+0x350/0x350 [ 2503.520290] ? udp_setsockopt+0xc0/0xc0 [ 2503.520625] ? mark_lock+0xf5/0x2df0 [ 2503.520947] ? lock_chain_count+0x20/0x20 [ 2503.521299] ? mark_lock+0xf5/0x2df0 [ 2503.521619] ? mark_lock+0xf5/0x2df0 [ 2503.521941] ? lock_chain_count+0x20/0x20 [ 2503.522304] ? lock_chain_count+0x20/0x20 [ 2503.522674] ? prep_new_page+0x16d/0x1d0 [ 2503.523033] ? lock_chain_count+0x20/0x20 [ 2503.523396] ? __lock_acquire+0x1657/0x5b00 [ 2503.523769] udpv6_sendmsg+0x1b30/0x2ad0 [ 2503.524116] ? __lock_acquire+0x1657/0x5b00 [ 2503.524489] ? udp_v6_push_pending_frames+0x360/0x360 [ 2503.524930] ? lock_acquire+0x197/0x470 [ 2503.525265] ? find_held_lock+0x2c/0x110 [ 2503.525619] ? lock_acquire+0x197/0x470 [ 2503.525954] ? find_held_lock+0x2c/0x110 [ 2503.526303] ? __might_fault+0xd3/0x180 [ 2503.526641] ? lock_downgrade+0x6d0/0x6d0 [ 2503.527010] ? sock_has_perm+0x1ea/0x280 [ 2503.527355] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2503.527907] ? __import_iovec+0x458/0x590 [ 2503.528260] ? udp_v6_push_pending_frames+0x360/0x360 [ 2503.528803] inet6_sendmsg+0x105/0x140 [ 2503.529134] ? inet6_compat_ioctl+0x320/0x320 [ 2503.529512] __sock_sendmsg+0xf2/0x190 [ 2503.529904] ____sys_sendmsg+0x334/0x870 [ 2503.530252] ? sock_write_iter+0x3d0/0x3d0 [ 2503.530660] ? do_recvmmsg+0x6d0/0x6d0 [ 2503.531003] ? handle_mm_fault+0x9e9/0x3500 [ 2503.531370] ? __lock_acquire+0x1657/0x5b00 [ 2503.531787] ? find_held_lock+0x2c/0x110 [ 2503.532142] ___sys_sendmsg+0xf3/0x170 [ 2503.532475] ? sendmsg_copy_msghdr+0x160/0x160 [ 2503.532973] ? vmacache_find+0x55/0x2a0 [ 2503.533322] ? do_user_addr_fault+0x5b0/0xc60 [ 2503.533824] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2503.534265] ? exc_page_fault+0xca/0x1a0 [ 2503.534711] ? trace_hardirqs_on+0x5b/0x180 [ 2503.535091] ? exc_page_fault+0xca/0x1a0 [ 2503.535440] ? asm_exc_page_fault+0x1e/0x30 [ 2503.535877] __sys_sendmmsg+0x195/0x470 [ 2503.536222] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2503.536644] ? lock_downgrade+0x6d0/0x6d0 [ 2503.537010] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2503.537420] ? wait_for_completion_io+0x270/0x270 [ 2503.537894] ? rcu_read_lock_any_held+0x75/0xa0 [ 2503.538284] ? vfs_write+0x354/0xb10 [ 2503.538721] ? fput_many+0x2f/0x1a0 [ 2503.539044] ? ksys_write+0x1a9/0x260 [ 2503.539368] ? __ia32_sys_read+0xb0/0xb0 [ 2503.539803] __x64_sys_sendmmsg+0x99/0x100 [ 2503.540161] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2503.540594] do_syscall_64+0x33/0x40 [ 2503.540909] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2503.541337] RIP: 0033:0x7f0fecadbb19 [ 2503.541653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2503.543193] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2503.543832] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2503.544427] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2503.545022] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2503.545617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2503.546210] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 [ 2503.616525] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2503.616525] program syz-executor.3 not setting count and/or reply_len properly 03:06:33 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x400, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) 03:06:33 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080000d9f4655fdaf2655fdaf4655f000000000000060004", 0x1d, 0x2200}], 0x0, &(0x7f00000005c0)=ANY=[]) chroot(&(0x7f0000000180)='./file0\x00') r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f00000001c0)={0x8, 0x2c, 0xb, 0x1e, 0xa, 0x401, 0x2, 0x136}) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x9, 0x0, 0x84, 0x4, 0x62, 0x1}) ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000000)={0x9, 0x0, 0x0, 0xc, 0x4}) r2 = dup2(0xffffffffffffffff, r1) syz_io_uring_setup(0x2bc5, &(0x7f00000004c0)={0x0, 0x52e7, 0x1d}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x6, 0x8, 0x65, 0x6, 0x0, 0x1, 0x1085, 0x1d, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x192f, 0x4, @perf_config_ext={0x80, 0x3}, 0x3000, 0x1ff, 0x8, 0x2, 0x0, 0x4, 0xfff9, 0x0, 0xfff}, 0x0, 0xb, r0, 0xd) r3 = accept$inet(r2, &(0x7f0000000080)={0x2, 0x0, @multicast1}, &(0x7f00000000c0)=0x10) ioctl$FIONCLEX(r3, 0x5450) umount2(&(0x7f0000000040)='./file0\x00', 0x0) 03:06:33 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080000d9f4655fdaf2655fdaf4655f000000000000060004", 0x1d, 0x2200}], 0x0, &(0x7f00000005c0)=ANY=[]) chroot(&(0x7f0000000180)='./file0\x00') r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f00000001c0)={0x8, 0x2c, 0xb, 0x1e, 0xa, 0x401, 0x2, 0x136}) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x9, 0x0, 0x84, 0x4, 0x62, 0x1}) ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000000)={0x9, 0x0, 0x0, 0xc, 0x4}) r2 = dup2(0xffffffffffffffff, r1) syz_io_uring_setup(0x2bc5, &(0x7f00000004c0)={0x0, 0x52e7, 0x1d}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x6, 0x8, 0x65, 0x6, 0x0, 0x1, 0x1085, 0x1d, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x192f, 0x4, @perf_config_ext={0x80, 0x3}, 0x3000, 0x1ff, 0x8, 0x2, 0x0, 0x4, 0xfff9, 0x0, 0xfff}, 0x0, 0xb, r0, 0xd) r3 = accept$inet(r2, &(0x7f0000000080)={0x2, 0x0, @multicast1}, &(0x7f00000000c0)=0x10) ioctl$FIONCLEX(r3, 0x5450) umount2(&(0x7f0000000040)='./file0\x00', 0x0) creat(0x0, 0x0) creat(&(0x7f0000000000)='./file2\x00', 0x0) 03:06:33 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd07060025ff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:06:33 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0907a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:06:33 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 44) 03:06:33 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0xa202}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:06:33 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0xfdef) r1 = accept$packet(r0, &(0x7f0000000000), &(0x7f00000000c0)=0x14) sendmsg(r1, &(0x7f0000000200)={&(0x7f00000002c0)=@rc={0x1f, @any, 0x7f}, 0x80, &(0x7f0000000180)=[{&(0x7f0000000340)="d8e4004f07741d758025731974e5a6e87d44bc87c93b9de72fb5dd46a938469f7675b0450211dfc5be302714e3dd4b54c18e84322e16d7b4fb952379b31dc6ef565dacac9755502705e19a6b8649d7f43da0460de9f47e4502a1e92a418122410dc1672f26f40d8bfb83d0ed4d284e2f76d7f10cb5b961993c2aab6434372d4289ac97d41c67bf20d5aa04fdb33ee0051e54225b88b6", 0x96}, {&(0x7f0000000400)="290c2c784c27bfae36b3f95d55529418ef49d01e750d734ee96a5589b256fc82ac08f73879cfc68a61d69b56b89c15ee1dc4a1ccec2a42d99ea3a8391be7bfd412ccb42341e53fc2c5db319804f342153758e3e23982a9171e3bc7", 0x5b}, {&(0x7f0000000480)="5b17c1d2852cbda14be2825cc0e772f845b2e8651c0a0c2312e1a865207abfec0ba7facd44922310089714860b1e30f1bcd26c3096b64bf72792b47302f76384981a294f31e0d484e2dd2e4fefc50b8b95", 0x51}], 0x3, &(0x7f0000000500)=[{0x110, 0x3a, 0x1, "cf37a8cc12f5228222fa32f786c4562371b1f670631c493f2f3ac0e17c12597b11a7cc0b8319c652708200eb8fcebd7541de66d6bbc6d71cdd714b39f4ecdbccf78c4a5828c7ff9096594352e6bba9df1572ea8a9870d75f0d879e45d78b6150fa3147ecd7fd3f9f8ecbb94e59852afcdad0f0ef4dea14f7ad40ac5fc9a57cd98c224978e95434b38cc49d01e12220e0af4b478a62da3098e3b01ee0436a92200952dfa0afa8a457b428da00fde3457ad4aefb9a1fb442104ce916ee0f4b74c134ec7e898ecf4365cd9b45f47847c30e1665517c6abf33bf5db8378e5bc3826e4b0fede908bebfca488a7a0512e8a947224cd8653a440adbf0dd"}, {0xe8, 0x10c, 0x80, "44c835b6ab5afbc81c2a1745b8ce402c6a07280b7876b40e8d91c059e0ab4daac68285ceb03691c2156a5ad665fd3297fca49ec5438e70c1fcd34cf6d9fbfa357af5e2cdc7a8e5a084301c1e912bf2944e49688b96e498f3a59d5d5a758b74c2b159824e9560ad06b1555e852ccbbcc44a67edbd419140663be45d730d1b9ab21e4c25efc959f79ec1e399acf8f37de708739491e3f2233cabd6f7d7a671978e527cbfa35f55933cc7e8739d6acee980c71a642777c46b526df7d1d130a8a217edbbdf137478c4aba12d5d49da9c4e2f9b2f900f75"}, {0xf8, 0x110, 0x7d, "75a49d7bfd698d5b87628d242542eca1f94cf1a19940d92cdc997e639937c070c87d3bc012eab07173213bef40ec84df50ec479753bf1b43db1722edb29c84be8d1730a28cfdbf2dbe837d2b4cdce460127aac6164a994ba78eef2f08f4c6377d12880a371de5f86085fe1228959ae3f99c859c840bd9b9a5468c5eba421141770449a831da9ee17164f53cad8a8be01e093423012730681c3fd2b91afe48317bbeaeea9d15ffddb7cc2c44ac9e172cefcbd7029bd45d36ab86fe30420bb7d779ecdd7e4caaecd1cc049e2623ee26eee60045ee836e0f58dc219ba8a42cc292055e51e"}, {0x90, 0x84, 0x5, "92b70e9bfb8c733d1d40842d50a6c2c3f083e327f42d115606b9012f293d609c3d7ab6c725c37ebf67fcae64d9412ed4cee643552127f29e7d8553018b9518834e7ad0bdb2932acf5d5e72a65fa0c57e0f30eaadeb313c109b832a5940689f5772d0431c464fbffe50802d78ce7066340b9baea99cf4b1734d52dbddc4"}, {0x1010, 0xff, 0x4000, "df887d45b6698a5f9e77745074b4c308d9c6b29920932bd08b1b3f7cbc11372c377fd76f2fff18826f4087af4378c2d48870dc996328c347e127b5802d7c19935cd128739bbf44fe5b68b1ca84190e5ec90386d7010ff7b509c6df2a64bc7cbe536b791bbe6dd70193c770af99be963d924bec474685470617900d1327b0b7378579acbbd5dd5b30b103338bc5e56bdcde241dda489a40abf8f677b9d71f3493b290f907d0aef72a90f7756a841812fc2fe42102430f18559500a87d98ec5df1ea7d24d2bb3dba9a3b35b0d1260cee7aff8ccff03a3c13adab5f7abd6116d5311b61202e7acbe8765545e8b9c24c298cab078f05f395a820ac94fb9a3e8df24c792f745b286090eb4420bba46fcaf8436e52aab835f6550f3fee63bce7c874df4bb5ddd586d22faf8e1933701f490ff659f503549b7cdcfce381bb3310a721568e005fcf8af27526beb34f36249f5a791a65300a952519f33df5300b92c5d6aaf91d6b4bc2a5300bcc790b7aad82656bd56abacde697169503745ab3dfab319cbe554817d8f66aca1ed27bfbbcf910b412013b70069ebecefeaec0a4b4832a3e46979401df6955bd2297c44e9da2ce01af73d9db690f916518f0fbd453bbf90789f1fedb8c86db4175eae6c7f46935f3413345e69339cf71a9d7313c4464292ffe2ddc76b2fe2d9790d354a8ceb81d8e334b8b5d8f1609632d1d6aac3881b4253a10e0d134c7648f6402b6238ddc0b77a07aba0974abae0abc01d34fce3e2857b515b24a7eb30685f9ecda95f8f863f70aa4f64674de45fff3aa6082301d998f24d1c373bbcf8777ab8c1dafe483f474316cc52627b5c5cc6526620844b79c3a0197aae6732084b76ab246a5bf55cdb071abb78bdfee76bc270cf6c78ce4ae9cebacdaeacdfe1985d68a239d2ba180ba0d9befab3f9c3d4cf1d453a878d68c6c853a75d7304b9d1a36b07845bdc3e1f441cd6e9510d61e5e8401c1280b1a60216d298e98494010242d899f9592e9f88b5375394560d38cf2d282fd0e77aba0bb6cedef1ac3ef698175dc63f621b04008531c072410f3a9268e078d2cc8034bcf1e2c535c0c8641995aa387efc44a7de30a5b1224e04c1cf9900d804e0feacef6f4c54d76472e45ea3f6cd2fa5bbcb927e38505ec879261b1e574aa3cabcd297e592ad370125d559b44dc6422cf59aa4496b4d7b60964f0340ca6265b3dd6d06ea3a6c7ed86b7a10aed21cad1d23dfa0a8cac50e0dcc930c4a6ce6e2e6d333519654f803e5e0e9d04d65a7d15109bda0792ee017567a9fafc0691bd34454df70fba6c6a799eb4c3fcff410a7748d350a6d1b5450afd493eda1067bb0a0a946edb12ad19313b41e1ead88f7c6eaa7185358c27f6742f5fd61498873c7e41c486b6e19b8d113bcb9eabc54d7eba078760b3bda85ef5b982bd682f358118794cee879fe71ee68d65b0cbbe52562ace9605fa42f808bc6b9deb59895677daaabe5207d508379faabc8d92e477d574b745dd0f293aabe0b017a0eec271a8175e85ecb854bffcb8ebb529f1843a1c78f4c85c5ccae58762871bc182b8af889ca4837ee45577850b7e6df35536c3cab438484e70e85eb03b9835c25d0cc0719810fa95b0203ef6ce94e24f29b081636726d02b3fbe5b96f51da40e91af36ddad33a92affd95662bc44ef21a5882441a2b73ac1297b8093922f6481282261494f2ee40d513d7c9cb82b8201a98d560c7a60d844e086c939f81fb1fe09f6ce560853580e70e26612c47248e4ad9ebc256820c27e9352d047cdae7917907f18f6f79194f4e5ee32808f40569df418a77b3edb5b4030540e7d2ebcabc434cd7f7a62452fb87224d09051fd7cc219e329ec09c4a249a57d0e4d987337af5f14e1854c2058004afd18556fcf199815cb2567c9c79f8d3fd45ce40cab94dbb7f91167e57c3f987a881d4194e9c8b51b253f9f4de622678940679b66579b678462b711d99e073e433536d4f76ade1f02c9dfbacc55c9227836252b7e60f594359e5bbe0e354f4f846992cca853723f536d1359ac06ddeec1b3b00d6c2035232d4caf807e7987a865cf436d1a4ad06e6e4aed331c8c29ef9afe8e5d78825b46a877fb8479ae95f2aa2f07089807bdb6d46473e367a42e60a05fe3dc796d6d45eb3e5cf06bb517d13900bc49e581717516d289903ecbe13ac59b333d7dd97f31ae5cd4b285d34a3652dd6d3fb9709e969cc44aee25d3cb64449a1a45bfb0d4915ba01fa82ece4a592b410a20896311e274ac939c8dd4800bbdf25c0d0ef18d82c74b4c3de116b6272c27f24271725c60990a503c357b813ada7290daad32d4223f729c1a490b382a3c9177074622e52d4bfb372bc91f7c17677de117840e0bcde17372f619524181773832de163389e71970bbd4b2d791ab1969f1f553c414f4f703f6affe2f85c2433839bc8bda148a5af01663b9c7c8f891c3807e064f0c2d7a2fbb86431721da0fd9f45cf15bd185f72adb62aa4ad9d5b006c5fc253c164e650b41201711cf2d39f7c1a021688e13ce0f7fffa8a577404db9934f7849039998781bd8bf23d833784237ec68ffda29bf04684e125e182abd1c17665f6b6fa78d6a1b53417ee23c47abacdfb70895813017c687c8f04cdeabfb88d7ce037aa2618da28b2e21c865faef73eb4e658f819a6fc78b193d56e67b3aa521fe1d36902e1984b2816434f35eab03e2d829f4ee05685fa6deec55dea74adf0f7a7ed144422d80844b221fc61580d350e79ea7219906db3cbeb9df8156d31c3f8aab0f41e02bd7a050f26f0c3437ab86de1b79301936a2439520970e02abd49f13274198ed1102f002c0060b2dc79877e9e56e0ef759e988db0d3a9a11350473bde6f0072352e8ea97fa995e3f43d26e50977b69bc7864ed27f40090e1ea042dc1568bbc5f7e8ffe792f4ddc109027ae9949b871e485ab3865e9137331069fb06ec34683a0ba89e2fda850c25ac424af6d1d22430b004e82f76fde839b2a88254c244e80c08d08313ddfc286df68456e593f789174eb1de156105b8e012d2df0c4ce973ddd6e224d5f6374a9c4e97a5f929db4d2557808aa864dc9788d79f0c392adbb4f8f25108d742946801fb26a69738c6146f1d6c90d58cb2eddb9728ee24274206f6de644bc5274e00ba848158eb2e60ba84b31670c1cd12c4a7fc51258b8b33db8a2b551ec4fce4ad3a079b31bc1f9558c94253dcc0f7ed86d890ede1d86f4b250816a5002da1d8fb1d343141ba646cd0977df269ac129a5b3c731382532648b736cb228621dacb643c91aa69007d6e1e5ad76e149c54127dfa0900f2efda57732a0a00bef4f87c3234c2662900c40493dae7c1d342cd67e01c820c149ec836c874e4d216594c69d187a5ccba98ddb381c8f408cb0d6b4200f3f73b7bdb85cd910098fc4dd042f44d3d0381995f09ff7574246bd34ab778e31c5db4fd9ca0145413d70cb4a28688910243a58a7cb282eeb6755acd87dc007f17ca78a386cee2ec2d39461f82f213128cd2c5ddc48d1f6bbde34715dfaa85a5c464e6a14ace87739c2d0e4e97150c58bf582a7ea82aca14220025b30d9a5acf21d7f892e99933d98ba14a988ee2f45eeee5d5fc5bb2e164b575ca60ebbb99ee585f0839ec6b688ae344e7f778d3135daea73b71640ab94a5a90ff5be83b4bbb8ef9eb9bab7496fcef7b066e409cc4d55a63808f8136cb46e8c8a28e7fc8922d55850991f76fc476c909666b52ec534bd449a8e11e167ed2800b33a495a94577e037e8a8c001997979a1f3e05e02490319f6721510770cebd96b4c829c617a275d96fe9885936239711cc29baddfc3ae9f6e98bbdf7ec4551428cf2c3b907eb243bac5fa5cc1aa8ef786f87eab83f46e65ac116e377e57fa2aef175b7088aaf3356fa1d22aae00fd42a0181d1c16e521f45c0adfcb261bbccb2ca7a6a363ac95304e5453a973dfc3067318fd0591f26cba488e9fcbafad92f6e832202541c0dff607c3fa13adb9d83319b19f8839cc5462e9a7f3584d25ed4e09c5b9b48b97bb4a0fccb70c97e64375bfbfc458cce885b32a2b97bb40dd503f3347c7662e23ad66485558fedc6bc35d8dc8d03048b3bf5186c6c40664405bf4cb73128ded479fcef7cc0c1766dda5adb281658f610d82198aa0e9162e1ff450e7c680447080330c2ae951ef67ea26f5da2a317b18a3bee9c3c00f6c8a274d1142f0056915bfe0209b73378406374939e63f2868a572065810656ed800437372f051f5e9ed94f865a127fce4051f6893272ce7ae64c5e7f6c6f900ec2a137521be7352c484f9f17fb959a77fef7a2f93c7d14a2d3bf4bed8d5d8d1162c628638514090d906111a2732ec056eae9bdacc3d07c51238645db2cbe59877331977cb7a3f813a1def80b9498af2b1dfb0b21a4c485ccec0d45703748e74d1d6ac08539b72bd5ea39c0a6dbbbd0530ef1a590189cbd6aa6a8d02834c34b11bd031113927feb49bda271c0e59c0a32f6eff33a0dcb2ebe5913af636fa793016d0a128469d0e6990db1c9c7bf5165c6dbd1aff6f5756072d0945daa69cba7a98aabed2ff98689a0a1d35f943f365c77f2100f04687ae42f1cc619429d98c914e02d8c7447d9ad4c1ae1d523e40b935706179cd2576e0a00822e0aeeee7b63863e0e0e8c3efb9c949288c238ef55f8e945e639481e44a2132983389501875391644349e4852f40ceaabee4869aec025a2c0bb5a1d20dfec14cd7486b638a12383b6a8c6b9e388884dcd2b99bd54ae104678305c17d3875b981f3fd3ecc4295628cd9c8bdeb1f2ebc07b5614a567c837f8b199b28b6c88784f41005642ec4b88b4ee72113133b9f1287b4a730a4736485ec5b8643afac786ee583e99f5b64d18f0455c3d3d668677678d4c84f603b185d7fd1416e8065167368950dfb6a79cc19d3b1d5a32a71ebc3550a6bc22fbe5a956f47e1c60b868a8d2bdcc97800ab77c3bbf8d05bbb9aa2c30395c209bf5e5a3f82ba87679d5d31a35cf3036ecef29df539055caa4fbf735208865fcd9d83995a04e17d6c2ee1134d1ecd775f75ef4bc18cb9b84e781e9b336f2785424d34ff93f4d8d7e74878b5ca25ca24658df1da825f6343e5a6f26b9d9b9c5ea27ee258528931f3bfde6cb26fd13a52250b6658a3a69ed520a8b365bd09210bf8d466b9935a2fd3043b00c2017c52a3eea7e48ee645b47c213dbfd618e605b27993ef1aa3750b94e4e3908cc299cc8fd3eefefad8b683d73ee7a7bf194dde8e7e380b90ef8b107767975b355384bd45ff97478835c840567b25ab3b00ac283be8b73bccdb0b7941ed40e8dc926c25339f857bcf1898805a7345f6cf472f9d9dae140bde6eb2af32dd27e958fbd6b2f832b0535fc749943ff13784f73e5526bbc2c033b978c7e9fb511faf3244e66631c998452c2405f21077f3b882b4217d61b695d1663ed29cbe20c85c4db7fa896a23da1649dfc1804d1ec0f5c4d0acfbee08712148e09afc359a54b1f2eecca58a4c1de169976098be31ba7a0044f89473417b034f9d8ae0e7f3654bc68e4041b60c7f27f71ed7a31359337ccf6cc060d93ddbaa3fbaf1fb554f2e3c8122f02e711603a527560d0177321c6b1569955267651dd002625bbc4554765c61410d4a1c5ac0cd6d1dc853ce6386c6183c09e5089c7c1bc6144e63690c44ac302f11b28d69ad70c71ac32c8d5528dffa64461356d812ea00bc731fc40a1fbd65b4cb193cf813e59be3c4758209468f60d1d09f02596dc8b0df998b03c0574ef75fd46222253b"}, {0x88, 0x111, 0x1, "874f51286087f2da9b6be6b81cfd7d45ae91eaf662610c942136a2f779ba6b1f514cbd922a813555cb9a49e7ea7cf29821c3af6abcfb0e1781e5f7a7845ac703fb742c7228d0b73c6e79de04ed13cdc81f116ff3e830c7c4dc57422e5f11007e36b6c68303417fbbecf6ae8a5cd1e947f536e4"}, {0x1010, 0x32f, 0x5, "7872cb7674a80030ddee08db1a6a621843f1c17961c74d9c57096348c7948facd4b0810a010cc8cb84a7cc1ac51635c32b2158c8133c26581070e5b5a19330d6e745d60dc2b7404b5dacb2dfd7b29359977403a4d426f33bdd1a657be2e58f169e9aa0f6fe781fef07286b924ea4870f4bda61086858066a8acc0e9f9edfad82f0addb570b731cc65afe12cdc5754b2e980a6d407b47d1697f1f631367f60445ef437de1fc9f60da3b1f6e7331ee477e722af0b487de6ae149c6348c0ce962a5f50a6dfddb42608956f8a59582e99d722588b9960596781563f6bc5fb778bf20ea5e1a8a5e7d6d44cd4b5195b9f3f125ed37887695c89b53ce35ad3487a6c2499beed162f3594946327ad19f14d37a1728f4761b14fe88e8234239cf6a5bac1825c318b997396a61f58b8633b587f568eaaf5ac0c5f2081d1ab3e34e3db545a7da2ec6801f203d9e8b2ddcfa1e37e6983b0515d86f1d73859fd4091320e5fdafb4574270c29d79c29e64e07db8ecca97b31bb5670a4ddc88fc4bd59cc25f561579f94a29232b8493bfb2ab0903e5f3035a0397dc147f92e1d07abc7882908e8727acef09233fbd5372c6aec3e53895069e5d0c2ec0952b639a926e66d2055069a4aeb73d42b07bf6080cd2a8145b3b8a067cfd4899472919a55376eb4313d393d487954eb83c39708f1e61dbb10436524b6c937056f8c7552e493eeab77da35be2e8469ff87bbf42d829fcb02ffcd234726ca60ed16c374e34464799bf25426dff58bb3bf76b41b6473543b8052022301c6642d4a58ee7f5bdc674cd28ec6cbcd01865885fe326e9195c4cbd6afc041697d38abe32a721fef42afdb8e1c21e5f0b077b8980704e5173a8b0237e82fe41a175d1a4370f39d0cc02ada71247989f473425b674d218602fc9659ab3f8238136d2c15d6549839504a4674d9c34bbda4931105a9455caf08d8359932a15ea25fc2a51c42f167a9a6dd84191a9744e34a03f540aa7df85328c0625bc0a5a149b4406b61f95491b05c216ac7088c1de2b38e2d409bbb50e8318b8213c608f426c9d42c7109589a6b890f332c9d2b5492596c94d900fb6d202759dbd6fd8fefc1585d29dcd7e625d08080db6099a91a2c73fdf69825031f68d47dadbc9835c9867f6b8efc1d17081a4ad0495fa31c5410d8f36f1a15113d2b5410f5c2ec0191159f3588ffb50fa37f51ec690d4632c459f0568367d177cee5478c5c9118b5bd9465381228f8809587193ad771b7f2b9b2305ba2f69dda2702f5b5235622f07b0824ea2f5eba87df033131317a24ff89ffdb0fd52e17ea3e80ec3e19f858483cdf7e05e097f7708db6ac497967a7828c59f7d3e9a1362a8d819ff4d55f97d740c025055a75f578368827d61a2e71c61708e948e2fd94b1adddab76e20b0557cc5392fd0bfe9884e97dffed431a3ccef1769198d4bea5052dc197f3eb7170168bbe883a2f70e263b196c95e3038f742968a1c33c0fe07dfa596514dbb6ca65d51ca9443d2702c9794b9ce1bdc51fdd56ef6def8c07a7fe0ae111c30fdf46ff67178c7923a64799186801fe7ffa13ab6374f34239f888760f3c101f1b77c0d13561b80cab7607ea4fca229ac05f8836cdc9d89f0fbc1afbc9c0a0a7d6657c3ba25cb789488ed4f7c5972ef6d01f5d4e9bc3809bb42b54cecf660a8f60d0829e530f36d13abc8588a0a1dc38c0998048a3e2d8fe5be88af0c6594f1275ba15fc776966154ee3d2239c79a41bacf5674116135437750c1b3270e4984ce3fb55e040e2a66056ec9523ceb0e17f1fbbbce511560e6a3f2a533e523e256257685cb8b71513936a517b01caed4af1c0cf608b509d5c27d7ad9eeeab6da672ba9f0eea89c5ada8795ca52999ff1c7bc14c3f8c4301548c1846e3b8d8fd635503f926ae1fc38db0b69d9c30a4c37105f5d8b1fb488dae55c7b4b6fd6b1bdd9ebbeed312a879f9c6df0677ebd318451ed525125274fca197752dc739e0dd11fd768ae2e5cf35c0918ed08e8b7d6e6da43dd196427dafebee7ae9e0e7ca7ad83e52fedf7760f5b7d92baf7b4e06c585d0203534afe4f3149f07b8d40176f51aa202d124dc21ea355921eb70944837ecfc89903a40989a6e2044b7c07594cbd5f7500f246ff19962f62c61b49822a4f8ab63854b4e7f3e93a3b3376b380cdd73c31fa54040b209376d74bfa25c19bc03bcf9d2e1847e5792522e7eb424dae3ec9846ba4dd49752edb2ce370521572eeb0714a2bc6f5a175a3bd753a7c00673b78b9b71a2bb527d30254b01ce3150b8fb3886a6c615c589dc1afca1edef0dbd42afbc0cd91ab73010504dd6daf117d8b0c0a24b62fd7b4a3c36d6bf847144392c20d4a08ae86e1d40debf78f740847dbfcfc2956739d43d244c9836ce996c8f317c8483d0fd5a0a280f94c282f950cb79573866aa43eb5437f1d2b3268b8a16e4a148e0066a109cffbf160fa224cb998fda018b08f2a5f98944163ce63954e9dfc36106ccdc9d4f24b6af19af850cc2c1a516ae5ec03371341622803084ff2c34587ce6249e5db50fcd6038c00cdae915335d9fede3228a089255ffaf68b568ce78770ecf58eee46ce03501a1509d7fff998daefb63e8ec8963beea697605ef7ace026a82fc520178b1286d777570e8f3d6465857b31260e8704f9f40216f751a53a0e25f7d2bd91d466c77a2b8dd58ae037f1c9829b71358e8feebc4855fbd4b6a60b036ecc228f2b6927ce81d7061b4ee6c132dceeac3aa5925a331cf3ee8d2c2c8e94487fc62eddbe93566735ddd942755367f198a0860f0c34bbfee142d6a35460c7852bce51a16f8499efaa3d034bac65b337a67b23475ecdd488301dd960565e370d727658a1815a5c764a8c18e1c95f848498b883e9f9f8f017900e50014a4f625beb5eb4b5fc59dce364985fd548db19509927154178634393701f48b1805827b0ecd58e4297ec593f8a0a2645809b14f67f25c05b097f676351b737650a8b21eecfc4ae2b5c472828b1afd9bde544eb8013ae5a52be993a68452e4ab127c879809bd49cd5c2ff2fb59dd733214258167ddd4bd2b4bc5209b7c9cc9f0f5becdf1307ca4c5261f030d1bb44ac45f0c1d2091041c64ca0a3a3cef9128ec50600ece7f4b1ae8f55bf4d48287392059698eff0a11d87cea7cd7257430a08d50332f50364a9b59adc69d3cd7c6c4ee0d80a909f49cf91cf1d67cbae233d0f0095a5143a198a891f4eee31ecd00c1ad599bcc1c45154cb2234ee43e33f3d93e12a065f6a254b497d26122885145793d397a4e3a1113ecdc1d13ec28594c2d264635941ba5a691306a26295805d090cf8ca30d742108579cfb6565ffe7e28066c65ed58eecb71713b4c9467b83f8dd198cfe0673525e31610435f4f782b84e5618c479ec15b74ab30563a99f806d681809b2696abb93c5db235bdf5bb1c2abeca923f4da55c2419d614d667039fc9b627ea4ba30d91c050783118879130a2e19c7ca8f1972927cce8c3782afadd785ff33a9b7c2e0df338b38959b1544f7a28cc03bc80c2ae42e1fe8621f8f02ccdfa30c6dcb58074aa28357998a239c94122e4fbdb795cb1d8fafaf6dbf9a2a44e7be5d1d871f2d654301b69720b35cb5d3847543e05419a702289b58b5579b10880094491f7f80aab4a55b1d20119c7fafae8346f3a1f6f72e03d466b1e6cc2981e8eda1680f8258db071d486fad5ae36796347014e59c87936fb2a02cc9a7a8709cfbbea61f1a75f5b6b344cbbf7b68f9f1bd8324c5283da99126a2042a4007b6a2e4c959827f860c613a3a9de0a174f8801e8b2e77381378ee59e9eed7fb532603f55b735cccb2c7f23457c39c8cad72eb0b30c3a72d24ffbbcbf693149411a60c6d168291545838a7b720dd06029283987bba42c07f29ad90ba2b90f5f2b72ab7b242a3a6e1e71079e409fd9c2bcbbdd562da5ffbd4ab0fc9a25ba6a6d7e659723b6cdd4899e88159bae9aaae2c5330381f6ceb076a484e385daa6ca23b96d62cee0443eb65f223eda5727e29883c9dd834c39955c91c03616bf85af8d8606ebc2f2c4fe73ef0131fd9512094199c1a8b423fe50aa82ae9d0f601663dae1b90c131018d59fae939b6bd96de60bd81e7833d60b44973cf0dc817d6cc1c04f4a5336b0cbd35d9151ac6a412cb5e776e2efcd878e4ff2811b776886392a3b1314485242b004f7f8fb07354bee8d5ba7cb9ed62cbe96013e3c67bbc7bd346956ac6ffea12a315055f8503f1c0ee16cde268bed1e60398489f0b3d0b60c05e736baa8c4be425fd544405d1eb9a8642b79ea3d3daa71cf968228571c64b7a3798c72e3b7a1c0a3917dab393da2bd5bab10600213ccb8650db15b60e913c985885b25263e2d62ecce69ed386cef8c0b09ade239668b6116dcf93110c4fc40280f668e0aa46001ba1a06c9f5bfaf61cf68dea8fbd7ae6c21b04cda0c28d99ec4bd8015b78a8ca5e136feb2c9f6816b4c3f281a006051255a600fd11d50f72ee7a7045827bcc5ce035f3277468e638e7699bb4a329795fadb42d0719ef2d55f99788f9561c9e418867570418d5bff810ec8619c778f638119dd713ff62148188907e2a18b5ac08ea04d5089a79c0873b4faf8e5b84820fd7cc53aff0aca6f6ea2f1d83854c872a69821f54004577a84161d36cecc818795c5d11cc335fbada728295dea2992f4e03e9ab2f15bac98ae806e40bb33a6c3dc3385d16957f8a6e3f69cb57136e37bf5cdba813bd6d2f6f439bea084acd1d2596adf6942e8eb25fedb267c495d5d90c5df355df0df6164d612e4cb33e4284a6fcf04caf3642b7a19df4dde65ccb2a582f5b0486275aab3747199e083a7ae494d1c85bbd24894ad4b8f059c8ae8e0b48fdbb9824eab7488d9c76b70e1eb73e66b2a952f789e0614030bfca0971d255c946eba44027f3404dea1234a384995b844b309240d40fd62535be0817dbf97984910c8710c9bcf9f3e1451265ae561661515ed3e3d0b1508ca3404455c2c7903f45b1e26e7695bf7154629d4c805ec56c299293d7cb89a90a4cf29317f210f418c9dcedc140881ea2af2cfe4fcb046418ae16cd72abd1359cd17d71aa0b9e4c1053c998e31a873f78840d4c3315e4553a58a47ab450c8ceefcdb606959596b24223ebf2fc65192838a1a5510b97707cf605c515da51d4429084faf57aefb85f8fdf14cb0043116e8c5c4efade089896b1a80a71bb95b897448fcccbf16c1c511260b8672f44f2820a8452ce7c5f17451cb6cd4faa313a7c4a0d92df97b964b75a075216f15384d77d37bda95ac7ebb818e44bb94402b48c2d99c213901b2c63ba97bb1cbfe03c258ae92740a91ee00bcf2b920a99e6d92fe76e528b94e17ab2f6964586484cb6ea37f63ff5e77e3b263df372b8fb5da3ebb809dd5bf4691e9f4dd48096acac8a81baf6d30c5b8fe84806b6a0efec23540aa7332e571704770d4f1d841f67ec6b5871eb800ccd2e8dad24dca779898fc17d2aa7a290d1809d0ebebd77f87bfac8710f51a023f35ead0f0ea034b8265c20f49bbb3783f3a4c6be80dfb1f52b941a5e2a976805a9b55cf623c83d2b617fce7faef627a60d4c4058f28c511d2e29c428dae079d516bf8941e8c0574d95bef75170bdec1764523923a20f0bac5da14787dd7859461dda3e0ab34b53024c340a26747115a40525f243e774e8d2e09faeebd34638cb4d0affc03583f37940492a11de7a42f0ef372929098bc3b7f5502e66cb5d2561a94b1fe064a0e93d0f29adf71bf7c04966b9d4046d2898b2e0ee9e"}, {0x1010, 0x103, 0x10000, "c16bbb82b0b679ffeae854096cda123db1b8a91c47ebec4594056d1bd85faef067ef193cf8fbb12fd5ce94becdf2d5bf15ef1e4f33d18c45ef102f45093851504ec404a3d2bd02e4b7150352c6d9ea8df5f9ae7bc2a4c7b9864ef809df6c96ad23a1fccab630a808131047016c49ec602045e8be4604bb425bbcf2a17bb09707056ef7f7b3f591e70f6aac71cc65d3b354b3afe730f2150ef7afd4cf2f286825e6fe31e3d80bd86dd436d539cdeac71654455da29782c36cf3ad9ebca3ecf2e5a4679936f27ba0112937695c1121edea22be33cb35953149bf50067c45dfd6da6ee82fcc78745e3cbc1a0e037ae7b7b6da9094002b2fd8a01a105172ece9b9e1dcb5947bcb8a98ddce9b0bf27f3aa59b26a1a8e00d99deb9a809c860d8976c1cd69792d803b53e78d9758020116fa43439b4a60374ee3ba6175409bbfcc0648eba729309073cafe83a582fce93deb9e8fdfb4e865ec9910f3f47fd4c597c79d97a184eb922f6d21fd18bc60558fdf1b6140f0c543ba2b1b4d5429ef42549f065e9af0765e9eea74b14dc59016038279082003768070596b4da6d18bc7f6c998cd9b0d3a382eb2a98029b76924f0fd95e507a18900e6f74de178992cb5c9627f277d313dd518daa697a3fedf6ae303d0f14cd2bc110d2f57627e8c1ab44d2793b7fe1b5843cf38248ad118a291f55eb83380f30b6aaf0cea55a965819b6c53bb9030f9bba749d447da64002955a60d28cc27c63804f11c2632bd99bcc27022d1edb6fcbb9bf88dccfa9e032f26a645b241227c5f9a461db9f2125956185b158e24462619e1f6baf840cd0280e292558166ea91184dfd27b2fc7c81dd1b912457a53b87dff3dd7c97bf794506a266cba2b92233595a50f3b66243fa69f6406ee59a52e4c0550ecd286826a016be7fb08055508ff3a377534975c44226339b188765487a409260ae94dc9ddc0de956afa8e85882b95474aa5b0e7faa556ffe5bcfdff4c44cfc0b67888ef5e8bfe1548f747385f925ae20ccf05256ce168a64637437e0cc4dfb7a1ba04e1d4598e111785cdee2ec8e577510179f781e0b951887ad18169f308c2825ea3db2fd026037ddb8fff61b2323c380a372a45fca6814c4676f35bb256fcef23eb9b9535acee15ec50dc0f3b014ff0d19c20af5d78d2403fca0c41f33d6d039e97ba2f280f493c683372d8628dcdf80bca945e4215f7e30735cc0224dc0f77b049cbd3bb9c0b5fad6b1bfb998b981c917285c0f52902938991c224fc394be38715dca55fb80f093b270d4c32c0f38c93e9db8c26fe2c4b89c278e8110677e65d6eef8b13b541f3998671a30e02d3b7192995c729195b0e4474a7d3414e8c1969773cae00fd53f19cd10c0ca18071716a4dcb8d53b04705aee1f73fc47b498958e4e27f6d41a0ced6ba44b574cce44d559471f990d9fbaaa35e7ec1d14ad1a1ea04156d1430c92be6cb4c99fa01783760752d6dfb2cbd2a705363133e03bfe6a18477183babd6bf5c5a431f1cc329f1664bd45c41797f67506b31929378f4d1387faeaad87ccdbdc477da3df79e2e3ca8f82e1348dfd485f56b430e92d72b1175b20a97f39d75c96fc9b12f8373eed1dbdb2366a0e29e397d89dbe7b5581375eb3a52b7b25f8d5eb79bb8881da19b2783a83b7206e46968eb7f896fea512ba310a0b9049b50238562f76c896cf0d8f21525370d5cccc8876dec3eefa24bd99c3310bee5325085163ad698dd69e65dc7808db6e34d6404414a41005811f26d43f8edb8cdf93aab4f0b03e9f679fcf17d20b42804e2a6f229442a42e8bf9bd6ce9b1f7132d82544f53929e7a95718947652d2febac414168628e5189168bbb8f0bf4fd4b86b1075b472a8b3f56d21108fecc7f05880e2f10e03da6607ffd364e3f6471f2eea529104343e9afa770bcaf64b30008f642a05488f45e0cd45ba208ce08328fe3a4c5db014f5ccf640ce0f3549a0f7073d75e9bb40632464867f6312bd767059138ef88b895a9817e90449e5120ce9af2f84a0cc28c4dcabc58ba43abe3dd863814f20d29b5e57ecfcb849376da5fefc1992332abb2efa90667b68883ce1f8f3aa682b76f289e8d87a3b676a0eb8d1b40e34e40ea7fcfb9417b5cae4dd5d33159b5c6e3f68578e3218047e002cd47adfcb2586351283ebfbfdf0e24fec103f3cb924998cafb6cd50ea9253eff830e69b4b3434886ae1fc28f7e332feee8f80ffb81705b25835f1ba11da2d233e8bdd2869b216239669e87871b7aa6873ce465d9921b0c7c94790dbd4e421ba776840af07e5fc3562b3006b4448adb4fa609e15bf2e56eb13dbdfdbcfbdf181020df0242bf776cd0478080bfaffb5b1b9c0b833b21434451683834127af70c95d91d3b1d392f549f6bbec2c8fddd68164c0b7c12cfd4264430201d449f3c84c33ed51214356d4163ddf6de9c428c9bfe9783cf2998e5ca3f36d5e7d04544d43645f4799d549a2a9ffce719e318db053a4607083139c929caa5f841935b2dc4d8d18cf3afa05c45abef2c6798444a88fa1e6d8152feeabe92c7e0d58ecd5e3f774241e9c0882ab0779eea56f9bc32f8700b61519ecd14a6e5e02be650f55aab28ca473cd63bc5850f4588e03ad7e1d2610f658d662150221277f6061746235cb1c9cd229048c4af5f20b2f4f77aab2bcdae99a18d54bdb355e4a5c5784d9bf0087f91a622ad5b47ed12b6c479687aeb1d0d6c65b35a0ace976b76e762c0a8fa178aa193915a42337207d8b82158c9266107dc0be0364962a8790b5643859d321b1654f1cec3145d1a924cf478e6a80a8d05bec8b6da007e90b0ad5adb8d45d135fe17f7a67834a9c0618d1e4fd68660bb9d4b85a27ced42b0398e55aa27a72c35f8d109f08b468ba60860b4aa4daec9b8b667c50891ad860b915dec331cd7b1534a0e3f1a862186618270f73d4545e1fd96d17c80534f89e9161c71faa032e3d3fd26a244dd1e0f16a5a97d51ad939870fbfba0f2ad2fcc0a7828aa7082b7f4afa8ad623fce94a15a5137b5d5256b121dc5bd88c4d9e18faacbf5c19e1ca9aabecc185e64d09d446165b72543ab6d8ad8f07f8d27930870cb4c3e67e22c3aaec3cadfe300e4cc442525e2fdf2dd772036fbf07b25ac66bec7fb0595f6636470ace512cc7a4009af9dd87fcfaace60ece814f7a0f4a421c59ac89ff9f0480eb82b6c0801782e46e0b621415cfad6d8517d41714318f9cc961208959f8946e31c49d8d858bed1c17cae6f0c5753779fcd683174f3c9c4a19abbc625b553e6d261f88dc87bfa75e31153f26ffa3ebfb8c648d71927d7f05050cd377a514c82198c37e2006ed12a7ddf86c0200f9ad5b56d29eb0557ec0e06d8a51ef73cc88f726c7a0dff9b415ee2cbab36efb0febb0bb2031d2a00511a7d27793b36b6733364e2546fbf8e10ff9a591e9512ff8dd10529b6102da72b797773348d5c181aae569645103d55c8fd1807b6542c693fc40eabbe394846145116decc2b2c0a34162a38f9f42e80c3ea5bc5df8aeffd00919f221f3696a02137f35f9433adf80d46ce695c89cb2a5e4ffc1ed8419d09626b331bc597d1cb5b72fcde4c2d08a42da3c0efec1ed502ad5b2d4e9deab0c6f8526d542415d4b89f083479f5b9c54fdce0b9aae3cd3333c6de21bc2d08ca9e9bfbe15f77b7567f560af483d1f15d3b777490eeb450cecfa00caa10c24a45ba27c2f2c5197377b2dbbe6d2e191525ca2741f1eb660af4f5e33299acd115d3918a67592b22d1c2f83cfed4fe6d092322ddc66c5efc014c348682a0eeb9fa3263fbc925527935ec4fd15079736f3b171dafb0b4e916dcc2727439789e28ddfabdc5be46d79230b12ff2e8b9228fef0e9cebf7b8ae446b9b7804b902613ff3d1013f9f38480eb78ce35aa579f691d54c8e19ba4c4dfe2794fb70be8c64c54b68f1937ac19769dc06f2bd56c0b75b06b97f35ad19f6d6a58ad2b017c712043f1afb8194c3f7ebdc9a0abf1419e539a370b73a5cc30a4946e25ef898a7d2527579601e3ddda1cfeb6e27d7e8a3bc84bd02bae6aab41ccb7fb8cead9cebaab5135e58124fd60e3035a3e7b96c92bc2957e9def10aef3c9df1dc3684ad3b1b9d256c7941c70f6a2cdb0ebeca84cd557306cb27885cd941b8eb5dbd7e200028f0ccf351e2868ca53615291434d6e36e16244b7ef615455d447994bd6a4f3000439f3aa1e3552deed42c34be807b022dad200ac33d381ab0d581dc027ed5b464597f9ffd47e7a9cbbb7e6bec9281e08bac66aa543494718cb7be359de2f50e889ba4d4da6f2ed3f26e2bceb064e831b0e22153839fea1106b79721dfefc56e770b777fe9333448d8202eebaf33c6f6834d30395f11bbddcdfc0a6d5df50ae9f97029908158d98ed240dfe70386fbf84c06006d86a6dca72a2b9b05bc67d4077c0e11c6652619b679b49d4b14419a7b27d7bdc77bfbd33fb22d05484142d6ab3096ea2ed2316e5f035272aa6b3ec92720c56265396a0b71e327500ec59cfc40fa5e4d95672369bc41090f6aa3b862b3e22a4e087ad67375410604d4c910eef7a5b86bee7341f8ea6ec0bc3c707bc77d5915696961e3e54093f9c91217e11a27e33370c1953a86633d92988a08f143d4116d8c927db3b44695ccf7b2e27f33609a85dedaa61d59e6eac293fe06fe6c687db3a2c2749b1417fadf209e42e9ed866a8eecdf1931e6b1b33778b714b898f7ee661a145bd0fbe28d33cba6f058463836771e3178ee49f3dc7578fdb7f36ef17bdebca7ba4b95178d09d5cb67c21350cd976ef1f10168741106228db313389b5282b7810c1240009d1f3f7ffb3c08bc7f66f2a95910cfdb1b9eb71ff7556ccbe4d41791593ef478985a34c1a303e69b79964ec2737737ad41de9587e6be30a8c5b761088c01d78677c0c1de0840a41d68f578a61abaac81a586a9fc8e35b39b110d924aef8e21258850ace2c11da6d31a7e81e2ab28e35f7d6ef887ecacae6faae9fea849e213d81c28f055f838f16cc4ee60de74f440697cbaf61be7c952a176bec15dd0cb62a73b64574158562e6cbc0cfe44b5d9c902fc1703ef1ecdec0b238a99b00c515c979745037b35fa7d0d515e06076c337ab79e0bafb8397248c1d4ad2162660d6fd6bb8abb16d0bcf1e79d20a39716d91f9785a8d886305003c442eefae291eb126f2ba827f26d8871bf96d9f290c4305b2830bc0aeea3b2329bf9af9041cb04ee8dc725fc0505023f663c0e74a8ea22cdd6b978314858aefc22a179f3c569502e61c8dcd451ffbab5bcb6d78dc63e95b8413b150be61fa2cbdbe516ccf491edfa6ebebadefb4f64d0e431fb2c747c4ded3477fb0b08219a44c7a87ce3cb4cb6aad686dd7dce14e8ed98cdf88f65cba39e64d12b83941e6aecd38702e6eba4f869916f818fcf2cd6b10859e2ad449fc9a5c167f7a0c7cd1fc37782256650389b2a5cfcb5391bc038f5cf4ea45c2efa82b49a3a2fcf1c6c79ce9e6addf073bb107a108495be92277ce2d357a387d78fbff45a994f78b2053d256fab3fe318323ae11a66b6471b601dd66e533fbe041478acd5a6a46f3cbb06806015a0ee5e71b012e85bfc52fb36e9ea690317d109300508bb034023b3f86403ab34f8b62ee48f4a4ae08f33a90a6c0fc9ca107bf4d6c1c43f67fb5a97752846184f6e6889e88ea645607a84f712286f3b32d7c0160561c905fd65cad650ac20c5b8599c85b370c6858ebcbcae1c0825be6de73f67328453eca52c55648c5581a3502ef10b67933a162593099be4b27845d90fa90"}, {0x30, 0x116, 0x0, "205ec2d8cc2c0ff3e2204ea61e573f2edf6040811892bfa97cbf54d25c"}], 0x3468}, 0x4000) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) [ 2518.939105] FAULT_INJECTION: forcing a failure. [ 2518.939105] name failslab, interval 1, probability 0, space 0, times 0 [ 2518.943180] CPU: 0 PID: 12754 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2518.944897] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2518.947012] Call Trace: [ 2518.947621] dump_stack+0x107/0x167 [ 2518.948456] should_fail.cold+0x5/0xa [ 2518.949314] ? create_object.isra.0+0x3a/0xa20 [ 2518.950341] should_failslab+0x5/0x20 [ 2518.951224] kmem_cache_alloc+0x5b/0x310 [ 2518.951490] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2518.951490] program syz-executor.3 not setting count and/or reply_len properly [ 2518.952139] create_object.isra.0+0x3a/0xa20 [ 2518.952154] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2518.952174] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 2518.957249] ? skb_ensure_writable+0x2cb/0x450 [ 2518.957732] pskb_expand_head+0x15a/0x1040 [ 2518.958176] ? skb_checksum+0x90/0xc0 [ 2518.958574] ? __skb_checksum+0x9e0/0x9e0 [ 2518.959020] skb_ensure_writable+0x2cb/0x450 [ 2518.959491] skb_checksum_help+0x3af/0x5e0 [ 2518.959954] validate_xmit_skb.constprop.0+0xa3a/0xda0 [ 2518.960512] ? __skb_tstamp_tx+0x5db/0x8d0 [ 2518.960968] ? netdev_core_pick_tx+0x1d1/0x2f0 [ 2518.961566] __dev_queue_xmit+0x87b/0x2710 [ 2518.962036] ? find_held_lock+0x2c/0x110 [ 2518.962595] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2518.963144] ? lock_downgrade+0x6d0/0x6d0 [ 2518.964127] ? lock_acquire+0x197/0x470 [ 2518.965037] ? find_held_lock+0x2c/0x110 [ 2518.966019] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2518.967448] ip_finish_output2+0x1514/0x21f0 [ 2518.968563] ? ip_frag_next+0x9e0/0x9e0 [ 2518.969530] ? nf_hook+0x160/0x510 [ 2518.970393] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2518.971619] __ip_finish_output.part.0+0x5f3/0xb50 [ 2518.972858] ? ip_fragment.constprop.0+0x240/0x240 [ 2518.974051] ? nf_hook+0x510/0x510 [ 2518.974867] ip_output+0x2f7/0x600 [ 2518.975690] ip_local_out+0xb4/0x1a0 [ 2518.976689] iptunnel_xmit+0x591/0x8b0 [ 2518.977577] ip_tunnel_xmit+0x1248/0x2f40 [ 2518.978524] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2518.979722] ? ip_md_tunnel_xmit+0x1840/0x1840 [ 2518.980759] ? slab_free_freelist_hook+0xa9/0x180 [ 2518.981851] sit_tunnel_xmit+0xef0/0x2960 [ 2518.982788] ? find_held_lock+0x2c/0x110 [ 2518.983713] ? ipip_rcv+0x4f0/0x4f0 [ 2518.984550] ? dev_queue_xmit_nit+0x7f5/0xb00 [ 2518.985559] ? lock_downgrade+0x6d0/0x6d0 [ 2518.986490] ? tpacket_rcv+0x3960/0x3960 [ 2518.987414] ? dev_queue_xmit_nit+0x80b/0xb00 [ 2518.988432] dev_hard_start_xmit+0x1cb/0x6f0 [ 2518.989431] __dev_queue_xmit+0x17ec/0x2710 [ 2518.990422] ? find_held_lock+0x2c/0x110 [ 2518.991359] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2518.992395] ? lock_downgrade+0x6d0/0x6d0 [ 2518.993313] ? lock_acquire+0x197/0x470 [ 2518.993749] ? ip_finish_output2+0x220/0x21f0 [ 2518.994255] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2518.994846] neigh_connected_output+0x382/0x4d0 [ 2518.995376] ip_finish_output2+0x6f1/0x21f0 [ 2518.995861] ? nf_hook_slow+0xfc/0x1e0 [ 2518.996294] ? ip_frag_next+0x9e0/0x9e0 [ 2518.996735] ? nf_hook+0x160/0x510 [ 2518.997133] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2518.997699] __ip_finish_output.part.0+0x5f3/0xb50 [ 2518.998251] ? ip_fragment.constprop.0+0x240/0x240 [ 2518.998792] ? nf_hook+0x510/0x510 [ 2518.999205] ip_output+0x2f7/0x600 [ 2518.999618] ip_send_skb+0xdd/0x260 [ 2519.000026] udp_send_skb+0x6da/0x11d0 [ 2519.000474] udp_sendmsg+0x197f/0x2160 [ 2519.000917] ? ip_frag_init+0x350/0x350 [ 2519.001359] ? udp_setsockopt+0xc0/0xc0 [ 2519.001791] ? mark_lock+0xf5/0x2df0 [ 2519.002212] ? lock_chain_count+0x20/0x20 [ 2519.002658] ? mark_lock+0xf5/0x2df0 [ 2519.003060] ? mark_lock+0xf5/0x2df0 [ 2519.003453] ? lock_chain_count+0x20/0x20 [ 2519.003888] ? lock_chain_count+0x20/0x20 [ 2519.004332] ? prep_new_page+0x16d/0x1d0 [ 2519.004758] ? lock_chain_count+0x20/0x20 [ 2519.005208] ? __lock_acquire+0x1657/0x5b00 [ 2519.005672] udpv6_sendmsg+0x1b30/0x2ad0 [ 2519.006097] ? __lock_acquire+0x1657/0x5b00 [ 2519.006557] ? udp_v6_push_pending_frames+0x360/0x360 [ 2519.007114] ? lock_acquire+0x197/0x470 [ 2519.007550] ? find_held_lock+0x2c/0x110 [ 2519.007985] ? lock_acquire+0x197/0x470 [ 2519.008408] ? find_held_lock+0x2c/0x110 [ 2519.008853] ? __might_fault+0xd3/0x180 [ 2519.009275] ? lock_downgrade+0x6d0/0x6d0 [ 2519.009738] ? sock_has_perm+0x1ea/0x280 [ 2519.010165] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2519.010732] ? __import_iovec+0x458/0x590 [ 2519.011173] ? udp_v6_push_pending_frames+0x360/0x360 [ 2519.011722] inet6_sendmsg+0x105/0x140 [ 2519.012134] ? inet6_compat_ioctl+0x320/0x320 [ 2519.012599] __sock_sendmsg+0xf2/0x190 [ 2519.013011] ____sys_sendmsg+0x334/0x870 [ 2519.013440] ? sock_write_iter+0x3d0/0x3d0 [ 2519.013882] ? do_recvmmsg+0x6d0/0x6d0 [ 2519.015405] ? handle_mm_fault+0x9e9/0x3500 [ 2519.015837] ? __lock_acquire+0x1657/0x5b00 [ 2519.016329] ? find_held_lock+0x2c/0x110 [ 2519.016750] ___sys_sendmsg+0xf3/0x170 [ 2519.017205] ? sendmsg_copy_msghdr+0x160/0x160 [ 2519.018260] ? vmacache_find+0x55/0x2a0 [ 2519.018682] ? do_user_addr_fault+0x5b0/0xc60 [ 2519.019576] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2519.020726] ? exc_page_fault+0xca/0x1a0 [ 2519.021274] ? trace_hardirqs_on+0x5b/0x180 [ 2519.021740] ? exc_page_fault+0xca/0x1a0 [ 2519.022317] ? asm_exc_page_fault+0x1e/0x30 [ 2519.022812] __sys_sendmmsg+0x195/0x470 [ 2519.023367] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2519.023850] ? lock_downgrade+0x6d0/0x6d0 [ 2519.024440] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2519.024965] ? wait_for_completion_io+0x270/0x270 [ 2519.025496] ? rcu_read_lock_any_held+0x75/0xa0 [ 2519.026017] ? vfs_write+0x354/0xb10 [ 2519.026437] ? fput_many+0x2f/0x1a0 [ 2519.026842] ? ksys_write+0x1a9/0x260 [ 2519.027277] ? __ia32_sys_read+0xb0/0xb0 [ 2519.027725] __x64_sys_sendmmsg+0x99/0x100 [ 2519.028191] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2519.028764] do_syscall_64+0x33/0x40 [ 2519.029164] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2519.029729] RIP: 0033:0x7f0fecadbb19 [ 2519.030139] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2519.032121] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2519.032871] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2519.033523] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2519.034176] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2519.034827] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2519.035485] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 03:06:33 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706026dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) [ 2519.088179] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 03:06:33 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0xab02}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:06:33 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0908a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:06:33 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080000d9f4655fdaf2655fdaf4655f000000000000060004", 0x1d, 0x2200}], 0x0, &(0x7f00000005c0)=ANY=[]) chroot(&(0x7f0000000180)='./file0\x00') r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f00000001c0)={0x8, 0x2c, 0xb, 0x1e, 0xa, 0x401, 0x2, 0x136}) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x9, 0x0, 0x84, 0x4, 0x62, 0x1}) ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000000)={0x9, 0x0, 0x0, 0xc, 0x4}) r2 = dup2(0xffffffffffffffff, r1) syz_io_uring_setup(0x2bc5, &(0x7f00000004c0)={0x0, 0x52e7, 0x1d}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x6, 0x8, 0x65, 0x6, 0x0, 0x1, 0x1085, 0x1d, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x192f, 0x4, @perf_config_ext={0x80, 0x3}, 0x3000, 0x1ff, 0x8, 0x2, 0x0, 0x4, 0xfff9, 0x0, 0xfff}, 0x0, 0xb, r0, 0xd) r3 = accept$inet(r2, &(0x7f0000000080)={0x2, 0x0, @multicast1}, &(0x7f00000000c0)=0x10) ioctl$FIONCLEX(r3, 0x5450) umount2(&(0x7f0000000040)='./file0\x00', 0x0) 03:06:33 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 45) 03:06:33 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') io_setup(0x200, &(0x7f0000000040)=0x0) io_submit(r1, 0x0, &(0x7f0000000100)) creat(&(0x7f0000000140)='./file0\x00', 0x0) 03:06:33 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080000d9f4655fdaf2655fdaf4655f000000000000060004", 0x1d, 0x2200}], 0x0, &(0x7f00000005c0)=ANY=[]) chroot(&(0x7f0000000180)='./file0\x00') r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f00000001c0)={0x8, 0x2c, 0xb, 0x1e, 0xa, 0x401, 0x2, 0x136}) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x9, 0x0, 0x84, 0x4, 0x62, 0x1}) ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000000)={0x9, 0x0, 0x0, 0xc, 0x4}) r2 = dup2(0xffffffffffffffff, r1) syz_io_uring_setup(0x2bc5, &(0x7f00000004c0)={0x0, 0x52e7, 0x1d}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x6, 0x8, 0x65, 0x6, 0x0, 0x1, 0x1085, 0x1d, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x192f, 0x4, @perf_config_ext={0x80, 0x3}, 0x3000, 0x1ff, 0x8, 0x2, 0x0, 0x4, 0xfff9, 0x0, 0xfff}, 0x0, 0xb, r0, 0xd) r3 = accept$inet(r2, &(0x7f0000000080)={0x2, 0x0, @multicast1}, &(0x7f00000000c0)=0x10) ioctl$FIONCLEX(r3, 0x5450) umount2(&(0x7f0000000040)='./file0\x00', 0x0) creat(0x0, 0x0) creat(&(0x7f0000000000)='./file2\x00', 0x0) 03:06:33 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="2e66617400020801000470000000f801", 0x10}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) [ 2519.259064] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2519.259064] program syz-executor.3 not setting count and/or reply_len properly 03:06:34 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706036dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) [ 2519.351345] FAULT_INJECTION: forcing a failure. [ 2519.351345] name failslab, interval 1, probability 0, space 0, times 0 [ 2519.353852] CPU: 1 PID: 12780 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2519.355368] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2519.357169] Call Trace: [ 2519.357744] dump_stack+0x107/0x167 [ 2519.358534] should_fail.cold+0x5/0xa [ 2519.359378] ? create_object.isra.0+0x3a/0xa20 [ 2519.360370] should_failslab+0x5/0x20 [ 2519.361212] kmem_cache_alloc+0x5b/0x310 [ 2519.362092] ? lock_acquire+0x197/0x470 [ 2519.362959] create_object.isra.0+0x3a/0xa20 [ 2519.363954] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2519.365060] kmem_cache_alloc+0x159/0x310 [ 2519.365968] skb_clone+0x14f/0x3d0 [ 2519.366750] dev_queue_xmit_nit+0x3a7/0xb00 [ 2519.367704] ? ipv6_mc_check_mld+0x1110/0x1110 [ 2519.368714] dev_hard_start_xmit+0xab/0x6f0 [ 2519.369667] __dev_queue_xmit+0x17ec/0x2710 [ 2519.370608] ? find_held_lock+0x2c/0x110 [ 2519.371503] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2519.372519] ? lock_downgrade+0x6d0/0x6d0 [ 2519.373434] ? lock_acquire+0x197/0x470 [ 2519.374296] ? find_held_lock+0x2c/0x110 [ 2519.375192] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2519.376340] ip_finish_output2+0x1514/0x21f0 [ 2519.377301] ? ip_frag_next+0x9e0/0x9e0 [ 2519.378164] ? nf_hook+0x160/0x510 [ 2519.378934] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2519.380052] __ip_finish_output.part.0+0x5f3/0xb50 [ 2519.381118] ? ip_fragment.constprop.0+0x240/0x240 [ 2519.382188] ? nf_hook+0x510/0x510 [ 2519.382968] ip_output+0x2f7/0x600 [ 2519.383758] ip_local_out+0xb4/0x1a0 [ 2519.384587] iptunnel_xmit+0x591/0x8b0 [ 2519.385444] ip_tunnel_xmit+0x1248/0x2f40 [ 2519.386354] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2519.387501] ? ip_md_tunnel_xmit+0x1840/0x1840 [ 2519.388506] ? slab_free_freelist_hook+0xa9/0x180 [ 2519.389558] sit_tunnel_xmit+0xef0/0x2960 [ 2519.390459] ? find_held_lock+0x2c/0x110 [ 2519.391348] ? ipip_rcv+0x4f0/0x4f0 [ 2519.392136] ? dev_queue_xmit_nit+0x7f5/0xb00 [ 2519.393105] ? lock_downgrade+0x6d0/0x6d0 [ 2519.394005] ? tpacket_rcv+0x3960/0x3960 [ 2519.394882] ? dev_queue_xmit_nit+0x80b/0xb00 [ 2519.395874] dev_hard_start_xmit+0x1cb/0x6f0 [ 2519.396833] __dev_queue_xmit+0x17ec/0x2710 [ 2519.397772] ? find_held_lock+0x2c/0x110 [ 2519.398654] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2519.399656] ? lock_downgrade+0x6d0/0x6d0 [ 2519.400554] ? lock_acquire+0x197/0x470 [ 2519.401429] ? ip_finish_output2+0x220/0x21f0 [ 2519.402406] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2519.403558] neigh_connected_output+0x382/0x4d0 [ 2519.404584] ip_finish_output2+0x6f1/0x21f0 [ 2519.405520] ? nf_hook_slow+0xfc/0x1e0 [ 2519.406364] ? ip_frag_next+0x9e0/0x9e0 [ 2519.407250] ? nf_hook+0x160/0x510 [ 2519.408037] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2519.409162] __ip_finish_output.part.0+0x5f3/0xb50 [ 2519.410226] ? ip_fragment.constprop.0+0x240/0x240 [ 2519.411298] ? nf_hook+0x510/0x510 [ 2519.412078] ip_output+0x2f7/0x600 [ 2519.412870] ip_send_skb+0xdd/0x260 [ 2519.413670] udp_send_skb+0x6da/0x11d0 [ 2519.414534] udp_sendmsg+0x197f/0x2160 [ 2519.415392] ? ip_frag_init+0x350/0x350 [ 2519.416260] ? udp_setsockopt+0xc0/0xc0 [ 2519.417121] ? mark_lock+0xf5/0x2df0 [ 2519.417934] ? lock_chain_count+0x20/0x20 [ 2519.418840] ? mark_lock+0xf5/0x2df0 [ 2519.419667] ? mark_lock+0xf5/0x2df0 [ 2519.420475] ? lock_chain_count+0x20/0x20 [ 2519.421371] ? lock_chain_count+0x20/0x20 [ 2519.422277] ? prep_new_page+0x16d/0x1d0 [ 2519.423176] ? lock_chain_count+0x20/0x20 [ 2519.424090] ? __lock_acquire+0x1657/0x5b00 [ 2519.425036] udpv6_sendmsg+0x1b30/0x2ad0 [ 2519.425918] ? __lock_acquire+0x1657/0x5b00 [ 2519.426866] ? udp_v6_push_pending_frames+0x360/0x360 [ 2519.428004] ? lock_acquire+0x197/0x470 [ 2519.428871] ? find_held_lock+0x2c/0x110 [ 2519.429763] ? lock_acquire+0x197/0x470 [ 2519.430630] ? find_held_lock+0x2c/0x110 [ 2519.431533] ? __might_fault+0xd3/0x180 [ 2519.432404] ? lock_downgrade+0x6d0/0x6d0 [ 2519.433310] ? sock_has_perm+0x1ea/0x280 [ 2519.434192] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2519.435348] ? __import_iovec+0x458/0x590 [ 2519.436251] ? udp_v6_push_pending_frames+0x360/0x360 [ 2519.437371] inet6_sendmsg+0x105/0x140 [ 2519.438219] ? inet6_compat_ioctl+0x320/0x320 [ 2519.439203] __sock_sendmsg+0xf2/0x190 [ 2519.440047] ____sys_sendmsg+0x334/0x870 [ 2519.441157] ? sock_write_iter+0x3d0/0x3d0 [ 2519.442224] ? do_recvmmsg+0x6d0/0x6d0 [ 2519.443095] ? handle_mm_fault+0x9e9/0x3500 [ 2519.444037] ? find_held_lock+0x2c/0x110 [ 2519.445087] ___sys_sendmsg+0xf3/0x170 [ 2519.446065] ? sendmsg_copy_msghdr+0x160/0x160 [ 2519.447065] ? vmacache_find+0x55/0x2a0 [ 2519.447940] ? do_user_addr_fault+0x5b0/0xc60 [ 2519.448948] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2519.450342] ? exc_page_fault+0xca/0x1a0 [ 2519.451236] ? trace_hardirqs_on+0x5b/0x180 [ 2519.452172] ? exc_page_fault+0xca/0x1a0 [ 2519.453054] ? asm_exc_page_fault+0x1e/0x30 [ 2519.454020] __sys_sendmmsg+0x195/0x470 [ 2519.454888] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2519.455857] ? lock_downgrade+0x6d0/0x6d0 [ 2519.456934] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2519.458095] ? wait_for_completion_io+0x270/0x270 [ 2519.459165] ? rcu_read_lock_any_held+0x75/0xa0 [ 2519.460202] ? vfs_write+0x354/0xb10 [ 2519.461031] ? fput_many+0x2f/0x1a0 [ 2519.462030] ? ksys_write+0x1a9/0x260 [ 2519.463026] ? __ia32_sys_read+0xb0/0xb0 [ 2519.463939] __x64_sys_sendmmsg+0x99/0x100 [ 2519.464879] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2519.466027] do_syscall_64+0x33/0x40 [ 2519.466862] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2519.468014] RIP: 0033:0x7f0fecadbb19 [ 2519.468844] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2519.472944] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2519.474636] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2519.476236] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2519.477826] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2519.479419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2519.481020] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 [ 2519.532155] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue [ 2519.534450] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2519.534450] program syz-executor.3 not setting count and/or reply_len properly [ 2519.549473] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2519.549473] program syz-executor.3 not setting count and/or reply_len properly [ 2519.576835] EXT4-fs (loop5): re-mounted. Opts: (null) [ 2519.621983] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue [ 2519.647904] EXT4-fs (loop6): re-mounted. Opts: (null) 03:06:49 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0xb402}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:06:49 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706046dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:06:49 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000180), 0x40080, 0x0) sendmsg$NL80211_CMD_ABORT_SCAN(r0, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x2, 0x70bd25, 0x25dfdbfc, {{}, {@void, @void}}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x48004}, 0x40) r1 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000140)='./file0/file0\x00', 0x3, 0x0, &(0x7f0000000240), 0x100000, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r2 = syz_mount_image$msdos(&(0x7f0000000340), &(0x7f0000000380)='./file0\x00', 0xb17, 0x4, &(0x7f0000001640)=[{&(0x7f00000003c0)="c0cfc56929ddc09505303729e0c19f71aea74f3ae705c41865a06c0bef0b1f7f91e8d763ac47581cf7c838256c917867cced78446cca8de9046ed9dd09070dcdd2c02e354669012a3bdc780cbdc599023aef2d06fbd6333dc3b47457a5bd705e2cc380f21690f614cd1f4e7a456837a7b805e181410e36d654a41a6e357ddbe577554dfa0389b41bdebb1352cbc09acb8a6bdae84dd5569939b8cfd79b8142a91258423e5db391431e8a9729a3101d91c00a79dba9e3fb7905967858a441aab73b5a8def5d2a356aa781a7d4f655db2f7e0b502f6694ebedefe985479cc20621176e5d401d1adc1e3b9a1400ee482e93ea4042fef904ed4376fc4b4faeb3d08a7eabe74d9a11be9e589435a6c33e76ee502d8770838f95617c9f52c73f6af0c5e3aa975847f888ffb67c6a05557e2ad25d64fe81b90adc1aad9757082112e98a6a0d981a3ec03d0e27204f9463b126d549e100e87e0e41fde62d40c0b02f2e98bd7d4a127641e6d9f6d072fd54753db2cb2bfe11495620d919f7ab9eac2267cab6b77ee05ec20da45523c93a6001211554e76c028d8f1e00616d6845eb7d6fd9c48d2a71954a5e57bf06fb9eff050957201135428eb28415f09110b3f32e862bf48ba211c0fbd71c9d8d4357ab9f54a9fe8e0da581f2153d507e4b0718a54fe6330aabc17b3ec247382cbcab52396c06788a002f11dddd80d7f147b1f53aca6dba0094de341aee4eb9df90d680334ec7bd3e705337dd34e2b531fa701cda1b90bde8b33c0d6a605d88006348a1518f7b01d62093de260543b276ea9aa129bfef55078ba7e713f7cdd1277ca9c7c6e3893f104b3582ffaf9a76121c388b9962e7a50f4b2ac53ea4462e1e56218150a0dc400db832183b5a4c7a63dc620874f5ce9aa38eab58a17218a1521d1730258933b72ffbebabebac12122f01d2426ecff4d5821db26c8fba5addda79260a8580a9c8f1942548c988220c335ea15b7064351ba0044cd285c752353f0c551b2ad63f30d50de320f7d22cc1b7fb78d58684cbfe4b89112e360df4f964d117c7b271d9520df3f896d2d7fcff0703572d94e27f5fbbc85ee2a220fb0a6f1aebc213cc8a7834dc3dc13093f3e4323834172bea8a214b2ecd7e6c48dc635d05f1c6f80a999b0d1719d0f9584f470d48ff0ba872a6e95f163eaebb4441ddc676d8e2cfbcaa30980584abd4566eca1d772b5c97506235265ee646409e082eabb9df770288b2152c7fcfb95ba020e681e5968b72158487d766002aa13a11c8e56932e133475232992447b634bb20b0f95b3f2919aff44150493aabe9fad43362c46484694318d6d56a9cc1ad8da1881d9a2a55391d3d2713040a672ea37ef37e30b317982330601ab24da2f35fe149e0ddb87782f58cf6afb66ba62d9b28508af25b7af69bd9b36a4e17a04d366f6162a9bd95378b35677d7f8842f5299702fba6035d36ec039195fd571067b8118d1b220e19483ec0161b469c39994d3081288ae3d36bd4e8182ef0b0c094aa995aaf641d9715df3da446ce93579240917c03b99a3877afeb31ea8e271b8b3b1c3224786c13ad3d76abc4763a9e9a23104e5af3f85eab5e0ea0a57995c47b225439291cd6ba9292459ac8688d3a19b9282149c987e71aed175aa86a44262fe4ec87b27f0a5ba1239c59bd410b5aae028d472ca222050ca3ee048d86cc3a5b8470e74f9a4ffee651e82721ff30da66f3bbbfde3f1c7af5165d4bdf451c45c27a1de2d0e139270c67bed3efc50aee150b003367f70ede01b6adbbf29a62575340ae58515c34ca49eb715bd11dbaa65aa81349db88b44215e05427fba3c752cb1835ca609c0273c26c08a495e1cfdcd7b9ed509a703e38f0886f9624ff66940cc60ee87ca05f6a5837d234a1401fe6cd88a4fd2bc62cd008ef314b973f65662f8e4098805be62f1bf70ea6f94871ca3c87468b4d103a7fdf37b5ab8702386b328e0742868f0b2448358059cf73f8020d5786b13e1be2cec42c2d52b2e13986936900366948d42f5ac1d77670e619006b71c1b3fe8b62d9174b53355f42ede0b11ccdabbf57ffba566fd8156273cc0dd963b31ca02f115186996615a7f1b98c7b86da3da474ca8e90799d35b1e06fbe7fd343024b02c26d6e5e9958f7367c3faa35bbf98ea721288df6f7fd052d454c512873101cb5e09e0d61c146c66dde6734fb3031e405deee605307672b050bf5f54a0bb4fb13b39a97f2cd2256e384c33cb803ce2e53e8c12e7c7e1e4d8fa6942f351698dad81b550531eb3d83b8e06c1d3cea06a7e95c635c3e56aeca20825a8fc6903b3f83b91d1b1e88a3a45159d8824d1561ae5b2a83bea04ed0f1243cd1b8620f2fcc6a6377f8314daf497f338cada6b235165cb2f8ad02d174204639cbc724e603ef03804cde45f2c1059802a53c87a3e62b6a9e0f168ef617ab9ae08803c26b279eb8b5aa19640f7d8ff83848302e9cdc3877e9a4e4cb332e7e342cd245a3a823072c5ce57ca7d4459ff6079fa26c5bf682565e63900bb8579903912a42387de89cb1ac2dcb7cfa8483d268a0d0c210c2ab6cb4c7eff689e346f748445bf0bb0f700180d304be9ee7ad484bcd70122cdc95353bbf0155c5bce861d299cf3dec6ac63c31e977db3871b9b0e7fad4dd8d67f50fa26440768dbc5a3e5f3b153186c58f5c2b7144b065515291724d73c591f1d841f77b8923c21e85742e3191709dafd2ed941a0b2e3773d058b94897c74a8cd02bd4bcafcb66efef6866001452a3defc432dbbe7de4d68b386ac695908bd665fd6329c44edecec0a76633f2c8213f0f665ea7e47cc3a7e19e30512160b05f1b7aadcfedf99bedff187fb45a0b6e0dbf71b45aed1111ee610b7bbbf3c45d9116bdb5bb6a7531e442cb9f67210631f5981e43075afe340179986e343470fe33d3f9b6b039ca3915df850df410383deb1f2bdbe3a60550c31d40083c3cb352d60843b90104da2f350c81c06cba1b31578de57a2a91e9badbdf364a07dcf8b367b11e764bee06fd93e9efefc392247eeaa1dd6adb0c602bd532a38a6943645626acb6d4a8cc54c1890575d8767977f798d058bdc8f6e5746180109376ae9953ecb02baaec2978a4d850276ede87ead5f2564eb81d9ed9a08e9a8cfd5833dfe594bc758a689f93e8d188836e13c30ea44fcea18f34ebacc90913e634fe58c41e4c24c20e9a91f969d2ca355b5be75263bd15b1a21d4302d48085f2413a9eb52ecf638aa13f2b0a2863f2c498283e42249c915ec283afc9a1524dd2e5e32fab44a4bc420f44704a6fbebb27a0ee705b23782f5f5458568ac21205630990f6fa0601628db61a20694838a6601d2c8677459348ce0210cb721e89346cfbba937fca997cf3cbb33b4d6f247c1848ee3b54c73d32dbe15303bdaf45c10069fcdfb320a9a17d19d9ca650e5044a727d0184f255d36b4c414f4a6434c5d9a32af77ac45b0fc2404adde434132e79d4a307a7d6ff050834a4269dd0fb0635ea70c1c60c1555340750c2507b576227080aebb4c3c4e8a7f3caeb3a5e8fdfaafb835401c1dc1c3de2947d727ceb16056c95e1562af1b7afe03af4d757096d845d9e4d85c0b30cfd30d6d0a0961d3871c52528fb8f31e8396565fbd1fe0a3ac5d9b3dc8ba189a89f48886d27e987209a406d8ab50ea541b1ae9f3b133e2515cfb78d25f20aa4ee2cd1f4251e268c12a8527639c6507c58326d8a33b4257a934121c00f0e4085c410e797c860d666144c3d42cc0c57552b7cffb26a17f4ee8ccda4c8d6f3998ab36e99c1b2d3cc38edadef48a351dae4fc57d60cfef2b381ba04cd354937b152d90ffb5c8ef13eb4fce2e06eccab903d396765ea697992f106931a517292de5211ec6df38496760e990432239309b5b6332be2b716c50ece819bce9c4130172e9056f2808f3753efe73d31621bd37b4fe2a7197103d4b995ed1f3dd77e7695f6f4715da2d27e25dc0ce472451cfbe5e618f77f0ac46ba980c6084649632755daf940e0ef5e395e169370a615e3c7d09e74c193974239b87ac584ea26facc9ad0f1619a58bed2b16bc86a8475024c2ddc00094ea62453672eeb37bbfb618cb246b503455f3ad63b65a7ddc4a5a532570a9bb13922946276fa4343aa703d8157a2194b7046b71013e0a006dc8ccd882a1c7fa8b41e295ef5ed8e1e46ffb843b2f10cd8b9781392763de7bbd7969cbd90e6deba300814afd9d1fbcc9e89a6c854270c7622999e406cd9b28b22fd07bf05b17fd0019d2e5f8ad31fa0a4ff1fc61450ce05c97f5e66ab1318f319cf203386ea99dc9741caf36b18c88a6829dddf2e8b1223f2f75637e8e70ec1c2447e55769aff28168340a27a2b11f654330c29103a1a1f48425a3fc20ba8ce1331fd26eb3e82ec0bcb2abcc93ec08ef4fb17a5a4ecdc5656110abf25ce803219cb7c25be517fd19c8f3016db1ef02609d1fbc3ff39da30e01f46ba71a09fb05ce4f7f1bd9a801b68413038e0752a8191a13146bcffa9e339a6497de9969584b135264b269853c8ebac5af63528af5893017ed82c1949519cda3d50ea0795e19480c508c00a237962ed2d380d0a7f087ce7a4dd4355f7c651f868ea16ee1d390e6b96fd1d80a40b298db1922ef8a65753f8f0a149b8201892b371fb9778810fe84751faaa11a7a412c77111e76517e5296307d2865ffa9438263308a868fba8f934d56d1c68f2770d5c71e828ee7a291334d65da788866c1b9a19b6b01330431ae83dc2e04466fcd65e07690d44a7766a546215547c94746d9a037dabb07bf2f10fce92f58694f5c859e6c35412eebd099841111bb2c3dd746e0d55f2e702626b26cce0a918315a3aa58bef3b37a8e6fabf0b4cccb7db600ac77a8f4f74e6d196746901e530c13d7b7ce002f7af1b7faaab01c01b18faee20aa7e0b61fe9233ce964eabb42d2397f7c12ea57ed63f51dcf60c774e760d69d99dc3689eb5e844ae2119fbe7de0630e8e55bdfe55931c7a94ceceda037cb1552e09dc472cffe83e321811bbdc961d537bc1266e82696c70ea08b03ebb6e9611d255ae74fcf21ef7bc52098b964192a9d4dd60ddaa33499319ffc2a9528df1411ac9cddc2db799d261bf4dc0f265887094af9a48acfb3d44339ae5212ae492f7c34c5b27c2637c0468b88e800ee582cb6378e6f96743be31ccfeefd1e07aa87ed1f90ceaa63d4b00288edb8ab1adbd961b411878103dd5796784fdd1ac437799c95e44efbe305bb18f7e6f78b4fa4e62c348343ce0f02dacdad1a0deec187174e853c05d178e1344b26d1c0129bea967d50c0592a51249c05c9594ee58f5d03b73e7b9f451e879b35d4e7ca12cf9176aa0ad6a4dec83679e6df68d6fb91c240d7326345757adde2fccf971286f400b6c1acd7d3ec2227918561f9ad35061afeb0740cfd6e7e072a47d3a84b0e0f304c4e4a5e68f2cfd89ed620a364eeb02a6b230538ecfbf7dd4304c79d1aaa3a3408a1c23fcbd56932cc9517bc3e952f3feb3b7a45911c0bde9c1c94335863ba535cf7ed46ad18940c60244e5e0e48fa839152ea4036d7911d3417f13d0b65107eb8e45e08b9bc258ce8e5d9e695403287f7747b6bc19bb147f73fd33a2f2180c10dd8a4fef292a35a70107a0d3b7320c411812fb22ff44902f4e99b400f9483b7507034489018bf36ebcc8d38ec72d6785e058ba6b2412db390c2d2aa036616e998a9422eb7d6ed04815b4121b481ee309c3d249a2518c49acdee4fe04e06bcce3dbdb7345bf491fa888efe90b32a80e2216040b838d27f", 0x1000, 0x2}, {&(0x7f00000013c0)="599e12bfde198bd3adcfe420544bf7c11c780aea12b3fc1eda1386c0f01b8a42f5e112517ee41d452cbf868ff0b53e51764f87e93f86b29ad3ec16ed16337907f70576a84de02eb8b2d3ed3ca7971f0f4c1c708152d5957d3a83882644e61773622420df28f71ada0c2b4ed4141bd33444259064803bca9435c2b303dab5f5bc99b990416e1ff5914f868a31ed254dde6bb03d429e577b19ca64a0fb98630d2acc4c7a490f9f48a42f2d1ec3d8985e163e0ba46f0102f3f4ed703874ba45e4074dafd913161327b51f85490912afc4c79d90852d8d912a9adba81c", 0xdb, 0x6}, {&(0x7f00000014c0)="5cd1c16868341b9f677a085ccf0f8dd41cc2f9bd05d3d6c546af5fbea34e14176071209ae28af71b5bc08221f33d385c55513b7d5ea95a4905b8071e5dc653922215c0b691c55453f96529c6161b0535b844b5c45a98230fbc5626033b33512d1133c01372d4c2657178e7c4698022f5b5eab54a4facbfdd1ac0e5f3a52e40996bbbe0bac76455d95aa8c9a8d5c89dce48261714f212b74f3016722ec60d694dc752a34b1133c60258cbbf184a25fb84f40b86ff3c0070eba31e6546880731c7a72a884c6f0f252b88ee59a7ac07ad5e9f64894676", 0xd5, 0x101}, {&(0x7f00000015c0)="95f7ef0377babf1980d555115a4f85168f4423547ed8afd9fd16c41d4441d14589aa692a2c8023cdf54bb897867eacccc737568c83f15cb2370f8903bb18f052c6de44500b8ad6c409c192d3e74c3179c7731ceb18d3db103d87de2d6a85880a27d0069880f3534caedba446d9bba0", 0x6f, 0x6}], 0x800048, &(0x7f00000016c0)={[{@nodots}], [{@smackfstransmute={'smackfstransmute', 0x3d, 'vfat\x00'}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@fsmagic={'fsmagic', 0x3d, 0x9}}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}, {@seclabel}, {@appraise_type}, {@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}]}) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x84100, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) fadvise64(r2, 0x7, 0x6, 0x1) close(r4) fcntl$dupfd(r3, 0x406, r4) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x20010, r1, 0x60f2c000) openat(r1, &(0x7f0000000000)='./file0/file0\x00', 0x480100, 0x69) r5 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x101840, 0x80) write$binfmt_elf64(r5, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) 03:06:49 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 46) 03:06:49 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c090ea2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:06:49 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080000d9f4655fdaf2655fdaf4655f000000000000060004", 0x1d, 0x2200}], 0x0, &(0x7f00000005c0)=ANY=[]) chroot(&(0x7f0000000180)='./file0\x00') r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f00000001c0)={0x8, 0x2c, 0xb, 0x1e, 0xa, 0x401, 0x2, 0x136}) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x9, 0x0, 0x84, 0x4, 0x62, 0x1}) ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000000)={0x9, 0x0, 0x0, 0xc, 0x4}) r2 = dup2(0xffffffffffffffff, r1) syz_io_uring_setup(0x2bc5, &(0x7f00000004c0)={0x0, 0x52e7, 0x1d}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x6, 0x8, 0x65, 0x6, 0x0, 0x1, 0x1085, 0x1d, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x192f, 0x4, @perf_config_ext={0x80, 0x3}, 0x3000, 0x1ff, 0x8, 0x2, 0x0, 0x4, 0xfff9, 0x0, 0xfff}, 0x0, 0xb, r0, 0xd) r3 = accept$inet(r2, &(0x7f0000000080)={0x2, 0x0, @multicast1}, &(0x7f00000000c0)=0x10) ioctl$FIONCLEX(r3, 0x5450) umount2(&(0x7f0000000040)='./file0\x00', 0x0) creat(0x0, 0x0) creat(&(0x7f0000000000)='./file2\x00', 0x0) 03:06:49 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080000d9f4655fdaf2655fdaf4655f000000000000060004", 0x1d, 0x2200}], 0x0, &(0x7f00000005c0)=ANY=[]) chroot(&(0x7f0000000180)='./file0\x00') r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f00000001c0)={0x8, 0x2c, 0xb, 0x1e, 0xa, 0x401, 0x2, 0x136}) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x9, 0x0, 0x84, 0x4, 0x62, 0x1}) ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000000)={0x9, 0x0, 0x0, 0xc, 0x4}) r2 = dup2(0xffffffffffffffff, r1) syz_io_uring_setup(0x2bc5, &(0x7f00000004c0)={0x0, 0x52e7, 0x1d}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x6, 0x8, 0x65, 0x6, 0x0, 0x1, 0x1085, 0x1d, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x192f, 0x4, @perf_config_ext={0x80, 0x3}, 0x3000, 0x1ff, 0x8, 0x2, 0x0, 0x4, 0xfff9, 0x0, 0xfff}, 0x0, 0xb, r0, 0xd) accept$inet(r2, &(0x7f0000000080)={0x2, 0x0, @multicast1}, &(0x7f00000000c0)=0x10) umount2(&(0x7f0000000040)='./file0\x00', 0x0) 03:06:49 executing program 2: io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000100), 0x1, 0x1, 0x0, {0x0, r0}}, 0x800) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r1, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) pidfd_send_signal(r1, 0x1a, &(0x7f0000000200)={0x15, 0x1, 0x1e}, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) [ 2534.450474] FAULT_INJECTION: forcing a failure. [ 2534.450474] name failslab, interval 1, probability 0, space 0, times 0 [ 2534.451739] CPU: 0 PID: 12817 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2534.452423] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2534.453292] Call Trace: [ 2534.453566] dump_stack+0x107/0x167 [ 2534.454005] should_fail.cold+0x5/0xa [ 2534.454389] ? skb_clone+0x14f/0x3d0 [ 2534.454821] should_failslab+0x5/0x20 [ 2534.455220] kmem_cache_alloc+0x5b/0x310 [ 2534.455722] skb_clone+0x14f/0x3d0 [ 2534.456108] __skb_tstamp_tx+0x422/0x8d0 [ 2534.456528] ? dev_queue_xmit_nit+0x80b/0xb00 [ 2534.457049] loopback_xmit+0x299/0x5e0 [ 2534.457294] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2534.457294] program syz-executor.3 not setting count and/or reply_len properly [ 2534.457439] dev_hard_start_xmit+0x1cb/0x6f0 [ 2534.457463] __dev_queue_xmit+0x17ec/0x2710 [ 2534.459715] ? find_held_lock+0x2c/0x110 [ 2534.460129] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2534.460592] ? lock_downgrade+0x6d0/0x6d0 [ 2534.461030] ? lock_acquire+0x197/0x470 [ 2534.461398] ? find_held_lock+0x2c/0x110 [ 2534.461829] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2534.462318] ip_finish_output2+0x1514/0x21f0 [ 2534.462782] ? ip_frag_next+0x9e0/0x9e0 [ 2534.463161] ? nf_hook+0x160/0x510 [ 2534.463499] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2534.464046] __ip_finish_output.part.0+0x5f3/0xb50 [ 2534.464500] ? ip_fragment.constprop.0+0x240/0x240 [ 2534.465002] ? nf_hook+0x510/0x510 [ 2534.465342] ip_output+0x2f7/0x600 [ 2534.465729] ip_local_out+0xb4/0x1a0 [ 2534.466078] iptunnel_xmit+0x591/0x8b0 [ 2534.466447] ip_tunnel_xmit+0x1248/0x2f40 [ 2534.466931] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2534.467441] ? ip_md_tunnel_xmit+0x1840/0x1840 [ 2534.467952] ? slab_free_freelist_hook+0xa9/0x180 [ 2534.468404] sit_tunnel_xmit+0xef0/0x2960 [ 2534.468847] ? find_held_lock+0x2c/0x110 [ 2534.469223] ? ipip_rcv+0x4f0/0x4f0 [ 2534.469561] ? dev_queue_xmit_nit+0x7f5/0xb00 [ 2534.470023] ? lock_downgrade+0x6d0/0x6d0 [ 2534.470408] ? tpacket_rcv+0x3960/0x3960 [ 2534.470832] ? dev_queue_xmit_nit+0x80b/0xb00 [ 2534.471292] dev_hard_start_xmit+0x1cb/0x6f0 [ 2534.471784] __dev_queue_xmit+0x17ec/0x2710 [ 2534.472189] ? find_held_lock+0x2c/0x110 [ 2534.472563] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2534.473039] ? lock_downgrade+0x6d0/0x6d0 [ 2534.473422] ? lock_acquire+0x197/0x470 [ 2534.473841] ? ip_finish_output2+0x220/0x21f0 [ 2534.474259] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2534.474795] neigh_connected_output+0x382/0x4d0 [ 2534.475273] ip_finish_output2+0x6f1/0x21f0 [ 2534.475755] ? nf_hook_slow+0xfc/0x1e0 [ 2534.476116] ? ip_frag_next+0x9e0/0x9e0 [ 2534.476482] ? nf_hook+0x160/0x510 [ 2534.476865] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2534.477334] __ip_finish_output.part.0+0x5f3/0xb50 [ 2534.477837] ? ip_fragment.constprop.0+0x240/0x240 [ 2534.478286] ? nf_hook+0x510/0x510 [ 2534.478623] ip_output+0x2f7/0x600 [ 2534.479008] ip_send_skb+0xdd/0x260 [ 2534.479387] udp_send_skb+0x6da/0x11d0 [ 2534.479834] udp_sendmsg+0x197f/0x2160 [ 2534.480200] ? ip_frag_init+0x350/0x350 [ 2534.480574] ? udp_setsockopt+0xc0/0xc0 [ 2534.481001] ? mark_lock+0xf5/0x2df0 [ 2534.481351] ? mark_lock+0xf5/0x2df0 [ 2534.481748] ? lock_chain_count+0x20/0x20 [ 2534.482135] ? lock_chain_count+0x20/0x20 [ 2534.482538] ? __lock_acquire+0x1657/0x5b00 [ 2534.482993] udpv6_sendmsg+0x1b30/0x2ad0 [ 2534.483407] ? __lock_acquire+0x1657/0x5b00 [ 2534.483894] ? udp_v6_push_pending_frames+0x360/0x360 [ 2534.484375] ? lock_acquire+0x197/0x470 [ 2534.484795] ? find_held_lock+0x2c/0x110 [ 2534.485178] ? lock_acquire+0x197/0x470 [ 2534.485544] ? find_held_lock+0x2c/0x110 [ 2534.485975] ? __might_fault+0xd3/0x180 [ 2534.486344] ? lock_downgrade+0x6d0/0x6d0 [ 2534.486784] ? sock_has_perm+0x1ea/0x280 [ 2534.487178] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2534.487881] ? __import_iovec+0x458/0x590 [ 2534.488303] ? udp_v6_push_pending_frames+0x360/0x360 [ 2534.488919] inet6_sendmsg+0x105/0x140 [ 2534.489301] ? inet6_compat_ioctl+0x320/0x320 [ 2534.490273] __sock_sendmsg+0xf2/0x190 [ 2534.490710] ____sys_sendmsg+0x334/0x870 [ 2534.491131] ? sock_write_iter+0x3d0/0x3d0 [ 2534.491583] ? do_recvmmsg+0x6d0/0x6d0 [ 2534.492042] ? handle_mm_fault+0x9e9/0x3500 [ 2534.492497] ? find_held_lock+0x2c/0x110 [ 2534.493003] ___sys_sendmsg+0xf3/0x170 [ 2534.493416] ? sendmsg_copy_msghdr+0x160/0x160 [ 2534.493928] ? vmacache_find+0x55/0x2a0 [ 2534.494345] ? do_user_addr_fault+0x5b0/0xc60 [ 2534.494874] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2534.495413] ? exc_page_fault+0xca/0x1a0 [ 2534.495898] ? trace_hardirqs_on+0x5b/0x180 [ 2534.496330] ? exc_page_fault+0xca/0x1a0 [ 2534.496839] ? asm_exc_page_fault+0x1e/0x30 [ 2534.497300] __sys_sendmmsg+0x195/0x470 [ 2534.497766] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2534.498209] ? lock_downgrade+0x6d0/0x6d0 [ 2534.498695] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2534.499216] ? wait_for_completion_io+0x270/0x270 [ 2534.499764] ? rcu_read_lock_any_held+0x75/0xa0 [ 2534.500250] ? vfs_write+0x354/0xb10 [ 2534.500629] ? fput_many+0x2f/0x1a0 [ 2534.501088] ? ksys_write+0x1a9/0x260 [ 2534.501480] ? __ia32_sys_read+0xb0/0xb0 [ 2534.501957] __x64_sys_sendmmsg+0x99/0x100 [ 2534.502397] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2534.502966] do_syscall_64+0x33/0x40 [ 2534.503376] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2534.503952] RIP: 0033:0x7f0fecadbb19 [ 2534.504336] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2534.506284] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2534.507113] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2534.507915] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2534.508615] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2534.509414] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2534.510196] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 03:06:49 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0xbd02}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:06:49 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706056dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) [ 2534.601169] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue [ 2534.616869] EXT4-fs (loop6): re-mounted. Opts: (null) [ 2534.616987] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 03:06:49 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0911a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:06:49 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080000d9f4655fdaf2655fdaf4655f000000000000060004", 0x1d, 0x2200}], 0x0, &(0x7f00000005c0)=ANY=[]) chroot(&(0x7f0000000180)='./file0\x00') r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f00000001c0)={0x8, 0x2c, 0xb, 0x1e, 0xa, 0x401, 0x2, 0x136}) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x9, 0x0, 0x84, 0x4, 0x62, 0x1}) ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000000)={0x9, 0x0, 0x0, 0xc, 0x4}) dup2(0xffffffffffffffff, r1) syz_io_uring_setup(0x2bc5, &(0x7f00000004c0)={0x0, 0x52e7, 0x1d}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x6, 0x8, 0x65, 0x6, 0x0, 0x1, 0x1085, 0x1d, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x192f, 0x4, @perf_config_ext={0x80, 0x3}, 0x3000, 0x1ff, 0x8, 0x2, 0x0, 0x4, 0xfff9, 0x0, 0xfff}, 0x0, 0xb, r0, 0xd) umount2(&(0x7f0000000040)='./file0\x00', 0x0) 03:06:49 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) 03:06:49 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) r1 = creat(&(0x7f0000000200)='./file2\x00', 0x0) fcntl$setlease(r1, 0x400, 0x1) fcntl$setown(r1, 0x8, 0xffffffffffffffff) close(r1) r2 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r2, 0x400, 0x1) fcntl$setown(r2, 0x8, 0xffffffffffffffff) close(r2) r3 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r3, 0x400, 0x1) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) close(r3) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[@ANYRES32=r3, @ANYRES64=r2], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) [ 2534.754320] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2534.754320] program syz-executor.3 not setting count and/or reply_len properly 03:06:49 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 47) 03:06:49 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080000d9f4655fdaf2655fdaf4655f000000000000060004", 0x1d, 0x2200}], 0x0, &(0x7f00000005c0)=ANY=[]) chroot(&(0x7f0000000180)='./file0\x00') r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f00000001c0)={0x8, 0x2c, 0xb, 0x1e, 0xa, 0x401, 0x2, 0x136}) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x9, 0x0, 0x84, 0x4, 0x62, 0x1}) ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000000)={0x9, 0x0, 0x0, 0xc, 0x4}) r2 = dup2(0xffffffffffffffff, r1) syz_io_uring_setup(0x2bc5, &(0x7f00000004c0)={0x0, 0x52e7, 0x1d}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x6, 0x8, 0x65, 0x6, 0x0, 0x1, 0x1085, 0x1d, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x192f, 0x4, @perf_config_ext={0x80, 0x3}, 0x3000, 0x1ff, 0x8, 0x2, 0x0, 0x4, 0xfff9, 0x0, 0xfff}, 0x0, 0xb, r0, 0xd) r3 = accept$inet(r2, &(0x7f0000000080)={0x2, 0x0, @multicast1}, &(0x7f00000000c0)=0x10) ioctl$FIONCLEX(r3, 0x5450) umount2(&(0x7f0000000040)='./file0\x00', 0x0) creat(0x0, 0x0) [ 2534.915112] FAULT_INJECTION: forcing a failure. [ 2534.915112] name failslab, interval 1, probability 0, space 0, times 0 [ 2534.920429] CPU: 0 PID: 12843 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2534.921190] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2534.922097] Call Trace: [ 2534.922400] dump_stack+0x107/0x167 [ 2534.922812] should_fail.cold+0x5/0xa [ 2534.923249] ? create_object.isra.0+0x3a/0xa20 [ 2534.923760] should_failslab+0x5/0x20 [ 2534.924188] kmem_cache_alloc+0x5b/0x310 [ 2534.924649] create_object.isra.0+0x3a/0xa20 [ 2534.925136] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2534.932318] kmem_cache_alloc+0x159/0x310 [ 2534.932802] skb_clone+0x14f/0x3d0 [ 2534.933716] __skb_tstamp_tx+0x422/0x8d0 [ 2534.934179] ? dev_queue_xmit_nit+0x80b/0xb00 [ 2534.935323] loopback_xmit+0x299/0x5e0 [ 2534.936314] dev_hard_start_xmit+0x1cb/0x6f0 [ 2534.936824] __dev_queue_xmit+0x17ec/0x2710 [ 2534.937910] ? find_held_lock+0x2c/0x110 [ 2534.938383] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2534.939591] ? lock_downgrade+0x6d0/0x6d0 [ 2534.940654] ? lock_acquire+0x197/0x470 [ 2534.941109] ? find_held_lock+0x2c/0x110 [ 2534.942163] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2534.942760] ip_finish_output2+0x1514/0x21f0 [ 2534.943874] ? ip_frag_next+0x9e0/0x9e0 [ 2534.944341] ? nf_hook+0x160/0x510 [ 2534.945252] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2534.945827] __ip_finish_output.part.0+0x5f3/0xb50 [ 2534.946995] ? ip_fragment.constprop.0+0x240/0x240 [ 2534.947544] ? nf_hook+0x510/0x510 [ 2534.948251] ip_output+0x2f7/0x600 [ 2534.948654] ip_local_out+0xb4/0x1a0 [ 2534.949389] iptunnel_xmit+0x591/0x8b0 [ 2534.949840] ip_tunnel_xmit+0x1248/0x2f40 [ 2534.950664] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2534.951247] ? ip_md_tunnel_xmit+0x1840/0x1840 [ 2534.952202] ? slab_free_freelist_hook+0xa9/0x180 [ 2534.952745] sit_tunnel_xmit+0xef0/0x2960 [ 2534.953533] ? find_held_lock+0x2c/0x110 [ 2534.953994] ? ipip_rcv+0x4f0/0x4f0 [ 2534.954703] ? dev_queue_xmit_nit+0x7f5/0xb00 [ 2534.955208] ? lock_downgrade+0x6d0/0x6d0 [ 2534.956085] ? dev_queue_xmit_nit+0x80b/0xb00 [ 2534.956595] dev_hard_start_xmit+0x1cb/0x6f0 [ 2534.957432] __dev_queue_xmit+0x17ec/0x2710 [ 2534.957926] ? find_held_lock+0x2c/0x110 [ 2534.958709] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2534.959224] ? lock_downgrade+0x6d0/0x6d0 [ 2534.960094] ? lock_acquire+0x197/0x470 [ 2534.960538] ? ip_finish_output2+0x220/0x21f0 [ 2534.961400] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2534.961993] neigh_connected_output+0x382/0x4d0 [ 2534.962894] ip_finish_output2+0x6f1/0x21f0 [ 2534.963386] ? nf_hook_slow+0xfc/0x1e0 [ 2534.964142] ? ip_frag_next+0x9e0/0x9e0 [ 2534.964588] ? nf_hook+0x160/0x510 [ 2534.965335] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2534.965900] __ip_finish_output.part.0+0x5f3/0xb50 [ 2534.966895] ? ip_fragment.constprop.0+0x240/0x240 [ 2534.967443] ? nf_hook+0x510/0x510 [ 2534.968141] ip_output+0x2f7/0x600 [ 2534.968527] ip_send_skb+0xdd/0x260 [ 2534.968939] udp_send_skb+0x6da/0x11d0 [ 2534.969383] udp_sendmsg+0x197f/0x2160 [ 2534.969823] ? ip_frag_init+0x350/0x350 [ 2534.970272] ? udp_setsockopt+0xc0/0xc0 [ 2534.970719] ? mark_lock+0xf5/0x2df0 [ 2534.971150] ? lock_chain_count+0x20/0x20 [ 2534.971617] ? mark_lock+0xf5/0x2df0 [ 2534.972035] ? mark_lock+0xf5/0x2df0 [ 2534.972451] ? lock_chain_count+0x20/0x20 [ 2534.972911] ? lock_chain_count+0x20/0x20 [ 2534.973381] ? prep_new_page+0x16d/0x1d0 [ 2534.973840] ? lock_chain_count+0x20/0x20 [ 2534.974317] ? __lock_acquire+0x1657/0x5b00 [ 2534.974807] udpv6_sendmsg+0x1b30/0x2ad0 [ 2534.975273] ? __lock_acquire+0x1657/0x5b00 [ 2534.975763] ? udp_v6_push_pending_frames+0x360/0x360 [ 2534.976343] ? lock_acquire+0x197/0x470 [ 2534.976788] ? find_held_lock+0x2c/0x110 [ 2534.977248] ? lock_acquire+0x197/0x470 [ 2534.977694] ? find_held_lock+0x2c/0x110 [ 2534.978152] ? __might_fault+0xd3/0x180 [ 2534.978597] ? lock_downgrade+0x6d0/0x6d0 [ 2534.979060] ? sock_has_perm+0x1ea/0x280 [ 2534.979522] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2534.980113] ? __import_iovec+0x458/0x590 [ 2534.980581] ? udp_v6_push_pending_frames+0x360/0x360 [ 2534.981158] inet6_sendmsg+0x105/0x140 [ 2534.981593] ? inet6_compat_ioctl+0x320/0x320 [ 2534.982082] __sock_sendmsg+0xf2/0x190 [ 2534.982501] ____sys_sendmsg+0x334/0x870 [ 2534.982956] ? sock_write_iter+0x3d0/0x3d0 [ 2534.983431] ? do_recvmmsg+0x6d0/0x6d0 [ 2534.983869] ? handle_mm_fault+0x9e9/0x3500 [ 2534.984350] ? __lock_acquire+0x1657/0x5b00 [ 2534.984830] ? find_held_lock+0x2c/0x110 [ 2534.985297] ___sys_sendmsg+0xf3/0x170 [ 2534.985736] ? sendmsg_copy_msghdr+0x160/0x160 [ 2534.986241] ? vmacache_find+0x55/0x2a0 [ 2534.986698] ? do_user_addr_fault+0x5b0/0xc60 [ 2534.991347] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2534.992906] ? exc_page_fault+0xca/0x1a0 [ 2534.994093] ? trace_hardirqs_on+0x5b/0x180 [ 2534.995309] ? exc_page_fault+0xca/0x1a0 [ 2534.996633] ? asm_exc_page_fault+0x1e/0x30 [ 2534.997917] __sys_sendmmsg+0x195/0x470 [ 2534.999103] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2535.000465] ? lock_downgrade+0x6d0/0x6d0 [ 2535.001768] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2535.003172] ? wait_for_completion_io+0x270/0x270 [ 2535.004567] ? rcu_read_lock_any_held+0x75/0xa0 [ 2535.006125] ? vfs_write+0x354/0xb10 [ 2535.007260] ? fput_many+0x2f/0x1a0 [ 2535.008427] ? ksys_write+0x1a9/0x260 [ 2535.009689] ? __ia32_sys_read+0xb0/0xb0 [ 2535.011066] __x64_sys_sendmmsg+0x99/0x100 [ 2535.012506] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2535.014100] do_syscall_64+0x33/0x40 [ 2535.015326] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2535.017007] RIP: 0033:0x7f0fecadbb19 [ 2535.018170] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2535.024121] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2535.026648] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2535.028897] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2535.031140] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2535.033383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2535.035734] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 [ 2535.267078] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue [ 2535.279042] EXT4-fs (loop5): re-mounted. Opts: (null) 03:07:04 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080000d9f4655fdaf2655fdaf4655f000000000000060004", 0x1d, 0x2200}], 0x0, &(0x7f00000005c0)=ANY=[]) chroot(&(0x7f0000000180)='./file0\x00') r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f00000001c0)={0x8, 0x2c, 0xb, 0x1e, 0xa, 0x401, 0x2, 0x136}) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x9, 0x0, 0x84, 0x4, 0x62, 0x1}) ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000000)={0x9, 0x0, 0x0, 0xc, 0x4}) dup2(0xffffffffffffffff, r1) syz_io_uring_setup(0x2bc5, &(0x7f00000004c0)={0x0, 0x52e7, 0x1d}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x6, 0x8, 0x65, 0x6, 0x0, 0x1, 0x1085, 0x1d, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x192f, 0x4, @perf_config_ext={0x80, 0x3}, 0x3000, 0x1ff, 0x8, 0x2, 0x0, 0x4, 0xfff9, 0x0, 0xfff}, 0x0, 0xb, r0, 0xd) umount2(&(0x7f0000000040)='./file0\x00', 0x0) 03:07:04 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0xc602}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:07:04 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706066dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:07:04 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 48) 03:07:04 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f0000000100), 0x1c000, 0x60200) perf_event_open(&(0x7f0000000200)={0x5, 0x80, 0x4, 0xe0, 0x3f, 0x6, 0x0, 0x2, 0x21c00, 0x4, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x3, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0xb2, 0x4a25e77c12d3e869, @perf_bp={&(0x7f0000000040), 0x2}, 0x48040, 0x1, 0x2, 0x0, 0x33, 0x1, 0x8, 0x0, 0x8, 0x0, 0x100}, 0xffffffffffffffff, 0xe, r1, 0x10) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) 03:07:04 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0960a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:07:04 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080000d9f4655fdaf2655fdaf4655f000000000000060004", 0x1d, 0x2200}], 0x0, &(0x7f00000005c0)=ANY=[]) chroot(&(0x7f0000000180)='./file0\x00') r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f00000001c0)={0x8, 0x2c, 0xb, 0x1e, 0xa, 0x401, 0x2, 0x136}) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x9, 0x0, 0x84, 0x4, 0x62, 0x1}) ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000000)={0x9, 0x0, 0x0, 0xc, 0x4}) r2 = dup2(0xffffffffffffffff, r1) syz_io_uring_setup(0x2bc5, &(0x7f00000004c0)={0x0, 0x52e7, 0x1d}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x6, 0x8, 0x65, 0x6, 0x0, 0x1, 0x1085, 0x1d, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x192f, 0x4, @perf_config_ext={0x80, 0x3}, 0x3000, 0x1ff, 0x8, 0x2, 0x0, 0x4, 0xfff9, 0x0, 0xfff}, 0x0, 0xb, r0, 0xd) r3 = accept$inet(r2, &(0x7f0000000080)={0x2, 0x0, @multicast1}, &(0x7f00000000c0)=0x10) ioctl$FIONCLEX(r3, 0x5450) umount2(&(0x7f0000000040)='./file0\x00', 0x0) 03:07:04 executing program 4: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x8000000, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x3218055, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x80) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) write$binfmt_script(r0, &(0x7f0000000440)={'#! ', './file0', [{0x20, 'vfat\x00'}], 0xa, "040a54382df432e3d592ae08d989cc27f27d91a444e5952d2d7ac464219c584d02cf299e2de938ead6c2b9093924cac7d85f8549d2987fd4a0c73f27180723c10ecb4baf5a3d38ac6651123719a7012ec1871c708e35451c297449ca8ac4b1bc0e111cefe7a51bc46d66a9eba1552e3855b3a7320ba8eacbf841ac8863d9e7cf86d93ec7e378c9b4b3d59172d97eb8957d16f44ace321c30eb933c04a04a82719441afe44038e9cc56aa307996d993d04e1e2aaf1bcefef0a2ee69cceccf38c9dca4ac60e8630956a231016ead206999556e1e31d0ae28befe11c4027e2d53deef401daa6ae57d31b340733b00ec8e8dfde506ed6bdc1735877add6b15646bdb606820220ca42ea2d0c4cdde46145d7feb732e4d50437f690000000000000000000000e0a2ef72df62d0c86055de02b80c891e198dfaf958079e64a24e70c32159555164bb901052e0bbee0fea6a3a40ae7a3f529256cf0a446b8c4c08b7017af2d85e77bea5cd009288f007ec38c8dfb8da40e688864757e98c9fa78745235e85187b67df29f61b0be6f0e9b6a5e4f36ed65b70871356914cb4a9e3fc568b3590c8b03a27edf4471f8c6551f216d3702d233a782063a6beec8c523e26dc3e5749013236511704"}, 0x1d8) [ 2550.169477] FAULT_INJECTION: forcing a failure. [ 2550.169477] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2550.170137] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2550.170137] program syz-executor.3 not setting count and/or reply_len properly [ 2550.171704] CPU: 1 PID: 12880 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2550.171713] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2550.171726] Call Trace: [ 2550.178336] dump_stack+0x107/0x167 [ 2550.179126] should_fail.cold+0x5/0xa [ 2550.179986] _copy_from_user+0x2e/0x1b0 [ 2550.180866] __copy_msghdr_from_user+0x91/0x4b0 [ 2550.181877] ? __ia32_sys_shutdown+0x80/0x80 [ 2550.182850] ? udp_v6_push_pending_frames+0x360/0x360 [ 2550.183998] ? inet6_sendmsg+0xbd/0x140 [ 2550.184862] ? inet6_compat_ioctl+0x320/0x320 [ 2550.185831] ? __sock_sendmsg+0x55/0x190 [ 2550.186713] sendmsg_copy_msghdr+0xa1/0x160 [ 2550.187664] ? do_recvmmsg+0x6d0/0x6d0 [ 2550.188513] ? __lock_acquire+0x1657/0x5b00 [ 2550.189456] ___sys_sendmsg+0xc6/0x170 [ 2550.190300] ? sendmsg_copy_msghdr+0x160/0x160 [ 2550.191287] ? vmacache_find+0x55/0x2a0 [ 2550.192170] ? lock_acquire+0x197/0x470 [ 2550.193027] ? find_held_lock+0x2c/0x110 [ 2550.193909] ? __might_fault+0xd3/0x180 [ 2550.194772] ? lock_downgrade+0x6d0/0x6d0 [ 2550.195679] ? asm_exc_page_fault+0x1e/0x30 [ 2550.196623] __sys_sendmmsg+0x195/0x470 [ 2550.197486] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2550.198415] ? lock_downgrade+0x6d0/0x6d0 [ 2550.199330] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2550.200381] ? wait_for_completion_io+0x270/0x270 [ 2550.201429] ? rcu_read_lock_any_held+0x75/0xa0 [ 2550.202455] ? vfs_write+0x354/0xb10 [ 2550.203273] ? fput_many+0x2f/0x1a0 [ 2550.204069] ? ksys_write+0x1a9/0x260 [ 2550.204895] ? __ia32_sys_read+0xb0/0xb0 [ 2550.205780] __x64_sys_sendmmsg+0x99/0x100 [ 2550.206695] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2550.207822] do_syscall_64+0x33/0x40 [ 2550.208622] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2550.209726] RIP: 0033:0x7f0fecadbb19 [ 2550.210528] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2550.214523] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2550.216182] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2550.217720] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2550.219256] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2550.220809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2550.222353] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 03:07:04 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706076dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) [ 2550.275425] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 03:07:04 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x87, 0x3, 0x1, 0x0, 0x0, 0x0, 0x8000000000000400, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5, 0xb8}, 0x886a, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x8000}, 0x0, 0xc, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x10, r0, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) creat(&(0x7f0000000040)='./file0\x00', 0x50) [ 2550.280918] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue 03:07:05 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0xcf02}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) [ 2550.328533] EXT4-fs (loop6): re-mounted. Opts: (null) [ 2550.365281] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2550.365281] program syz-executor.3 not setting count and/or reply_len properly 03:07:05 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) r0 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r0, 0x400, 0x1) fcntl$setown(r0, 0x8, 0xffffffffffffffff) close(r0) r1 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r1, 0x400, 0x1) fcntl$setown(r1, 0x8, 0xffffffffffffffff) close(r1) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[@ANYRESOCT], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) 03:07:05 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c024ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:07:26 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706096dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:07:26 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c034ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:07:26 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x10) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) 03:07:26 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080000d9f4655fdaf2655fdaf4655f000000000000060004", 0x1d, 0x2200}], 0x0, &(0x7f00000005c0)=ANY=[]) chroot(&(0x7f0000000180)='./file0\x00') r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f00000001c0)={0x8, 0x2c, 0xb, 0x1e, 0xa, 0x401, 0x2, 0x136}) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x9, 0x0, 0x84, 0x4, 0x62, 0x1}) ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000000)={0x9, 0x0, 0x0, 0xc, 0x4}) r2 = dup2(0xffffffffffffffff, r1) syz_io_uring_setup(0x2bc5, &(0x7f00000004c0)={0x0, 0x52e7, 0x1d}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x6, 0x8, 0x65, 0x6, 0x0, 0x1, 0x1085, 0x1d, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x192f, 0x4, @perf_config_ext={0x80, 0x3}, 0x3000, 0x1ff, 0x8, 0x2, 0x0, 0x4, 0xfff9, 0x0, 0xfff}, 0x0, 0xb, r0, 0xd) r3 = accept$inet(r2, &(0x7f0000000080)={0x2, 0x0, @multicast1}, &(0x7f00000000c0)=0x10) ioctl$FIONCLEX(r3, 0x5450) umount2(&(0x7f0000000040)='./file0\x00', 0x0) 03:07:26 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080000d9f4655fdaf2655fdaf4655f000000000000060004", 0x1d, 0x2200}], 0x0, &(0x7f00000005c0)=ANY=[]) chroot(&(0x7f0000000180)='./file0\x00') perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f00000001c0)={0x8, 0x2c, 0xb, 0x1e, 0xa, 0x401, 0x2, 0x136}) ioctl$RTC_UIE_ON(r0, 0x7003) ioctl$RTC_SET_TIME(r0, 0x4024700a, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x9, 0x0, 0x84, 0x4, 0x62, 0x1}) ioctl$RTC_ALM_SET(r0, 0x40247007, &(0x7f0000000000)={0x9, 0x0, 0x0, 0xc, 0x4}) dup2(0xffffffffffffffff, r0) syz_io_uring_setup(0x2bc5, &(0x7f00000004c0)={0x0, 0x52e7, 0x1d}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) umount2(&(0x7f0000000040)='./file0\x00', 0x0) 03:07:26 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0xd802}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:07:26 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 49) 03:07:26 executing program 4: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0xfdef) r1 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r1, 0x400, 0x1) fcntl$setown(r1, 0x8, 0xffffffffffffffff) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000380)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, &(0x7f0000000080)={r2, 0x3f, 0x9}) r3 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r3, 0x400, 0x1) fcntl$setown(r3, 0x8, 0xffffffffffffffff) close(r3) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000180)={r2, 0x0, r3, 0x0, 0x80000}) close(r1) openat(r1, &(0x7f0000000000)='./file0\x00', 0xa0000, 0x125) open$dir(&(0x7f00000000c0)='./file0\x00', 0x40, 0x20) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r3, 0xc0189378, &(0x7f0000000200)={{0x1, 0x1, 0x18, r1, {r4}}, './file0\x00'}) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) [ 2572.205280] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2572.205280] program syz-executor.3 not setting count and/or reply_len properly [ 2572.237270] FAULT_INJECTION: forcing a failure. [ 2572.237270] name failslab, interval 1, probability 0, space 0, times 0 [ 2572.238308] CPU: 1 PID: 12938 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2572.238922] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2572.239708] Call Trace: [ 2572.239956] dump_stack+0x107/0x167 [ 2572.240309] should_fail.cold+0x5/0xa [ 2572.240658] ? skb_clone+0x14f/0x3d0 [ 2572.240999] should_failslab+0x5/0x20 [ 2572.241361] kmem_cache_alloc+0x5b/0x310 [ 2572.241737] skb_clone+0x14f/0x3d0 [ 2572.242077] __skb_tstamp_tx+0x422/0x8d0 [ 2572.242455] ? dev_queue_xmit_nit+0x80b/0xb00 [ 2572.242865] loopback_xmit+0x299/0x5e0 [ 2572.243242] dev_hard_start_xmit+0x1cb/0x6f0 [ 2572.243673] __dev_queue_xmit+0x17ec/0x2710 [ 2572.244082] ? find_held_lock+0x2c/0x110 [ 2572.244464] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2572.244881] ? lock_downgrade+0x6d0/0x6d0 [ 2572.245274] ? lock_acquire+0x197/0x470 [ 2572.245634] ? find_held_lock+0x2c/0x110 [ 2572.246009] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2572.246502] ip_finish_output2+0x1514/0x21f0 [ 2572.246911] ? ip_frag_next+0x9e0/0x9e0 [ 2572.247289] ? nf_hook+0x160/0x510 [ 2572.247634] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2572.248108] __ip_finish_output.part.0+0x5f3/0xb50 [ 2572.248563] ? ip_fragment.constprop.0+0x240/0x240 [ 2572.249001] ? nf_hook+0x510/0x510 [ 2572.249355] ip_output+0x2f7/0x600 [ 2572.249687] ip_local_out+0xb4/0x1a0 [ 2572.250029] iptunnel_xmit+0x591/0x8b0 [ 2572.250416] ip_tunnel_xmit+0x1248/0x2f40 [ 2572.250811] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2572.251299] ? ip_md_tunnel_xmit+0x1840/0x1840 [ 2572.251742] ? slab_free_freelist_hook+0xa9/0x180 [ 2572.252205] sit_tunnel_xmit+0xef0/0x2960 [ 2572.252588] ? find_held_lock+0x2c/0x110 [ 2572.252956] ? ipip_rcv+0x4f0/0x4f0 [ 2572.253306] ? dev_queue_xmit_nit+0x7f5/0xb00 [ 2572.253712] ? lock_downgrade+0x6d0/0x6d0 [ 2572.254105] ? tpacket_rcv+0x3960/0x3960 [ 2572.254473] ? dev_queue_xmit_nit+0x80b/0xb00 [ 2572.254894] dev_hard_start_xmit+0x1cb/0x6f0 [ 2572.255320] __dev_queue_xmit+0x17ec/0x2710 [ 2572.255730] ? find_held_lock+0x2c/0x110 [ 2572.256112] ? netdev_core_pick_tx+0x2f0/0x2f0 [ 2572.256550] ? lock_downgrade+0x6d0/0x6d0 [ 2572.256925] ? lock_acquire+0x197/0x470 [ 2572.257302] ? ip_finish_output2+0x220/0x21f0 [ 2572.257715] ? lockdep_hardirqs_on_prepare+0x129/0x3e0 [ 2572.258215] neigh_connected_output+0x382/0x4d0 [ 2572.258650] ip_finish_output2+0x6f1/0x21f0 [ 2572.259044] ? nf_hook_slow+0xfc/0x1e0 [ 2572.259414] ? ip_frag_next+0x9e0/0x9e0 [ 2572.259792] ? nf_hook+0x160/0x510 [ 2572.260129] ? __ip_finish_output.part.0+0xb50/0xb50 [ 2572.260600] __ip_finish_output.part.0+0x5f3/0xb50 [ 2572.261047] ? ip_fragment.constprop.0+0x240/0x240 [ 2572.261497] ? nf_hook+0x510/0x510 [ 2572.261835] ip_output+0x2f7/0x600 [ 2572.262183] ip_send_skb+0xdd/0x260 [ 2572.262521] udp_send_skb+0x6da/0x11d0 [ 2572.262888] udp_sendmsg+0x197f/0x2160 [ 2572.263264] ? ip_frag_init+0x350/0x350 [ 2572.263664] ? udp_setsockopt+0xc0/0xc0 [ 2572.264020] ? mark_lock+0xf5/0x2df0 [ 2572.264413] ? lock_chain_count+0x20/0x20 [ 2572.264792] ? mark_lock+0xf5/0x2df0 [ 2572.265156] ? mark_lock+0xf5/0x2df0 [ 2572.265495] ? lock_chain_count+0x20/0x20 [ 2572.265869] ? lock_chain_count+0x20/0x20 [ 2572.266269] ? prep_new_page+0x16d/0x1d0 [ 2572.266639] ? lock_chain_count+0x20/0x20 [ 2572.267029] ? __lock_acquire+0x1657/0x5b00 [ 2572.267448] udpv6_sendmsg+0x1b30/0x2ad0 [ 2572.267862] ? __lock_acquire+0x1657/0x5b00 [ 2572.268293] ? udp_v6_push_pending_frames+0x360/0x360 [ 2572.268769] ? lock_acquire+0x197/0x470 [ 2572.269145] ? find_held_lock+0x2c/0x110 [ 2572.269525] ? lock_acquire+0x197/0x470 [ 2572.269884] ? find_held_lock+0x2c/0x110 [ 2572.270276] ? __might_fault+0xd3/0x180 [ 2572.270638] ? lock_downgrade+0x6d0/0x6d0 [ 2572.271016] ? sock_has_perm+0x1ea/0x280 [ 2572.271402] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2572.271910] ? __import_iovec+0x458/0x590 [ 2572.272306] ? udp_v6_push_pending_frames+0x360/0x360 [ 2572.272774] inet6_sendmsg+0x105/0x140 [ 2572.273148] ? inet6_compat_ioctl+0x320/0x320 [ 2572.273552] __sock_sendmsg+0xf2/0x190 [ 2572.273908] ____sys_sendmsg+0x334/0x870 [ 2572.274315] ? sock_write_iter+0x3d0/0x3d0 [ 2572.274696] ? do_recvmmsg+0x6d0/0x6d0 [ 2572.275050] ? handle_mm_fault+0x9e9/0x3500 [ 2572.275456] ? __lock_acquire+0x1657/0x5b00 [ 2572.275885] ? find_held_lock+0x2c/0x110 [ 2572.276285] ___sys_sendmsg+0xf3/0x170 [ 2572.276643] ? sendmsg_copy_msghdr+0x160/0x160 [ 2572.277058] ? vmacache_find+0x55/0x2a0 [ 2572.277444] ? do_user_addr_fault+0x5b0/0xc60 [ 2572.277853] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2572.278341] ? exc_page_fault+0xca/0x1a0 [ 2572.278706] ? trace_hardirqs_on+0x5b/0x180 [ 2572.279114] ? exc_page_fault+0xca/0x1a0 [ 2572.279485] ? asm_exc_page_fault+0x1e/0x30 [ 2572.279936] __sys_sendmmsg+0x195/0x470 [ 2572.280323] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2572.280718] ? lock_downgrade+0x6d0/0x6d0 [ 2572.281206] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2572.281606] ? wait_for_completion_io+0x270/0x270 [ 2572.282005] ? rcu_read_lock_any_held+0x75/0xa0 [ 2572.282385] ? vfs_write+0x354/0xb10 [ 2572.282694] ? fput_many+0x2f/0x1a0 [ 2572.282995] ? ksys_write+0x1a9/0x260 [ 2572.283311] ? __ia32_sys_read+0xb0/0xb0 [ 2572.283696] __x64_sys_sendmmsg+0x99/0x100 [ 2572.284056] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2572.284476] do_syscall_64+0x33/0x40 [ 2572.284784] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2572.285202] RIP: 0033:0x7f0fecadbb19 [ 2572.285511] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2572.286984] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2572.287625] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2572.288206] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2572.288784] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2572.289362] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2572.289941] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 03:07:27 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd07060d6dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) [ 2572.315180] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 03:07:27 executing program 6: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080000d9f4655fdaf2655fdaf4655f000000000000060004", 0x1d, 0x2200}], 0x0, &(0x7f00000005c0)=ANY=[]) chroot(&(0x7f0000000180)='./file0\x00') perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f00000001c0)={0x8, 0x2c, 0xb, 0x1e, 0xa, 0x401, 0x2, 0x136}) ioctl$RTC_UIE_ON(r0, 0x7003) ioctl$RTC_SET_TIME(r0, 0x4024700a, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x9, 0x0, 0x84, 0x4, 0x62, 0x1}) ioctl$RTC_ALM_SET(r0, 0x40247007, &(0x7f0000000000)={0x9, 0x0, 0x0, 0xc, 0x4}) dup2(0xffffffffffffffff, r0) syz_io_uring_setup(0x2bc5, &(0x7f00000004c0)={0x0, 0x52e7, 0x1d}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) umount2(&(0x7f0000000040)='./file0\x00', 0x0) 03:07:27 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0xe102}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) 03:07:27 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) readv(r0, &(0x7f0000000100)=[{&(0x7f0000000200)=""/4096, 0x1000}, {&(0x7f0000001200)=""/87, 0x57}, {&(0x7f0000000040)=""/48, 0x30}, {&(0x7f0000001280)=""/111, 0x6f}], 0x4) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$FS_IOC_READ_VERITY_METADATA(r1, 0xc0286687, &(0x7f00000013c0)={0x2, 0x2, 0xac, &(0x7f0000001300)=""/172}) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$incfs(0xffffffffffffffff, 0x0, 0x11ec0, 0x0) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) r3 = accept(r2, &(0x7f0000001400)=@in6, &(0x7f0000001480)=0x80) setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r3, 0x6, 0x21, &(0x7f00000014c0)="3bbeb8bbbffdd61ca3e196351e0f8f57", 0x10) 03:07:27 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000daf4655fdaf4655f0100ffff53ef010001000000d9f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x800}, {&(0x7f00000000c0)="ed41000000080000d9f4655fdaf2655fdaf4655f000000000000060004", 0x1d, 0x2200}], 0x0, &(0x7f00000005c0)=ANY=[]) chroot(&(0x7f0000000180)='./file0\x00') r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f00000001c0)={0x8, 0x2c, 0xb, 0x1e, 0xa, 0x401, 0x2, 0x136}) ioctl$RTC_UIE_ON(r1, 0x7003) ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x9, 0x0, 0x84, 0x4, 0x62, 0x1}) ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000000)={0x9, 0x0, 0x0, 0xc, 0x4}) r2 = dup2(0xffffffffffffffff, r1) syz_io_uring_setup(0x2bc5, &(0x7f00000004c0)={0x0, 0x52e7, 0x1d}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x6, 0x8, 0x65, 0x6, 0x0, 0x1, 0x1085, 0x1d, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x192f, 0x4, @perf_config_ext={0x80, 0x3}, 0x3000, 0x1ff, 0x8, 0x2, 0x0, 0x4, 0xfff9, 0x0, 0xfff}, 0x0, 0xb, r0, 0xd) r3 = accept$inet(r2, &(0x7f0000000080)={0x2, 0x0, @multicast1}, &(0x7f00000000c0)=0x10) ioctl$FIONCLEX(r3, 0x5450) umount2(&(0x7f0000000040)='./file0\x00', 0x0) 03:07:27 executing program 0: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r2 = dup2(r0, 0xffffffffffffffff) bind(r2, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c044ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x1}}], 0x1, 0x0) r4 = creat(&(0x7f0000000000)='./file2\x00', 0x0) fcntl$setlease(r4, 0x400, 0x1) fcntl$setown(r4, 0x8, 0xffffffffffffffff) 03:07:27 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x2342, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) (fail_nth: 50) 03:07:27 executing program 4: ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f00000002c0)=0x4) r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000340), 0x4000, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@nodevmap}], [{@smackfstransmute={'smackfstransmute', 0x3d, 'vfat\x00'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x12}}, {@obj_role={'obj_role', 0x3d, 'vfat\x00'}}, {@euid_lt={'euid<', 0xee00}}, {@fowner_gt={'fowner>', 0xee00}}, {@fsuuid={'fsuuid', 0x3d, {[0x36, 0x37, 0x66, 0x36, 0x38, 0x61, 0x30, 0x5a], 0x2d, [0x36, 0x62, 0x38, 0x37], 0x2d, [0x33, 0x33, 0x65, 0x37], 0x2d, [0x61, 0x30, 0x36, 0x62], 0x2d, [0x33, 0x31, 0x31, 0x66, 0x66, 0x35, 0x33, 0x61]}}}, {@subj_role={'subj_role', 0x3d, 'vfat\x00'}}]}}) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0xfdef) truncate(&(0x7f00000001c0)='./file0\x00', 0x5e) r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x342, 0x0) write$binfmt_elf64(r2, &(0x7f0000000180)=ANY=[], 0xfdef) ioctl$NS_GET_OWNER_UID(r2, 0xb704, &(0x7f00000003c0)=0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x3, 0x2, &(0x7f0000000200)=[{&(0x7f0000000180)="bb5921c281e79f86094710fb786f0a3f5eb79c94ce98327e6d28fc659e080c70ea22a7f4633f9210d7e4dc715e75ff66461f10af08416c61d77d5ba946aaaf889dbec1e27d38d8f0d000773cc3ae903b8ea02bb2473990207c674a13d4209d02846d3eff0e543ffb7ec29b832019aaf6be74", 0x72, 0x80}, {&(0x7f00000002c0)}], 0x1242040, &(0x7f0000000400)=ANY=[@ANYBLOB='iocharset?\x00859-15,uid>', @ANYRESDEC=r3, @ANYBLOB=',smackfsroot=y\x00,uid<', @ANYRESDEC, @ANYBLOB="2c736d61636b66736465663d247d87255c2c736d61636b6673726f6f743d5d401a21285d5c2a2c666f776e65723d", @ANYRESDEC=0xee01, @ANYBLOB=',\x00']) fchownat(r0, &(0x7f0000000000)='./file0\x00', r3, 0xee00, 0x400) [ 2572.779279] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2572.779279] program syz-executor.3 not setting count and/or reply_len properly [ 2572.792377] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2572.792377] program syz-executor.3 not setting count and/or reply_len properly 03:07:27 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001) ioctl$SG_IO(r0, 0x2285, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd07060e6dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) 03:07:27 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f00000000c0)) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2}, 0x4) r1 = dup2(r0, 0xffffffffffffffff) bind(r1, &(0x7f0000000100)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x80) fallocate(r0, 0x60, 0x6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x7fff, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000080)=[{{0x0, 0x90, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0xea02}}], 0x1, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) close(0xffffffffffffffff) [ 2573.003376] FAULT_INJECTION: forcing a failure. [ 2573.003376] name failslab, interval 1, probability 0, space 0, times 0 [ 2573.004490] CPU: 0 PID: 12971 Comm: syz-executor.1 Not tainted 5.10.226 #1 [ 2573.005125] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2573.005885] Call Trace: [ 2573.006134] dump_stack+0x107/0x167 [ 2573.006474] should_fail.cold+0x5/0xa [ 2573.006831] ? create_object.isra.0+0x3a/0xa20 [ 2573.007258] should_failslab+0x5/0x20 [ 2573.007623] kmem_cache_alloc+0x5b/0x310 [ 2573.008006] create_object.isra.0+0x3a/0xa20 [ 2573.008416] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2573.008890] kmem_cache_alloc+0x159/0x310 [ 2573.009281] dst_alloc+0x9e/0x5d0 [ 2573.009610] rt_dst_alloc+0x73/0x440 [ 2573.009963] ip_route_output_key_hash_rcu+0x93d/0x2a90 [ 2573.010459] ip_route_output_key_hash+0x18d/0x340 [ 2573.010910] ? ip_route_output_key_hash_rcu+0x2a90/0x2a90 [ 2573.011427] ? lock_downgrade+0x6d0/0x6d0 [ 2573.011834] ? udp_send_skb+0x76d/0x11d0 [ 2573.012219] ip_route_output_flow+0x23/0x150 [ 2573.012627] udp_sendmsg+0x16f2/0x2160 [ 2573.012990] ? ip_frag_init+0x350/0x350 [ 2573.013363] ? udp_setsockopt+0xc0/0xc0 [ 2573.013729] ? mark_lock+0xf5/0x2df0 [ 2573.014078] ? lock_chain_count+0x20/0x20 [ 2573.014466] ? mark_lock+0xf5/0x2df0 [ 2573.014818] ? mark_lock+0xf5/0x2df0 [ 2573.019754] ? lock_chain_count+0x20/0x20 [ 2573.020134] ? lock_chain_count+0x20/0x20 [ 2573.020517] ? lock_chain_count+0x20/0x20 [ 2573.020897] ? prep_new_page+0x16d/0x1d0 [ 2573.021270] ? lock_chain_count+0x20/0x20 [ 2573.021659] ? __lock_acquire+0x1657/0x5b00 [ 2573.022059] udpv6_sendmsg+0x1b30/0x2ad0 [ 2573.022434] ? __lock_acquire+0x1657/0x5b00 [ 2573.022836] ? udp_v6_push_pending_frames+0x360/0x360 [ 2573.023313] ? lock_acquire+0x197/0x470 [ 2573.023690] ? find_held_lock+0x2c/0x110 [ 2573.024069] ? lock_acquire+0x197/0x470 [ 2573.024433] ? find_held_lock+0x2c/0x110 [ 2573.024809] ? __might_fault+0xd3/0x180 [ 2573.025174] ? lock_downgrade+0x6d0/0x6d0 [ 2573.025554] ? sock_has_perm+0x1ea/0x280 [ 2573.025927] ? selinux_socket_post_create+0x7f0/0x7f0 [ 2573.026411] ? __import_iovec+0x458/0x590 [ 2573.026791] ? udp_v6_push_pending_frames+0x360/0x360 [ 2573.027264] inet6_sendmsg+0x105/0x140 [ 2573.027644] ? inet6_compat_ioctl+0x320/0x320 [ 2573.028056] __sock_sendmsg+0xf2/0x190 [ 2573.028415] ____sys_sendmsg+0x334/0x870 [ 2573.028791] ? sock_write_iter+0x3d0/0x3d0 [ 2573.029177] ? do_recvmmsg+0x6d0/0x6d0 [ 2573.029537] ? __lock_acquire+0x1657/0x5b00 [ 2573.029943] ___sys_sendmsg+0xf3/0x170 [ 2573.030303] ? sendmsg_copy_msghdr+0x160/0x160 [ 2573.030719] ? vmacache_find+0x55/0x2a0 [ 2573.031094] ? lock_acquire+0x197/0x470 [ 2573.031458] ? find_held_lock+0x2c/0x110 [ 2573.031857] ? __might_fault+0xd3/0x180 [ 2573.032224] ? lock_downgrade+0x6d0/0x6d0 [ 2573.032605] ? asm_exc_page_fault+0x1e/0x30 [ 2573.033017] __sys_sendmmsg+0x195/0x470 [ 2573.033390] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 2573.033787] ? lock_downgrade+0x6d0/0x6d0 [ 2573.034182] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2573.034629] ? wait_for_completion_io+0x270/0x270 [ 2573.035073] ? rcu_read_lock_any_held+0x75/0xa0 [ 2573.035499] ? vfs_write+0x354/0xb10 [ 2573.035854] ? fput_many+0x2f/0x1a0 [ 2573.036194] ? ksys_write+0x1a9/0x260 [ 2573.036547] ? __ia32_sys_read+0xb0/0xb0 [ 2573.036930] __x64_sys_sendmmsg+0x99/0x100 [ 2573.037320] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2573.037793] do_syscall_64+0x33/0x40 [ 2573.038137] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2573.038608] RIP: 0033:0x7f0fecadbb19 [ 2573.038952] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2573.040632] RSP: 002b:00007f0fea051188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2573.041325] RAX: ffffffffffffffda RBX: 00007f0fecbeef60 RCX: 00007f0fecadbb19 [ 2573.041971] RDX: 000000000000002f RSI: 0000000020004d00 RDI: 0000000000000003 [ 2573.042618] RBP: 00007f0fea0511d0 R08: 0000000000000000 R09: 0000000000000000 [ 2573.043264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2573.043932] R13: 00007ffdaf6dcbff R14: 00007f0fea051300 R15: 0000000000022000 [ 2573.072152] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue [ 2573.086612] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue [ 2573.103741] EXT4-fs (loop5): re-mounted. Opts: (null) [ 2573.359343] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2573.359343] program syz-executor.3 not setting count and/or reply_len properly [ 2573.372128] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in; [ 2573.372128] program syz-executor.3 not setting count and/or reply_len properly VM DIAGNOSIS: 03:12:30 Registers: info registers vcpu 0 RAX=ffffffff83e774b0 RBX=0000000000000000 RCX=ffffffff83e5f08c RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff83e77ab8 RBP=fffffbfff09c6450 RSP=ffffffff84e07e38 R8 =0000000000000001 R9 =ffff88806ce3c12b R10=ffffed100d9c7825 R11=0000000000000001 R12=0000000000000000 R13=ffffffff85675ec8 R14=0000000000000000 R15=dffffc0000000000 RIP=ffffffff83e774be RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000c0063df7b0 CR3=000000001b98e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000dd060a EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000050000000000000005 XMM02=000000000000000040fffe0000000000 XMM03=0000060606060605011cd5c577fc9598 XMM04=636578650a0073746e69682063657865 XMM05=746f7420636578650a00736465657320 XMM06=73657220726f74756365786511006c61 XMM07=006e6567206365786508007374726174 XMM08=6d7320636578650a0065676169727420 XMM09=0073746e696820636578650a00687361 XMM10=6578650a00736465657320636578650a XMM11=6f74756365786511006c61746f742063 XMM12=63657865080073747261747365722072 XMM13=007a7a7566206365786509006e656720 XMM14=006574616469646e616320636578650e XMM15=0000657a696d696e696d20636578650d info registers vcpu 1 RAX=0000000000000001 RBX=0000000000000000 RCX=0000000000000001 RDX=0000000000000000 RSI=ffff888008071818 RDI=ffff88800c72d808 RBP=ffff888008071818 RSP=ffff88800c907cd0 R8 =0000000000000001 R9 =0000000000000003 R10=0000000000000000 R11=0000000000000001 R12=ffff88800c72cec0 R13=ffff88800c72d808 R14=00000000ffffffff R15=ffff88800c72d808 RIP=ffffffff83e5edf2 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe3800000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f9115316010 CR3=000000001b98e000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=00000000000000004158027a00000000 XMM03=0000ff00000000000000000000000000 XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962 XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000