x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = inotify_init1(0x0) r6 = inotify_add_watch(r5, &(0x7f0000000040)='.\x00', 0x2000003) r7 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(r5, r6) pwrite64(r7, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r7, r5, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, r7, 0x8000000) fcntl$dupfd(r7, 0x0, r0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:05:48 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0xffffff7f, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) [ 1707.239076] FAULT_INJECTION: forcing a failure. [ 1707.239076] name failslab, interval 1, probability 0, space 0, times 0 [ 1707.240181] CPU: 0 PID: 9871 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 1707.240809] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1707.241581] Call Trace: [ 1707.241824] FAULT_INJECTION: forcing a failure. [ 1707.241824] name failslab, interval 1, probability 0, space 0, times 0 [ 1707.242851] dump_stack+0x107/0x167 [ 1707.243196] should_fail.cold+0x5/0xa [ 1707.243559] ? __io_queue_sqe+0x666/0x9d0 [ 1707.243950] should_failslab+0x5/0x20 [ 1707.244309] kmem_cache_alloc_trace+0x55/0x320 [ 1707.244743] __io_queue_sqe+0x666/0x9d0 [ 1707.245130] ? io_issue_sqe+0x7700/0x7700 [ 1707.245535] io_submit_sqes+0x4461/0x85c0 [ 1707.245949] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1707.246415] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1707.246873] ? lock_downgrade+0x6d0/0x6d0 [ 1707.247262] ? find_held_lock+0x2c/0x110 [ 1707.247648] ? io_submit_sqes+0x85c0/0x85c0 [ 1707.248068] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1707.248525] ? wait_for_completion_io+0x270/0x270 [ 1707.248981] ? rcu_read_lock_any_held+0x75/0xa0 [ 1707.249423] ? vfs_write+0x354/0xa70 [ 1707.249771] ? fput_many+0x2f/0x1a0 [ 1707.250116] ? ksys_write+0x1a9/0x260 [ 1707.250475] ? __ia32_sys_read+0xb0/0xb0 [ 1707.250871] do_syscall_64+0x33/0x40 [ 1707.251222] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1707.251696] RIP: 0033:0x7f3acf5e4b19 [ 1707.252045] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1707.253727] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1707.254430] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 1707.255082] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1707.255734] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1707.256393] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1707.257064] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 [ 1707.257747] CPU: 1 PID: 9867 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 1707.258913] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1707.260244] Call Trace: [ 1707.260691] dump_stack+0x107/0x167 [ 1707.261270] should_fail.cold+0x5/0xa [ 1707.261887] ? __io_queue_sqe+0x666/0x9d0 [ 1707.262581] should_failslab+0x5/0x20 [ 1707.263213] kmem_cache_alloc_trace+0x55/0x320 [ 1707.263866] __io_queue_sqe+0x666/0x9d0 [ 1707.264462] ? io_issue_sqe+0x7700/0x7700 [ 1707.265087] io_submit_sqes+0x4461/0x85c0 [ 1707.265741] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1707.266446] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1707.267168] ? lock_downgrade+0x6d0/0x6d0 [ 1707.267759] ? find_held_lock+0x2c/0x110 [ 1707.268375] ? io_submit_sqes+0x85c0/0x85c0 [ 1707.269019] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1707.269742] ? wait_for_completion_io+0x270/0x270 [ 1707.270443] ? rcu_read_lock_any_held+0x75/0xa0 [ 1707.271135] ? vfs_write+0x354/0xa70 [ 1707.271679] ? fput_many+0x2f/0x1a0 [ 1707.272219] ? ksys_write+0x1a9/0x260 [ 1707.272771] ? __ia32_sys_read+0xb0/0xb0 [ 1707.273396] do_syscall_64+0x33/0x40 [ 1707.274043] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1707.274945] RIP: 0033:0x7fe5a49a6b19 [ 1707.275556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1707.278322] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1707.279395] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 1707.280433] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1707.281488] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1707.282531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1707.283573] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:05:48 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, 0x0, 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x2, 0xfe}, 0x8) 19:05:48 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="2800f0002000210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:05:48 executing program 0: openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x2, 0xfe}, 0x8) 19:05:48 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="2800db012000210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:05:48 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x10000000000, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:05:48 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x2b, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:05:48 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, 0x0, 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x2, 0xfe}, 0x8) 19:05:48 executing program 0: openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x2, 0xfe}, 0x8) 19:05:48 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 28) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:05:48 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 47) 19:05:48 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000032000210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:05:48 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x2, 0xfe}, 0x8) 19:05:48 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x2c, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:05:48 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, 0x0, 0x0) [ 1707.774240] FAULT_INJECTION: forcing a failure. [ 1707.774240] name failslab, interval 1, probability 0, space 0, times 0 [ 1707.775445] CPU: 0 PID: 9908 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 1707.776006] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1707.776683] Call Trace: [ 1707.776920] dump_stack+0x107/0x167 [ 1707.777244] should_fail.cold+0x5/0xa [ 1707.777578] ? __io_queue_sqe+0x666/0x9d0 [ 1707.777938] should_failslab+0x5/0x20 [ 1707.778269] kmem_cache_alloc_trace+0x55/0x320 [ 1707.778652] __io_queue_sqe+0x666/0x9d0 [ 1707.778979] ? io_issue_sqe+0x7700/0x7700 [ 1707.779326] io_submit_sqes+0x4461/0x85c0 [ 1707.779685] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1707.780089] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1707.780483] ? lock_downgrade+0x6d0/0x6d0 [ 1707.780831] ? find_held_lock+0x2c/0x110 [ 1707.781174] ? io_submit_sqes+0x85c0/0x85c0 [ 1707.781530] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1707.781933] ? wait_for_completion_io+0x270/0x270 [ 1707.782326] ? rcu_read_lock_any_held+0x75/0xa0 [ 1707.782707] ? vfs_write+0x354/0xa70 [ 1707.783010] ? fput_many+0x2f/0x1a0 [ 1707.783308] ? ksys_write+0x1a9/0x260 [ 1707.783620] ? __ia32_sys_read+0xb0/0xb0 [ 1707.783959] do_syscall_64+0x33/0x40 [ 1707.784262] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1707.784671] RIP: 0033:0x7fe5a49a6b19 [ 1707.784979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1707.786445] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1707.787059] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 1707.787629] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1707.788199] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1707.788777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1707.789037] FAULT_INJECTION: forcing a failure. [ 1707.789037] name failslab, interval 1, probability 0, space 0, times 0 [ 1707.789354] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 [ 1707.792812] CPU: 1 PID: 9907 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 1707.793792] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1707.794947] Call Trace: [ 1707.795332] dump_stack+0x107/0x167 [ 1707.795859] should_fail.cold+0x5/0xa [ 1707.796406] ? create_object.isra.0+0x3a/0xa20 [ 1707.797067] should_failslab+0x5/0x20 [ 1707.797611] kmem_cache_alloc+0x5b/0x310 [ 1707.798191] ? mark_held_locks+0x9e/0xe0 [ 1707.798770] create_object.isra.0+0x3a/0xa20 [ 1707.799490] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1707.800235] kmem_cache_alloc_bulk+0x168/0x320 [ 1707.801092] io_submit_sqes+0x6f76/0x85c0 [ 1707.801738] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1707.802452] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1707.803133] ? lock_downgrade+0x6d0/0x6d0 [ 1707.803733] ? find_held_lock+0x2c/0x110 [ 1707.804313] ? io_submit_sqes+0x85c0/0x85c0 19:05:48 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x7ffffffff000, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) [ 1707.804951] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1707.805746] ? wait_for_completion_io+0x270/0x270 [ 1707.806451] ? rcu_read_lock_any_held+0x75/0xa0 [ 1707.807103] ? vfs_write+0x354/0xa70 [ 1707.807651] ? fput_many+0x2f/0x1a0 [ 1707.808225] ? ksys_write+0x1a9/0x260 [ 1707.808906] ? __ia32_sys_read+0xb0/0xb0 [ 1707.809621] do_syscall_64+0x33/0x40 [ 1707.810171] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1707.810901] RIP: 0033:0x7f3acf5e4b19 [ 1707.811445] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1707.814014] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1707.815121] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 1707.816122] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1707.817234] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1707.818425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1707.819425] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 19:06:04 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 29) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:06:04 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x2, 0xfe}, 0x8) 19:06:04 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 48) 19:06:04 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000052000210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:06:04 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x2d, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:06:04 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, 0x0, 0x0) 19:06:04 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x80000000000000, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:06:04 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FALLOCATE={0x11, 0x59f5ee0a7c70a1ba, 0x0, @fd_index, 0x3, 0x0, 0x1, 0x0, 0x1, {0x0, r5}}, 0x8000) r6 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(0xffffffffffffffff, 0x0) pwrite64(r6, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r6, 0xffffffffffffffff, 0x0) r7 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, r6, 0x8000000) syz_io_uring_submit(r7, 0x0, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x400e, @fd, 0x2, 0x1ee, 0x5, 0x4}, 0x7) r8 = syz_io_uring_setup(0x457f, &(0x7f00000000c0)={0x0, 0x58c9, 0x2, 0x3, 0x8b}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000002c0), &(0x7f0000000180)) io_uring_register$IORING_REGISTER_PERSONALITY(r8, 0x9, 0x0, 0x0) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r7, r2, &(0x7f0000000040)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd=r8, 0x8, 0x0, 0x8, 0x0, 0x0, {0x0, r9}}, 0x2) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) [ 1723.273827] FAULT_INJECTION: forcing a failure. [ 1723.273827] name failslab, interval 1, probability 0, space 0, times 0 [ 1723.275946] CPU: 1 PID: 9938 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 1723.277085] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1723.278330] Call Trace: [ 1723.278733] dump_stack+0x107/0x167 [ 1723.279288] should_fail.cold+0x5/0xa [ 1723.279871] ? create_object.isra.0+0x3a/0xa20 [ 1723.280561] should_failslab+0x5/0x20 [ 1723.281136] kmem_cache_alloc+0x5b/0x310 [ 1723.281754] ? mark_held_locks+0x9e/0xe0 [ 1723.282459] create_object.isra.0+0x3a/0xa20 [ 1723.283121] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1723.284002] kmem_cache_alloc_bulk+0x168/0x320 [ 1723.284768] io_submit_sqes+0x6f76/0x85c0 [ 1723.285444] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1723.286192] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1723.286919] ? lock_downgrade+0x6d0/0x6d0 [ 1723.287540] ? find_held_lock+0x2c/0x110 [ 1723.288158] ? io_submit_sqes+0x85c0/0x85c0 [ 1723.288815] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1723.289558] ? wait_for_completion_io+0x270/0x270 [ 1723.290284] ? rcu_read_lock_any_held+0x75/0xa0 [ 1723.291065] ? vfs_write+0x354/0xa70 [ 1723.291635] ? copy_kernel_to_fpregs+0x9e/0xe0 [ 1723.292379] ? trace_event_raw_event_x86_fpu+0x390/0x390 [ 1723.293307] ? ksys_write+0x1a9/0x260 [ 1723.293875] ? __ia32_sys_read+0xb0/0xb0 [ 1723.294473] do_syscall_64+0x33/0x40 [ 1723.295027] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1723.295753] RIP: 0033:0x7f3acf5e4b19 [ 1723.296304] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1723.298904] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1723.300043] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 1723.301096] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1723.302153] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1723.303212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1723.304276] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 [ 1723.339734] FAULT_INJECTION: forcing a failure. [ 1723.339734] name failslab, interval 1, probability 0, space 0, times 0 [ 1723.341519] CPU: 1 PID: 9939 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 1723.342534] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1723.343748] Call Trace: [ 1723.344145] dump_stack+0x107/0x167 [ 1723.344690] should_fail.cold+0x5/0xa [ 1723.345269] ? create_object.isra.0+0x3a/0xa20 [ 1723.345955] should_failslab+0x5/0x20 [ 1723.346524] kmem_cache_alloc+0x5b/0x310 [ 1723.347137] create_object.isra.0+0x3a/0xa20 [ 1723.347794] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1723.348560] kmem_cache_alloc_trace+0x151/0x320 [ 1723.349275] __io_queue_sqe+0x666/0x9d0 [ 1723.349878] ? io_issue_sqe+0x7700/0x7700 [ 1723.350516] io_submit_sqes+0x4461/0x85c0 [ 1723.351171] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1723.351908] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1723.352632] ? lock_downgrade+0x6d0/0x6d0 [ 1723.353249] ? find_held_lock+0x2c/0x110 [ 1723.353861] ? io_submit_sqes+0x85c0/0x85c0 [ 1723.354516] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1723.355241] ? wait_for_completion_io+0x270/0x270 [ 1723.355959] ? rcu_read_lock_any_held+0x75/0xa0 [ 1723.356619] ? vfs_write+0x354/0xa70 [ 1723.357168] ? fput_many+0x2f/0x1a0 [ 1723.357697] ? ksys_write+0x1a9/0x260 [ 1723.358260] ? __ia32_sys_read+0xb0/0xb0 [ 1723.358864] do_syscall_64+0x33/0x40 [ 1723.359412] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1723.360159] RIP: 0033:0x7fe5a49a6b19 [ 1723.360709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1723.363377] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1723.364489] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 1723.365537] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1723.366580] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1723.367619] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1723.368653] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:06:04 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x2e, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:06:04 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x2, 0xfe}, 0x8) 19:06:04 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000062000210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:06:04 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, 0x0, 0x0) 19:06:04 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0xf0ffffff7f0000, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:06:04 executing program 5: openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x2, 0xfe}, 0x8) 19:06:04 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfe}, 0x8) 19:06:04 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000072000210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:06:23 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x2f, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:06:23 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfe}, 0x8) 19:06:23 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000000c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r3, @ANYBLOB="f800b1bbe62f44aa7dd7be0306970e8debbb7c381900c9d93c93ba568600010000"]) r6 = inotify_init1(0x0) r7 = inotify_add_watch(r6, &(0x7f0000000040)='.\x00', 0x2000003) r8 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(r6, r7) pwrite64(r8, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r8, r6, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, r8, 0x8000000) io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r5, 0x7, &(0x7f0000000080)=r8, 0x1) r9 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r9, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:06:23 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x2000000000000000, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:06:23 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 49) 19:06:23 executing program 5: openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x2, 0xfe}, 0x8) 19:06:23 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000092000210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:06:23 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 30) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) [ 1742.653331] FAULT_INJECTION: forcing a failure. [ 1742.653331] name failslab, interval 1, probability 0, space 0, times 0 [ 1742.655276] CPU: 1 PID: 9989 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 1742.656158] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1742.657216] Call Trace: [ 1742.657672] dump_stack+0x107/0x167 [ 1742.658204] should_fail.cold+0x5/0xa [ 1742.658710] ? __io_queue_sqe+0x666/0x9d0 [ 1742.659262] should_failslab+0x5/0x20 [ 1742.659764] kmem_cache_alloc_trace+0x55/0x320 [ 1742.660372] __io_queue_sqe+0x666/0x9d0 [ 1742.660921] ? io_issue_sqe+0x7700/0x7700 [ 1742.661517] io_submit_sqes+0x4461/0x85c0 [ 1742.662114] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1742.662795] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1742.663443] ? lock_downgrade+0x6d0/0x6d0 [ 1742.664009] ? find_held_lock+0x2c/0x110 [ 1742.664557] ? io_submit_sqes+0x85c0/0x85c0 [ 1742.665133] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1742.665771] ? wait_for_completion_io+0x270/0x270 [ 1742.666416] ? rcu_read_lock_any_held+0x75/0xa0 [ 1742.667030] ? vfs_write+0x354/0xa70 [ 1742.667530] ? fput_many+0x2f/0x1a0 [ 1742.668016] ? ksys_write+0x1a9/0x260 [ 1742.668515] ? __ia32_sys_read+0xb0/0xb0 [ 1742.669060] do_syscall_64+0x33/0x40 [ 1742.669557] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1742.670211] RIP: 0033:0x7fe5a49a6b19 [ 1742.670692] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1742.673016] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1742.673983] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 1742.674887] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1742.675783] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1742.676682] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1742.677621] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 [ 1742.694954] FAULT_INJECTION: forcing a failure. [ 1742.694954] name failslab, interval 1, probability 0, space 0, times 0 [ 1742.696922] CPU: 1 PID: 9992 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 1742.697831] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1742.698898] Call Trace: [ 1742.699255] dump_stack+0x107/0x167 [ 1742.699742] should_fail.cold+0x5/0xa [ 1742.700240] ? create_object.isra.0+0x3a/0xa20 [ 1742.700847] ? create_object.isra.0+0x3a/0xa20 [ 1742.701471] should_failslab+0x5/0x20 [ 1742.701992] kmem_cache_alloc+0x5b/0x310 [ 1742.702525] ? mark_held_locks+0x9e/0xe0 [ 1742.703049] create_object.isra.0+0x3a/0xa20 [ 1742.703606] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1742.704259] kmem_cache_alloc_bulk+0x168/0x320 [ 1742.704863] io_submit_sqes+0x6f76/0x85c0 [ 1742.705433] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1742.706098] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1742.706721] ? lock_downgrade+0x6d0/0x6d0 [ 1742.707255] ? find_held_lock+0x2c/0x110 [ 1742.707779] ? io_submit_sqes+0x85c0/0x85c0 [ 1742.708335] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1742.708953] ? wait_for_completion_io+0x270/0x270 [ 1742.709590] ? rcu_read_lock_any_held+0x75/0xa0 [ 1742.710175] ? vfs_write+0x354/0xa70 [ 1742.710650] ? fput_many+0x2f/0x1a0 [ 1742.711118] ? ksys_write+0x1a9/0x260 [ 1742.711603] ? __ia32_sys_read+0xb0/0xb0 [ 1742.712129] do_syscall_64+0x33/0x40 [ 1742.712610] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1742.713254] RIP: 0033:0x7f3acf5e4b19 [ 1742.713742] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1742.716022] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1742.716973] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 1742.717866] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1742.718751] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1742.719639] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1742.720531] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 19:06:23 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0xc200000000000000, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:06:23 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="2800000f2000210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:06:23 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfe}, 0x8) 19:06:23 executing program 5: openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x2, 0xfe}, 0x8) 19:06:38 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 31) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:06:38 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x30, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:06:38 executing program 3: r0 = syz_io_uring_setup(0x400000, &(0x7f00000002c0)={0x0, 0x938d, 0x0, 0x3, 0x4002}, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) shutdown(r6, 0x0) r7 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x2, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0xfffffffffffffffc, 0x3f}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r7, 0xc020f509, &(0x7f0000000040)={r0, 0x1, 0x80, 0x6}) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2, 0x50, r8, 0x8000000) r9 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x200000b, 0x40010, r0, 0x0) syz_io_uring_setup(0x7d03, &(0x7f0000000180)={0x0, 0x7e5c, 0x4, 0x2, 0x2cb}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f00000000c0), &(0x7f0000000240)=0x0) r11 = fcntl$dupfd(r3, 0x406, r6) r12 = io_uring_setup(0xb6d, &(0x7f0000000340)={0x0, 0x2ca5, 0x4, 0x0, 0x400388}) r13 = syz_io_uring_setup(0x457f, &(0x7f00000000c0)={0x0, 0x58c9, 0x0, 0x3, 0x1f8}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000002c0)=0x0, &(0x7f0000000180)=0x0) r16 = io_uring_register$IORING_REGISTER_PERSONALITY(r13, 0x9, 0x0, 0x0) syz_io_uring_submit(r14, r15, &(0x7f0000000300)=@IORING_OP_FALLOCATE={0x11, 0x59f5ee0a7c70a1ba, 0x0, @fd_index, 0x3, 0x0, 0x1, 0x0, 0x1, {0x0, r16}}, 0x8000) syz_io_uring_submit(r9, r10, &(0x7f00000003c0)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x4, 0x0, r11, &(0x7f0000000280)={0x80000011}, r12, 0x1, 0x0, 0x1, {0x0, r16}}, 0x0) 19:06:38 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x2}, 0x8) 19:06:38 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, 0x0, 0x0) 19:06:38 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000602000210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:06:38 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0xffffff7f00000000, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:06:38 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 50) [ 1757.391912] FAULT_INJECTION: forcing a failure. [ 1757.391912] name failslab, interval 1, probability 0, space 0, times 0 [ 1757.392918] CPU: 1 PID: 10032 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 1757.393493] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1757.394188] Call Trace: [ 1757.394415] dump_stack+0x107/0x167 [ 1757.394723] should_fail.cold+0x5/0xa [ 1757.395045] ? create_object.isra.0+0x3a/0xa20 [ 1757.395509] should_failslab+0x5/0x20 [ 1757.395895] kmem_cache_alloc+0x5b/0x310 [ 1757.396234] create_object.isra.0+0x3a/0xa20 [ 1757.396605] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1757.397155] kmem_cache_alloc_trace+0x151/0x320 [ 1757.397701] __io_queue_sqe+0x666/0x9d0 [ 1757.398077] ? io_issue_sqe+0x7700/0x7700 [ 1757.398430] io_submit_sqes+0x4461/0x85c0 [ 1757.398791] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1757.399203] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1757.399609] ? lock_downgrade+0x6d0/0x6d0 [ 1757.399943] ? find_held_lock+0x2c/0x110 [ 1757.400282] ? io_submit_sqes+0x85c0/0x85c0 [ 1757.400645] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1757.401047] ? wait_for_completion_io+0x270/0x270 [ 1757.401444] ? rcu_read_lock_any_held+0x75/0xa0 [ 1757.401840] ? vfs_write+0x354/0xa70 [ 1757.402156] ? copy_kernel_to_fpregs+0x9e/0xe0 [ 1757.402532] ? trace_event_raw_event_x86_fpu+0x390/0x390 [ 1757.402968] ? ksys_write+0x1a9/0x260 [ 1757.403282] ? __ia32_sys_read+0xb0/0xb0 [ 1757.403625] do_syscall_64+0x33/0x40 [ 1757.403937] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1757.404359] RIP: 0033:0x7fe5a49a6b19 [ 1757.404666] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1757.406169] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1757.406788] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 1757.407366] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1757.407942] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1757.408521] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1757.409095] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 [ 1757.426085] FAULT_INJECTION: forcing a failure. [ 1757.426085] name failslab, interval 1, probability 0, space 0, times 0 [ 1757.427099] CPU: 1 PID: 10035 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 1757.427668] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1757.428337] Call Trace: [ 1757.428561] dump_stack+0x107/0x167 [ 1757.428874] should_fail.cold+0x5/0xa [ 1757.429190] ? create_object.isra.0+0x3a/0xa20 [ 1757.429566] should_failslab+0x5/0x20 [ 1757.429906] kmem_cache_alloc+0x5b/0x310 [ 1757.430244] ? mark_held_locks+0x9e/0xe0 [ 1757.430585] create_object.isra.0+0x3a/0xa20 [ 1757.430951] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1757.431365] kmem_cache_alloc_bulk+0x168/0x320 [ 1757.431746] io_submit_sqes+0x6f76/0x85c0 [ 1757.432100] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1757.432500] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1757.432890] ? lock_downgrade+0x6d0/0x6d0 [ 1757.433226] ? find_held_lock+0x2c/0x110 [ 1757.433561] ? io_submit_sqes+0x85c0/0x85c0 [ 1757.433932] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1757.434324] ? wait_for_completion_io+0x270/0x270 [ 1757.434715] ? rcu_read_lock_any_held+0x75/0xa0 [ 1757.435093] ? vfs_write+0x354/0xa70 [ 1757.435398] ? fput_many+0x2f/0x1a0 [ 1757.435695] ? ksys_write+0x1a9/0x260 [ 1757.436010] ? __ia32_sys_read+0xb0/0xb0 [ 1757.436344] do_syscall_64+0x33/0x40 [ 1757.436653] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1757.437065] RIP: 0033:0x7f3acf5e4b19 [ 1757.437369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1757.438835] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1757.439445] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 1757.440014] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1757.440593] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1757.441160] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1757.441744] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 19:06:38 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x31, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:06:38 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="2800c27f2000210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:06:52 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, 0x0, 0x0) 19:06:52 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 32) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:06:52 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 51) 19:06:52 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0xffffffff00000000, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:06:52 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x3}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) inotify_init1(0x0) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x2, 0xfe}, 0x8) 19:06:52 executing program 3: prctl$PR_SET_DUMPABLE(0x4, 0x3) r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x8000000) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x7, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x40a30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x2, 0x0, 0x10000000, 0x0, 0x200000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0}, 0x8004) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r5 = inotify_init1(0x0) r6 = inotify_add_watch(r5, &(0x7f0000000040)='.\x00', 0x2000003) r7 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(r5, r6) r8 = syz_io_uring_setup(0x457f, &(0x7f00000000c0)={0x0, 0x58c9, 0x2, 0x3, 0x8b}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000002c0), &(0x7f0000000180)) io_uring_register$IORING_REGISTER_PERSONALITY(r8, 0x9, 0x0, 0x0) syz_io_uring_setup(0x4fdf, &(0x7f0000000080)={0x0, 0x9359, 0x0, 0x8e08, 0x174, 0x0, r8}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000180), &(0x7f00000001c0)) pwrite64(r7, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r7, r5, 0x0) ioctl$BTRFS_IOC_BALANCE_CTL(r5, 0x40049421, 0x3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:06:52 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x32, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:06:52 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000812000210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) [ 1771.232944] FAULT_INJECTION: forcing a failure. [ 1771.232944] name failslab, interval 1, probability 0, space 0, times 0 [ 1771.234701] CPU: 1 PID: 10060 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 1771.235692] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1771.236883] Call Trace: [ 1771.237286] dump_stack+0x107/0x167 [ 1771.237854] should_fail.cold+0x5/0xa [ 1771.238436] should_failslab+0x5/0x20 [ 1771.239009] kmem_cache_alloc_bulk+0x4b/0x320 [ 1771.239680] io_submit_sqes+0x6f76/0x85c0 [ 1771.240328] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1771.241069] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1771.241827] ? lock_downgrade+0x6d0/0x6d0 [ 1771.242438] ? find_held_lock+0x2c/0x110 [ 1771.243053] ? io_submit_sqes+0x85c0/0x85c0 [ 1771.243337] FAULT_INJECTION: forcing a failure. [ 1771.243337] name failslab, interval 1, probability 0, space 0, times 0 [ 1771.243697] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1771.243727] ? wait_for_completion_io+0x270/0x270 [ 1771.246154] ? rcu_read_lock_any_held+0x75/0xa0 [ 1771.246840] ? vfs_write+0x354/0xa70 [ 1771.247383] ? fput_many+0x2f/0x1a0 [ 1771.247932] ? ksys_write+0x1a9/0x260 [ 1771.248498] ? __ia32_sys_read+0xb0/0xb0 [ 1771.249107] do_syscall_64+0x33/0x40 [ 1771.249672] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1771.250451] RIP: 0033:0x7fe5a49a6b19 [ 1771.251001] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1771.253657] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1771.254796] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 1771.255828] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1771.256861] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1771.257910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1771.258941] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 [ 1771.260003] CPU: 0 PID: 10059 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 1771.260620] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1771.261345] Call Trace: [ 1771.261591] dump_stack+0x107/0x167 [ 1771.261924] should_fail.cold+0x5/0xa [ 1771.262266] ? create_object.isra.0+0x3a/0xa20 [ 1771.262676] should_failslab+0x5/0x20 [ 1771.263041] kmem_cache_alloc+0x5b/0x310 [ 1771.263405] ? mark_held_locks+0x9e/0xe0 [ 1771.263795] create_object.isra.0+0x3a/0xa20 [ 1771.264181] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1771.264664] kmem_cache_alloc_bulk+0x168/0x320 [ 1771.265073] io_submit_sqes+0x6f76/0x85c0 [ 1771.265459] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1771.265903] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1771.266360] ? lock_downgrade+0x6d0/0x6d0 [ 1771.266726] ? find_held_lock+0x2c/0x110 [ 1771.267088] ? io_submit_sqes+0x85c0/0x85c0 [ 1771.267474] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1771.267906] ? wait_for_completion_io+0x270/0x270 [ 1771.268332] ? rcu_read_lock_any_held+0x75/0xa0 [ 1771.268738] ? vfs_write+0x354/0xa70 [ 1771.269092] ? fput_many+0x2f/0x1a0 [ 1771.269417] ? ksys_write+0x1a9/0x260 [ 1771.269784] ? __ia32_sys_read+0xb0/0xb0 [ 1771.270151] do_syscall_64+0x33/0x40 [ 1771.270484] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1771.270965] RIP: 0033:0x7f3acf5e4b19 [ 1771.271294] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1771.272879] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1771.273544] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 1771.274211] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1771.274882] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1771.275545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1771.276210] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 19:06:52 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x3}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = inotify_init1(0x0) inotify_add_watch(r1, &(0x7f0000000040)='.\x00', 0x2000003) creat(&(0x7f0000000040)='./file0\x00', 0x10) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x2, 0xfe}, 0x8) 19:06:52 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, 0x0, 0x0) 19:06:52 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xc2) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:06:52 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="28007fc22000210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:06:52 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x2}, 0x8) (fail_nth: 1) 19:06:52 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfe}, 0x8) 19:06:52 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x42, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') [ 1771.573381] FAULT_INJECTION: forcing a failure. [ 1771.573381] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1771.575457] CPU: 1 PID: 10090 Comm: syz-executor.0 Not tainted 5.10.218 #1 [ 1771.576482] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1771.577698] Call Trace: [ 1771.578123] dump_stack+0x107/0x167 [ 1771.578674] should_fail.cold+0x5/0xa [ 1771.579247] ? rfkill_sync_work+0xa0/0xa0 [ 1771.579874] _copy_from_user+0x2e/0x1b0 [ 1771.580461] ? rfkill_sync_work+0xa0/0xa0 [ 1771.581085] rfkill_fop_write+0xb4/0x4b0 [ 1771.581691] ? rfkill_sync_work+0xa0/0xa0 [ 1771.582340] ? security_file_permission+0x24e/0x570 [ 1771.583083] ? __fget_files+0x296/0x4c0 [ 1771.583691] ? rfkill_sync_work+0xa0/0xa0 [ 1771.584311] vfs_write+0x29a/0xa70 [ 1771.584852] ksys_write+0x1f6/0x260 [ 1771.585400] ? __ia32_sys_read+0xb0/0xb0 [ 1771.586055] do_syscall_64+0x33/0x40 [ 1771.586617] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1771.587371] RIP: 0033:0x7f79d3423b19 [ 1771.587925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1771.590626] RSP: 002b:00007f79d0999188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1771.591731] RAX: ffffffffffffffda RBX: 00007f79d3536f60 RCX: 00007f79d3423b19 [ 1771.592765] RDX: 0000000000000008 RSI: 0000000020000080 RDI: 0000000000000003 [ 1771.593826] RBP: 00007f79d09991d0 R08: 0000000000000000 R09: 0000000000000000 [ 1771.594861] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1771.595892] R13: 00007ffea93c7acf R14: 00007f79d0999300 R15: 0000000000022000 19:06:52 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280001db2000210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:06:52 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, 0x0, &(0x7f0000000040)=@IORING_OP_WRITE_FIXED={0x5, 0x4, 0x4000, @fd_index, 0x1, 0x70, 0x8}, 0xfff) 19:07:07 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x2000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:07:07 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfe}, 0x8) 19:07:07 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720200000000000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:07:07 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = inotify_init1(0x0) r6 = inotify_add_watch(r5, &(0x7f0000000040)='.\x00', 0x2000003) r7 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(r5, r6) pwrite64(r7, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r7, r5, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, r7, 0x8000000) open_by_handle_at(r7, &(0x7f0000000040)=@xfs={0x1c, 0x81, {0xff, 0x0, 0xcc9, 0x1}}, 0x101002) r8 = inotify_init1(0x0) r9 = inotify_add_watch(r8, &(0x7f0000000040)='.\x00', 0x2000003) r10 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(r8, r9) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, r10, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:07:07 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 33) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:07:07 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x2}, 0x8) (fail_nth: 2) 19:07:07 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000f02000210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:07:07 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 52) [ 1786.966380] FAULT_INJECTION: forcing a failure. [ 1786.966380] name failslab, interval 1, probability 0, space 0, times 0 [ 1786.969379] CPU: 0 PID: 10118 Comm: syz-executor.0 Not tainted 5.10.218 #1 [ 1786.970454] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1786.970536] FAULT_INJECTION: forcing a failure. [ 1786.970536] name failslab, interval 1, probability 0, space 0, times 0 [ 1786.971717] Call Trace: [ 1786.971770] dump_stack+0x107/0x167 [ 1786.971793] should_fail.cold+0x5/0xa [ 1786.974894] ? kobject_uevent_env+0x22b/0xf90 [ 1786.975572] ? kobject_uevent_env+0x22b/0xf90 [ 1786.976266] ? dev_uevent_filter+0xd0/0xd0 [ 1786.976912] should_failslab+0x5/0x20 [ 1786.977506] kmem_cache_alloc_trace+0x55/0x320 [ 1786.978231] ? dev_uevent_filter+0xd0/0xd0 [ 1786.978872] kobject_uevent_env+0x22b/0xf90 [ 1786.979561] rfkill_set_block+0x3bc/0x540 [ 1786.980206] rfkill_fop_write+0x40f/0x4b0 [ 1786.980858] ? rfkill_sync_work+0xa0/0xa0 [ 1786.981503] ? security_file_permission+0x24e/0x570 [ 1786.982298] ? rfkill_sync_work+0xa0/0xa0 [ 1786.982938] vfs_write+0x29a/0xa70 [ 1786.983493] ksys_write+0x1f6/0x260 [ 1786.984066] ? __ia32_sys_read+0xb0/0xb0 [ 1786.984699] do_syscall_64+0x33/0x40 [ 1786.985276] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1786.986056] RIP: 0033:0x7f79d3423b19 [ 1786.986627] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1786.989407] RSP: 002b:00007f79d0999188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1786.990600] RAX: ffffffffffffffda RBX: 00007f79d3536f60 RCX: 00007f79d3423b19 [ 1786.991687] RDX: 0000000000000008 RSI: 0000000020000080 RDI: 0000000000000003 [ 1786.992774] RBP: 00007f79d09991d0 R08: 0000000000000000 R09: 0000000000000000 [ 1786.993872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1786.994969] R13: 00007ffea93c7acf R14: 00007f79d0999300 R15: 0000000000022000 [ 1786.996087] CPU: 1 PID: 10121 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 1786.997104] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1786.998443] Call Trace: [ 1786.998907] dump_stack+0x107/0x167 [ 1786.999584] should_fail.cold+0x5/0xa [ 1787.000142] ? create_object.isra.0+0x3a/0xa20 [ 1787.000807] should_failslab+0x5/0x20 [ 1787.001357] kmem_cache_alloc+0x5b/0x310 [ 1787.001970] create_object.isra.0+0x3a/0xa20 [ 1787.002622] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1787.003364] kmem_cache_alloc_bulk+0x168/0x320 [ 1787.004034] io_submit_sqes+0x6f76/0x85c0 [ 1787.004678] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1787.005399] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1787.006114] ? lock_downgrade+0x6d0/0x6d0 [ 1787.006716] ? find_held_lock+0x2c/0x110 [ 1787.007311] ? io_submit_sqes+0x85c0/0x85c0 [ 1787.007945] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1787.008645] ? wait_for_completion_io+0x270/0x270 [ 1787.009349] ? rcu_read_lock_any_held+0x75/0xa0 [ 1787.010140] ? vfs_write+0x354/0xa70 [ 1787.010747] ? fput_many+0x2f/0x1a0 [ 1787.011362] ? ksys_write+0x1a9/0x260 [ 1787.011921] ? __ia32_sys_read+0xb0/0xb0 [ 1787.012566] do_syscall_64+0x33/0x40 [ 1787.013205] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1787.014104] RIP: 0033:0x7fe5a49a6b19 [ 1787.014646] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1787.017819] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1787.019108] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 1787.020252] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1787.021544] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1787.022660] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1787.023843] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 [ 1787.041025] FAULT_INJECTION: forcing a failure. 19:07:08 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000000f00210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) [ 1787.041025] name failslab, interval 1, probability 0, space 0, times 0 [ 1787.043332] CPU: 0 PID: 10120 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 1787.044312] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1787.045458] Call Trace: [ 1787.045849] dump_stack+0x107/0x167 [ 1787.046544] should_fail.cold+0x5/0xa [ 1787.047143] ? create_object.isra.0+0x3a/0xa20 [ 1787.047980] should_failslab+0x5/0x20 [ 1787.048580] kmem_cache_alloc+0x5b/0x310 [ 1787.049334] ? mark_held_locks+0x9e/0xe0 [ 1787.049949] create_object.isra.0+0x3a/0xa20 [ 1787.050937] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1787.051869] kmem_cache_alloc_bulk+0x168/0x320 [ 1787.052696] io_submit_sqes+0x6f76/0x85c0 [ 1787.053483] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1787.054400] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1787.055122] ? lock_downgrade+0x6d0/0x6d0 [ 1787.055737] ? find_held_lock+0x2c/0x110 [ 1787.056344] ? io_submit_sqes+0x85c0/0x85c0 [ 1787.056991] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1787.057710] ? wait_for_completion_io+0x270/0x270 [ 1787.058438] ? rcu_read_lock_any_held+0x75/0xa0 [ 1787.059127] ? vfs_write+0x354/0xa70 [ 1787.059681] ? fput_many+0x2f/0x1a0 [ 1787.060224] ? ksys_write+0x1a9/0x260 [ 1787.060790] ? __ia32_sys_read+0xb0/0xb0 [ 1787.061402] do_syscall_64+0x33/0x40 [ 1787.061957] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1787.062711] RIP: 0033:0x7f3acf5e4b19 [ 1787.063264] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1787.066079] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1787.067200] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 1787.068257] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1787.069302] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1787.070352] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1787.071400] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 19:07:08 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfe}, 0x8) 19:07:08 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x2}, 0x8) (fail_nth: 3) [ 1787.211187] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=15 sclass=netlink_route_socket pid=10131 comm=syz-executor.2 19:07:08 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001100210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:07:08 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720600000000000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') [ 1787.336672] FAULT_INJECTION: forcing a failure. [ 1787.336672] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1787.339533] CPU: 1 PID: 10136 Comm: syz-executor.0 Not tainted 5.10.218 #1 [ 1787.340562] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1787.341786] Call Trace: [ 1787.342200] dump_stack+0x107/0x167 [ 1787.342752] should_fail.cold+0x5/0xa [ 1787.343333] _copy_from_user+0x2e/0x1b0 [ 1787.343941] kstrtouint_from_user+0xbd/0x220 [ 1787.344593] ? kstrtou8_from_user+0x210/0x210 [ 1787.345281] ? lock_acquire+0x197/0x470 [ 1787.345877] ? ksys_write+0x12d/0x260 [ 1787.346481] proc_fail_nth_write+0x78/0x220 [ 1787.347126] ? proc_task_getattr+0x1f0/0x1f0 [ 1787.347778] ? __fget_files+0x296/0x4c0 [ 1787.348383] ? proc_task_getattr+0x1f0/0x1f0 [ 1787.349033] vfs_write+0x29a/0xa70 [ 1787.349572] ksys_write+0x12d/0x260 [ 1787.350134] ? __ia32_sys_read+0xb0/0xb0 [ 1787.350755] do_syscall_64+0x33/0x40 [ 1787.351305] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1787.352056] RIP: 0033:0x7f79d33d65ff [ 1787.352607] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 1787.355270] RSP: 002b:00007f79d0999170 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 1787.356407] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f79d33d65ff [ 1787.357448] RDX: 0000000000000001 RSI: 00007f79d09991e0 RDI: 0000000000000004 [ 1787.358496] RBP: 00007f79d09991d0 R08: 0000000000000000 R09: 0000000000000000 [ 1787.359550] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 1787.360591] R13: 00007ffea93c7acf R14: 00007f79d0999300 R15: 0000000000022000 19:07:08 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xc200) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) [ 1787.454173] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. 19:07:23 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x2}, 0x8) 19:07:23 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 34) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:07:23 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r5 = socket$inet_udp(0x2, 0x2, 0x0) shutdown(r5, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x5, 0x0, 0x0, 0x0, {0x6208}, 0x1}, 0xffff3589) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:07:23 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720006000000000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:07:23 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x2}, 0x8) 19:07:23 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001200210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:07:23 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x800000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:07:23 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 53) [ 1802.625582] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1802.627708] FAULT_INJECTION: forcing a failure. [ 1802.627708] name failslab, interval 1, probability 0, space 0, times 0 [ 1802.628857] CPU: 1 PID: 10170 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 1802.629532] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1802.630344] Call Trace: [ 1802.630601] dump_stack+0x107/0x167 [ 1802.630960] should_fail.cold+0x5/0xa [ 1802.631335] ? create_object.isra.0+0x3a/0xa20 [ 1802.631785] should_failslab+0x5/0x20 [ 1802.632160] kmem_cache_alloc+0x5b/0x310 [ 1802.632558] ? mark_held_locks+0x9e/0xe0 [ 1802.632967] create_object.isra.0+0x3a/0xa20 [ 1802.633397] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1802.633897] kmem_cache_alloc_bulk+0x168/0x320 [ 1802.634324] io_submit_sqes+0x6f76/0x85c0 [ 1802.634751] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1802.635235] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1802.635704] ? lock_downgrade+0x6d0/0x6d0 [ 1802.636109] ? find_held_lock+0x2c/0x110 [ 1802.636509] ? io_submit_sqes+0x85c0/0x85c0 [ 1802.636942] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1802.637410] ? wait_for_completion_io+0x270/0x270 [ 1802.637847] ? rcu_read_lock_any_held+0x75/0xa0 [ 1802.638299] ? vfs_write+0x354/0xa70 [ 1802.638639] ? fput_many+0x2f/0x1a0 [ 1802.638995] ? ksys_write+0x1a9/0x260 [ 1802.639344] ? __ia32_sys_read+0xb0/0xb0 [ 1802.639749] do_syscall_64+0x33/0x40 [ 1802.640114] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1802.640786] RIP: 0033:0x7fe5a49a6b19 [ 1802.641125] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1802.642867] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1802.643613] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 1802.644311] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1802.645007] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1802.645734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1802.646433] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 [ 1802.662756] FAULT_INJECTION: forcing a failure. [ 1802.662756] name failslab, interval 1, probability 0, space 0, times 0 [ 1802.664743] CPU: 0 PID: 10165 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 1802.665755] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1802.666966] Call Trace: [ 1802.667365] dump_stack+0x107/0x167 [ 1802.667903] should_fail.cold+0x5/0xa [ 1802.668467] ? create_object.isra.0+0x3a/0xa20 [ 1802.669142] should_failslab+0x5/0x20 [ 1802.669704] kmem_cache_alloc+0x5b/0x310 [ 1802.670307] ? mark_held_locks+0x9e/0xe0 [ 1802.670913] create_object.isra.0+0x3a/0xa20 [ 1802.671563] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1802.672291] kmem_cache_alloc_bulk+0x168/0x320 [ 1802.672971] io_submit_sqes+0x6f76/0x85c0 [ 1802.673598] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1802.674342] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1802.675052] ? lock_downgrade+0x6d0/0x6d0 [ 1802.675661] ? find_held_lock+0x2c/0x110 [ 1802.676267] ? io_submit_sqes+0x85c0/0x85c0 [ 1802.677012] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1802.677732] ? wait_for_completion_io+0x270/0x270 [ 1802.678463] ? rcu_read_lock_any_held+0x75/0xa0 [ 1802.679157] ? vfs_write+0x354/0xa70 [ 1802.679722] ? fput_many+0x2f/0x1a0 [ 1802.680275] ? ksys_write+0x1a9/0x260 [ 1802.680829] ? __ia32_sys_read+0xb0/0xb0 [ 1802.681453] do_syscall_64+0x33/0x40 [ 1802.681986] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1802.682746] RIP: 0033:0x7f3acf5e4b19 [ 1802.683298] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1802.685965] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1802.687093] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 1802.688152] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1802.689192] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1802.690231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1802.691256] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 19:07:23 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001300210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:07:23 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x2}, 0x8) 19:07:23 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720020000000000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:07:23 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x2}, 0x8) 19:07:23 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 54) [ 1802.811852] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. 19:07:23 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001400210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) [ 1802.917184] FAULT_INJECTION: forcing a failure. [ 1802.917184] name failslab, interval 1, probability 0, space 0, times 0 [ 1802.918246] CPU: 1 PID: 10186 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 1802.918866] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1802.919587] Call Trace: [ 1802.919843] dump_stack+0x107/0x167 [ 1802.920180] should_fail.cold+0x5/0xa [ 1802.920537] should_failslab+0x5/0x20 [ 1802.920888] kmem_cache_alloc_bulk+0x4b/0x320 [ 1802.921301] io_submit_sqes+0x6f76/0x85c0 [ 1802.921677] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1802.922112] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1802.922532] ? lock_downgrade+0x6d0/0x6d0 [ 1802.922883] ? find_held_lock+0x2c/0x110 [ 1802.923244] ? io_submit_sqes+0x85c0/0x85c0 [ 1802.923619] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1802.924031] ? wait_for_completion_io+0x270/0x270 [ 1802.924441] ? rcu_read_lock_any_held+0x75/0xa0 [ 1802.924845] ? vfs_write+0x354/0xa70 [ 1802.925168] ? fput_many+0x2f/0x1a0 [ 1802.925480] ? ksys_write+0x1a9/0x260 [ 1802.925817] ? __ia32_sys_read+0xb0/0xb0 [ 1802.926181] do_syscall_64+0x33/0x40 [ 1802.926506] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1802.926943] RIP: 0033:0x7fe5a49a6b19 [ 1802.927261] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1802.928800] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1802.929443] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 1802.930040] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1802.930645] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1802.931252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1802.931871] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:07:23 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x20000000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:07:23 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000200000000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:07:23 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x2}, 0x8) 19:07:23 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 35) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) [ 1802.986888] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1803.087414] FAULT_INJECTION: forcing a failure. [ 1803.087414] name failslab, interval 1, probability 0, space 0, times 0 [ 1803.089769] CPU: 0 PID: 10193 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 1803.090848] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1803.092018] Call Trace: [ 1803.092428] dump_stack+0x107/0x167 [ 1803.092964] should_fail.cold+0x5/0xa [ 1803.093523] ? create_object.isra.0+0x3a/0xa20 [ 1803.094190] should_failslab+0x5/0x20 [ 1803.094752] kmem_cache_alloc+0x5b/0x310 [ 1803.095343] ? mark_held_locks+0x9e/0xe0 [ 1803.095939] create_object.isra.0+0x3a/0xa20 [ 1803.096568] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1803.097294] kmem_cache_alloc_bulk+0x168/0x320 [ 1803.097955] io_submit_sqes+0x6f76/0x85c0 [ 1803.098607] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1803.099315] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1803.100001] ? lock_downgrade+0x6d0/0x6d0 [ 1803.100589] ? find_held_lock+0x2c/0x110 [ 1803.101178] ? io_submit_sqes+0x85c0/0x85c0 [ 1803.101801] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1803.102500] ? wait_for_completion_io+0x270/0x270 [ 1803.103188] ? rcu_read_lock_any_held+0x75/0xa0 [ 1803.103844] ? vfs_write+0x354/0xa70 [ 1803.104371] ? fput_many+0x2f/0x1a0 [ 1803.104911] ? ksys_write+0x1a9/0x260 [ 1803.105456] ? __ia32_sys_read+0xb0/0xb0 [ 1803.106049] do_syscall_64+0x33/0x40 [ 1803.106587] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1803.107311] RIP: 0033:0x7f3acf5e4b19 [ 1803.107844] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1803.110426] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1803.111502] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 1803.112503] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1803.113500] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1803.114514] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1803.115510] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 19:07:38 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x2}, 0x8) 19:07:38 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 36) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:07:38 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0x4}}, './file0\x00'}) mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3, 0x10, r6, 0x10000000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:07:38 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001500210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:07:38 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 55) 19:07:38 executing program 5: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720020000000000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:07:38 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000100000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:07:38 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xc2000000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) [ 1817.522828] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1817.570294] FAULT_INJECTION: forcing a failure. [ 1817.570294] name failslab, interval 1, probability 0, space 0, times 0 [ 1817.572261] CPU: 0 PID: 10224 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 1817.573286] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1817.574511] Call Trace: [ 1817.574918] dump_stack+0x107/0x167 [ 1817.575479] should_fail.cold+0x5/0xa [ 1817.576053] ? create_object.isra.0+0x3a/0xa20 [ 1817.576760] should_failslab+0x5/0x20 [ 1817.577332] kmem_cache_alloc+0x5b/0x310 [ 1817.577956] create_object.isra.0+0x3a/0xa20 [ 1817.578637] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1817.579384] kmem_cache_alloc_trace+0x151/0x320 [ 1817.580081] __io_queue_sqe+0x666/0x9d0 [ 1817.580671] ? io_issue_sqe+0x7700/0x7700 [ 1817.581307] io_submit_sqes+0x4461/0x85c0 [ 1817.581966] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1817.582714] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1817.583437] ? lock_downgrade+0x6d0/0x6d0 [ 1817.584062] ? find_held_lock+0x2c/0x110 [ 1817.584674] ? io_submit_sqes+0x85c0/0x85c0 [ 1817.585333] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1817.586061] ? wait_for_completion_io+0x270/0x270 [ 1817.586796] ? rcu_read_lock_any_held+0x75/0xa0 [ 1817.587490] ? vfs_write+0x354/0xa70 [ 1817.588057] ? fput_many+0x2f/0x1a0 [ 1817.588612] ? ksys_write+0x1a9/0x260 [ 1817.589177] ? __ia32_sys_read+0xb0/0xb0 [ 1817.589803] do_syscall_64+0x33/0x40 [ 1817.590369] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1817.591125] RIP: 0033:0x7f3acf5e4b19 [ 1817.591681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1817.594400] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1817.595531] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 1817.596587] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1817.597636] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1817.598692] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1817.599747] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 19:07:38 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000200000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') [ 1817.633164] FAULT_INJECTION: forcing a failure. [ 1817.633164] name failslab, interval 1, probability 0, space 0, times 0 [ 1817.635306] CPU: 0 PID: 10227 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 1817.636464] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1817.637664] Call Trace: [ 1817.638066] dump_stack+0x107/0x167 [ 1817.638625] should_fail.cold+0x5/0xa [ 1817.639203] ? create_object.isra.0+0x3a/0xa20 [ 1817.639895] should_failslab+0x5/0x20 [ 1817.640450] kmem_cache_alloc+0x5b/0x310 [ 1817.641037] ? mark_held_locks+0x9e/0xe0 [ 1817.641632] create_object.isra.0+0x3a/0xa20 [ 1817.642283] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1817.643024] kmem_cache_alloc_bulk+0x168/0x320 [ 1817.643689] io_submit_sqes+0x6f76/0x85c0 [ 1817.644329] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1817.645058] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1817.645761] ? lock_downgrade+0x6d0/0x6d0 [ 1817.646363] ? find_held_lock+0x2c/0x110 [ 1817.646970] ? io_submit_sqes+0x85c0/0x85c0 [ 1817.647605] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1817.648310] ? wait_for_completion_io+0x270/0x270 [ 1817.649012] ? rcu_read_lock_any_held+0x75/0xa0 [ 1817.649682] ? vfs_write+0x354/0xa70 [ 1817.650238] ? fput_many+0x2f/0x1a0 [ 1817.650792] ? ksys_write+0x1a9/0x260 [ 1817.651346] ? __ia32_sys_read+0xb0/0xb0 [ 1817.651949] do_syscall_64+0x33/0x40 [ 1817.652504] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1817.653254] RIP: 0033:0x7fe5a49a6b19 [ 1817.653796] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1817.656445] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1817.657549] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 1817.658589] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1817.659633] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1817.660674] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1817.661704] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:07:38 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x3, 0x0, 0x2}, 0x8) 19:07:38 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001600210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:07:38 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x2}, 0x8) 19:07:38 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001800210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) [ 1818.006019] netlink: 'syz-executor.2': attribute type 3 has an invalid length. 19:07:53 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 37) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:07:53 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x4, 0x0, 0x2}, 0x8) 19:07:53 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000600000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:07:53 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) ioctl$BTRFS_IOC_DEFRAG(0xffffffffffffffff, 0x50009402, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:07:53 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 56) 19:07:53 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xffffff7f) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:07:53 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x2}, 0x8) 19:07:53 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001900210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) [ 1832.060888] FAULT_INJECTION: forcing a failure. [ 1832.060888] name failslab, interval 1, probability 0, space 0, times 0 [ 1832.062215] CPU: 1 PID: 10260 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 1832.063162] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1832.063987] Call Trace: [ 1832.064255] dump_stack+0x107/0x167 [ 1832.064638] should_fail.cold+0x5/0xa [ 1832.065035] ? __io_queue_sqe+0x666/0x9d0 [ 1832.065466] should_failslab+0x5/0x20 [ 1832.065858] kmem_cache_alloc_trace+0x55/0x320 [ 1832.066336] __io_queue_sqe+0x666/0x9d0 [ 1832.066744] ? io_issue_sqe+0x7700/0x7700 [ 1832.067164] io_submit_sqes+0x4461/0x85c0 [ 1832.067597] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1832.068092] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1832.068543] ? lock_downgrade+0x6d0/0x6d0 [ 1832.068956] ? find_held_lock+0x2c/0x110 [ 1832.069345] ? io_submit_sqes+0x85c0/0x85c0 [ 1832.069782] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1832.070265] ? wait_for_completion_io+0x270/0x270 [ 1832.070717] ? rcu_read_lock_any_held+0x75/0xa0 [ 1832.071144] ? vfs_write+0x354/0xa70 [ 1832.071519] ? fput_many+0x2f/0x1a0 [ 1832.071860] ? ksys_write+0x1a9/0x260 [ 1832.072207] ? __ia32_sys_read+0xb0/0xb0 [ 1832.072589] do_syscall_64+0x33/0x40 [ 1832.072937] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1832.073439] RIP: 0033:0x7f3acf5e4b19 [ 1832.073871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1832.075716] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1832.076634] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 1832.077269] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1832.077903] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1832.078608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1832.079260] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 [ 1832.087049] netlink: 'syz-executor.2': attribute type 3 has an invalid length. [ 1832.117232] FAULT_INJECTION: forcing a failure. [ 1832.117232] name failslab, interval 1, probability 0, space 0, times 0 [ 1832.119255] CPU: 0 PID: 10267 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 1832.120316] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1832.121564] Call Trace: [ 1832.121993] dump_stack+0x107/0x167 [ 1832.122591] should_fail.cold+0x5/0xa [ 1832.123200] ? create_object.isra.0+0x3a/0xa20 [ 1832.123916] should_failslab+0x5/0x20 [ 1832.124517] kmem_cache_alloc+0x5b/0x310 [ 1832.125131] ? mark_held_locks+0x9e/0xe0 [ 1832.125785] create_object.isra.0+0x3a/0xa20 [ 1832.126459] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1832.127237] kmem_cache_alloc_bulk+0x168/0x320 [ 1832.127944] io_submit_sqes+0x6f76/0x85c0 [ 1832.128625] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1832.129382] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1832.130122] ? lock_downgrade+0x6d0/0x6d0 [ 1832.130762] ? find_held_lock+0x2c/0x110 [ 1832.131405] ? io_submit_sqes+0x85c0/0x85c0 [ 1832.132085] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1832.132828] ? wait_for_completion_io+0x270/0x270 [ 1832.133563] ? rcu_read_lock_any_held+0x75/0xa0 [ 1832.134274] ? vfs_write+0x354/0xa70 [ 1832.134864] ? fput_many+0x2f/0x1a0 [ 1832.135442] ? ksys_write+0x1a9/0x260 [ 1832.136035] ? __ia32_sys_read+0xb0/0xb0 [ 1832.136673] do_syscall_64+0x33/0x40 [ 1832.137239] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1832.138021] RIP: 0033:0x7fe5a49a6b19 19:07:53 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x5, 0x0, 0x2}, 0x8) [ 1832.138601] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1832.141476] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1832.142666] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 1832.143731] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1832.144891] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1832.145966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1832.147062] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:07:53 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x2}, 0x8) 19:07:53 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001a00210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:07:53 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x10000000000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:07:53 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000002000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:07:53 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x6, 0x0, 0x2}, 0x8) [ 1832.348876] netlink: 'syz-executor.2': attribute type 3 has an invalid length. 19:07:53 executing program 5: write$rfkill(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, 0x2}, 0x8) 19:07:53 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001c00210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:07:53 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 38) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:07:53 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 57) 19:07:53 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x7, 0x0, 0x2}, 0x8) 19:07:53 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FALLOCATE={0x11, 0x59f5ee0a7c70a1ba, 0x0, @fd_index, 0x3, 0x0, 0x1, 0x0, 0x1, {0x0, r6}}, 0x8000) r7 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(0xffffffffffffffff, 0x0) pwrite64(r7, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r7, 0xffffffffffffffff, 0x0) r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, r7, 0x8000000) syz_io_uring_submit(r8, 0x0, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x400e, @fd, 0x2, 0x1ee, 0x5, 0x4}, 0x7) r9 = accept$packet(0xffffffffffffffff, 0x0, &(0x7f00000012c0)) r10 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000004340)=@IORING_OP_RECVMSG={0xa, 0x5, 0x0, r9, 0x0, &(0x7f0000004300)={&(0x7f0000001c80)=@vsock={0x28, 0x0, 0x0, @my}, 0x80, &(0x7f0000004180)=[{&(0x7f0000001d00)}, {&(0x7f0000003fc0)=""/177, 0xb1}, {&(0x7f0000004080)=""/186, 0xba}, {&(0x7f0000001d40)=""/37, 0x25}, {&(0x7f0000004140)=""/44, 0x2c}], 0x5, &(0x7f0000004200)=""/244, 0xf4}, 0x0, 0x40, 0x1, {0x2, r10}}, 0x10001) sendmmsg$inet(r3, &(0x7f0000003e00)=[{{&(0x7f0000000080)={0x2, 0x4e20, @rand_addr=0x64010100}, 0x10, &(0x7f0000000080)}}, {{&(0x7f00000000c0)={0x2, 0x4e21, @remote}, 0x10, &(0x7f0000000a80)=[{&(0x7f0000000340)="9c8f48003d118205558c52a2948ea43ebbd05af9c21a4bf75d5371786c1db033243e37f9c04080555afcd6e8affc5baf6ebd3bc532006e4340568dbaf5876d01fb0d923935195e519017c0bfea6691f7ee4cc866511b1da9ec509db26c111abaabe89513286ca84d2836f577386d8957e33a5566fe0df1091f9eec01fb81cd6fdfc45972a52fd48d91eb29078cee886d71fe", 0x92}, {&(0x7f0000000180)="ea6acd703b39702a6c9a2cadac3a6695584c463104000000d6eeda318b97e3876f18e54cbb454f7679dc11d6d1dcf89bfc329c007fd7b23e719858bc9abc2b9bdd", 0x41}, {&(0x7f0000000400)="a1248b15930131e1ce650f1dd84f98dc441fad2ab108e9392c945615486555e4249ed82349bd7916d25fc22de683ea2583cc2d3d08625627f5bcbd4dc93a97bb3f7f6a63af13abd8627b7366ca11b7dc86b325c35cc6843195115470936e0976449a409d60a1ba921087e65a65c8e1621cc6360f560aed99df22d4a7c0b2d71a50245804c48621c146532b5a53e0bea6e9c0cb70d93f3ef6970717f32c4f4b43faa82597d7392fda2299fddfeb1f124d220a9e16c6be1d580d524e5a5c9452be", 0xc0}, {&(0x7f00000004c0)="c4a6cc2fa5118cde17fc31e5a7cf6fbadcdec8358e534bd0c9f16053fa1fcf337d3cebf7ddf5549972a1e6566648109e114e2e0e72fa11398c85eecb853a776a463f28c9f8da5db49d20dbab4050e558ddf9549ca8d0f2a7373ef18babf256139681d82a95c247772869c4c4907ca587abce318c9f0b441acf24b2c1371d4382d83465e5e47dff133249cdfbfe7518a6f14139661183f4139924cc916579319f7980cf06969e6c77304ae5785b7376c6bce7fab92aa5073a81fe357e7250ebd1db1ae9a67de1e05fe52a", 0xca}, {&(0x7f0000004380)="6cf3b9e7a90342f21b401545a64a3d1218612ce8200c647d2e91c7577481aa471ae3cbfd4e2e5f68dadd002683c7ba2beb468767b9ad256a7e2dfb31559ebb7d6e77ddf934a51e354582dbcbf798731e2467743c713e9989ef9707a0", 0x5c}, {&(0x7f00000006c0)="31335b52a763ab06f5534a0b1fdfbd0dd3cc6cb768611280b7af410459cfad9ac7a7049f9f08ed4ce779c010c478250148e2368700838523f5a5668be9855c0aad2ca5cee7404f117fd6cb1b0187df075d7b03df1602c1b3400fcf82f3708c2280a0a99af1518b8d9c22012e39f3721a34769311ebe8bda9d584265b50826a08332bf481bf95a0ca9cf94b99107a60108c8a68342105e95a023e7d28da3d70109b399f2d2920c18147e4d75668fa55dba46e8fa6df575d27c4c63d2488aea53ef98e82015bc57ef8eee25a80b8c3", 0xce}, {&(0x7f00000005c0)="75fc4230c62f917b2f11ec56307161994dbfee471a90c8758fd732c0b8775f01cf99d131d9f34c07f510f2b50b368f0b253b5aa08cbd818332142ededa376ef0cb303b3dc676f828fff160d2defc161b251bc713fdb4d1eec87a06ab26ff53ab54851c9cd1ed951c56349def8cadb45594b3ff7861d77f42c4d8e4c8d47c39ff01c5186fce96b5598f74dd6a2f9652026fb5906405cd46edb87916c21c3985fcdd5547bacdfdcbdd817ade288e8f1bea261eca50dd74689b", 0xb8}, {&(0x7f00000007c0)="dd29acffcb7aa31ceb845a30474181f6674106001cd0a43759d4c6207746c1555c4023558e9b4dd177f61bbff7608ac998a261675f998129cbace9c2a1f565b7a558b53bdc6505b34b413dd96b65a91767b37cd8bfbfb07e416545a2e16701ed073fd6ee427aaca5180d22f5356848bedbc3fa6a7b41e5df777c1706646922f913c26fb3bd9ced92cf2236059b668a372265822484d8962e8a6c25dfd3060017e49998270162ac8380c1221f4f1bc3ab5b49e17bc123317f5141ef23db", 0xbd}, {&(0x7f0000000880)="9488ffccd8bc09ef71b7ea616fd9cb79eb5ba2ae6c5b536c7c1ad48b08a49b93bc283d691f6f261ef2768685f62fbdd3e56fb6012d017df54fa81ae4459e923e564e90d8fd21ae1f4ed6006a0d02b881423933592b70488a5d3b95d906125d827e4749637b20afbb3a1a87072f47c8b4c6e962a3f637363f220284b8e1f88ec4bc0abc96ddf2ab6d128956be47c751b6390f61e867d1e7c549eb0bdad2b6feb991c8c3096327f4d1832abf47e05e8fdb2b77507228e2a7d5c5da8e69d90cbfb1b8319f9fd80ae8c536d5a3dbcca28daaa8b8006842409d48574d1a25e8f6e743fad07f3b99801ac7f5bafda10ee4f2564855fa3275c150f39d118997ae274e", 0xff}, {&(0x7f0000000980)="a9e24b5af56258458df718ec91e80bca170af21317a97c2f386e938408aa5422ca93799d979133f212fd8bfa056d72b93f588e3a363a1ba647744d703568f9e4c26156b31e19c63d3e363b793b81ca0402e66cb12127802556432ee6e68056be72335af189b858f3f0ef697bf0c8b114994bd331b014c0076175bfa95d8ad1006f5f814c7ef10c20cd62395cd7b6534b25a7bdfcbcfb4a86f1f1ebdf852edfe60e2c620aedd349a31c521b53ad66fb97c8e0d9075f4ea64a4a378da1b4ec1b4ecdde0e75b31ecce19985ca64d557531998fe39", 0xd3}], 0xa, &(0x7f0000000b40)=[@ip_retopts={{0x28, 0x0, 0x7, {[@ra={0x94, 0x4, 0x1}, @timestamp_prespec={0x44, 0x14, 0x99, 0x3, 0x2, [{@multicast2, 0x1}, {@loopback, 0xffff305d}]}]}}}], 0x28}}, {{0x0, 0x0, &(0x7f0000000bc0)=[{&(0x7f0000000b80)="ac21666900bf06bf00f7e52a475f3d242430396ddf704bf2603ae5a5aa7a7ed5a6dfa5e6cbb234d3d51ebb2b10d6474e6b10cc21fe58d1e6038b12e907", 0x3d}], 0x1, &(0x7f0000000c00)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7521}}], 0x18}}, {{&(0x7f0000000c40)={0x2, 0x4e24, @multicast2}, 0x10, &(0x7f0000000f40)=[{&(0x7f0000000c80)="6e79cf09cad1daa376a093de6b87c51dfa5fd2dcf96ddf8fae5e05d22c7ff993040eadf1ef7eb8baf94fa28b468c58a47d7c43f987029c60fe41ce9a27041300cc9a2e04e42423c86b1b0bd24af0fff4a361c76813403a9dab944a0edf7c236579d62bad45fb440089c299692d517a7e56567bd57ef1c41644b4d62051997b7e5828916110af76f1e4c8453dc8dfde0c23e8944264465baeb50d3cd4956ff93c884b9e17ba800c66ef1a8285ed813d3d98ecfc71e7926c1f53f72c438f29e0cbbfa89e5be6fe162e0df67042824b1894eee58d5eab", 0xd5}, {&(0x7f0000000d80)="4328fd34e6d71ccabc62b5fb8f12e0ce86d7c1dcfc", 0x15}, {&(0x7f0000000dc0)="f6e25a3f023d55030b2e5ac885d574bede9480655bbdabdd7aea8ab4e8ad79066756849a20d5c3edba201cc216d91b4925a4b3f5a68de67d264091f7e52a0bf49872806630480cf3f1346a49d2badac8dae57528bce9584f7f18080bd85d408c3c4d653307cb91d4ea929b31288e1fe6da24b786db469b2b2663ec3effcfe59e554288404790ce75b19e83a1cba21124dbe1277c45dd73109436c1f6eeb4d3d8560f7cdd87b76d72ade012cc2fbacabd9152c87a5190a9669c8857dff1e78b4ce9ef4636df9a5a14c53e", 0xca}, {&(0x7f0000001e00)="240fdff284074b3fc5a0e2d372c40edd15f344a016fcb8f4e5387162c16890d9c71d4aef22e8eb5388b009082cb2925a6b62aed70b582da5ce0d29cee105fb38db02f19cef79798340e97769742f1acf44d56ba408dbdfa37fe2db17e7c9fa00db0eb4eb0d00fe19f67ba293a1ebcff7eaaf3a0551b48a3cf4f9f649483feac9cb2d970682798b46720247b0a82fa80e6a4beae56b9850883f6ee082ee73be6bf233ae060b563004e16e07757d7106b8edab1946ad00b1f3bbd549892c3619bef862eaad023377bf004bc8c55429ca2e23478ea01fdaaf7ee13e715163d0e8fb01b49f7284146101ab80d88db9b25dbd2fae6e1f59badbba8b2e54fae796375c154d0423159c8b31249be4d75fa7ee1e4ba365356e5a863d03dbe597aa9315a759934c6d32780c686ad61c39a8ff306fb8d4413383644c32af3665164501470153a7ebf9762213adb135fd445167f27d76199bdd9961600cf0603d6f96b8bf43af1094144263c2deb9aeefd287294c461970fd99796cabe1da0bbfcb91d5d2a713b46b9cbb4d439c1cc37fce0a243be4aa96247a61c17cc89c750e760b71b57d8329297e65d1f30e331de8ca0da35c6ce4f89a058aa67705c7cf2927923f87e0d337d0bdfaa2a73ed938fc8a1a241c43c9ecfb5c2e6964bfccf33dfc2f9dfb8508ec217416479698d731bd8a5a6ea8463c8ef1edd8b71b2c93806a6b29eadaebdd158992d6df952255b755b8e725950642b3a347ab56e41cff994c825a007391306f7f465dea9f63b013701c58a182c97b31e95be90fffc3d5dd84fc4c752eeb3a766693fbfdb6dddb15d3ee6e24f32f8ca091da40ac02ad07c6fa3b051e38178c550c1fe4e4a026add233b033a595d437f4b0aa10fb58a7162b11b13a18031464645f1f8265bf3491e313ec7d23303d09c28c77f4e8f212a9469161d4065d17e79b3213f3da45bcb214df82a62641fa52eecd315a447473f00f34d09408a4377b98e4a70689bf6d816a62cb136237728f0d3c227284df9b37d08244c904ede77161f37dd6b9b0d6c213a4e52cd8ac66d0f3d18d0c67cfd606b7b4acfd18da9b79ea94fc4308bcfc9a9af5e7dc30a2c796f65b379388d251f89f4081ee00e48e692c61a67a2215e468c75fa0ab252e96d8bf109e210c6881a12265d4ec419d837e1ba46e704a11ab43ad6b3daeaa335d99a895bf4ed7b8420b3010ba84a581087c91c3a777ccdd2649eb9d59e3f33c84baf28a7a7a6a21a3029269de43494def688361e3221c63c27e3264b9b06b87bbe8a597e284cf976f6bf7fa59eec42584e5f4bb029a0795a447a78ae2c9c783d3318278cc7454e7351def83763b656af10ae60210951c222d22e0e1bcf9e04ebea779325e13b16a9a794035f4a1e5094a27fba9f86fb521fc5fb69f8d6905e8987e95db543f52824c4cd08ab057e1552f8ff972365e007503f3ef82c14f5985be9413f01ea3bb0e83ccc3c18827641176ff67b455da3ac6ac89f42a5ba50a44ad7b65898f0fdee2e1d8a5c38e3ea7aa3782fa3326e5b8a540b35facbf429587d9126f087d268b77a42bae19942889961073233a6c9ee3f90df961e8f7df1aacc4bc1fd86ffd5be9ddc0956ef85a56856df33939e8641aced2b673aec27fc613c82052df4bf322e0389f032fb12fdf56c1324f3893df3bac73853ee5687de1f3b22577cefcaf9db59d6a42e2900001de10293da25db0157b940851a0b61bd139a1e5bb91130beec4395934911cd4fdf5b3220699b4c4d3e6fc7d8d2db218d123120db3739ee061c8cb42f0187393c71dcf33b1a9cf2f850f34602b5330d798dca81e5c2bcc7bd274661228bf16c9f491005778bbf6a763298fee2f8ed4ea5ed6a1833c8926dab9d6fd7d0c39f36093f2b50f6ee25f49bfb5a5f57d8bef67ea0d7a2a5487408db58facf8670baad81c3101c3a66c4c85e288113f2196f6c5ca512c07cf5acdf47135f1ad3ae2d7f8c3a816f01dc55392134051a51f36191d89ed5d2c03d85bf5cd9c6ff41c479b041c4992e3c5c04f9604cd24e60a41de5b623df06ac70e866a987db8a395f86a0effea7044e91e45c98dc3ff89089cc5843d859903b4b71cc8d2b87d27712fe3ff68c0a125469eb42f6eb0426bbeed42875cb9dd59bae81d835c4251f377e61b773d560806c9b60da676060f72cdd3e13a179b4e52ac7d1d2316ba2c24e4a18e95418ae68e216dc1e89e009646f4e4b9f718b2387989d6cfa712fda2cf23232fbaf3a9fd9c2d34f9dcfcb635b41c99a3f9492b704aebc222b2cb0b01757f2ee2d1bc199d749c8ae64003b8829b7a285b035ddbc515b3c51007936654d500a9be5ad6415094bb253408ba1ebee6d79587e23c71247b7aadd43274f418f668ae74c1c8c07058602abd149a0d4fcfa0db8a318bf55c02ec42e7db0da9f9d2009f6967f172b013a433ad6a63a577198c8dd884bbc3a68f1c581ca1b26a8494f701f61c09ab79d33d9c1c3796a46ff1d634afa91330e1f4049291d60fa750459b6f1d21de1deb2d924dc85930cfc78fd8e064fc6bf07b7fd5c565aa5c137052555ed4e21928c48bf4092e339faac37dc49abc5fcfe36fa1203478afacd759cbd710b8b7eccbd53f123e9ba38d0e7b2ffcd63b01dd06b6b10fcc145ba4c8f926cc8f2d6a16195f22f4baf2a7c2006c2dc9b0057bad6437faa06906b8b469caaa5b90f14f955e323dd0a96d733023548363d5941d3178c48c1ee200eedeb89bcb20cbf61bd4f181925edaf694e719ea968158155ece42ebc4dfa0b873a34605b7da4ab4a6628db9026e38c8ca631ee81a69f66434b81e79806e72281f9f5553b1fc63859c2dd1b4c45570ea2fe1030fa4ca101f7f0967d77dab9991e9d306988b387138ccf3a514a6b4532896a4338e5b8679cb7f5ece87b33b19b860d6e9735d8843ee63e7db34649e1b8ef26e5b9c79ee1be21268b22c784311d100eb1cd134ada89a25207008b63fd463e760ef4317b91a971470ca248f2830c2f7e5df01f216184d7957e50d80671d728b61b43ac7faadca4505646b0b9f12de0862ef2451cf5745460594f359676252a4b94bafbf8f15880902ced8bc14a0517f70d3f278a7938f88c72f15f2c018befca4146cb765c3c53f46453c6c55808cc2a0e98f69c4642ad2786cb7884fc6e0bb2b26e280df354e118227a26dc77f3f5c31b8f3e9c427513b7508b335a5a27ae23d5e3c2b478446c10e514c2e712aa25f24f9fa78533ed1e74079bf37a769ad2cf723d53967c2a2c4c24fa700e99c2f35409d068efaf0e0bcf20fe22ce6e9831b064e0300ea60c7aa268d6b51bdbabc405cf2f0947ae437ebbde2866a155f4867a55b0ea7695c52ad5501640c48d1ab738eb035de87d63b75325bf7b6ddf089f2c7ad6fdad37a15b96ad365e245ccc7cf9ed1069025ce90e36ecaf05f14cd457db3256ce8eb8cb714297435148ddf11ff7c131687cf47cc74d5d70debfaaf43df8deb03ef4ee2956c8e7ee125bed57363c59d3a3947932edb58a567302647284fc20d165819c9dfd837b06657f1557f9524f6d13e11d185e370b464731734f2707f853b57bf594482b33a95d217a591589ad82a5cf63d9f1ab38fe4ab0868be89790e8f7cd1689da02a2b3d9fd760dc5172fcdab0831b6904517c521638b166925428b86f845f2498db6c8f509e0f0823715a00ff646ffdf47bdb52c1c1a7e99d446c97baa59a644153955f3103a6491c6e3de64619a12845536aa8196071674fa71c0bbc5752559a44ba0e33cf955060dc3a0bf71ec1ddfc959f3703fed4bf362a3b4bf4ab07e0f9969a423370e5cd309a845a199086b1d785312b75e8f1c672eebf2bcfa1675c3d3ef967351bbca629bf8fde19079c5ced529cfe48423160d418006434e612d83440c3b0064204508a3ee65ee5b05f0fe56c2a09cdb943f938e1d4b5605499db88b24870791369b3634472fee2eb4ee10bb2c92c55ead6a2356c07908f20bb7de660effb392c952a5f73097853e0fb3b150ce1b38c65b81b0778557db9e6d22deb2cf3e91995780e974a48127d96d69b99a18ea135f319f14582ae854784aa310b46c809c3ec64070d973ee5eaf97681a4ba12cc079bb1d3403f44774e09bc65eb95fa6b92b68fa7a7edaeab06ac380f48aa26e6f51c53b157aedf3bf558e56b048901f0f4bdba141b281ad0c5d9e3f39edb1c045893b94d738ba82cc376e23407d9ea3e734693655523249db2a6dddd8e9936b04426a5ae6ed72e6ab1931c55c6c0b87f43150a00ffa61f90890377f647fe3023c5d4878203b0abcf497167743959a23e96adcb42754cf85b85a8210db05fbf336a295749414f47624cc580bb708993eeeb2b5d3a67d3a740d8224e97d58cc820228154e4ed6c8961921dc0d472c57338a4e2e54d40fe49948e8b6bb69da09066014e87e88e1d86a0d1d6db594fd33660b9da84718c1ead0b7c8523c5e49b2a73122cabed801c26bab6539617abcff8b2a4677702463d19f4fa6972c0b767e810a3441d22fbd0a61d2f65d0d0eab439768504257722b1aedf9f6555dae7dfdbc2b29ca7575988c0d575603e2446333a4e08ffdcd5bcb172ee46659f28877181049fe5aee30c712ee0f505fc772149a86980d977068ba8e22588737119ea65f7bc7d17d4402b3bf1133b91e4708ce2416493aba2b81c880ac560d0233ff96b85182787743d313577c8fdec045e4ca9c6f54f27d08108d12e616ae9216d0d0c87dc301c8c31526737dc27ebfb83d7983dcf6227d1df22d4ca6f12f12da5409cce41f2e8dc1e2f15b3aae82766f468e6100a7a6b01eb2c001b698c20b8e70b18008c4a8f7cb9de94af3c2b38020a25d396649fa7560a6089947a9bb28eab248d8385185d827f7a9bbad3dacd975eedaa5101a61c52b56c44e223b405016a7278556e699ef66bfad036f66349966120afe99fae16a3b5ee976daaceece1e2df590041e9b9d21c140028c0f802cb8abe81dc13ba2e8c55d1bb1c358d2d144421472f9d86d38aceb56be3d87e6edf76a2eb56ec7a372cf069460bb7ed1e85824ba8e799f74df81544c4b4ce3b43042a18e4aaf85ebbecc96055d32a6edac993f7825a0b1bf5d63e58373cdff4873ee82ec68bcbf13a1d8bd771f7c1df9fe1438207bb02a3eaa9d48fcea314e17a6566ffe2db65eebe2b516a2770385209351654281a7b33d2b4433a7462682e0ddb28719f06ebb8a7c9e38c85d5885f7acfd896edf4b9e5f48c4476eaeb26985c86007098c62767fdabc37dc42f485e468335fe7d11524f2e05e0d2f3e5b4fa905f503da9d90f49ed10838aa7dbb37c870f7afc4a23fbcb590424d1155223fe64038db2d70ca4a860bc185a2df4232a6bc382f2a6928057d750882577d94c9a5dfefef85bbeb5a2ab4bad80644a833dd448c7557eae0989218e8578291b80172b42ccb586f6ef98d422b5c6b7b3fa33db6b8b9b99e849de0c9ef93b8f36c82f6a51eadca0ebdae493fc61e63b5dc55366a0294e268209e3c57a49c6c8853353c40f6d25c36b4fad45a3c65d9a9303e404b95fd284fa02ed62fb5c87e2ef6e25576881c01a1d6aa30353bd1568d5cc51507be935f87b360844d91c4bc461fd735bfda771d3bc57e0b7d3af18405afe18c501c69d3fd9b810431bdad8316e1870c43aeb1b0f878cbe511931e0ee5c71d4b2776a693d36249fc5a7ee1739e407eb7f92344e93aec2a2226365ad6590eed68c10281b355d24012be037b41401cff0c1c9b02d43a8399caa8dbdcd089b8e529cc870774eca28", 0x1000}, {&(0x7f0000000ec0)="457eb65baecdd43568773e1e5d202cd67d1de6d4ea6cf8", 0x17}, {&(0x7f0000000f00)="b5c7e0a96bf036b5ee77abfcff662a0d78ada3776a626fb557c4c3f644ae73320c3d72ad6f", 0x25}], 0x6, &(0x7f0000001d00)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @loopback, @empty}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x4}}], 0x38}}, {{&(0x7f0000001000)={0x2, 0x4e20, @rand_addr=0x64010102}, 0x10, &(0x7f0000001280)=[{&(0x7f0000001040)="e88a1169ce47e82fd1437c7d59bdda2b5cb25a0c5e48eeeb60041a25395f7941abf45148ca549039a9afc1c46d7126cfb08d4285419c549e7faf2dd560418a8c637dbc543c787e2c01a979a5c7763b958501496ac122a5da8e1336", 0x5b}, {&(0x7f00000010c0)="729553a643578b7fafdbe80a6f28eecb69a93473ecc14381bb572822434c94b62e67da50998c284a5c8d81c0e15dc521acee5dfbe45d5f1573f6c82e3f96f767a18a5fb1b2bc961eb1ec051a515d1316641ca1ed5a6ad736dc4f32b39a39", 0x5e}, {&(0x7f0000001140)="50a792700ad24e7086c0f9325a704065834b64aa12a217c08158d1a0f9057bc8f287e78ea4", 0x25}, {&(0x7f0000001180)="43a7cff0c2e01ef91ce116174e50af7cfa32c1c3ae9c1ecf952e0dab52979e95a5fce10dfcf637bf5b219f3e0c9daab274cb6b2cc55b665cd366ece8223cc89ad8c800f0f40acc5cda28e651179c30f4b987cf31caa733ec6f96791375d905acc2c4431b7c83a5e550e9fd10c0384131ddfe85a47c922a72971c67f1b78f198a279ba930a02ebeb130aabc7b10a9dcfa9911e185a63132a585f4f8d5e9359f7f62c8fcdf9a2d4c8add7f1aab97a4ed4c232bc099996d093d87c68f6afccd24505e12d7b6cb544980d36b4e0e249148961c55425075fcd9bd5233dad1615557c8119ec6625ddc0d1b8afe0d225ee05f5f99a1f657", 0xf4}], 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1400000000000000000000000700000094040000000000001100000000000000000000000000f92ddf00"/52], 0x30}}, {{&(0x7f0000001300)={0x2, 0x4e23, @rand_addr=0x64010100}, 0x10, &(0x7f0000001440)=[{&(0x7f0000001340)="9a9871c61b25e5e57171e021cec8f44cb314e195bf8fadb6cbb2a9eda56128f5111017ea099c10dd824319cf3dc6c8cc88beb1ac1881770e0bd53e62a279", 0x3e}, {&(0x7f0000001380)="f2fa2d4bcf0d37cf2ce22e0bb7e9cffe68f986c8b24c08d8d1a17e192901cddbfb66df07217003217b03fe396c56cf4a77744f007d05eb2bb5cf6a00a7ff5d25fc0446643916a348d3a6f31757025613377e1686893eff11f5d23fdcb7d8ed5a3b6fe70f22194dcda4666110a99fc3880ff92c1e73ffde714863712ac7ded47aafa69aa341247f26c56b3e416683f1c6209c15e310aef133e113f6140b74f5db98994ba93cece0", 0xa7}], 0x2, &(0x7f0000001480)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x3}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @local}}}], 0x38}}, {{&(0x7f00000014c0)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x2f}}, 0x10, &(0x7f0000001b00)=[{&(0x7f0000001500)="f40249fcf87418980cabcad8f4199cdf231eb3e42f166eb0fd0c192e0be4735abb22b901c91e68ae223d1e", 0x2b}, {&(0x7f0000001540)="50b4176311ce0dc41eddfc971f809b950f24be414bddc7ca3ff993da7e4cda4d17dda9bb90255d5749eae5cd97b5d885226c19070389b9963b6f4d405e649640bdbc3399b0189b56cdeb1baada365c8227447613a07759f39d737a9e4e2603c699cf26ad571c334c02432c7255e5c107c1ea6bfba728410018d37220f88c8341bc2a7ac78845a99a9a88a2e9912fdcf78990f6c04f779dda3660ac6b9c71e6eb78e99b0ad2b4637277ee127b40429ee9f40f862f3d38f560", 0xb8}, {&(0x7f0000001600)="1cc225b5904f0d03188ae9dfd36d8054b986bac10ba5b64696de62d0c53e32cf825087eccdcab1fc5557a0c50912dffa6987d8f37f18a90281ff1243c8b864075369b44ea81cd3c035241de239cd0427fcd3cd538d78e037335a0db8727f137714ae99b5da30a895845c70c3ac3cb0d9b4a9474127002cbe3f7a20d21422fb93d373f9dece9633830311a09997197f881d7e242d62c87b6ddfb2318fa961a22a7e4c53646a291a3ea45e708490c2c955a8a9050fd3c501c9ac7509693b24d3e4aa8c7fe68ee2bd514a02c998452293d6705a64e2528b339fcac7054b95c64f580ce9392e3a1c85953c24898d41230907a083f4", 0xf3}, {&(0x7f0000001700)="af68b2905cf262846dc05257f81b8b442f7e6d3f6052422dbc07552c6bc478195f062f37fde8be45b6e3c5e34d999686555ce139208650ec039d0ec3b60ade94ea4e1239684fb73cf4f2f17d924ce95ab0434d2b3cff23223ab924cc723ecd41389086c49a798bd8bb35993c0b07bbc5ea2d506d03f6a7f28c662444292f8b0524aadf8155e5db45485ca48d9d60dd06234b7223aa3640c41f08ad017fdd512951553d05dbbe02453bbca76885dd7d16dfdf7faec0f6ad875d3a49fee8e9748ee85b8a81253bc48a56a3d3f5835326b06fbd59d1d260b2250aa17c60650409fbfcc555d4bc60d4b470d435d5f0a49f0ebecc4fe2625c1880e1f9324346bb", 0xfe}, {&(0x7f0000002e00)="9936b37e7c2ab49da855c687ba0c0c245dbfcfc4a8f4a6b0e016371800dd76af2b269680616b159fdcffe1afac80a393268f75e0988346e8a075f4c04522277c15ac58d7fabdb0996f3a7faaa182c82ff420c69cdbc6a54f6f33341b7b40f9e1e08086209c17c416577b4981028eda45501b6fa36ee70b2c74bc53fe17ad720c810cb23ec934d9c20eb7ab30f6f93d027a027f475ef7ba3fb1e37d811d798708a54a856673efa5cc7271615028fa25e9877a5be7148b066d379075bb12565e4e13398c663376c1fe72e8e2b4c2191c246db8fa44d27775630a4d1b36ab53536fae3879a4e682aeb9dd15753f349a3c7e00d6f56e5479533d8d525903536d1b7c9e7f81710cbebbaa5f4685a8b0e571bd37f7a7370e3ff40a46515bd55b800ed5d1d2c938ffccc88a5b6d951da7e39ac7fa2ef02fc584feec103764c40237b4425dee94c0755ed39ff589ae23fa62a7bcb83a35e5191ec7b839f32ef3e7a03230e2857cb8ff5f3466a1c72b4fa7bf70784f1fe1d963cad3cc6b84e60efa1bede17587185862b39deff15809ed949d02cfedbb2c398eb53877d1d26db60f8ae48b14b46acfff9becad312f76c96a7729ca56d086848a95295ef03ee39f1d6932b5704b14d472ed463c06749b7d76d8418b9e813d820e25022822b6111240c83ec704ef0ddf2017bfd10898eb7b14b1779ee1d2e2b0e4aba1b666de9453915dec92bc05b2b47099b510e4f6d737806a4dfafc4c3f781f931bf6f45e2e6f1c3fcecc47b81de2fc989598de3cd5aefc0befcb2fa3a529eb25d76907bbd29927a2df601dceeb50037af4d221e628086411f680924050f1d9f640cdd138cf6a7a78f540f36bb8b110cebb6f0dff7ae900f3c58ff0b24924ada50f147cd9df2c2d1d6f9c9fe59f4344796ab0cb4d34938f9daf1470eb68b1dca89b3e64e6184f0fbb19187b459326f63f4fa8b1517c0e38d7bad9abdb504696a4eb5be0664af20a6458094bddf1239c4fac81da3ac0e62df8af83d0dfef82bb7e19bbf85a72b32ae9e4c29750bf07b7e7e811dfcee7080c7dcbb9c984366cd7da5771b4851908f59bba1ce96738559f8a771428c82fbc4db647730d17edc73f7607eca059b1ea8ddfb8603489b373eee0918edfd612f08839643b8542fdef5971fca0e5f97280024f7b9e04a8478bac99dfb47e7cfb06346321df36133c3fca57b782257be97c767f8e940014b15daf95a1a01357e1804feb362d389aa3c6f104d802c069d5d5690fc99661b9ea49f076306a8212f7870fc7e569ca8f1565c843657ae72f1136cb43e00c0205acde0faf4891c7130a12b1b778d252b02bac44bef7889be04463af6a089d5e279450a5ca0b8d220cb6f2b27bdca8292db654ed6f1b1805c048ba011bd9240be9385136596e0b13014707502db8d27ec38a4ebdf05eb9e34c84f693f008e06d34533507c38789a02b4f847f1f6511ed6febc3ebc9e868530c674c26806bb7be21eb5fb485b20d613cd628c2cf6a57e1720bc199f108b445f0e953b9c700682a93211d0718420538d075863279ee5c70e6592c364d50459313cf8c6420f5dde5e8c7acd97f689b78fdb269e6c37a8ae1408cd0f0cb8b95fe42c6fec01db87de6567d9f5f869cb63e9618d1e158dbf83a07e2d66fc8e0372654ab1e29ee280337b6e019dfbd16866010387548c1c4724c53f785d54f7c19ca977d848ba7f86b3d0a623b7a002d058816c9455774faf84fa84b42f6b5df87660238e31021177b8dc871fbcd5720e6653a54d758b12f4a0f749a14fad297d2f12c5156c26a45331711ea818e0c98100a605bbdce4ec9b3bbbe7ae9daf31f68efeb1e5ae8d828b1eede928812984bc2a214f29544d5043c97ada4a7decd41aa68d4ef0111a69202a8a179c3a98102e7832df9f5d08480caec61fff9f75e8af78b51d86a21ed95d7c3a93cf9b6ae62780dc2cf1d42ab9302f4d2af0623e06c08f52ae740499f24af1394b37bb0825a6a6c11334f3724593ebfe346d6115c2682b0b1161a215cf7dfa182928e704e7d5fb4215bdf824ace5e1674f5ab70973f3b01498caef5d655c587feb0a61b77ef8f70ab18cd70c1d43006e1d153405203ee6f5deb3354200b5cb13af23cb8271f61995e8947abf68be20ba22e393e33d2081677701f1b39bd3250bb53aac442635fe6fc3f020d3a3c97e443be2f3f869534f14fc40a28d6eb28db4f0e20b3e5804274a5ddd0d5c48051dea53380f82db05083eacff4b01efa0f25d0ffdb014cd854acafdb402fc97910c632f036b3083be53408238de5d864edfe3f9707bc7fe82a23dad5588987fe8347af6c28c39f16b684750ff69eae635224e032648cd5eecd44cc52aa0fb3f605221f564c6cb9369f5b5664ec16388c84d1e1004def54625e53263749930fb967c5faaec9dcc093107284adbf007727b347dd21ce2ad933b839b4b372727061370513cfa172a70deed137a9d8ea293fbb86848131dadd094284872fcd8c2f18456393106105995f46b6457cb336d3f9c398ecbb0ef654b933184fedb9e0dfab0a86474128f9405b2df76381cba905a67aa2477f382f6c8c1d4abb941b7f22ce3ad1279205d5936de644ac88edf2ed400e1a4fa001d81814158ad7c227a5e0690984c0e4f9ad981fca81fd069dab74fd9022b0b37e434c1846468fc5f2dbaf8c1fac792872fadce7d7154135bd31b238ed61d9387ec00e61b9ca760a54cca2eafa00c9881031cd8056a234cd6450a2b69ea79be3ffce6ea1bacc554b3570970279e6d1daf8ac794cedb02c90593629e77d1002f464783f39a1d342a1ef6b937a1c86f7e444af97e128e320f4fc11962075cbb98e8023cc1279000486e1fc4467ff9ecc5b928d0160baf39ba15029830ebac8f52281af82f813681125fefe04320f378e972ca53690bb7da4fde39036a4330937ed5c9fe9d0ccd80f30f18c7e36ad5c739bc08b335afb7a35eee83c8a7e7f74c3644a2cf5f40744cef334e37dcf4cb14988de34aa212b8dfbf7de616313b9c5d76aa93b11f805c6c10014d8e70ce1d4e0dff205d8800a950a9aedc8c6d8686fba99dc577a1e5b7cf3120a82b2041792945a30ab715fe5a3996bbb73c6b210caffa4895c0a222c067d74fc2ecab27cd097d297070954d5c2f0e2310ed58501b97dd9977894a46fc885851ae134ac2e2d7c2ab8038ff5bd16e339409ecee69ffdb85b70199d6526f435ca04b0089c42952206fb39596c6dcf64f19d1989c839e19f1a4ae7ef5fb3e02ae43560e3ead3b576bfff4143926b9716d1257626b87aed585dc205d8eec96f31176f53f26daa47d8d86003acd8a10382e71b1bcc39bd31dea4759d9575df82a9037b1855d0e113852569e48b3caa4dc1822907dd4168386d577f33eedd397a7ab5d8bd0c6d9901070064e9963eef68488ca91a7e62ae2953180f5e91f5cac52a261a109700a98f01bf6f6fc561630805e104f7c3c11f6732963248bf87eabd66c1109cdcd037d0aff852227bd4a42a0c1a1f712b5bd52c841616e3204f9a6587e3bde09af4317ae2efd474606bb9b0fd43b7cd1a210e0865faebc66548c034213705e388c8e66985c88d3d9af4075ac29a1ba766a643de7821d469da1338c31b9961341c03af0bbc98c6c433dd0fe071841b5e4760fbd6a9db383e7ae566ae39063cb9f1423e72d19c0c5ae701d1e9642e290573673963d658fb2c1526d8a68a64e45f82ccd8898c703276fe4f687a24fa2dfe260f98d73606d5ebdc9fa4bb72bf802e39ec78f7d099fdb5c3a95bde785e450e624077d0ee63a04eb96317fe99391928502cbf22c414a443b98c7000b41363a48e17756df34cec6463cca631fb39c582c70f7269ef11cadc6aeb14e6b4452273af96960e3b5834631a809b652a21f3077d0d2fb50c761bee632ae5a50074ac83b90364ec14be474f92bce8adc207c569d231b4a36295a65c264aec599fddaacc969893e60e0f249760c6fa84cfbec8e559e277dbb10f29debdafd629a64ca736ba1dbc2ce554115a69a2a595658c65500a768d770062dfc73438fc49e77aa40a9f9140f6ce41b6aabf0ef607b469de31a2b6fc5b69d192559883f63c97277e6e28bcae78a3d75822d6b130935f595a10e9fac40f973548197e4836ba8c9836a6e6b3dad154939fd6a48d198cf5e7b2377c0c874fa94f674d265b669ae6b455e5620d5d9dc639b139b8980f1a032f2bb875702bfb925d3177a00e1a67b42541a2c33048dfc16f45b8baa3658f9b8c022fe149979d0f9f41cba109e9e3f1d43b716a2c3683ce1cd5ade42eef10cc1a854384629266ac832e0db1f5c4ed8ec7ff882af298e63994de66e31008521bb07a879dcd6942df6031a06c04f1079fee30f3402e0ffbf2c7f3492e58155d0d632d422beb989e1cb9c871c62253a2d81c5a7f72197ef272ec29450ff46d1e81ed5d2cd386fac5bf5b7f509ec668b8a2d01045d8e594757d3e3a6c69d14712d6f95c9a71d7c86a116a9c8bffe691a2177ab7a271e4d06eeacf74c3fee5f670c0c95127e92526ab6e60ed87d876777dba1eed259fb5705da8a57b7d73fe02f0feca14d8b23a97ea0ef8b0b08921133314302d51c80e48610167480d1645ca8c2734537a8f3c271979be2409621581ddede19b656f581a8601afedfb2eb908821d0afd8c9e294efa97725f8f3a542ea4232fbf135bfacf86b398e892da5727c0275349c7989d5b88f803714851f8f7bc983d232a1d33dca49b13c34b2108691c2992f6ae0170e41c720eb6567313fe15d2b9e7e64590d7ad5d64095a2dafd016aa9e862cb026bce18819484f90fb4e0dfb2cb9f4c5676c08d4e3f3df17994b38776ab56a284fc14585a61cf81c3ffbed5e7e3016b82d04adbe22c5052da47bf72e7ccac219fe5cd1d0ca96a8fbfa2eddeb65d4f0b8291cf4ed250aad95ce7e2be798508fdc9c11da2e3afa13016a3b99187c383d9460b33bc2661b8661bab4728c6f41174c8d1ddf974981c7564dff57245edb3a2e690e7bac1995c9967ba276c59f181872f6a8c3d569fc14569553ee3772f05f9afcc7153449ac1827496f32d34ee8348486f562e3e40f88a0f4bfdbe568f50df8e07c1cf73ebc2cebb68792499b6d0573b4d1eb44ddde65550bec5af1640460da37f3b23947bb9a846323ca2f57fd6c49d8f784318b71ba50f29d5eddaa26b11e490df575667f2c60984e69bd76b357c12eaa4b69058460e409a1ea27a75ef699374bb30d78ef4a51319d08508cc15c0251cc216787948b288147531388fb3cdb98f1cfbef90fa69d6918b0ca4991a877b3eedb4f6c76a973fe8620fbf7de287571118e1869a664e5487c11937417aa155dcbc4a55ef11a6cf35ccbed4412b2fb1cfb08af0c0c7fac4cbec0207585c46054147ddc9aa06d3f0df95c95b2c5b8cde354506950e67012588652b94c4aa29932e6d50ee5f936393b7d836201a0b043cce8f7ca2cf226cd6a80e71039e3854a20f9f6db1c471e426d947573e500dc5d8e3bd29a32d80c1f5e8e0964eef1a28a29328b2598d6f5efb30847f9ee6b5866195eab1c191d4b1277b2c4b22772bf4e79d105f8e7afd1245755e6a7e1a0d18a9dd3455f2d51a6684d25ca7d1d565f667d54bdc1c3ce635e4f466fc1387206ecd9fe298670e2c23bf897f1f19ab4ac6297797ae806499fa1eb7614dc843d570fe3bbc3bf434c8d42bf36fe8ab162067836b796343561c3a4e036db90c38bd0d8190a89e66a641fbee8eb8b48b7062bb158eeccd246b4087adb29a926f4663eee7c49", 0x1000}, {&(0x7f0000001800)="47363cbd38e1f5e642a254dfbd828a6364e8da4df29ecff289df034c6da83b296b5bf0eead0af3a418ed3d60ac80404bf44974cdc1a545eb7412ee589ca60f71e5dd9ae4e459148cfd73d30552103b96462ea2724dc57c554d8b9e513e66d4d2b1fe3f5ee5db96e123efdf5c7b428f2ca2be3fd152972da8346a9fcb96c943b5139b88ace99f8114e613865c8817223d92a7b154a8162e817e30975a308d057c5e53c7821976c6bea4bcdee35d2fb4f72a32b4d857749b184bd3f5708ceee16833a938ef54338a90dbfe86b92f24c943a33096e3a95da6e8a8fb3ec3e9c40e2380b2f441e88767", 0xe7}, {&(0x7f0000001900)="21a43a71117af68ca1053cff1343f4e2c3a327acc5e2ec5171938bf4f2b89cddf2dd57986e1890ba34c3dd34d9d30eb813666dd6eb30c84931575f8513e79c9e3cce1112072d43d84f4dba9a4e0556140a39695c8c4dcba095328ee21bcbb0d46703d67840b0df24ea94407a0cda44cb562855bb612207588728c50612c7f7e7bd85264c4bce08eb39bde248dc", 0x8d}, {&(0x7f00000019c0)="bcc853466f82527029c0b962d1102d7f8a99c171e68bd455081c215d8482f143a2c12e234afa4ab2053f5e0d052023085ac9e55626db724e07cfc9136531170bd53d8e7a49d2433da9669c099b0dd8994dc77685d6903958018dd6fb142b61659c59fe8f511be9", 0x67}, {&(0x7f0000001a40)="ae267bfc480f799281ab88dd87de023bb0aabfda570c6720cdc0e2f33c318538f72d99c8ef57793c1d10b30e818d3de8a768782f0facc1ada016dcbba6d3796ac168e63bd987eecafca20c4df36c296732ef499eb774b84758f87d6b4d02c13ad802525531086cf8053ba24156457bbedcb5d7810a9e50b005785f87e61be2237535604e7c99aa13aae01fc50be1a679c794f99ba7fa342b2d6275b72af9d9e7c7d5ecf523d0c76848949163cbc63eea65fe4e45231cd8263fd1e3cb", 0xbc}], 0x9, &(0x7f0000001bc0)=ANY=[@ANYBLOB="1400000000000000000000000700000000000004000022001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414bb640101020000000011000000000000000000000001000000060000000000000014000000000000000000000001000000fbffffff0000000011000000000000000000000001000000df00000000000000140000000000000000000000020000007211000000000000"], 0x98}}], 0x7, 0xb0f04878014ab1eb) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:07:53 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x7ffffffff000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:07:53 executing program 5: write$rfkill(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, 0x2}, 0x8) [ 1832.592362] FAULT_INJECTION: forcing a failure. [ 1832.592362] name failslab, interval 1, probability 0, space 0, times 0 [ 1832.594458] CPU: 0 PID: 10298 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 1832.595552] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1832.596844] Call Trace: [ 1832.597278] dump_stack+0x107/0x167 [ 1832.597872] should_fail.cold+0x5/0xa [ 1832.598506] ? create_object.isra.0+0x3a/0xa20 [ 1832.599236] should_failslab+0x5/0x20 [ 1832.599852] kmem_cache_alloc+0x5b/0x310 [ 1832.600497] ? mark_held_locks+0x9e/0xe0 [ 1832.601140] create_object.isra.0+0x3a/0xa20 [ 1832.601828] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1832.602628] kmem_cache_alloc_bulk+0x168/0x320 [ 1832.603353] io_submit_sqes+0x6f76/0x85c0 [ 1832.604040] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1832.604827] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1832.605597] ? lock_downgrade+0x6d0/0x6d0 [ 1832.606242] ? find_held_lock+0x2c/0x110 [ 1832.606901] ? io_submit_sqes+0x85c0/0x85c0 [ 1832.607592] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1832.608349] ? wait_for_completion_io+0x270/0x270 [ 1832.609117] ? rcu_read_lock_any_held+0x75/0xa0 [ 1832.609815] ? vfs_write+0x354/0xa70 [ 1832.610400] ? fput_many+0x2f/0x1a0 [ 1832.610981] ? ksys_write+0x1a9/0x260 [ 1832.611585] ? __ia32_sys_read+0xb0/0xb0 [ 1832.612228] do_syscall_64+0x33/0x40 [ 1832.612818] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1832.613597] RIP: 0033:0x7fe5a49a6b19 [ 1832.614181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1832.616928] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1832.618108] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 1832.619189] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1832.620267] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1832.621333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1832.622417] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 [ 1832.712826] FAULT_INJECTION: forcing a failure. [ 1832.712826] name failslab, interval 1, probability 0, space 0, times 0 [ 1832.714001] CPU: 1 PID: 10305 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 1832.714530] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1832.715206] Call Trace: [ 1832.715413] dump_stack+0x107/0x167 [ 1832.715697] should_fail.cold+0x5/0xa [ 1832.715989] ? create_object.isra.0+0x3a/0xa20 [ 1832.716330] should_failslab+0x5/0x20 [ 1832.716650] kmem_cache_alloc+0x5b/0x310 [ 1832.716959] ? mark_held_locks+0x9e/0xe0 [ 1832.717289] create_object.isra.0+0x3a/0xa20 [ 1832.717619] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1832.718007] kmem_cache_alloc_bulk+0x168/0x320 [ 1832.718389] io_submit_sqes+0x6f76/0x85c0 [ 1832.718739] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1832.719114] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1832.719476] ? lock_downgrade+0x6d0/0x6d0 [ 1832.719817] ? find_held_lock+0x2c/0x110 [ 1832.720123] ? io_submit_sqes+0x85c0/0x85c0 [ 1832.720484] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1832.720845] ? wait_for_completion_io+0x270/0x270 [ 1832.721252] ? rcu_read_lock_any_held+0x75/0xa0 [ 1832.721606] ? vfs_write+0x354/0xa70 [ 1832.721890] ? fput_many+0x2f/0x1a0 [ 1832.722190] ? ksys_write+0x1a9/0x260 [ 1832.722494] ? __ia32_sys_read+0xb0/0xb0 [ 1832.722813] do_syscall_64+0x33/0x40 [ 1832.723118] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1832.723499] RIP: 0033:0x7f3acf5e4b19 [ 1832.723803] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1832.725148] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1832.725776] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 1832.726304] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1832.726846] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1832.727427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1832.727956] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 19:08:08 executing program 5: write$rfkill(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, 0x2}, 0x8) 19:08:08 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x8, 0x0, 0x2}, 0x8) 19:08:08 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 58) 19:08:08 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x80000000000000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:08:08 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001d00210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:08:08 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000001007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:08:08 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:08:08 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 39) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) [ 1847.594499] FAULT_INJECTION: forcing a failure. [ 1847.594499] name failslab, interval 1, probability 0, space 0, times 0 [ 1847.596491] CPU: 1 PID: 10328 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 1847.597668] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1847.599079] Call Trace: [ 1847.599528] dump_stack+0x107/0x167 [ 1847.600186] should_fail.cold+0x5/0xa [ 1847.600945] ? create_object.isra.0+0x3a/0xa20 [ 1847.601810] should_failslab+0x5/0x20 [ 1847.602472] kmem_cache_alloc+0x5b/0x310 [ 1847.603172] ? mark_held_locks+0x9e/0xe0 [ 1847.603876] create_object.isra.0+0x3a/0xa20 [ 1847.604622] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1847.605483] kmem_cache_alloc_bulk+0x168/0x320 [ 1847.606258] io_submit_sqes+0x6f76/0x85c0 [ 1847.607017] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1847.607844] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1847.608657] ? lock_downgrade+0x6d0/0x6d0 [ 1847.609354] ? find_held_lock+0x2c/0x110 [ 1847.610048] ? io_submit_sqes+0x85c0/0x85c0 [ 1847.610794] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1847.611620] ? wait_for_completion_io+0x270/0x270 [ 1847.612432] ? rcu_read_lock_any_held+0x75/0xa0 [ 1847.612826] FAULT_INJECTION: forcing a failure. [ 1847.612826] name failslab, interval 1, probability 0, space 0, times 0 [ 1847.613203] ? vfs_write+0x354/0xa70 [ 1847.613228] ? fput_many+0x2f/0x1a0 [ 1847.615475] ? ksys_write+0x1a9/0x260 [ 1847.616124] ? __ia32_sys_read+0xb0/0xb0 [ 1847.616814] do_syscall_64+0x33/0x40 [ 1847.617435] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1847.618285] RIP: 0033:0x7fe5a49a6b19 [ 1847.618905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1847.621945] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1847.623212] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 1847.624382] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1847.625554] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1847.626739] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1847.627914] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 [ 1847.629122] CPU: 0 PID: 10332 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 1847.629785] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1847.630571] Call Trace: [ 1847.630844] dump_stack+0x107/0x167 [ 1847.631197] should_fail.cold+0x5/0xa [ 1847.631563] ? __io_queue_sqe+0x666/0x9d0 [ 1847.631967] should_failslab+0x5/0x20 [ 1847.632330] kmem_cache_alloc_trace+0x55/0x320 [ 1847.632769] __io_queue_sqe+0x666/0x9d0 [ 1847.633158] ? io_issue_sqe+0x7700/0x7700 [ 1847.633568] io_submit_sqes+0x4461/0x85c0 [ 1847.633998] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1847.634495] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1847.634983] ? lock_downgrade+0x6d0/0x6d0 [ 1847.635380] ? find_held_lock+0x2c/0x110 [ 1847.635777] ? io_submit_sqes+0x85c0/0x85c0 [ 1847.636325] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1847.636786] ? wait_for_completion_io+0x270/0x270 [ 1847.637241] ? rcu_read_lock_any_held+0x75/0xa0 [ 1847.637681] ? vfs_write+0x354/0xa70 [ 1847.638036] ? fput_many+0x2f/0x1a0 [ 1847.638379] ? ksys_write+0x1a9/0x260 [ 1847.638765] ? __ia32_sys_read+0xb0/0xb0 [ 1847.639161] do_syscall_64+0x33/0x40 [ 1847.639515] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1847.640002] RIP: 0033:0x7f3acf5e4b19 [ 1847.640358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1847.642094] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1847.642830] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 1847.643504] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1847.644176] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1847.644841] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1847.645511] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 19:08:08 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, 0x0, 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x2}, 0x8) 19:08:08 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x9, 0x0, 0x2}, 0x8) 19:08:08 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001e00210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:08:08 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000002007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:08:08 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0xa, 0x0, 0x2}, 0x8) 19:08:08 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, 0x0, 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x2}, 0x8) 19:08:08 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 40) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:08:08 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000022000210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) [ 1848.093928] FAULT_INJECTION: forcing a failure. [ 1848.093928] name failslab, interval 1, probability 0, space 0, times 0 [ 1848.094949] CPU: 0 PID: 10360 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 1848.095523] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1848.096208] Call Trace: [ 1848.096443] dump_stack+0x107/0x167 [ 1848.096766] should_fail.cold+0x5/0xa [ 1848.097097] ? create_object.isra.0+0x3a/0xa20 [ 1848.097487] should_failslab+0x5/0x20 [ 1848.097809] kmem_cache_alloc+0x5b/0x310 [ 1848.098164] create_object.isra.0+0x3a/0xa20 [ 1848.098522] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1848.098952] kmem_cache_alloc_trace+0x151/0x320 [ 1848.099335] __io_queue_sqe+0x666/0x9d0 [ 1848.099663] ? io_issue_sqe+0x7700/0x7700 [ 1848.100009] io_submit_sqes+0x4461/0x85c0 [ 1848.100358] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1848.100771] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1848.101168] ? lock_downgrade+0x6d0/0x6d0 [ 1848.101506] ? find_held_lock+0x2c/0x110 [ 1848.101841] ? io_submit_sqes+0x85c0/0x85c0 [ 1848.102200] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1848.102595] ? wait_for_completion_io+0x270/0x270 [ 1848.103000] ? rcu_read_lock_any_held+0x75/0xa0 [ 1848.103381] ? vfs_write+0x354/0xa70 [ 1848.103689] ? fput_many+0x2f/0x1a0 [ 1848.103986] ? ksys_write+0x1a9/0x260 [ 1848.104295] ? __ia32_sys_read+0xb0/0xb0 [ 1848.104635] do_syscall_64+0x33/0x40 [ 1848.104943] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1848.105360] RIP: 0033:0x7f3acf5e4b19 [ 1848.105660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1848.107158] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1848.107778] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 1848.108357] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1848.109047] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1848.109639] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1848.110215] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 19:08:24 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xf0ffffff7f0000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:08:24 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 41) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:08:24 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r5 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r7 = inotify_init1(0x0) r8 = inotify_add_watch(r7, &(0x7f0000000040)='.\x00', 0x2000003) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FALLOCATE={0x11, 0x59f5ee0a7c70a1ba, 0x0, @fd_index, 0x3, 0x0, 0x8, 0x0, 0x1, {0x0, r9}}, 0x8000) r10 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(r7, r8) pwrite64(r10, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r10, r7, 0x0) r11 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, r10, 0x8000000) syz_io_uring_submit(r11, 0x0, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x400e, @fd, 0x2, 0x1ee, 0x5, 0x4, 0x0, {0x0, r6}}, 0x7) syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_WRITE={0x17, 0x1, 0x4004, @fd=r5, 0x4, &(0x7f0000000340)="54fb03d6c15f59a891c3d2d8ab4840a6e9f3d4ac8f2fbff54f34863712e4e10ec9b1b45b3a29a5b55d96fc98e3779a58870ca9d0276b7a37cd4a7ba6ee551b2b19659dc3ff03a547be19a36e2cfe3e313ea33394a099e23c1f52f3e27e34346335ee6d819d9b55843abf52a3f69417002c1ffd586adf84df8baf8ff588a39ec2527e7d6e1760039574ffa374e10dcff59412abeae6ad2e3d45cdd2e3f5df9a2fb06467af57366b08a51821e041406ff3acfc3e3ea13428542c86c54b4fcb3cc27f6d1920f17ff86b2a491f48d571f1c88435773395516273e21c55cacd01a781fccd4a24078ed2789fef2c13468c14f09a727fb855024fa5d8ae9c", 0xfb, 0x1e, 0xa8b8f589937bf95, {0x0, r6}}, 0x3) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:08:24 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000032000210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:08:24 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 59) 19:08:24 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0xb, 0x0, 0x2}, 0x8) 19:08:24 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, 0x0, 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x2}, 0x8) 19:08:24 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000006007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') [ 1863.781042] FAULT_INJECTION: forcing a failure. [ 1863.781042] name failslab, interval 1, probability 0, space 0, times 0 [ 1863.782667] CPU: 1 PID: 10378 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 1863.783490] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1863.784453] Call Trace: [ 1863.784770] dump_stack+0x107/0x167 [ 1863.785201] should_fail.cold+0x5/0xa [ 1863.785648] ? __io_queue_sqe+0x666/0x9d0 [ 1863.786140] should_failslab+0x5/0x20 [ 1863.786586] kmem_cache_alloc_trace+0x55/0x320 [ 1863.787121] __io_queue_sqe+0x666/0x9d0 [ 1863.787587] ? io_issue_sqe+0x7700/0x7700 [ 1863.788080] io_submit_sqes+0x4461/0x85c0 [ 1863.788599] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1863.789174] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1863.789744] ? lock_downgrade+0x6d0/0x6d0 [ 1863.790224] ? find_held_lock+0x2c/0x110 [ 1863.790712] ? io_submit_sqes+0x85c0/0x85c0 [ 1863.791236] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1863.791805] ? wait_for_completion_io+0x270/0x270 [ 1863.792378] ? rcu_read_lock_any_held+0x75/0xa0 [ 1863.792927] ? vfs_write+0x354/0xa70 [ 1863.793371] ? fput_many+0x2f/0x1a0 [ 1863.793806] ? ksys_write+0x1a9/0x260 [ 1863.794247] ? __ia32_sys_read+0xb0/0xb0 [ 1863.794739] do_syscall_64+0x33/0x40 [ 1863.795177] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1863.795776] RIP: 0033:0x7f3acf5e4b19 [ 1863.796221] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1863.798342] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1863.799241] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 1863.800070] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1863.800902] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1863.801741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1863.802559] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 [ 1863.835151] FAULT_INJECTION: forcing a failure. [ 1863.835151] name failslab, interval 1, probability 0, space 0, times 0 [ 1863.836607] CPU: 1 PID: 10383 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 1863.837419] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1863.838390] Call Trace: [ 1863.838714] dump_stack+0x107/0x167 [ 1863.839171] should_fail.cold+0x5/0xa [ 1863.839637] ? create_object.isra.0+0x3a/0xa20 [ 1863.840200] should_failslab+0x5/0x20 [ 1863.840649] kmem_cache_alloc+0x5b/0x310 [ 1863.841113] ? mark_held_locks+0x9e/0xe0 [ 1863.841590] create_object.isra.0+0x3a/0xa20 [ 1863.842105] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1863.842697] kmem_cache_alloc_bulk+0x168/0x320 [ 1863.843229] io_submit_sqes+0x6f76/0x85c0 [ 1863.843736] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1863.844300] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1863.844866] ? lock_downgrade+0x6d0/0x6d0 [ 1863.845337] ? find_held_lock+0x2c/0x110 [ 1863.845820] ? io_submit_sqes+0x85c0/0x85c0 [ 1863.846333] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1863.846895] ? wait_for_completion_io+0x270/0x270 [ 1863.847447] ? rcu_read_lock_any_held+0x75/0xa0 [ 1863.847981] ? vfs_write+0x354/0xa70 [ 1863.848416] ? fput_many+0x2f/0x1a0 [ 1863.848833] ? ksys_write+0x1a9/0x260 [ 1863.849270] ? __ia32_sys_read+0xb0/0xb0 [ 1863.849749] do_syscall_64+0x33/0x40 [ 1863.850175] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1863.850770] RIP: 0033:0x7fe5a49a6b19 [ 1863.851201] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1863.853282] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1863.854154] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 1863.854963] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1863.855793] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1863.856609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1863.857415] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:08:24 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0xc, 0x0, 0x2}, 0x8) 19:08:24 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000042000210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:08:41 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x2}, 0x8) 19:08:41 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x2, 0x0, r3, 0x0, &(0x7f00000006c0)="f5fa3f87308b79be273ac60410e02e6c9e80769a0681a40d3bf158b00e3375852f22ab80ec74beee46074b3d42ff8e1f9f3f9e1e8201018b0951a616abc602641f8679f1398017fea4a13506e2d090f34d234d097e496b3a520418745505d872f88f946e0ce7ffc1b063a2fbcfa81b459bc7db4f91dd519146baa0471cb2dbb06935cae6c4431df67964e0b8b8ac9153f35e76803b4f254239c304130f615e4c4939de8ebcecac26dacc79888d3a8a62e12746afeb50965eabc6d87f4a6989188176473d6c451f262e2adbf204eaae6b154199fe43cd9c412f37a3861ec77599bc649a826520dc8bf8161a260a365d100e991c95ef01284885bf3f551a39cacb345932e0a6ad0cf29ecf647a2307e1caaf3d440dd1d6283ce039e04bb1a50c6ab95815dcb06ff5f024f7a277cac6a3061cc60dd184798ca4d79be694709ceebfbce8ef2dbf61a0cffbf04d96de6d88af5cd979ecac0ffd8ca9c56d8997b9ab80506f8066b21b6c0ddd5bc4cb0b24daba1a4eb9c7a283b81c54babf2758955af75b74322b7b3d77047cebbbfad585c0cd06513a8e032d842f5c5ae4e6962ec2e1590c606c7089e3c4790157087195a3c356525962d130a5d686e5bd8045ae9c2174a064ed6c1c1659d9eade7506bd75c3f5725fac6fef40a4b752de4eb0cf987e001f641ba9b10c7dcedb462bcdba53de8dcc13be83dd20881aaf7b6e1a759aaa6f8c7d72a1a065ffd60f2bfeaf1032fd980ce862138b6dd974fe69f2ceefa2305f65c9877f12ab89934346e7d636653d0015d5e982b1b49cdd075437b90c057f3ff12dfcf2ed0afe0d5217280bb0d5a8ff2cf0078faff3445e6c0539d84d537da99c60a97826ce24c670c97d69c6254a01c60a86e75628a7ff350cd3fe81aa09dcc5cea63b6171fe249ff70227e6b5fa36f992b52d7cc88055220266c0d8eae0537f42730f1b2c28d09260c6b726211005a715dfb6dcc435c89275ac0e4a089b53eac1664ad1f2553a28e08d2861f437e950f0f6cbbeae5c137932fb27e16edef8c05923ef8de6ba08980b97fa41238bdc76a09f6acff34640d3ef558d2b069d176b5acfaa3004fb55943808a9a5d87bd1b53c68c238fe10c5af8f76673929b474e04a54a833b19b0450f16edd7d5ab771f9630d551c53dac137c965af4bd022a29a973b0a5f3cadb2f72d5e6e161c14195b871cfd1b368fbd4da73261d57b0901320d96b49ba19113c3e62840b91702bbeeaa3280a162ae5da7bb7a237630dea216a3baf6dd474c9ea2add699a187c7d0e997521fc70548990a33689f15a672e226265116cd4cc471a2b8e0d4498846b9cc6cef830ca7d5ed3e1bf87f62a6727f850dc8fa22e9a2908d5d81d1e80423ea0cb264e902ed460ff950382283584fab1b7b6b3342c22a48ce740880e7af7530334f5d5074bc4314ed7ea1c5bd237d983de311294e946d4798db61eb30ef5cef71cd2c004f068be012147db745c64c1c36a3a884d991d8fba4249533ddfc1f27d38cb943e8d769eee39ea13d75fc5bd7d6140dbf619921b60862961f032a5eefb5581b192be8565c2d6648d408c18ba196cd28bd631a0d9fe94b574294d31416e99420212175168f7cb5b417e2ea776884752a442b2bf5f2a48e91b189b430f47800256bab792553f3d967e39e21c7b8fde58a4029c6139bb1333e1874bda59ed32db6000a12aa3076db902d27c631e31a76e41551316e46b7bb84bea5ada7388a0bf51f22cae9d89d605c027bf2e0e9b8b3eec55a0112e507fc771fd87d8f483dd0a8e8fbc3174c4a3535e06ac802f473a75e787d9d8dd575b335c8e7cd2824ad1c9aedee835c00bd44e9abf4cc4247b1d718fdf2a440b4c1a03ddfab7daf9c0c2c6e673236a4512e9f4b76a2bcf4df81f77c462aa3e002fa7a99e36101d9d278767fddb3a7daf4a65ef0c225a042c94a85034b1d263deb94360fedac839341ddfe9060bc74e0bc2e5fb3906c4947f5603e3c54d3bd7a6681ea923272995c71cc92ca469806ec2dbb0a3edd82ab56cb8bb30b84a7582b1d8151477effb33b233f1ae3a576b9846043e49514947ebfd7ab6ae251a29b256e169f1c4a452a81208d4cf68577008f150131dffbee8450bedc4402d2666f698b8573f9fe8a42c2ca810ad2b5cba29b1d196f9b8dc54a60b56f8fe77634c034ba042a0a7e68b181cf60622a6b1f538acbf06d33986e5a4dad327617bdd79014e95e3f15d2af17b64ff915c01aeb38b43a04fac2c038fa29cb177760b0295d7e73c6361f332617ec272ede48f0036db7cd819c3f5606de9916b5899fcd7120ef73d0074921b18290b49776855252a807500012ed55b4f9a0c9e585836af1946f84e0c493908c8b701a811a81252b3dac5d052228082ecd713285d9512be0b9bdf59052294108e09b0c24a7cc366dfeb45983ca25503f8b54d2f168d847bf83586dac9a2729e7a994a96ccc8c04c6b92ba223cbb7fe34bd930695b79122b06df234a493e368af1f78c8bf01b0ad4c8cc35c65ed56982052fbc0af0b4afb7cde3e4c505888104b6be934e32590f188dff0ab96955832459a949c4645787b9c8e994287752cd8461592d8b927953a87c069b14abb4291c590006f02e7da1a1bfe1ebb367c1a9a3ec743669bc05f5c7441a9c8a8fb1789fb280c60ce8d56c58d90422d81b76427242e03473350778e51cd21adb7bab23dedf3c9418baf7477f7925dc9f03df198d36395acf653edb6a096e69d232c3a354d816af111fe61acc80c40a6d79e058a0a07a0e9a805b604d3bbae635380154fe14baae59127f3e95daaea488f93b7d2d4d2cd31d181c994bba04087cd5f2b93722e9ef5e7a82060c14120ac8db6fd2a98902e5f9860fe29289d9aae3ee271651406eb037bca86570578a945aead6b564b5b753bdb93b0c1b4003e8130e56c1c8e0a43949ec577328dad4d064ab2df9e5cc6ba21e93dcbf07c2ca49b7466701b5d96d46f1cbbfafba9f14bee2543b9cdd4875a8179d49da5bdb61b372bd20adfe59f7db2f68236941ca8fbaef3b279803a7df86dc2f9f97618185b339bb550d28172db35bd4a0d4e1f65b780eccd8c6255a442c3564cca60b0accc61c3b3fe2993fc2fad23560416131e09acd4435f614d39a999d05aee641980dac14217f50b68a31e557248d22825c22e7e6a9da1c6d272ff415c177a459265fbea5b7ce96bcb749bb2b754ebba282a24204b60f0b81ee3491f1069ce4c9e6e9e25cfb5bf2bf809c2b439ea8cdfe3e6922a0168247a46af130fab4800f456b9d12d0fd3fdaae29f2d66a3b3da70450d6dea1c580f53c523b3af612bc93eecb95071d102b1145befcd50d97a5f7c5d6e60492f57cf203ad55f9371cc6847886d4db1dc7cdcd91fcf480a8cc4d01983fb036b8fb4e2554bced360d88674bf730c5391434ce4bf1acf193eb23b749605b25be2a8c78e96e8144a955d5284940f8816013b2e5e51f2551345aa3066e65ece6803dedd4e3df0d662cb6d83b27857bce6b2a8ebcd5b8a59997727271f7cf45cae5b78a73f1a3a6ceb52a5ead623f54770e6381ddb8fba9bb38af1d18e71d8ef2eeb284c15bccf60209105a40a8c510fc8474c86963d3989d55b1d72159759de1475c4d440c93398f26bb9f0ee5f9b9149e6aa16b806c5f095a4379e325e9e400261c0c7a5d17dafd1fee86d48951085953a4a47eb828264199b58828b8b7f0c66dd27cf2c49a48a4f65b0d8a48819f81d9e2ca1bde32625d9da5df7246ebf31b2fc5e47d22735940b239d3d86851ac27d3451fcd0715f8e6372254fb9016cc1139e4423eb4185d5f0027c7e2bf1c2a94ecf4919e2eb2dbc836750584e2e865b773c45f4fc33d94cd78d1947d5249d7a0693d6e8bd33dc6d88594ea418ce20536ada65226c07d882c65c70209e3895508f4910c879c18d15a2a89cb338f589adc75cb3c57f3034fd5e0ad6bc313f1da551f29e2776a8b8fe0e44e809bb1daa5abb9d8aace7e377e223a5b50cd62f17339f578dbae0a96d52ed65b38c181422c910b4834cdd8a78c432f1bbb1e4c4c3992b5ddeaa33704619618853d42870c034a5e19b3b000a65cb84290426cf29f91d313593e7fa2553673e88503cb7876eac231e06501b0393393584235eec7b27915ec2cf5bf2b5c763faafd778adcb9387ac998c61509694133dc59def8da5babd32e5a1f53746315325ca7ddbfa895f22f27d2718391dc08c4ff434b99fd69cd40c53b821ce1b0221566452ea615920a1e69647b83e0902b0ce61dfc2638cdb73e5ae2649e186d7f1c17998e5b6a3ebf03338119e5e62d5d8aa00fb2148477da0ae028b121772864742093b3da3900e85a830d0ec64677f1bc97cc89a8113da910c64895707713d115a4acdd589cb8bc58f17feccd41a1558a4934f89b00e5b92af49d15edb98262c4f23c24a23bcb4f28554aaf46603d166aa662c5d60797f897cf267327939943b26a29b1abd28070e93f509d3b02ebd46d2f8783f9b5218b893ce35bf56e0f428de6d2355bd8abc2af21f89752d6f649861e21c1f0ebd5028c2f7e178e3d2fbadaf9547297b0cb1209a5ab4ce3fdcd180b8d6a2216414827cc11e1ee4fc60439967adec59275f084fd06a9a8b4904af0d45f4a1d86f7b1b9dd6379318299e976523f4b098c3d04dee1229d2118b675cc8f43df7c3d6794d39bf7c51f48a8b1e593ffb584950cea3f4dcf4f78745f0be5ed55c511162410a15197f198e2041d508741720e068a266456c7186f55fdff4046ecb6a6b0d1e1c1b0f9fe0788d622fb7014047887f39bb23ef630e518f1095853626e0f48a416106e5247b209c1f01dfaa9370e77b0ad33b26079e4f16f01cb7e0dcae7249d55ca76621b0ea7c1e80abac85849153be1c286c161a1349cfa526199a1f071a8024e788d1cabde67388c520b4b74490cef2f6095e32e183499e7fd6b3bc1752742ae3552d41aff39344100809125aa8d3c1a59bc86f39e88f9a791e8a0cd8d44ef06711a0c68d401067aabc1d6c4fa40303c8376399e3afbeb1d42ac1e33d3e7d8d80d3b31f0a58bcba82927119f14d369c40b6e7958b114a186e4e74b4f720eca2af489515c6a2481215c22847b36a82e2f0ab6138579722f2a36953da846c43164bf392bb677c37d1b57d06b1210ff80e4f53203e3fda633adab7fc628fd0fdd96a257a7625c31658d88e7164838498c70a36b511df871c3acb5b722df2fa559ce09faf5fa6c153027701adb1383ed59bebbf64ed85049177243ffc0f349faf50cc713d75f6ab70fbf44adce542c4ce73a93b32c530c0b8da332c4d1217bd10586ee87190ab1b1784c42172cd79405a82bed95f00f2ddb0d916088148aeacc18b5473d187c61adcb779e642dfc9639079e3869b15f4fca4a9c98dd83d7b0cf42bc6bf18db7cb5aa6b606a72ea5e4aef9d27da88815fe72a3d735835937e06cfb35d5fd5cb91ec55e47f1c3bcddb56283b731ae3215eca5256570a6401b62e8620b9283e7a61f52f88159719ec9d54ba322875c6a447cfd8ffc6f375ca889b5c32cecca514c9cbf9bd7ad51045b25d73f2b65e1d02bc1682742d35e082c6c58fade0894f4431215c24aee37c539694619a085226a5bf85b65770426c19be565af0aa8b9fdd7be73449786586848f6e5ad24030808e050641f5311b2ad06f8325d458cdb753624fc29785c69d358d22914b7f7587c1a69c38cf64a0cfe4174f9c02e9df89497d115d5b859c8d139c6cc8eaf76b8ee4d195bf02d1130649f94a887801b45158fc68856aca7e", 0x1000, 0x12121, 0x1}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:08:41 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 42) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:08:41 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x2000000000000000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:08:41 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0xd, 0x0, 0x2}, 0x8) 19:08:41 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 60) 19:08:41 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c74657200000000ffffffff007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:08:41 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000052000210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:08:41 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000062000210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) [ 1880.193791] FAULT_INJECTION: forcing a failure. [ 1880.193791] name failslab, interval 1, probability 0, space 0, times 0 [ 1880.195872] CPU: 0 PID: 10420 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 1880.196959] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1880.198160] Call Trace: [ 1880.198558] dump_stack+0x107/0x167 [ 1880.199110] should_fail.cold+0x5/0xa [ 1880.199676] ? create_object.isra.0+0x3a/0xa20 [ 1880.200352] should_failslab+0x5/0x20 [ 1880.200911] kmem_cache_alloc+0x5b/0x310 [ 1880.201516] create_object.isra.0+0x3a/0xa20 [ 1880.202168] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1880.202919] kmem_cache_alloc_trace+0x151/0x320 [ 1880.203617] __io_queue_sqe+0x666/0x9d0 [ 1880.204211] ? io_issue_sqe+0x7700/0x7700 [ 1880.204845] io_submit_sqes+0x4461/0x85c0 [ 1880.205498] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1880.206231] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1880.206946] ? lock_downgrade+0x6d0/0x6d0 [ 1880.207566] ? find_held_lock+0x2c/0x110 [ 1880.208170] ? io_submit_sqes+0x85c0/0x85c0 [ 1880.208817] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1880.209527] ? wait_for_completion_io+0x270/0x270 [ 1880.210233] ? rcu_read_lock_any_held+0x75/0xa0 [ 1880.210906] ? vfs_write+0x354/0xa70 [ 1880.211712] ? fput_many+0x2f/0x1a0 [ 1880.212370] ? ksys_write+0x1a9/0x260 [ 1880.213047] ? __ia32_sys_read+0xb0/0xb0 [ 1880.213783] do_syscall_64+0x33/0x40 [ 1880.214431] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1880.215354] RIP: 0033:0x7f3acf5e4b19 [ 1880.216012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1880.218719] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1880.219842] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 1880.220881] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1880.221925] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1880.222971] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1880.224023] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 [ 1880.229803] FAULT_INJECTION: forcing a failure. [ 1880.229803] name failslab, interval 1, probability 0, space 0, times 0 [ 1880.231952] CPU: 0 PID: 10415 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 1880.233096] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1880.234306] Call Trace: [ 1880.234708] dump_stack+0x107/0x167 [ 1880.235270] should_fail.cold+0x5/0xa [ 1880.235855] ? create_object.isra.0+0x3a/0xa20 [ 1880.236544] should_failslab+0x5/0x20 [ 1880.237114] kmem_cache_alloc+0x5b/0x310 [ 1880.237727] ? mark_held_locks+0x9e/0xe0 [ 1880.238327] create_object.isra.0+0x3a/0xa20 [ 1880.238985] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1880.239741] kmem_cache_alloc_bulk+0x168/0x320 [ 1880.240419] io_submit_sqes+0x6f76/0x85c0 [ 1880.241070] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1880.241800] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1880.242517] ? lock_downgrade+0x6d0/0x6d0 [ 1880.243133] ? find_held_lock+0x2c/0x110 [ 1880.243751] ? io_submit_sqes+0x85c0/0x85c0 [ 1880.244389] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1880.245113] ? wait_for_completion_io+0x270/0x270 [ 1880.245849] ? rcu_read_lock_any_held+0x75/0xa0 [ 1880.246533] ? vfs_write+0x354/0xa70 [ 1880.247098] ? fput_many+0x2f/0x1a0 [ 1880.247645] ? ksys_write+0x1a9/0x260 [ 1880.248218] ? __ia32_sys_read+0xb0/0xb0 [ 1880.248837] do_syscall_64+0x33/0x40 [ 1880.249388] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1880.250155] RIP: 0033:0x7fe5a49a6b19 [ 1880.250718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1880.253405] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1880.254527] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 1880.255578] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1880.256617] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1880.257663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1880.258693] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:08:41 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x2}, 0x8) 19:08:41 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0xe, 0x0, 0x2}, 0x8) 19:08:41 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720002000000000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:08:41 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000072000210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:08:41 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r5 = open(&(0x7f0000000480)='./file0\x00', 0x2000, 0x113) io_uring_enter(r5, 0xbad, 0xc01e, 0x2, &(0x7f00000004c0)={[0xf2]}, 0x8) syz_io_uring_setup(0x4b62, &(0x7f0000000040)={0x0, 0x6a3f, 0x1, 0x2, 0x177, 0x0, r0}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000180)) syz_io_uring_setup(0x160, &(0x7f0000000240)={0x0, 0xe9a0, 0x8, 0x2, 0x3e6, 0x0, r0}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000340)=0x0) r8 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000380), 0xa2240, 0x0) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000440)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x4, 0x0, r8, 0x0, &(0x7f00000003c0)="cc0e4d0e88819a81acc2b24bbd955c35e084904190b44cadf9480ec8bd31b4347a8118b442b99717905bdadda26dd3a7b59e167649184ab4e2a0ca975633ac52560e1524cc4243c8c4193bfddc1b", 0x4e, 0x100, 0x1, {0x0, r9}}, 0x72) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:08:41 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xc200000000000000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:08:57 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000092000210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:08:57 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 43) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:08:57 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) close(r0) r4 = inotify_init1(0x0) r5 = inotify_add_watch(r4, &(0x7f0000000040)='.\x00', 0x2000003) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FALLOCATE={0x11, 0x59f5ee0a7c70a1ba, 0x0, @fd_index, 0x3, 0x0, 0x1, 0x0, 0x1, {0x0, r6}}, 0x8000) r7 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(r4, r5) pwrite64(r7, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r7, r4, 0x0) r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, r7, 0x8000000) syz_io_uring_submit(r8, 0x0, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x400e, @fd, 0x2, 0x1ee, 0x5, 0x4}, 0x7) syz_io_uring_submit(r8, r2, &(0x7f0000000040)=@IORING_OP_ASYNC_CANCEL={0xe, 0x8393553d48ae18b2}, 0x6) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:08:57 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0xf, 0x0, 0x2}, 0x8) 19:08:57 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720006000000000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:08:57 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 61) 19:08:57 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x2}, 0x8) 19:08:57 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xffffff7f00000000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) [ 1896.085739] FAULT_INJECTION: forcing a failure. [ 1896.085739] name failslab, interval 1, probability 0, space 0, times 0 [ 1896.087635] CPU: 1 PID: 10463 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 1896.088732] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1896.090040] Call Trace: [ 1896.090471] dump_stack+0x107/0x167 [ 1896.091058] should_fail.cold+0x5/0xa [ 1896.091684] ? create_object.isra.0+0x3a/0xa20 [ 1896.092420] should_failslab+0x5/0x20 [ 1896.093036] kmem_cache_alloc+0x5b/0x310 [ 1896.093698] create_object.isra.0+0x3a/0xa20 [ 1896.094392] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1896.095213] kmem_cache_alloc_trace+0x151/0x320 [ 1896.095962] __io_queue_sqe+0x666/0x9d0 [ 1896.096606] ? io_issue_sqe+0x7700/0x7700 [ 1896.097281] io_submit_sqes+0x4461/0x85c0 [ 1896.097975] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1896.098762] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1896.099600] ? lock_downgrade+0x6d0/0x6d0 [ 1896.100255] ? find_held_lock+0x2c/0x110 [ 1896.100904] ? io_submit_sqes+0x85c0/0x85c0 [ 1896.101601] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1896.102363] ? wait_for_completion_io+0x270/0x270 [ 1896.103136] ? rcu_read_lock_any_held+0x75/0xa0 [ 1896.103886] ? vfs_write+0x354/0xa70 [ 1896.104486] ? fput_many+0x2f/0x1a0 [ 1896.105069] ? ksys_write+0x1a9/0x260 [ 1896.105676] ? __ia32_sys_read+0xb0/0xb0 [ 1896.106333] do_syscall_64+0x33/0x40 [ 1896.106919] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1896.107751] RIP: 0033:0x7fe5a49a6b19 [ 1896.108342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1896.111205] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1896.112405] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 1896.113514] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1896.114624] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1896.115727] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1896.116829] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 [ 1896.124237] FAULT_INJECTION: forcing a failure. [ 1896.124237] name failslab, interval 1, probability 0, space 0, times 0 [ 1896.126318] CPU: 1 PID: 10462 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 1896.127417] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1896.128703] Call Trace: [ 1896.129124] dump_stack+0x107/0x167 [ 1896.129704] should_fail.cold+0x5/0xa [ 1896.130311] ? __io_queue_sqe+0x666/0x9d0 [ 1896.130969] should_failslab+0x5/0x20 [ 1896.131584] kmem_cache_alloc_trace+0x55/0x320 [ 1896.132307] __io_queue_sqe+0x666/0x9d0 [ 1896.132941] ? io_issue_sqe+0x7700/0x7700 [ 1896.133614] io_submit_sqes+0x4461/0x85c0 [ 1896.134306] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1896.135084] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1896.135844] ? lock_downgrade+0x6d0/0x6d0 [ 1896.136492] ? find_held_lock+0x2c/0x110 [ 1896.137128] ? io_submit_sqes+0x85c0/0x85c0 [ 1896.137807] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1896.138547] ? wait_for_completion_io+0x270/0x270 [ 1896.139284] ? rcu_read_lock_any_held+0x75/0xa0 [ 1896.140012] ? vfs_write+0x354/0xa70 [ 1896.140597] ? fput_many+0x2f/0x1a0 [ 1896.141171] ? ksys_write+0x1a9/0x260 [ 1896.141775] ? __ia32_sys_read+0xb0/0xb0 [ 1896.142425] do_syscall_64+0x33/0x40 [ 1896.143008] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1896.143815] RIP: 0033:0x7f3acf5e4b19 [ 1896.144398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1896.147220] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1896.148554] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 1896.149650] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1896.150745] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1896.151855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1896.152942] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 19:08:57 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="2800000f2000210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:08:57 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x10, 0x0, 0x2}, 0x8) 19:08:57 executing program 5: openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, 0x2}, 0x8) 19:08:57 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000602000210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:08:57 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = getpgrp(0x0) pidfd_open(r5, 0x0) syz_open_procfs(r5, &(0x7f0000000040)='net/raw\x00') 19:08:57 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xffffffff00000000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:08:57 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000060000000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:08:57 executing program 5: openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, 0x2}, 0x8) 19:08:57 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x11, 0x0, 0x2}, 0x8) 19:09:13 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 44) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:09:13 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r0, 0x10000000) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_mreq(r4, 0x29, 0x1b, &(0x7f0000000080)={@remote}, 0x14) r5 = syz_io_uring_setup(0x457f, &(0x7f00000000c0)={0x0, 0x58c9, 0x2, 0x3, 0x8b}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000002c0)=0x0, &(0x7f0000000180)=0x0) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r8 = inotify_init1(0x0) r9 = inotify_add_watch(r8, &(0x7f0000000040)='.\x00', 0x2000003) r10 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000300)=@IORING_OP_FALLOCATE={0x11, 0x59f5ee0a7c70a1ba, 0x0, @fd_index, 0x3, 0x0, 0x1, 0x0, 0x1, {0x0, r10}}, 0x8000) creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(r8, r9) syz_io_uring_submit(r1, r3, &(0x7f0000000440)=@IORING_OP_SENDMSG={0x9, 0x5, 0x0, r4, 0x0, &(0x7f0000000540)={&(0x7f0000000080)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x4, 0x1, 0x1, 0x0, {0xa, 0x4e22, 0xffffff48, @mcast1, 0x9}}}, 0x80, &(0x7f0000000400)=[{&(0x7f0000000180)="eaa1c89dbce91054959f31f23786ee5cf70fe50c0b51f1a2affa5e71a0678f753b6010480e5681067a2ecc2af27f8a3ebf793b3736fc72f88552ea6f2dc2fc6d5a1f7333e0b08640", 0x48}, {&(0x7f0000000240)="3ea1ce69af984cde9e90ddcd04232337b3a303a6cfd6c77bccc5d04a0ee76e0e965a103f9b178c7976ae28bb3d5e842884", 0x31}, {&(0x7f0000000580)="8abedf2724df677d40dbea00c59cafa0754513027aea4f513dc7d531da889097034bbe430a3e5afcdcda127530224eac395b30ddaf56450cf809bc99716cf840f19e10c6c5425c14768ed6d62e3090c049feafd7d2e617e4f15375d3a4ca661781e1e9011fa54cfda70346f549a2ad7aff15677d3572e45249723ca69025a8f0abb47a7a357feab6327dcb9091a907d43a75f6bd0162edab8357ad29906925e30b1c85311e747e356efe905b6fa5ec064c36c7e5f8ed1a940b8aa5715c5358bb7125", 0xc2}, {&(0x7f0000000280)="7fbbe32d8a47e6306f441837", 0xc}], 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="e80000000000000001010000d5090000cb53f956a0862efa2fd11f4c5e82d886c11ed073a36be638e95384462cfc8f72f5899a70eaebe9f02d0636f53c1ff20749c4bbb5d6e69f22436227632913e1a8b7fc5fb6aadabcbe476e10e4e2dc503ff69f95ed10169489dc3e402bf70c856a413ce90f02931312d4ee915ffeea602433eaf9f92c0e13fe8c64d9cee57b9174290f3f8853dca9607150d45c0becf20f204c5854e6373bf031fbba7eaf626d39a80dfb7961338d9745a403ebe4a34c4eb43feec936f5f22281b76a89caa0fddd4b7157c69f6ab03ec6987e9823a93363e144c0300fbc0c0000000000000000000201000001800000705a88bf7e05189001880f8a9a7de60943f2fbbc4fb5a612b77eda8dbe1f68f3e11f6fcc2f534a7d9864676765c3e7c702d9e7b2979614073b2311ee0d7c36f861855fe8deccf680f8a9054da72b5b9de80824aea96525286302a8eec272dc777787b722310513552412aea3612f13e758cac96543279b5dd74cdee8050088f39aa23bbce6dd1056a10f8b3ade7a93009c4c29aa1a000000c0000000000000000201000008000000a5b684eaee3a226ccc570fc165923ac6bedffe99f0acdb5ca02699d3c223e9a9ddf05832f57efb6f56b75a8a75e369cb5ba8b3bd646b469be910e4ee5fe6c020372ebbd405b9e8c3137eff5976d40c7c02170f9d198811adb06389771e0707abaad8b2f04954217a8247bec7b58a05371ed588d4e5824e02e5db59fdd624762eece2a670c930db91a1340d0b89aff99ce9f3a94126104ce0860feabf12ec783028bdf3cf1dc7337cb958000000000000c800000000000000030100001f000000ee6d123e11d84c9d88c1f588e092d7f06c0f9372ec07fa574311facc6aa511e28eac38e1d15936fa66e1af6a50943e576c7d23aa60c18cc1a6c30d46a7a21ec763dbe83b87c951701d9b0c3714930b4d93be78536c8f64b84d645f7c9c230d329d4acff66af16a1d8e997c69baba57371beb408202ea12b9c37f96ee06ecbbd1bd3b9b4dc3dff4b71f53da5e3cc6cf385ad8fae8fa441293d0b91a643dced2921dc192f9fa91cea0e34c0456f4b9fd8ad80000000000000010000000000000000d01000007000000c00000000000000014010000090000002b015e9701b17f08166b2b2651eeca7ea64b8b6365f722d899924ae7461a6cd40be8d5215162885d5a7feca9ca79aab91e22f4303961371c46d0f2fd7d937ec714a8344800270c0bb13736b3777d9dd88ebe55e07abcb1d79538eaa7ebea21300c6fed396380c7fbbeef8f7bf2139f479440fdfd40c96202e6a94692908e12b8ddf784222c23f62573999fc00de136e2b325ee5825c0bbe17ab933b096676716de6bdc2fd41c82aea136000000000000"], 0x3e8}, 0x0, 0x80a0, 0x1}, 0x6) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r11}, 0x0) r12 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x1, 0x3, 0x0, 0x0, 0x5e, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa38, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r12, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:09:13 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000007300210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:09:13 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 62) 19:09:13 executing program 5: openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, 0x2}, 0x8) 19:09:13 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000200000000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:09:13 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x12, 0x0, 0x2}, 0x8) 19:09:13 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0xc002, 0x8) [ 1912.218242] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=115 sclass=netlink_route_socket pid=10516 comm=syz-executor.2 [ 1912.238067] FAULT_INJECTION: forcing a failure. [ 1912.238067] name failslab, interval 1, probability 0, space 0, times 0 [ 1912.239650] CPU: 1 PID: 10518 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 1912.240370] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1912.241402] Call Trace: [ 1912.241672] dump_stack+0x107/0x167 [ 1912.242045] should_fail.cold+0x5/0xa [ 1912.242431] ? create_object.isra.0+0x3a/0xa20 [ 1912.242900] should_failslab+0x5/0x20 [ 1912.243290] kmem_cache_alloc+0x5b/0x310 [ 1912.243712] create_object.isra.0+0x3a/0xa20 [ 1912.244167] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1912.244689] kmem_cache_alloc_trace+0x151/0x320 [ 1912.245169] __io_queue_sqe+0x666/0x9d0 [ 1912.245590] ? io_issue_sqe+0x7700/0x7700 [ 1912.246027] io_submit_sqes+0x4461/0x85c0 [ 1912.246475] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1912.246993] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1912.247500] ? lock_downgrade+0x6d0/0x6d0 [ 1912.247933] ? find_held_lock+0x2c/0x110 [ 1912.248347] ? io_submit_sqes+0x85c0/0x85c0 [ 1912.248796] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1912.249294] ? wait_for_completion_io+0x270/0x270 [ 1912.249789] ? rcu_read_lock_any_held+0x75/0xa0 [ 1912.250267] ? vfs_write+0x354/0xa70 [ 1912.250649] ? fput_many+0x2f/0x1a0 [ 1912.251021] ? ksys_write+0x1a9/0x260 [ 1912.251418] ? __ia32_sys_read+0xb0/0xb0 [ 1912.251837] do_syscall_64+0x33/0x40 [ 1912.252224] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1912.252748] RIP: 0033:0x7f3acf5e4b19 [ 1912.253121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1912.254976] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1912.255760] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 1912.256484] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1912.257192] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1912.257917] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1912.258623] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 19:09:13 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x13, 0x0, 0x2}, 0x8) 19:09:13 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000000f00210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) [ 1912.300109] FAULT_INJECTION: forcing a failure. [ 1912.300109] name failslab, interval 1, probability 0, space 0, times 0 [ 1912.302317] CPU: 0 PID: 10517 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 1912.303410] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1912.304679] Call Trace: [ 1912.305097] dump_stack+0x107/0x167 [ 1912.305662] should_fail.cold+0x5/0xa [ 1912.306259] ? __io_queue_sqe+0x666/0x9d0 [ 1912.306903] should_failslab+0x5/0x20 [ 1912.307502] kmem_cache_alloc_trace+0x55/0x320 [ 1912.308215] __io_queue_sqe+0x666/0x9d0 [ 1912.308837] ? io_issue_sqe+0x7700/0x7700 [ 1912.309498] io_submit_sqes+0x4461/0x85c0 [ 1912.310174] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1912.311062] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1912.311826] ? lock_downgrade+0x6d0/0x6d0 [ 1912.312470] ? find_held_lock+0x2c/0x110 [ 1912.313109] ? io_submit_sqes+0x85c0/0x85c0 [ 1912.313800] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1912.314549] ? wait_for_completion_io+0x270/0x270 [ 1912.315299] ? rcu_read_lock_any_held+0x75/0xa0 [ 1912.316019] ? vfs_write+0x354/0xa70 [ 1912.316594] ? fput_many+0x2f/0x1a0 [ 1912.317156] ? ksys_write+0x1a9/0x260 [ 1912.317749] ? __ia32_sys_read+0xb0/0xb0 [ 1912.318385] do_syscall_64+0x33/0x40 [ 1912.318968] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1912.319771] RIP: 0033:0x7fe5a49a6b19 [ 1912.320350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1912.323188] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1912.324362] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 1912.325455] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1912.326554] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1912.327657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1912.328707] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:09:13 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa34, 0xff, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') 19:09:13 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, 0x0, 0x0) 19:09:13 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000002000000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:09:13 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r5 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r7 = inotify_init1(0x0) r8 = inotify_add_watch(r7, &(0x7f0000000040)='.\x00', 0x2000003) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FALLOCATE={0x11, 0x59f5ee0a7c70a1ba, 0x0, @fd_index, 0x3, 0x0, 0x1, 0x0, 0x1, {0x0, r9}}, 0x8000) r10 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(r7, r8) pwrite64(r10, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r10, r7, 0x0) r11 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, r10, 0x8000000) syz_io_uring_submit(r11, 0x0, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x400e, @fd, 0x2, 0x1ee, 0x5, 0x4, 0x0, {0x0, r6}}, 0x7) syz_io_uring_submit(0x0, r2, &(0x7f0000000080)=@IORING_OP_TEE={0x21, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x8, 0x1, {0x0, r6, r5}}, 0x1f) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) [ 1912.490393] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=15 sclass=netlink_route_socket pid=10537 comm=syz-executor.2 19:09:13 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 45) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:09:13 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) socket$packet(0x11, 0x2, 0x300) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x12, r0, 0x0) 19:09:13 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001000210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:09:13 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x14, 0x0, 0x2}, 0x8) 19:09:13 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 63) [ 1912.658819] FAULT_INJECTION: forcing a failure. [ 1912.658819] name failslab, interval 1, probability 0, space 0, times 0 [ 1912.660071] CPU: 1 PID: 10550 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 1912.660815] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1912.661690] Call Trace: [ 1912.661949] dump_stack+0x107/0x167 [ 1912.662340] should_fail.cold+0x5/0xa [ 1912.662689] ? create_object.isra.0+0x3a/0xa20 [ 1912.663096] should_failslab+0x5/0x20 [ 1912.663447] kmem_cache_alloc+0x5b/0x310 [ 1912.663802] create_object.isra.0+0x3a/0xa20 [ 1912.664173] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1912.664603] kmem_cache_alloc_trace+0x151/0x320 [ 1912.664999] __io_queue_sqe+0x666/0x9d0 [ 1912.665345] ? io_issue_sqe+0x7700/0x7700 [ 1912.665708] io_submit_sqes+0x4461/0x85c0 [ 1912.666077] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1912.666655] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1912.667061] ? lock_downgrade+0x6d0/0x6d0 [ 1912.667549] ? find_held_lock+0x2c/0x110 [ 1912.668052] ? io_submit_sqes+0x85c0/0x85c0 [ 1912.668423] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1912.668829] ? wait_for_completion_io+0x270/0x270 [ 1912.669234] ? rcu_read_lock_any_held+0x75/0xa0 [ 1912.669620] ? vfs_write+0x354/0xa70 [ 1912.669934] ? fput_many+0x2f/0x1a0 [ 1912.670238] ? ksys_write+0x1a9/0x260 [ 1912.670562] ? __ia32_sys_read+0xb0/0xb0 [ 1912.670940] do_syscall_64+0x33/0x40 [ 1912.671263] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1912.671702] RIP: 0033:0x7f3acf5e4b19 [ 1912.672016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1912.673863] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1912.674681] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 1912.675277] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1912.675873] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1912.676468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1912.677058] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 19:09:13 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, 0x0, 0x0) [ 1912.791365] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1912.872138] FAULT_INJECTION: forcing a failure. [ 1912.872138] name failslab, interval 1, probability 0, space 0, times 0 [ 1912.874150] CPU: 0 PID: 10564 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 1912.875186] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1912.876380] Call Trace: [ 1912.876774] dump_stack+0x107/0x167 [ 1912.877306] should_fail.cold+0x5/0xa [ 1912.877861] ? create_object.isra.0+0x3a/0xa20 [ 1912.878527] should_failslab+0x5/0x20 [ 1912.879082] kmem_cache_alloc+0x5b/0x310 [ 1912.879678] ? mark_held_locks+0x9e/0xe0 [ 1912.880273] create_object.isra.0+0x3a/0xa20 [ 1912.880912] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1912.881656] kmem_cache_alloc_bulk+0x168/0x320 [ 1912.882329] io_submit_sqes+0x6f76/0x85c0 [ 1912.882967] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1912.883700] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1912.884402] ? lock_downgrade+0x6d0/0x6d0 [ 1912.885003] ? find_held_lock+0x2c/0x110 [ 1912.885603] ? io_submit_sqes+0x85c0/0x85c0 [ 1912.886238] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1912.886942] ? wait_for_completion_io+0x270/0x270 [ 1912.887647] ? rcu_read_lock_any_held+0x75/0xa0 [ 1912.888315] ? vfs_write+0x354/0xa70 [ 1912.888863] ? fput_many+0x2f/0x1a0 [ 1912.889396] ? ksys_write+0x1a9/0x260 [ 1912.889950] ? __ia32_sys_read+0xb0/0xb0 [ 1912.890556] do_syscall_64+0x33/0x40 [ 1912.891097] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1912.891842] RIP: 0033:0x7fe5a49a6b19 [ 1912.892384] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1912.895002] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1912.896115] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 1912.897137] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1912.898161] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1912.899181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1912.900209] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:09:27 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0xeb0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e20, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x8001}, 0x1c) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:09:27 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 64) 19:09:27 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 46) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:09:27 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000001000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:09:27 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001100210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:09:27 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x15, 0x0, 0x2}, 0x8) 19:09:27 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, 0x0, 0x0) 19:09:27 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) io_uring_enter(0xffffffffffffffff, 0x1f7a, 0x6ee7, 0x2, &(0x7f00000001c0)={[0x7]}, 0x8) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) [ 1926.567123] FAULT_INJECTION: forcing a failure. [ 1926.567123] name failslab, interval 1, probability 0, space 0, times 0 [ 1926.568770] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1926.568910] CPU: 1 PID: 10582 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 1926.570637] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1926.571857] Call Trace: [ 1926.572257] dump_stack+0x107/0x167 [ 1926.572806] should_fail.cold+0x5/0xa [ 1926.573377] ? __io_queue_sqe+0x666/0x9d0 [ 1926.573997] should_failslab+0x5/0x20 [ 1926.574563] kmem_cache_alloc_trace+0x55/0x320 [ 1926.575246] __io_queue_sqe+0x666/0x9d0 [ 1926.575850] ? io_issue_sqe+0x7700/0x7700 [ 1926.576484] io_submit_sqes+0x4461/0x85c0 [ 1926.576909] FAULT_INJECTION: forcing a failure. [ 1926.576909] name failslab, interval 1, probability 0, space 0, times 0 [ 1926.577137] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1926.578828] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1926.579555] ? lock_downgrade+0x6d0/0x6d0 [ 1926.580169] ? find_held_lock+0x2c/0x110 [ 1926.580782] ? io_submit_sqes+0x85c0/0x85c0 [ 1926.581433] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1926.582162] ? wait_for_completion_io+0x270/0x270 [ 1926.582884] ? rcu_read_lock_any_held+0x75/0xa0 [ 1926.583571] ? vfs_write+0x354/0xa70 [ 1926.584125] ? fput_many+0x2f/0x1a0 [ 1926.584678] ? ksys_write+0x1a9/0x260 [ 1926.585241] ? __ia32_sys_read+0xb0/0xb0 [ 1926.585861] do_syscall_64+0x33/0x40 [ 1926.586411] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1926.587167] RIP: 0033:0x7fe5a49a6b19 [ 1926.587730] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1926.590417] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1926.591548] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 1926.592597] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1926.593646] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1926.594696] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1926.595754] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 [ 1926.596830] CPU: 0 PID: 10583 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 1926.597470] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1926.598221] Call Trace: [ 1926.598474] dump_stack+0x107/0x167 [ 1926.598813] should_fail.cold+0x5/0xa [ 1926.599171] ? create_object.isra.0+0x3a/0xa20 [ 1926.599612] should_failslab+0x5/0x20 [ 1926.599970] kmem_cache_alloc+0x5b/0x310 [ 1926.600348] create_object.isra.0+0x3a/0xa20 [ 1926.600755] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1926.601225] kmem_cache_alloc_trace+0x151/0x320 [ 1926.601655] __io_queue_sqe+0x666/0x9d0 [ 1926.602026] ? io_issue_sqe+0x7700/0x7700 [ 1926.602414] io_submit_sqes+0x4461/0x85c0 [ 1926.602814] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1926.603266] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1926.603718] ? lock_downgrade+0x6d0/0x6d0 [ 1926.604093] ? find_held_lock+0x2c/0x110 [ 1926.604469] ? io_submit_sqes+0x85c0/0x85c0 [ 1926.604880] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1926.605321] ? wait_for_completion_io+0x270/0x270 [ 1926.605766] ? rcu_read_lock_any_held+0x75/0xa0 [ 1926.606191] ? vfs_write+0x354/0xa70 [ 1926.606534] ? fput_many+0x2f/0x1a0 [ 1926.606870] ? ksys_write+0x1a9/0x260 [ 1926.607219] ? __ia32_sys_read+0xb0/0xb0 [ 1926.607612] do_syscall_64+0x33/0x40 [ 1926.607954] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1926.608427] RIP: 0033:0x7f3acf5e4b19 [ 1926.608768] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1926.610411] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1926.611105] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 1926.611756] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1926.612407] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1926.613047] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1926.613689] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 19:09:27 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001200210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:09:27 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x2}, 0x8) [ 1926.721053] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. 19:09:27 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x16, 0x0, 0x2}, 0x8) 19:09:47 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 65) 19:09:47 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 47) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:09:47 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x2}, 0x8) 19:09:47 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000002000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:09:47 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58a4, 0x4d96, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') 19:09:47 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001300210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:09:47 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x17, 0x0, 0x2}, 0x8) 19:09:47 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1000000, 0x10, r0, 0x8000000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) [ 1946.781366] FAULT_INJECTION: forcing a failure. [ 1946.781366] name failslab, interval 1, probability 0, space 0, times 0 [ 1946.783322] CPU: 1 PID: 10616 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 1946.784352] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1946.785572] Call Trace: [ 1946.785975] dump_stack+0x107/0x167 [ 1946.786520] should_fail.cold+0x5/0xa [ 1946.787091] ? __io_queue_sqe+0x666/0x9d0 [ 1946.787710] should_failslab+0x5/0x20 [ 1946.788294] kmem_cache_alloc_trace+0x55/0x320 [ 1946.788981] __io_queue_sqe+0x666/0x9d0 [ 1946.789581] ? io_issue_sqe+0x7700/0x7700 [ 1946.790219] io_submit_sqes+0x4461/0x85c0 [ 1946.790872] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1946.791609] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1946.792337] ? lock_downgrade+0x6d0/0x6d0 [ 1946.792949] ? find_held_lock+0x2c/0x110 [ 1946.793558] ? io_submit_sqes+0x85c0/0x85c0 [ 1946.794209] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1946.794931] ? wait_for_completion_io+0x270/0x270 [ 1946.795652] ? rcu_read_lock_any_held+0x75/0xa0 [ 1946.796347] ? vfs_write+0x354/0xa70 [ 1946.796905] ? fput_many+0x2f/0x1a0 [ 1946.797447] ? ksys_write+0x1a9/0x260 [ 1946.798014] ? __ia32_sys_read+0xb0/0xb0 [ 1946.798636] do_syscall_64+0x33/0x40 [ 1946.799191] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1946.799952] RIP: 0033:0x7f3acf5e4b19 [ 1946.800502] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1946.803188] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1946.803974] FAULT_INJECTION: forcing a failure. [ 1946.803974] name failslab, interval 1, probability 0, space 0, times 0 [ 1946.804317] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 1946.804336] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1946.808010] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1946.809055] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1946.810106] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 [ 1946.811188] CPU: 0 PID: 10621 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 1946.812219] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1946.813449] Call Trace: [ 1946.813843] dump_stack+0x107/0x167 [ 1946.814400] should_fail.cold+0x5/0xa [ 1946.814967] ? create_object.isra.0+0x3a/0xa20 [ 1946.815646] should_failslab+0x5/0x20 [ 1946.816232] kmem_cache_alloc+0x5b/0x310 [ 1946.816842] create_object.isra.0+0x3a/0xa20 [ 1946.817495] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1946.818254] kmem_cache_alloc_trace+0x151/0x320 [ 1946.819095] __io_queue_sqe+0x666/0x9d0 [ 1946.819703] ? io_issue_sqe+0x7700/0x7700 [ 1946.820348] io_submit_sqes+0x4461/0x85c0 [ 1946.820998] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1946.821734] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1946.822451] ? lock_downgrade+0x6d0/0x6d0 [ 1946.823061] ? find_held_lock+0x2c/0x110 [ 1946.823668] ? io_submit_sqes+0x85c0/0x85c0 [ 1946.824320] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1946.825037] ? wait_for_completion_io+0x270/0x270 [ 1946.825755] ? rcu_read_lock_any_held+0x75/0xa0 [ 1946.826438] ? vfs_write+0x354/0xa70 [ 1946.826989] ? fput_many+0x2f/0x1a0 [ 1946.827528] ? ksys_write+0x1a9/0x260 [ 1946.828099] ? __ia32_sys_read+0xb0/0xb0 [ 1946.828715] do_syscall_64+0x33/0x40 [ 1946.829267] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1946.830018] RIP: 0033:0x7fe5a49a6b19 [ 1946.830568] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1946.833248] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1946.834368] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 1946.835415] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1946.836460] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1946.837505] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1946.838550] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 [ 1946.847705] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. 19:09:47 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x2}, 0x8) 19:09:47 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x18, 0x0, 0x2}, 0x8) 19:09:47 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001400210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:09:48 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000006000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:09:48 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0xfffffffd}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) io_setup(0x6, &(0x7f00000001c0)=0x0) r7 = syz_open_dev$vcsn(&(0x7f0000000280), 0xc8de, 0x84880) io_submit(r6, 0x1, &(0x7f0000000480)=[&(0x7f0000000440)={0x0, 0x0, 0x0, 0x2, 0x5, r3, &(0x7f0000000240)="f458de91a7f9033ca560466d13acbf86e99eb0c93426ff099ec0faf7d8079e9e2994a2436cd17e69da42c7", 0x2b, 0x7fffffff, 0x0, 0x1, r7}]) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r8 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r8, 0x40082406, &(0x7f00000000c0)='\x00') r9 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000d, 0x30, r7, 0x10000000) syz_io_uring_submit(r1, r9, &(0x7f00000004c0)=@IORING_OP_FADVISE={0x18, 0x3, 0x0, @fd_index=0x4, 0x550e, 0x0, 0x2, 0x0, 0x1}, 0x6) fspick(r8, &(0x7f0000000180)='./file0\x00', 0x0) 19:09:48 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2}, 0x8) [ 1947.121361] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'. 19:09:48 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x19, 0x0, 0x2}, 0x8) 19:09:48 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001500210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) [ 1947.308991] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'. 19:10:01 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 66) 19:10:01 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000020007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:10:01 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 48) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:10:01 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x1a, 0x0, 0x2}, 0x8) 19:10:01 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001600210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:10:01 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r6 = syz_io_uring_setup(0x457f, &(0x7f00000000c0)={0x0, 0x58c9, 0x2, 0x3, 0x8b}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000002c0), &(0x7f0000000180)) io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0) io_uring_enter(r6, 0x6e74, 0xefba, 0x0, &(0x7f00000001c0)={[0x31f]}, 0x8) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r7 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r7, &(0x7f0000000180)='./file0\x00', 0x0) 19:10:01 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x18061, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_bp={&(0x7f0000000180)}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r6 = inotify_init1(0x0) r7 = inotify_add_watch(r6, &(0x7f0000000040)='.\x00', 0x2000003) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FALLOCATE={0x11, 0x59f5ee0a7c70a1ba, 0x0, @fd_index, 0x3, 0x0, 0x1, 0x0, 0x1, {0x0, r8}}, 0x8000) r9 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(r6, r7) pwrite64(r9, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r9, r6, 0x0) r10 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, r9, 0x8000000) syz_io_uring_submit(r10, 0x0, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x400e, @fd, 0x2, 0x1ee, 0x5, 0x4, 0x0, {0x0, r5}}, 0x7) ioctl$INCFS_IOC_GET_FILLED_BLOCKS(0xffffffffffffffff, 0x80286722, &(0x7f00000000c0)={&(0x7f0000000040)=""/93, 0x5d, 0xffff, 0x7}) 19:10:01 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2}, 0x8) [ 1960.976262] FAULT_INJECTION: forcing a failure. [ 1960.976262] name failslab, interval 1, probability 0, space 0, times 0 [ 1960.977616] CPU: 0 PID: 10669 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 1960.978296] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1960.979117] Call Trace: [ 1960.979410] dump_stack+0x107/0x167 [ 1960.979794] should_fail.cold+0x5/0xa [ 1960.980195] ? __io_queue_sqe+0x666/0x9d0 [ 1960.980626] should_failslab+0x5/0x20 [ 1960.981000] kmem_cache_alloc_trace+0x55/0x320 [ 1960.981438] __io_queue_sqe+0x666/0x9d0 [ 1960.981831] ? io_issue_sqe+0x7700/0x7700 [ 1960.982232] io_submit_sqes+0x4461/0x85c0 [ 1960.982663] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1960.983128] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1960.983584] ? lock_downgrade+0x6d0/0x6d0 [ 1960.983989] ? find_held_lock+0x2c/0x110 [ 1960.984382] ? io_submit_sqes+0x85c0/0x85c0 [ 1960.984797] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1960.985255] ? wait_for_completion_io+0x270/0x270 [ 1960.985713] ? rcu_read_lock_any_held+0x75/0xa0 [ 1960.986160] ? vfs_write+0x354/0xa70 [ 1960.986511] ? fput_many+0x2f/0x1a0 [ 1960.986861] ? ksys_write+0x1a9/0x260 [ 1960.987230] ? __ia32_sys_read+0xb0/0xb0 [ 1960.987621] do_syscall_64+0x33/0x40 [ 1960.987981] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1960.988459] RIP: 0033:0x7fe5a49a6b19 [ 1960.988809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1960.990545] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1960.991250] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 1960.991928] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1960.992739] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1960.993412] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1960.994069] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 [ 1960.997153] FAULT_INJECTION: forcing a failure. [ 1960.997153] name failslab, interval 1, probability 0, space 0, times 0 [ 1960.998630] CPU: 0 PID: 10671 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 1960.999292] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1961.000095] Call Trace: [ 1961.000371] dump_stack+0x107/0x167 [ 1961.000820] should_fail.cold+0x5/0xa [ 1961.001265] ? create_object.isra.0+0x3a/0xa20 [ 1961.001717] should_failslab+0x5/0x20 [ 1961.002099] kmem_cache_alloc+0x5b/0x310 [ 1961.002498] create_object.isra.0+0x3a/0xa20 [ 1961.002913] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1961.003398] kmem_cache_alloc_trace+0x151/0x320 [ 1961.003843] __io_queue_sqe+0x666/0x9d0 [ 1961.004231] ? io_issue_sqe+0x7700/0x7700 [ 1961.004637] io_submit_sqes+0x4461/0x85c0 [ 1961.005057] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1961.005520] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1961.005972] ? lock_downgrade+0x6d0/0x6d0 [ 1961.006355] ? find_held_lock+0x2c/0x110 [ 1961.006751] ? io_submit_sqes+0x85c0/0x85c0 [ 1961.007158] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1961.007610] ? wait_for_completion_io+0x270/0x270 [ 1961.008074] ? rcu_read_lock_any_held+0x75/0xa0 [ 1961.008508] ? vfs_write+0x354/0xa70 [ 1961.008856] ? fput_many+0x2f/0x1a0 [ 1961.009200] ? ksys_write+0x1a9/0x260 [ 1961.009559] ? __ia32_sys_read+0xb0/0xb0 [ 1961.009948] do_syscall_64+0x33/0x40 [ 1961.010301] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1961.010775] RIP: 0033:0x7f3acf5e4b19 [ 1961.011133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1961.012825] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1961.013539] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 1961.014193] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1961.014852] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1961.015510] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1961.016178] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 19:10:02 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2}, 0x8) 19:10:02 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x1b, 0x0, 0x2}, 0x8) 19:10:02 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001800210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:10:02 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x1c, 0x0, 0x2}, 0x8) [ 1961.187338] netlink: 'syz-executor.2': attribute type 3 has an invalid length. 19:10:02 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 49) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:10:02 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000017ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:10:02 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x1d, 0x0, 0x2}, 0x8) 19:10:02 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x3, 0x0, 0x2}, 0x8) [ 1961.376407] FAULT_INJECTION: forcing a failure. [ 1961.376407] name failslab, interval 1, probability 0, space 0, times 0 [ 1961.378796] CPU: 1 PID: 10695 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 1961.379812] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1961.381036] Call Trace: [ 1961.381447] dump_stack+0x107/0x167 [ 1961.382001] should_fail.cold+0x5/0xa [ 1961.382579] ? create_object.isra.0+0x3a/0xa20 [ 1961.383459] should_failslab+0x5/0x20 [ 1961.384193] kmem_cache_alloc+0x5b/0x310 [ 1961.384917] create_object.isra.0+0x3a/0xa20 [ 1961.385789] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1961.386643] kmem_cache_alloc_trace+0x151/0x320 [ 1961.387568] __io_queue_sqe+0x666/0x9d0 [ 1961.388213] ? io_issue_sqe+0x7700/0x7700 [ 1961.389058] io_submit_sqes+0x4461/0x85c0 [ 1961.389739] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1961.390639] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1961.391523] ? lock_downgrade+0x6d0/0x6d0 [ 1961.392155] ? find_held_lock+0x2c/0x110 [ 1961.392888] ? io_submit_sqes+0x85c0/0x85c0 [ 1961.393767] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1961.394484] ? wait_for_completion_io+0x270/0x270 [ 1961.395201] ? rcu_read_lock_any_held+0x75/0xa0 [ 1961.395883] ? vfs_write+0x354/0xa70 [ 1961.396447] ? fput_many+0x2f/0x1a0 [ 1961.396990] ? ksys_write+0x1a9/0x260 [ 1961.397551] ? __ia32_sys_read+0xb0/0xb0 [ 1961.398168] do_syscall_64+0x33/0x40 [ 1961.398719] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1961.399469] RIP: 0033:0x7f3acf5e4b19 [ 1961.400025] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1961.402933] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1961.404057] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 1961.405094] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1961.406388] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1961.407645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1961.408925] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 19:10:18 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001900210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:10:18 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000027ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:10:18 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0xa011, r0, 0x0) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r6, r2, &(0x7f00000001c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x3, 0x0, 0x7f, 0x1, &(0x7f0000000440)="9c72df3136c3069a91e4cdaa29528abb77e1afd6f05e57a31ed3d51fe429ecdcf6c8c96d7171dd34a87d3fab8f8a3a68779d28255a822d25ab23e6cf4ff48357afbd9e9c9fcdea0974ec11001d5a992de7115880d8f5629c7ef09298707b4fd372b34406ea3b3588b8686d53e82c8144f1c5a80d8635fea3f8874ad5ac8dba369e36", 0x9, 0x0, 0x0, {0x3, r7}}, 0x7) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r8 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r8, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r8, &(0x7f0000000180)='./file0\x00', 0x0) pwrite64(0xffffffffffffffff, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, 0xffffffffffffffff, 0x8000000) syz_io_uring_submit(r9, 0x0, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x400e, @fd, 0x2, 0x1ee, 0x5, 0x4}, 0x7) ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f0000000240)) 19:10:18 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 50) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:10:18 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x4000000, 0x0, 0xfffffffd}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000080)={@remote}, 0x14) syz_io_uring_setup(0x432b, &(0x7f00000000c0)={0x0, 0x58c9, 0x0, 0x2, 0x8e}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000002c0)=0x0, &(0x7f0000000180)=0x0) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r6 = inotify_init1(0x0) r7 = inotify_add_watch(r6, &(0x7f0000000040)='.\x00', 0x2000003) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000300)=@IORING_OP_FALLOCATE={0x11, 0x59f5ee0a7c70a1ba, 0x0, @fd_index, 0x3, 0x0, 0x1, 0x0, 0x1, {0x0, r8}}, 0x8000) r9 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(r6, r7) pwrite64(r9, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r9, r6, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READ_FIXED={0x4, 0x1, 0x2004, @fd_index=0x5, 0x1, 0x8001, 0x7, 0x8, 0x0, {0x2}}, 0x0) r10 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r10, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:10:18 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x2}, 0x8) 19:10:18 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x1e, 0x0, 0x2}, 0x8) 19:10:18 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 67) [ 1977.466107] netlink: 'syz-executor.2': attribute type 3 has an invalid length. [ 1977.502015] FAULT_INJECTION: forcing a failure. [ 1977.502015] name failslab, interval 1, probability 0, space 0, times 0 [ 1977.503838] CPU: 1 PID: 10724 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 1977.504862] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1977.506107] Call Trace: [ 1977.506504] dump_stack+0x107/0x167 [ 1977.507123] should_fail.cold+0x5/0xa [ 1977.507728] ? create_object.isra.0+0x3a/0xa20 [ 1977.508737] should_failslab+0x5/0x20 [ 1977.509293] kmem_cache_alloc+0x5b/0x310 [ 1977.509906] create_object.isra.0+0x3a/0xa20 [ 1977.510550] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1977.511291] kmem_cache_alloc_trace+0x151/0x320 [ 1977.511987] __io_queue_sqe+0x666/0x9d0 [ 1977.512594] ? io_issue_sqe+0x7700/0x7700 [ 1977.513223] io_submit_sqes+0x4461/0x85c0 [ 1977.513871] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1977.514597] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1977.515314] ? lock_downgrade+0x6d0/0x6d0 [ 1977.515933] ? find_held_lock+0x2c/0x110 [ 1977.516558] ? io_submit_sqes+0x85c0/0x85c0 [ 1977.517204] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1977.517916] ? wait_for_completion_io+0x270/0x270 [ 1977.518631] ? rcu_read_lock_any_held+0x75/0xa0 [ 1977.519315] ? vfs_write+0x354/0xa70 [ 1977.519775] FAULT_INJECTION: forcing a failure. [ 1977.519775] name failslab, interval 1, probability 0, space 0, times 0 [ 1977.519875] ? fput_many+0x2f/0x1a0 [ 1977.522037] ? ksys_write+0x1a9/0x260 [ 1977.522602] ? __ia32_sys_read+0xb0/0xb0 [ 1977.523222] do_syscall_64+0x33/0x40 [ 1977.523776] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1977.524548] RIP: 0033:0x7fe5a49a6b19 [ 1977.525101] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1977.527800] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1977.528926] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 1977.529964] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1977.530999] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1977.532037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1977.533084] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 [ 1977.534151] CPU: 0 PID: 10718 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 1977.535175] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1977.536405] Call Trace: [ 1977.536812] dump_stack+0x107/0x167 [ 1977.537363] should_fail.cold+0x5/0xa [ 1977.537931] ? create_object.isra.0+0x3a/0xa20 [ 1977.538608] should_failslab+0x5/0x20 [ 1977.539168] kmem_cache_alloc+0x5b/0x310 [ 1977.539912] create_object.isra.0+0x3a/0xa20 [ 1977.540579] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1977.541339] kmem_cache_alloc_trace+0x151/0x320 [ 1977.542030] __io_queue_sqe+0x666/0x9d0 [ 1977.542634] ? io_issue_sqe+0x7700/0x7700 [ 1977.543265] io_submit_sqes+0x4461/0x85c0 [ 1977.543922] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1977.544670] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1977.545394] ? lock_downgrade+0x6d0/0x6d0 [ 1977.546000] ? find_held_lock+0x2c/0x110 [ 1977.546617] ? io_submit_sqes+0x85c0/0x85c0 [ 1977.547275] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1977.548002] ? wait_for_completion_io+0x270/0x270 [ 1977.548727] ? rcu_read_lock_any_held+0x75/0xa0 [ 1977.549420] ? vfs_write+0x354/0xa70 [ 1977.549973] ? fput_many+0x2f/0x1a0 [ 1977.550525] ? ksys_write+0x1a9/0x260 [ 1977.551089] ? __ia32_sys_read+0xb0/0xb0 [ 1977.551711] do_syscall_64+0x33/0x40 [ 1977.552279] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1977.553044] RIP: 0033:0x7f3acf5e4b19 [ 1977.553597] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1977.556308] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1977.557421] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 1977.558463] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1977.559503] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1977.560553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1977.561606] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 19:10:18 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001a00210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:10:18 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x2}, 0x8) (fail_nth: 1) 19:10:18 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x21, 0x0, 0x2}, 0x8) 19:10:18 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000067ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') [ 1977.720058] netlink: 'syz-executor.2': attribute type 3 has an invalid length. [ 1977.733385] FAULT_INJECTION: forcing a failure. [ 1977.733385] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1977.735217] CPU: 1 PID: 10736 Comm: syz-executor.5 Not tainted 5.10.218 #1 [ 1977.736254] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1977.737462] Call Trace: [ 1977.737864] dump_stack+0x107/0x167 [ 1977.738401] should_fail.cold+0x5/0xa [ 1977.738967] ? rfkill_sync_work+0xa0/0xa0 [ 1977.739576] _copy_from_user+0x2e/0x1b0 [ 1977.740177] ? rfkill_sync_work+0xa0/0xa0 [ 1977.740788] rfkill_fop_write+0xb4/0x4b0 [ 1977.741392] ? rfkill_sync_work+0xa0/0xa0 [ 1977.741997] ? security_file_permission+0x24e/0x570 [ 1977.742724] ? __fget_files+0x296/0x4c0 [ 1977.743312] ? rfkill_sync_work+0xa0/0xa0 [ 1977.743916] vfs_write+0x29a/0xa70 [ 1977.744445] ksys_write+0x1f6/0x260 [ 1977.744977] ? __ia32_sys_read+0xb0/0xb0 [ 1977.745584] do_syscall_64+0x33/0x40 [ 1977.746136] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1977.746883] RIP: 0033:0x7f38fad1ab19 [ 1977.747435] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1977.750076] RSP: 002b:00007f38f8290188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1977.751196] RAX: ffffffffffffffda RBX: 00007f38fae2df60 RCX: 00007f38fad1ab19 [ 1977.752231] RDX: 0000000000000008 RSI: 0000000020000080 RDI: 0000000000000003 [ 1977.753266] RBP: 00007f38f82901d0 R08: 0000000000000000 R09: 0000000000000000 [ 1977.754295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1977.755336] R13: 00007fff8b6f42cf R14: 00007f38f8290300 R15: 0000000000022000 19:10:18 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r6 = inotify_init1(0x0) r7 = inotify_add_watch(r6, &(0x7f0000000040)='.\x00', 0x2000003) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FALLOCATE={0x11, 0x59f5ee0a7c70a1ba, 0x0, @fd_index, 0x3, 0x0, 0x1, 0x0, 0x1, {0x0, r8}}, 0x8000) r9 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(r6, r7) pwrite64(r9, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r9, r6, 0x0) r10 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, r9, 0x8000000) syz_io_uring_submit(r10, 0x0, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x400e, @fd, 0x2, 0x1ee, 0x5, 0x4, 0x0, {0x0, r5}}, 0x7) syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_NOP={0x0, 0x3}, 0xf1) syz_io_uring_submit(r4, r2, &(0x7f0000000080)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:10:18 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001c00210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:10:18 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x22, 0x0, 0x2}, 0x8) 19:10:18 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x2}, 0x8) (fail_nth: 2) 19:10:18 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = syz_open_dev$vcsn(&(0x7f00000001c0), 0x6, 0x0) io_uring_enter(r6, 0x56ee, 0x7600, 0x3, &(0x7f0000000240)={[0xe]}, 0x8) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000440)='./cgroup/syz1\x00', 0x200002, 0x0) r8 = syz_io_uring_setup(0x457f, &(0x7f00000000c0)={0x0, 0x58c9, 0x2, 0x3, 0x8b}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000002c0)=0x0, &(0x7f0000000180)=0x0) r11 = io_uring_register$IORING_REGISTER_PERSONALITY(r8, 0x9, 0x0, 0x0) syz_io_uring_submit(r9, r10, &(0x7f0000000300)=@IORING_OP_FALLOCATE={0x11, 0x59f5ee0a7c70a1ba, 0x0, @fd_index, 0x3, 0x0, 0x1, 0x0, 0x1, {0x0, r11}}, 0x8000) syz_io_uring_submit(r1, 0x0, &(0x7f0000000480)=@IORING_OP_WRITE={0x17, 0x4, 0x4000, @fd=r7, 0x3, &(0x7f00000006c0)="2e2f8698c3921c24dec7cdaa97cd0467816512f611e911ec62ad70397ebb9440ea5fb7eb530f948497074d6d440d0736d2574d5869abd4da4523874ead9f065cb65d68c1ca76d088f5edd3d5e8ed2a334986ed71b65c743a89d0747d99b808341b1c6e85102de7c9ddcf7c7ffacb43c8bff91b53c06f9745e976b547e2944659b4b45dff88db3688fb66d1199dbf0c4ce8cfa16fd35b456c47fe563c275da5ac37b9cfc54feab84b1853401653306c72e8802a4293bc32aa83da221284d9edd8170cc2ff8d030bc8de3a3f8b87137d1940d89757245a556f474d45df76c0a577766e7b400dfa1d4869b951c910945e9a79c1ea523ca720bac29efebc7f8b7eb5ad33c76d903f23f386b2b03aa7ede45062a44c1c7861ad7a007f75c64cf6157ba65a2e873e16f23d907bf7a3cdd2f21b8ad268882da6526d5e4a7de4b7c5dc83935b2fba21f42a7de094d71eb1b8920dcac91b3dca765d94cc163b72dea64d29a17834d0143adbdcb65d8c2db3a7a4b7a08757e49795f5b9eec3bf15aabb98144dbda6c66d6a3361a80769aa4c236b7298e66e40b5134ec74f62f77ac441a7692b71ccafa0e518a069efa210f2258a67764525ad8e25e46f23fe187fc8adafd87bff850e698031dfe40f2bf7c083d78d75e4033d34fabfe9e2f1b3c77fddf4b09fd05295419e2d3e666d43682d969149463b97ad1d105d302c7ac7d931d0bdf070370669bb745c3a4e6abb63159b162e6d87ba17a73b9710fa997fe57f069490a7be90d5067be236ac8600c42bcdce5eb849c5933db4f5cbf1cecf12fbf5fd0251ff68e9e08010509180949f1e93f551b52e163ede386d73085aa581527e0cc03c5161dfcfe69a3b5b9ac1d340e20ece8fb36e45ba25263e8927970be947e78f165872abf32c1a8dc13c310323b1f16a6c9a1610724144788530551649537f22d000a838b7859c44b52337e068ee75f0f018e3820c1520a270dd6c3bc9fa59a584e5ca36db76eec23e9f7d124a0b756ed19653467e01c61b5599560d8b06dc8b42d2e48c186a82ba4fb30b51878b29dd80403f25f0870a753cbca96ac5d343c9031601e797d55b76836d911b0a9e43a6709b7a9926ed1edf14707d403c02742d3a2f86471ab303754a392407f9fc20d4693f16b52f5bea2983f2667685d04544cc338ad38d5afd5f844298e0a6599076c43c51a590013ad3ee903d132b9d49a2847d9ba77e012cf325b9954d6e36cf6e64896dda407c609bbad1600ec9555eb529bd3aac5cac63b6ba81ca64dddb6371617fe09f52469978d83e20e9c8003485c59c5537049cbe250d5d4f07cfdb6049eceb3d72af141a685bf0961587b518166824e9f7bce7f1d6fffd0b1fe26eb1fa2cdbc962ccd12fdc85feb528cde320c22c785dc0b0b1626e22bf43a331f7797571b0139aa06732d21d472ecf922ef5544e4cefe00a09277364decd9b8f503aba0e28c38f0c7c447e749bec59c8ba76bea5f6a9e41a57cc03ee3f683ec31390e9123e6dbb42d99ce567fe01a4e4eeadbfa4bbd458535c9a5196c75a930d161a8b8064e1a7e4eb8a2ad94c1cc9b1634a00aecba60c19ec3b893eaaf352af41cbb62a3e9443e21512268da59f145303c7762df55e735623b20c22bb958cdb98b317feef517861517755858a93c65adbdeb570ca68c12063962bf96cde3f7dbe51eab3dcda33707110c680b2dfa185db9b9d9a4eca0c584a5075021dc4d6f89683a7cad76aa41de3267bfd9608f567c9fdc8529f86bd8fe65ef118b701d9d9bf4e8c5c4288cf01f52ae79f78d58df7b019497519e9cb1f3cabe7f5552896be081fe56d32cefbf52aab9851d01a9695e9f6bf9fd95f9e05fa3e831ef2ae37653d284854f83c27e5e072229c454df344a09ed2bcf7ca8525c594ec99724f88300ecb2dffe4e0c5df5dd2d70d4031206651e01da1814b797c40610e976b672667f40abb9b2965ccfa38cc4ff9bcea2f55246f05e6b086aef6e58b5d60b2ac981173d731b644aa8dcf414c36ff88321b5c20dd804a89c3ded35eb1fc981d6a3a20ea51a3f2c26ff9c35b3784bb36800adcc661d6674f8358349c65357f15ff4ed8554a002608280b89b9e60b47622b8e2c564bac650584c6508199e0fdc7fbe6d1ca3b5e47323fd903285f362f39a0cad90e441428b17a8d6bc01a3745ee7fa56857fa0535b38c99e039a507d88b6aaf4cd71e880a57298be3e700ab955df0fd0447e3239a693c2b6f35d7c481d41a7b1b85ff55c0b2b8ecd9484f94e2dfe97eeabd151083cf916aed5897b133c842e2b725631a79efc4ebcf06d136b5dadcc170a10bee45651158f5c1bfd6a984c52fe0ddb3afb1450d7f23c63bbb8f61faae42e60d8243536bc98893cbf25c62569186be337bec8a9cfdea6a92e3fd5a1b403176ac5de52c30a7ca5d898a48b5e61b9e6aeb006e98cf89e6fee4752eae89304ba77c8b15fb93656e47c3f3db1e2a53519fcb78f5847c7e2e3bc608c6ddee0626e06d4a9cb67de518c8d71f6a908e55c2af7fac29aff4603c995359a20e781d882bf8f8f003e4ebff7c869aea2490058104f5955300c0e5e430afa7249c626345cf7ee95f75fb476f0962fe429e5257c6010f35c22127cb12cd26f07b83adf43b69125c984981bae10330ef0db76de02f04078b2a6d9ab1a7993f8d065b5f01ead70bd04c48ebba167a9f2307d07172aa6760abc8a40316533444ddc857bb2a6c092507a7ee6cf26096e9d701dc553f4ee1b8ca7a0ed9918e1c7f6565aceb879f52eb335fcd507b5bbc419f232e7a829112944edf31a5ade72b6b20f6afdb4d10a8268629d465c9c1b24ede3219dedf54bbad623b9caa8a4bf9a524a587b73bc728d081bca0124cbf7b72c590f9f84b270360b8d35f955044c9c56f3cd5cbae3f1453716e98a9b8bb731e0f8f231854e3e9026048745b198864b206afea72685acb051b9d7c0c499eca3bf70a4f2a8eba917ce4eee33b4bc809ea5fc63d8523210260566802fa2af3710456291b4e8702807d3a0e12d6ed7afc3b75de8c5dd63829093d3eb6067aeb4ca01719710babd8095f152776d4cea117263480f7cd76b98d8afb1504d0734c2af9c6b2e3d3d6b06c5fe6ba5fda463baf2bcbb7ea5b40fd64f13c990c79c6e926ceb32da88fa2ac026c652224b81f822cf3f77afff0eb239d01d9b3f0899b6ea70215a4bbdfbc2ac357d7cc37538890fd6edd3f2dc721c5623df1b6a766321e17ec0286fc183efafaa3bd0c599dfdb6515e6f1fac392ac2d36146e504065faecd540d2522f169192b14c20a3e228fb6a0e94dbe195364fc5f74185cdbd9ca614b588d25da3ec3082543faa01afb3b8464d302d5f956516e28db189a6bc95414a02855f0549247d3a1ae89065d6237c447caa664a238d6b3fb796e3df3fed569019626996e91deda2dbe5d3efe9beaab9bf4c4b47bd4517b57f2bf8a23bd43d8041568d3d34f9478c8c34d1d3ccfe241731b754960d80e40c2c9f72f3b19bc4a6b9f388325ca8b4404ef1ca934bd205f29b4d50f8ca97a7ab7d3b9ad0ddece9a214ffac7ec729a528449c97eb707dcd0b385ca6d60e54bc650cbfec6392ab41f7ad56fba956c16027e2cb8ff8f38f44f9d7c52ae7183b890e52d038a5dd4f9baf7f1829e9a2fcb3c562140778bb1ee8b1aee4abd006f011140b23e966f07e442057e1c669cf8a71faac2b0b4066625c40670fd14dd1505ebd9a7009ab367bbb6f62a64fccd457d55cfe0ae782fbc0e1ed910642abb03d25b26131d22af151eaae3565ac97df71cc0b55cc1e2990c863a1b0746100bd7eba9e0495cd94a473ab5e792fe14df098fe2f83be0a3c66f864cc363dba558f67196d91e2b4f1767c35445c9459097e8da8fbefdd70a062893b985e07dc5e0fb02b44e422dd2b0afa96c0041cd471b378283d9cdfb2f81db7fe6c156d0f294622b28dd7f5ece4f2a5307c97937ae403796b82537855ea07f65644a458d5a16d56a7af4bbc6c47955221b1d51a9fa3e1430bafd4a5027437d5726adee6c828e8553693e30d530012720958d3092059dbd9ac468187e75eaf898e1b0e2be492ebdbe095d9b78571b38843cb108f6fa2d1b0f008e97b45938b01d0d1566491035f80851b615c6b37e8f6adb72e735861b241dfd70e81e5b443ecbbe933014731ce2f37b35cdb89dbc636ed292a82d204fcfe011eddae977d586cc9e88e967f86a3078b7bd11d64c6d1b83267418543037a0ca1245622589b14f2c0b1eec2ee7c96e9bd6082c3bca08dc91954fac7aeb56bfd63073ab802c6e9b5b4460c4f5491c6cb3d97699571eedc5b484fb2929a34128dbf3ec2a9c9b9e316cc6233ec298864f7758811d67c0785dc9d00383c9b224a1196f691064fb8299b54bd0f36136a4b88ee78db6f85d0512177876a8b658f429d8d7b207af8c38def7d41a589df2ebe884eb8f67deb79f9e1712b6209d53b644c03d36159b07900f8722b903b7687de5acf52d9222112e326b15fe9805e34001355e73f78d51656d1b85c9bda536f61c365dafaf7e8d622980d03daf97b16cc4029d3ee582be04e228744290bd0a3654bab9b9ee759dde903dc3c9ece5353de88647976c8905097b395d37d84310330afcf0266285d49ed0f9106279b5acdfe52e5132c90fd4d78e16ad9d96bd86c34268b679d085cb73a85142d75fd9d453ab4eab15573d1d8d741177e8d7ce829ab2bfb4121779b4036285b19069cf5a8061de365559276de90c164fb18048aaad275667b197e315ab2b06b58c9d3b7c6e263b68b589e67a3985f8d8cf469a4abb2052b55611d6feb78be5c14d5207de2a81a1a92215c57f3605026257447ab32920beb5f8fcda155db22ba57463fef57cada0a9407db9658e855819046b1a9369936a738f48288e788603a8b55cc342f390e19e752d256986fb0a31b3fbf9c56f2bcd5f39b63c9df7881ed97d398aeb26455449516d47ae4efc9d522a12fd1b2e453a3c5d5e2008957456ac456c5f5e3450076cd944bdca126a8e8d4177edd28ed261631fea67cb384561a955cab60c55a354569063475a514047d92c3f574405cb620cbceba3aa38119b86903c07062264c5041738a12b03306da49ebe5199c81b38e662912430497ba166fc2b6c9f698358c91331c351b10670677a82e757e921ffb2020ca7d33fee0af402f8eadb7397143ee0f3ac74302352090010ea8e2da2da23c789d53ddc00d505e521f69f55438f28c55df75cae12fefb99d599a2ad0b952e6038dbbf78a6fecfc1bac30fbd426a1c7b3fd5606c705a1d01524fae2b787c710653e4c4079d0dc152514fb00a30680375d5becdad7eaad8dc34a107d0d23b82db737e76e1b9119ceb2ff63d1d63a4ae34eaaf8575b0f9206aeba2557b6badb61b58d220f3933bcb3dd8285a9690709f49a1a96bad60baa33913d5ec600f5d0d44060126eb8e0410c61275952d8b13fa7946f1ad26726fd25fd34c3b101e55eb669c0c3ffbfc40d01e536a307ff76c6ab07266fbbf60283efdb9b22fe2d139d29a99fc37fa024848c754573a0338cd15093f2a35485165f2cbd17a858e324b275659a7b0d7b6d5e272cf6b6aef0cd8307deef7bf49f35086852ecba3c7abaa41bfa972a288b5c88a99d45208c9e9734ab746b31445717fcd165c057f2f0ff8c12d523e8ceb5231a87009317930cd219e86cbd21bca09006505cd0478d0c8e560004fea1b7fd9241e3bdb2a1eb5717b7b0094d80dfb3ad3160705c360d187d734f75c78270b7859ae7c2d2d96e65d0923e441c1", 0x1000, 0x1, 0x0, {0x0, r11}}, 0x5be) syz_io_uring_submit(r5, r2, &(0x7f0000000280), 0x7) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r12 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r12, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r12, &(0x7f0000000180)='./file0\x00', 0x0) [ 1978.112817] FAULT_INJECTION: forcing a failure. [ 1978.112817] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1978.114833] CPU: 0 PID: 10752 Comm: syz-executor.5 Not tainted 5.10.218 #1 [ 1978.115909] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1978.117133] Call Trace: [ 1978.117545] dump_stack+0x107/0x167 [ 1978.118097] should_fail.cold+0x5/0xa [ 1978.118681] _copy_to_user+0x2e/0x180 [ 1978.119264] simple_read_from_buffer+0xcc/0x160 [ 1978.119967] proc_fail_nth_read+0x198/0x230 [ 1978.120631] ? proc_sessionid_read+0x230/0x230 [ 1978.121311] ? security_file_permission+0x24e/0x570 [ 1978.122053] ? perf_trace_initcall_start+0xf1/0x380 [ 1978.122811] ? proc_sessionid_read+0x230/0x230 [ 1978.123489] vfs_read+0x228/0x580 [ 1978.124020] ksys_read+0x12d/0x260 [ 1978.124570] ? vfs_write+0xa70/0xa70 [ 1978.125147] do_syscall_64+0x33/0x40 [ 1978.125708] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1978.126464] RIP: 0033:0x7f38faccd69c [ 1978.127022] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 1978.129710] RSP: 002b:00007f38f8290170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1978.130833] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00007f38faccd69c [ 1978.131878] RDX: 000000000000000f RSI: 00007f38f82901e0 RDI: 0000000000000004 [ 1978.132931] RBP: 00007f38f82901d0 R08: 0000000000000000 R09: 0000000000000000 [ 1978.133975] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1978.135020] R13: 00007fff8b6f42cf R14: 00007f38f8290300 R15: 0000000000022000 19:10:34 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001d00210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:10:34 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 51) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:10:34 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x953f, 0x0, 0x0, 0xffffffff}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:10:34 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000240)={0x0, 0xfffffffe, 0x20}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, 0xffffffffffffffff, 0x8000000) syz_io_uring_submit(r3, 0x0, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x400e, @fd, 0x2, 0x1ee, 0x5, 0x4}, 0x7) socket(0x8, 0x2, 0xfffffffd) r4 = syz_io_uring_setup(0x447f, &(0x7f00000000c0)={0x0, 0x58c9, 0x2, 0x3, 0x89}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000002c0)=0x0, &(0x7f0000000180)) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) ioctl$FITHAW(r0, 0xc0045878) syz_io_uring_submit(r5, 0x0, &(0x7f0000000300)=@IORING_OP_FALLOCATE={0x11, 0x59f5ee0a7c70a1ba, 0x0, @fd_index=0xa, 0x4, 0x0, 0x10001, 0x0, 0x1, {0x0, r6}}, 0x8000) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r8}, 0x0) r9 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x7}, 0xa30, 0x1000, 0x0, 0x0, 0xfffffffffffffffd, 0xfffffffd, 0x1f}, 0x0, 0xfffffffffffdffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r9, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r7, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x8010, 0xffffffffffffffff, 0x0) r10 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r10, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r10, &(0x7f0000000180)='./file0\x00', 0x0) 19:10:34 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x23, 0x0, 0x2}, 0x8) 19:10:34 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x2}, 0x8) 19:10:34 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000ffffffff7ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:10:34 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 68) [ 1994.077477] FAULT_INJECTION: forcing a failure. [ 1994.077477] name failslab, interval 1, probability 0, space 0, times 0 [ 1994.079650] CPU: 1 PID: 10774 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 1994.080720] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1994.081981] Call Trace: [ 1994.082404] dump_stack+0x107/0x167 [ 1994.082980] should_fail.cold+0x5/0xa [ 1994.083591] should_failslab+0x5/0x20 [ 1994.084192] kmem_cache_alloc_bulk+0x4b/0x320 [ 1994.084910] io_submit_sqes+0x6f76/0x85c0 [ 1994.085577] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1994.086330] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1994.087073] ? lock_downgrade+0x6d0/0x6d0 [ 1994.087698] ? find_held_lock+0x2c/0x110 [ 1994.088329] ? io_submit_sqes+0x85c0/0x85c0 [ 1994.088992] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1994.089738] ? wait_for_completion_io+0x270/0x270 [ 1994.090474] ? rcu_read_lock_any_held+0x75/0xa0 [ 1994.091175] ? vfs_write+0x354/0xa70 [ 1994.091740] ? fput_many+0x2f/0x1a0 [ 1994.092309] ? ksys_write+0x1a9/0x260 [ 1994.092891] ? __ia32_sys_read+0xb0/0xb0 [ 1994.093527] do_syscall_64+0x33/0x40 [ 1994.094087] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1994.094858] RIP: 0033:0x7f3acf5e4b19 [ 1994.095424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1994.098172] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1994.099318] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 1994.100392] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1994.101443] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1994.102486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1994.103706] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 [ 1994.139929] FAULT_INJECTION: forcing a failure. [ 1994.139929] name failslab, interval 1, probability 0, space 0, times 0 [ 1994.141993] CPU: 1 PID: 10776 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 1994.143024] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1994.144249] Call Trace: [ 1994.144666] dump_stack+0x107/0x167 [ 1994.145227] should_fail.cold+0x5/0xa [ 1994.145807] ? __io_queue_sqe+0x666/0x9d0 [ 1994.146442] should_failslab+0x5/0x20 [ 1994.147006] kmem_cache_alloc_trace+0x55/0x320 [ 1994.147686] __io_queue_sqe+0x666/0x9d0 [ 1994.148291] ? io_issue_sqe+0x7700/0x7700 [ 1994.148932] io_submit_sqes+0x4461/0x85c0 [ 1994.149578] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1994.150306] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 1994.151020] ? lock_downgrade+0x6d0/0x6d0 [ 1994.151636] ? find_held_lock+0x2c/0x110 [ 1994.152244] ? io_submit_sqes+0x85c0/0x85c0 [ 1994.152898] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1994.153630] ? wait_for_completion_io+0x270/0x270 [ 1994.154343] ? rcu_read_lock_any_held+0x75/0xa0 [ 1994.155032] ? vfs_write+0x354/0xa70 [ 1994.155584] ? fput_many+0x2f/0x1a0 [ 1994.156125] ? ksys_write+0x1a9/0x260 [ 1994.156695] ? __ia32_sys_read+0xb0/0xb0 [ 1994.157306] do_syscall_64+0x33/0x40 [ 1994.157871] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1994.158636] RIP: 0033:0x7fe5a49a6b19 [ 1994.159193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1994.161879] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1994.162991] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 1994.164035] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 1994.165084] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1994.166368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1994.167611] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:10:35 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001e00210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:10:35 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$vcs(0xffffffffffffff9c, &(0x7f00000001c0), 0x600000, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:10:35 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x24, 0x0, 0x2}, 0x8) 19:10:35 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x3, 0x0, 0x2}, 0x8) 19:10:35 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000007300210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:10:35 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000020000000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:10:35 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x4, 0x0, 0x2}, 0x8) [ 1994.485319] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=115 sclass=netlink_route_socket pid=10801 comm=syz-executor.2 19:10:35 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x25, 0x0, 0x2}, 0x8) 19:10:50 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002002210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:10:50 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000060000000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:10:50 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 52) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:10:50 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1, @perf_config_ext={0x0, 0x3}, 0xa30, 0x7, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r6 = inotify_init1(0x0) r7 = inotify_add_watch(r6, &(0x7f0000000040)='.\x00', 0x2000003) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FALLOCATE={0x11, 0x59f5ee0a7c70a1ba, 0x0, @fd_index, 0x3, 0x0, 0x1, 0x0, 0x1, {0x0, r8}}, 0x8000) r9 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(r6, r7) pwrite64(r9, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r9, r6, 0x0) r10 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, r9, 0x8000000) syz_io_uring_submit(r10, 0x0, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x400e, @fd, 0x2, 0x1ee, 0x5, 0x4, 0x0, {0x0, r5}}, 0x7) syz_io_uring_submit(r4, 0x0, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x2, 0x4007, @fd, 0x44, 0x80, 0xbda9, 0x7, 0x1, {0x1, r5}}, 0x6e7) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x20010, 0xffffffffffffffff, 0x0) 19:10:50 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 69) 19:10:50 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x5, 0x0, 0x2}, 0x8) 19:10:50 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x26, 0x0, 0x2}, 0x8) 19:10:50 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = inotify_init1(0x0) r7 = inotify_add_watch(r6, &(0x7f0000000040)='.\x00', 0x2000003) r8 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(r6, r7) pwrite64(r8, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r8, r6, 0x0) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000500)={{0x1, 0x1, 0x18, r0, {r6}}, './file0\x00'}) r9 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r9, 0x40082406, &(0x7f00000000c0)='\x00') r10 = fspick(r9, &(0x7f0000000180)='./file0\x00', 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000240)={&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000440)="d6ac611db6d8656e6240445fd7444b409380228fc52c325d430c12cca685712e40260b8a3eef4acf0a81e50c4ceb1e05e7c2133c874fc9d5149360a21cc425a8dfebbc2d5685ab7be7db2761ee864a09d2c27297badefba0fb1ec86d49c67e947d7cc8a6aa16676566212bfcd861e006b8d474cc181f669d9e2c2778f657239622075eea7cf02bf5a5d8a4f3", 0x8c, r10}, 0x68) [ 2009.970873] FAULT_INJECTION: forcing a failure. [ 2009.970873] name failslab, interval 1, probability 0, space 0, times 0 [ 2009.972086] CPU: 1 PID: 10826 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 2009.972793] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2009.973632] Call Trace: [ 2009.973912] dump_stack+0x107/0x167 [ 2009.974290] should_fail.cold+0x5/0xa [ 2009.974684] ? create_object.isra.0+0x3a/0xa20 [ 2009.975146] should_failslab+0x5/0x20 [ 2009.975537] kmem_cache_alloc+0x5b/0x310 [ 2009.975956] create_object.isra.0+0x3a/0xa20 [ 2009.976401] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2009.976932] kmem_cache_alloc_bulk+0x168/0x320 [ 2009.977406] io_submit_sqes+0x6f76/0x85c0 [ 2009.977856] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2009.978370] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2009.978867] ? lock_downgrade+0x6d0/0x6d0 [ 2009.979287] ? find_held_lock+0x2c/0x110 [ 2009.979714] ? io_submit_sqes+0x85c0/0x85c0 [ 2009.980173] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2009.980681] ? wait_for_completion_io+0x270/0x270 [ 2009.981182] ? rcu_read_lock_any_held+0x75/0xa0 [ 2009.981663] ? vfs_write+0x354/0xa70 [ 2009.982046] ? fput_many+0x2f/0x1a0 [ 2009.982415] ? ksys_write+0x1a9/0x260 [ 2009.982809] ? __ia32_sys_read+0xb0/0xb0 [ 2009.983228] do_syscall_64+0x33/0x40 [ 2009.983603] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2009.984119] RIP: 0033:0x7f3acf5e4b19 [ 2009.984503] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2009.986327] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2009.987098] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 2009.987814] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2009.988544] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2009.989267] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2009.989987] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 [ 2010.002249] FAULT_INJECTION: forcing a failure. [ 2010.002249] name failslab, interval 1, probability 0, space 0, times 0 [ 2010.004293] CPU: 0 PID: 10829 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 2010.005326] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2010.006541] Call Trace: [ 2010.006942] dump_stack+0x107/0x167 [ 2010.007477] should_fail.cold+0x5/0xa [ 2010.008042] ? create_object.isra.0+0x3a/0xa20 [ 2010.008740] should_failslab+0x5/0x20 [ 2010.009302] kmem_cache_alloc+0x5b/0x310 [ 2010.009911] create_object.isra.0+0x3a/0xa20 [ 2010.010555] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2010.011326] kmem_cache_alloc_trace+0x151/0x320 [ 2010.012052] __io_queue_sqe+0x666/0x9d0 [ 2010.012666] ? io_issue_sqe+0x7700/0x7700 [ 2010.013295] io_submit_sqes+0x4461/0x85c0 [ 2010.013954] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2010.014687] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2010.015430] ? lock_downgrade+0x6d0/0x6d0 [ 2010.016032] ? find_held_lock+0x2c/0x110 [ 2010.016636] ? io_submit_sqes+0x85c0/0x85c0 [ 2010.017271] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2010.017982] ? wait_for_completion_io+0x270/0x270 [ 2010.018695] ? rcu_read_lock_any_held+0x75/0xa0 [ 2010.019378] ? vfs_write+0x354/0xa70 [ 2010.019927] ? fput_many+0x2f/0x1a0 [ 2010.020472] ? ksys_write+0x1a9/0x260 [ 2010.021036] ? __ia32_sys_read+0xb0/0xb0 [ 2010.021652] do_syscall_64+0x33/0x40 [ 2010.022192] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2010.022934] RIP: 0033:0x7fe5a49a6b19 [ 2010.023482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2010.026144] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2010.027256] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 2010.028299] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2010.029353] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2010.030398] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2010.031437] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:10:51 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x27, 0x0, 0x2}, 0x8) [ 2010.042128] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=544 sclass=netlink_route_socket pid=10831 comm=syz-executor.2 19:10:51 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x6, 0x0, 0x2}, 0x8) 19:10:51 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002003210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) [ 2010.220205] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=800 sclass=netlink_route_socket pid=10840 comm=syz-executor.2 19:10:51 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 53) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:10:51 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x28, 0x0, 0x2}, 0x8) 19:10:51 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000600000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:10:51 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002004210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:10:51 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x100010, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x800000, 0x3}, 0x200, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) r6 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(0xffffffffffffffff, 0x0) pwrite64(r6, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r6, 0xffffffffffffffff, 0x0) r7 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, 0xffffffffffffffff, 0x8000000) syz_io_uring_submit(r7, r2, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x400e, @fd, 0x2, 0x9, 0x5, 0x4, 0x1}, 0x80000000) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000001900)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r4, 0x0, &(0x7f00000018c0)={0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000000440)=""/220, 0xdc}, {&(0x7f0000000200)=""/186, 0xba}, {&(0x7f0000000540)=""/59, 0x3b}, {&(0x7f00000006c0)=""/4096, 0x1000}, {&(0x7f0000000580)=""/246, 0xf6}, {&(0x7f00000016c0)=""/206, 0xce}], 0x6, &(0x7f0000001840)=""/77, 0x4d}, 0x0, 0x0, 0x0, {0x2, r8}}, 0x32b) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r9 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r9, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r9, &(0x7f0000000180)='./file0\x00', 0x0) [ 2010.384985] FAULT_INJECTION: forcing a failure. [ 2010.384985] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2010.387027] CPU: 0 PID: 10847 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 2010.388060] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2010.389294] Call Trace: [ 2010.389693] dump_stack+0x107/0x167 [ 2010.390239] should_fail.cold+0x5/0xa [ 2010.390820] __alloc_pages_nodemask+0x182/0x600 [ 2010.391518] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 2010.392437] alloc_pages_current+0x187/0x280 [ 2010.393112] allocate_slab+0x26f/0x380 [ 2010.393705] ___slab_alloc+0x470/0x700 [ 2010.394289] ? io_submit_sqes+0x6f76/0x85c0 [ 2010.394964] ? kmem_cache_alloc_bulk+0x1ec/0x320 [ 2010.395665] kmem_cache_alloc_bulk+0x1ec/0x320 [ 2010.396360] io_submit_sqes+0x6f76/0x85c0 [ 2010.397026] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2010.397770] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2010.398505] ? lock_downgrade+0x6d0/0x6d0 [ 2010.399123] ? find_held_lock+0x2c/0x110 [ 2010.399738] ? io_submit_sqes+0x85c0/0x85c0 [ 2010.400398] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2010.401119] ? wait_for_completion_io+0x270/0x270 [ 2010.401830] ? rcu_read_lock_any_held+0x75/0xa0 [ 2010.402517] ? vfs_write+0x354/0xa70 [ 2010.403073] ? fput_many+0x2f/0x1a0 [ 2010.403615] ? ksys_write+0x1a9/0x260 [ 2010.404180] ? __ia32_sys_read+0xb0/0xb0 [ 2010.404800] do_syscall_64+0x33/0x40 [ 2010.405353] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2010.406106] RIP: 0033:0x7f3acf5e4b19 [ 2010.406656] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2010.409343] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2010.410459] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 2010.411507] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2010.412557] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2010.413602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2010.414649] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 [ 2010.461240] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1056 sclass=netlink_route_socket pid=10854 comm=syz-executor.2 19:11:05 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x29, 0x0, 0x2}, 0x8) 19:11:05 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002005210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:11:05 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 70) 19:11:05 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x4, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:11:05 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x7, 0x0, 0x2}, 0x8) 19:11:05 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000340)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = syz_io_uring_setup(0x457f, &(0x7f00000000c0)={0x0, 0x58c9, 0x2, 0x3, 0x8b}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000002c0), &(0x7f0000000180)) io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ff2000/0x3000)=nil, 0x3000, 0x4000001, 0x10010, r5, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r7 = mmap$IORING_OFF_CQ_RING(&(0x7f0000fef000/0xe000)=nil, 0xe000, 0x2000008, 0x112, r0, 0x8000000) syz_io_uring_setup(0xb0b, &(0x7f0000000040)={0x0, 0x389c, 0x4, 0x3, 0x2e, 0x0, r0}, &(0x7f0000ff6000/0x2000)=nil, &(0x7f0000fef000/0x4000)=nil, &(0x7f00000000c0), &(0x7f0000000180)=0x0) r9 = socket$inet6_tcp(0xa, 0x1, 0x0) shutdown(r9, 0x1) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, 0x10, 0xffffffffffffffff, 0x0) r10 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000001c0), 0x8002, 0x0) r11 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r7, r8, &(0x7f0000000280)=@IORING_OP_FILES_UPDATE={0x14, 0x1, 0x0, 0x0, 0xb13d, &(0x7f0000000240)=[r4, r3, r3, r10, r3, r3, r0, 0xffffffffffffffff, 0xffffffffffffffff, r0], 0xa, 0x0, 0x1, {0x0, r11}}, 0x2) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) 19:11:05 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000002000000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:11:05 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 54) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) [ 2024.386617] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1312 sclass=netlink_route_socket pid=10873 comm=syz-executor.2 [ 2024.401440] FAULT_INJECTION: forcing a failure. [ 2024.401440] name failslab, interval 1, probability 0, space 0, times 0 [ 2024.403503] CPU: 1 PID: 10872 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 2024.404537] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2024.405783] Call Trace: [ 2024.406185] dump_stack+0x107/0x167 [ 2024.406736] should_fail.cold+0x5/0xa [ 2024.407306] ? __io_queue_sqe+0x666/0x9d0 [ 2024.407933] should_failslab+0x5/0x20 [ 2024.408502] kmem_cache_alloc_trace+0x55/0x320 [ 2024.409205] __io_queue_sqe+0x666/0x9d0 [ 2024.409817] ? io_issue_sqe+0x7700/0x7700 [ 2024.410466] io_submit_sqes+0x4461/0x85c0 [ 2024.411124] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2024.411873] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2024.412606] ? lock_downgrade+0x6d0/0x6d0 [ 2024.413227] ? find_held_lock+0x2c/0x110 [ 2024.413854] ? io_submit_sqes+0x85c0/0x85c0 [ 2024.414515] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2024.415235] ? wait_for_completion_io+0x270/0x270 [ 2024.415956] ? rcu_read_lock_any_held+0x75/0xa0 [ 2024.416655] ? vfs_write+0x354/0xa70 [ 2024.417217] ? fput_many+0x2f/0x1a0 [ 2024.417773] ? ksys_write+0x1a9/0x260 [ 2024.418349] ? __ia32_sys_read+0xb0/0xb0 [ 2024.418971] do_syscall_64+0x33/0x40 [ 2024.419535] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2024.420303] RIP: 0033:0x7fe5a49a6b19 [ 2024.420878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2024.423594] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2024.424727] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 2024.425789] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2024.426838] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2024.427879] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2024.428941] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 [ 2024.477274] FAULT_INJECTION: forcing a failure. [ 2024.477274] name failslab, interval 1, probability 0, space 0, times 0 [ 2024.479329] CPU: 1 PID: 10878 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 2024.480352] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2024.481569] Call Trace: [ 2024.481965] dump_stack+0x107/0x167 [ 2024.482538] should_fail.cold+0x5/0xa [ 2024.483166] ? create_object.isra.0+0x3a/0xa20 [ 2024.483847] should_failslab+0x5/0x20 [ 2024.484528] kmem_cache_alloc+0x5b/0x310 [ 2024.485366] ? mark_held_locks+0x9e/0xe0 [ 2024.485971] create_object.isra.0+0x3a/0xa20 [ 2024.486622] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2024.487376] kmem_cache_alloc_bulk+0x168/0x320 19:11:05 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x8, 0x0, 0x2}, 0x8) [ 2024.488063] io_submit_sqes+0x6f76/0x85c0 [ 2024.488891] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2024.489625] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2024.490341] ? lock_downgrade+0x6d0/0x6d0 [ 2024.490950] ? find_held_lock+0x2c/0x110 [ 2024.491557] ? io_submit_sqes+0x85c0/0x85c0 [ 2024.492209] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2024.492943] ? wait_for_completion_io+0x270/0x270 [ 2024.493838] ? rcu_read_lock_any_held+0x75/0xa0 [ 2024.494663] ? vfs_write+0x354/0xa70 [ 2024.495324] ? fput_many+0x2f/0x1a0 [ 2024.496012] ? ksys_write+0x1a9/0x260 [ 2024.496646] ? __ia32_sys_read+0xb0/0xb0 [ 2024.497365] do_syscall_64+0x33/0x40 [ 2024.498098] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2024.498933] RIP: 0033:0x7f3acf5e4b19 [ 2024.499649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2024.502902] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2024.504221] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 2024.505535] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2024.506676] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2024.507906] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2024.509245] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 19:11:05 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002006210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:11:05 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x6}}, './file0\x00'}) ioctl$BTRFS_IOC_SYNC(r6, 0x9408, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r7 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r7, &(0x7f0000000180)='./file0\x00', 0x0) 19:11:05 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2a, 0x0, 0x2}, 0x8) 19:11:05 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x9, 0x0, 0x2}, 0x8) [ 2024.694179] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1568 sclass=netlink_route_socket pid=10896 comm=syz-executor.2 19:11:05 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r5 = inotify_init1(0x0) r6 = inotify_add_watch(r5, &(0x7f0000000040)='.\x00', 0x2000003) r7 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(r5, r6) pwrite64(r7, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r7, r5, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, r7, 0x8000000) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r7, 0xc018937d, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0x5ac16a27}}, './file0\x00'}) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:11:05 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000020000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:11:05 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2b, 0x0, 0x2}, 0x8) 19:11:21 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0xa, 0x0, 0x2}, 0x8) 19:11:21 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 55) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:11:21 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000010000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:11:21 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r6 = inotify_init1(0x0) r7 = inotify_add_watch(r6, &(0x7f0000000040)='.\x00', 0x2000003) r8 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(r6, r7) pwrite64(r8, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r8, r6, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, r8, 0x8000000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, r8, 0x0) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_FADVISE={0x18, 0x5, 0x0, @fd=r3, 0x20, 0x0, 0x7, 0x3, 0x0, {0x0, r9}}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r10 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r10, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r10, &(0x7f0000000180)='./file0\x00', 0x0) 19:11:21 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 71) 19:11:21 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002007210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:11:21 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x300, 0x0, 0x2}, 0x8) 19:11:21 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0xffffffff, 0xab23d622f166dde2, 0x0, 0x13f}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000540)=0x0, &(0x7f0000000580)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet6_icmp(0xa, 0x2, 0x3a) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FALLOCATE={0x11, 0x59f5ee0a7c70a1ba, 0x0, @fd_index, 0x3, 0x0, 0x1, 0x0, 0x1, {0x0, r5}}, 0x8000) r6 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(0xffffffffffffffff, 0x0) pwrite64(r6, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r6, 0xffffffffffffffff, 0x0) r7 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, r6, 0x8000000) syz_io_uring_submit(r7, 0x0, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x400e, @fd, 0x2, 0x1ee, 0x5, 0x4}, 0x7) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f00000004c0)=@IORING_OP_RECVMSG={0xa, 0x5, 0x0, r3, 0x0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000340)=""/216, 0xd8}, {&(0x7f0000000240)=""/95, 0x5f}], 0x2, &(0x7f0000000440)=""/86, 0x56}, 0x0, 0x40, 0x0, {0x0, r8}}, 0xffff) ioctl$FS_IOC_READ_VERITY_METADATA(r0, 0xc0286687, &(0x7f00000000c0)={0x3, 0x8, 0x1d, &(0x7f0000000080)=""/29}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x2, 0x0, r4, 0x0, &(0x7f0000000500)="f22f8b4436c585bc349f74325116e6501d43df05ca725a63f9484d6901d8b6f66eae94d8b72feeacd58e268cc1bfc0", 0x79, 0x8023}, 0x8) r9 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r9, r2, &(0x7f0000000180)=@IORING_OP_MADVISE={0x19, 0x2, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2, 0x1}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) [ 2040.060890] FAULT_INJECTION: forcing a failure. [ 2040.060890] name failslab, interval 1, probability 0, space 0, times 0 [ 2040.062640] CPU: 0 PID: 10923 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 2040.063364] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2040.064144] Call Trace: [ 2040.064403] dump_stack+0x107/0x167 [ 2040.064753] should_fail.cold+0x5/0xa [ 2040.065132] ? create_object.isra.0+0x3a/0xa20 [ 2040.065567] should_failslab+0x5/0x20 [ 2040.065933] kmem_cache_alloc+0x5b/0x310 [ 2040.066322] ? mark_held_locks+0x9e/0xe0 [ 2040.066710] create_object.isra.0+0x3a/0xa20 [ 2040.067129] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2040.067622] kmem_cache_alloc_bulk+0x168/0x320 [ 2040.068063] io_submit_sqes+0x6f76/0x85c0 [ 2040.068485] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2040.068966] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2040.069428] ? lock_downgrade+0x6d0/0x6d0 [ 2040.069822] ? find_held_lock+0x2c/0x110 [ 2040.070212] ? io_submit_sqes+0x85c0/0x85c0 [ 2040.070632] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2040.071093] ? wait_for_completion_io+0x270/0x270 [ 2040.071555] ? rcu_read_lock_any_held+0x75/0xa0 [ 2040.071999] ? vfs_write+0x354/0xa70 [ 2040.072356] ? fput_many+0x2f/0x1a0 [ 2040.072705] ? ksys_write+0x1a9/0x260 [ 2040.073077] ? __ia32_sys_read+0xb0/0xb0 [ 2040.073472] do_syscall_64+0x33/0x40 [ 2040.073828] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2040.074314] RIP: 0033:0x7f3acf5e4b19 [ 2040.074670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2040.076389] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2040.077113] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 2040.077775] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2040.078441] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2040.079105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2040.079767] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 [ 2040.085221] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1824 sclass=netlink_route_socket pid=10929 comm=syz-executor.2 [ 2040.104153] FAULT_INJECTION: forcing a failure. [ 2040.104153] name failslab, interval 1, probability 0, space 0, times 0 [ 2040.106173] CPU: 1 PID: 10928 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 2040.107204] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2040.108421] Call Trace: [ 2040.108832] dump_stack+0x107/0x167 [ 2040.109383] should_fail.cold+0x5/0xa [ 2040.109953] ? create_object.isra.0+0x3a/0xa20 [ 2040.110638] should_failslab+0x5/0x20 [ 2040.111207] kmem_cache_alloc+0x5b/0x310 [ 2040.111823] create_object.isra.0+0x3a/0xa20 [ 2040.112477] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2040.113242] kmem_cache_alloc_trace+0x151/0x320 [ 2040.113943] __io_queue_sqe+0x666/0x9d0 [ 2040.114540] ? io_issue_sqe+0x7700/0x7700 [ 2040.115179] io_submit_sqes+0x4461/0x85c0 [ 2040.115834] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2040.116579] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2040.117301] ? lock_downgrade+0x6d0/0x6d0 [ 2040.117920] ? find_held_lock+0x2c/0x110 [ 2040.118525] ? io_submit_sqes+0x85c0/0x85c0 [ 2040.119177] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2040.119897] ? wait_for_completion_io+0x270/0x270 19:11:21 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x500, 0x0, 0x2}, 0x8) [ 2040.120620] ? rcu_read_lock_any_held+0x75/0xa0 [ 2040.121493] ? vfs_write+0x354/0xa70 [ 2040.122045] ? fput_many+0x2f/0x1a0 [ 2040.122586] ? ksys_write+0x1a9/0x260 [ 2040.123152] ? __ia32_sys_read+0xb0/0xb0 [ 2040.123768] do_syscall_64+0x33/0x40 [ 2040.124321] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2040.125079] RIP: 0033:0x7fe5a49a6b19 [ 2040.125638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2040.128283] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2040.129414] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 2040.130718] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2040.131760] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2040.132801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2040.133851] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:11:21 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002009210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:11:21 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0xb, 0x0, 0x2}, 0x8) 19:11:21 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000020000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:11:21 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000009, 0x113, r3, 0xf50c2000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:11:21 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000040)='.\x00', 0x2000003) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r5 = syz_io_uring_setup(0x3, &(0x7f0000000080), &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000280), &(0x7f0000000540)) io_uring_enter(r5, 0x5c33, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ftruncate(r4, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r7}, 0x0) r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r6, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r9 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r9, 0x40082406, &(0x7f00000000c0)='\x00') 19:11:21 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 72) [ 2040.329551] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2336 sclass=netlink_route_socket pid=10941 comm=syz-executor.2 19:11:21 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x600, 0x0, 0x2}, 0x8) 19:11:21 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="28000000200f210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:11:21 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 56) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:11:21 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0xc, 0x0, 0x2}, 0x8) 19:11:21 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000060000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') [ 2040.446194] FAULT_INJECTION: forcing a failure. [ 2040.446194] name failslab, interval 1, probability 0, space 0, times 0 [ 2040.447345] CPU: 0 PID: 10951 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 2040.447905] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2040.448566] Call Trace: [ 2040.448797] dump_stack+0x107/0x167 [ 2040.449103] should_fail.cold+0x5/0xa [ 2040.449417] ? __io_queue_sqe+0x666/0x9d0 [ 2040.449759] should_failslab+0x5/0x20 [ 2040.450073] kmem_cache_alloc_trace+0x55/0x320 [ 2040.450456] __io_queue_sqe+0x666/0x9d0 [ 2040.450788] ? io_issue_sqe+0x7700/0x7700 [ 2040.451135] io_submit_sqes+0x4461/0x85c0 [ 2040.451499] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2040.451908] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2040.452309] ? lock_downgrade+0x6d0/0x6d0 [ 2040.452655] ? find_held_lock+0x2c/0x110 [ 2040.453002] ? io_submit_sqes+0x85c0/0x85c0 [ 2040.453359] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2040.453758] ? wait_for_completion_io+0x270/0x270 [ 2040.454155] ? rcu_read_lock_any_held+0x75/0xa0 [ 2040.454539] ? vfs_write+0x354/0xa70 [ 2040.454847] ? fput_many+0x2f/0x1a0 [ 2040.455146] ? ksys_write+0x1a9/0x260 [ 2040.455460] ? __ia32_sys_read+0xb0/0xb0 [ 2040.455800] do_syscall_64+0x33/0x40 [ 2040.456107] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2040.456529] RIP: 0033:0x7fe5a49a6b19 [ 2040.456845] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2040.458342] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2040.458963] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 2040.459540] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2040.460111] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2040.460691] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2040.461278] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:11:21 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x700, 0x0, 0x2}, 0x8) [ 2040.545315] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=3872 sclass=netlink_route_socket pid=10959 comm=syz-executor.2 19:11:21 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0xd, 0x0, 0x2}, 0x8) 19:11:21 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002060210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) [ 2040.628025] FAULT_INJECTION: forcing a failure. [ 2040.628025] name failslab, interval 1, probability 0, space 0, times 0 [ 2040.629089] CPU: 0 PID: 10966 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 2040.629640] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2040.630306] Call Trace: [ 2040.630522] dump_stack+0x107/0x167 [ 2040.630816] should_fail.cold+0x5/0xa [ 2040.631129] ? create_object.isra.0+0x3a/0xa20 [ 2040.631497] should_failslab+0x5/0x20 [ 2040.631806] kmem_cache_alloc+0x5b/0x310 [ 2040.632147] create_object.isra.0+0x3a/0xa20 [ 2040.632494] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2040.632916] kmem_cache_alloc_trace+0x151/0x320 [ 2040.633290] __io_queue_sqe+0x666/0x9d0 [ 2040.633620] ? io_issue_sqe+0x7700/0x7700 [ 2040.633961] io_submit_sqes+0x4461/0x85c0 [ 2040.634322] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2040.634765] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2040.635160] ? lock_downgrade+0x6d0/0x6d0 [ 2040.635495] ? find_held_lock+0x2c/0x110 [ 2040.635828] ? io_submit_sqes+0x85c0/0x85c0 [ 2040.636189] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2040.636583] ? wait_for_completion_io+0x270/0x270 [ 2040.636983] ? rcu_read_lock_any_held+0x75/0xa0 [ 2040.637357] ? vfs_write+0x354/0xa70 [ 2040.637668] ? fput_many+0x2f/0x1a0 [ 2040.637961] ? ksys_write+0x1a9/0x260 [ 2040.638270] ? __ia32_sys_read+0xb0/0xb0 [ 2040.638610] do_syscall_64+0x33/0x40 [ 2040.638914] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2040.639327] RIP: 0033:0x7f3acf5e4b19 [ 2040.639630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2040.641103] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2040.641715] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 2040.642285] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2040.642857] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2040.643431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2040.644003] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 [ 2040.717560] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=24608 sclass=netlink_route_socket pid=10973 comm=syz-executor.2 19:11:21 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x900, 0x0, 0x2}, 0x8) 19:11:21 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:11:21 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000200000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:11:21 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210300000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:11:21 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0xe, 0x0, 0x2}, 0x8) 19:11:36 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 57) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:11:36 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0xf, 0x0, 0x2}, 0x8) 19:11:36 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000212800000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:11:36 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r5 = perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c, 0x1, @perf_config_ext={0x0, 0xffffffffffffffff}, 0xa30, 0x0, 0x0, 0x2, 0x0, 0xbffffffd}, 0x0, 0x3, 0xffffffffffffffff, 0x0) r6 = getpgid(0xffffffffffffffff) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x8, 0x2, 0x8, 0x5, 0x0, 0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x2, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0xffffff81, 0x0, @perf_config_ext={0x9b8, 0x4}, 0x200, 0x4, 0x10001, 0x3, 0x5, 0x1, 0x1, 0x0, 0xbffe, 0x0, 0x2}, r6, 0xa, r5, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r7 = syz_open_dev$rtc(&(0x7f0000000040), 0x5, 0x100) r8 = syz_io_uring_setup(0x457f, &(0x7f00000000c0)={0x0, 0x58c9, 0x2, 0x3, 0x8b}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000002c0), &(0x7f0000000180)) io_uring_register$IORING_REGISTER_PERSONALITY(r8, 0x9, 0x0, 0x0) dup2(r7, r8) 19:11:36 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 73) 19:11:36 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0xa00, 0x0, 0x2}, 0x8) 19:11:36 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) r6 = syz_io_uring_setup(0x457f, &(0x7f00000000c0)={0x0, 0x58c9, 0x2, 0x3, 0x8b}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000002c0), &(0x7f0000000180)) io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0) r7 = syz_io_uring_setup(0x457f, &(0x7f00000000c0)={0x0, 0x58c9, 0x2, 0x3, 0x8b}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000002c0), &(0x7f0000000180)) io_uring_register$IORING_REGISTER_PERSONALITY(r7, 0x9, 0x0, 0x0) io_uring_enter(r7, 0x58ab, 0xfffffffc, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r8 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r8, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r8, &(0x7f0000000180)='./file0\x00', 0x0) 19:11:36 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000600000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:11:36 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x10, 0x0, 0x2}, 0x8) [ 2055.085822] FAULT_INJECTION: forcing a failure. [ 2055.085822] name failslab, interval 1, probability 0, space 0, times 0 [ 2055.087945] CPU: 1 PID: 11004 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 2055.089044] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2055.090262] Call Trace: [ 2055.090666] dump_stack+0x107/0x167 [ 2055.091217] should_fail.cold+0x5/0xa [ 2055.091795] ? create_object.isra.0+0x3a/0xa20 [ 2055.092478] should_failslab+0x5/0x20 [ 2055.093052] kmem_cache_alloc+0x5b/0x310 [ 2055.093656] ? mark_held_locks+0x9e/0xe0 [ 2055.094414] create_object.isra.0+0x3a/0xa20 [ 2055.095139] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2055.096117] kmem_cache_alloc_bulk+0x168/0x320 [ 2055.096797] io_submit_sqes+0x6f76/0x85c0 [ 2055.097460] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2055.098181] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2055.098892] ? lock_downgrade+0x6d0/0x6d0 [ 2055.099493] ? find_held_lock+0x2c/0x110 [ 2055.100095] ? io_submit_sqes+0x85c0/0x85c0 [ 2055.100739] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2055.101456] ? wait_for_completion_io+0x270/0x270 [ 2055.102178] ? rcu_read_lock_any_held+0x75/0xa0 [ 2055.102865] ? vfs_write+0x354/0xa70 [ 2055.103411] ? fput_many+0x2f/0x1a0 [ 2055.103953] ? ksys_write+0x1a9/0x260 [ 2055.104511] ? __ia32_sys_read+0xb0/0xb0 [ 2055.105137] do_syscall_64+0x33/0x40 [ 2055.105687] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2055.106437] RIP: 0033:0x7f3acf5e4b19 [ 2055.106988] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2055.109658] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2055.110931] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 2055.112178] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2055.113308] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2055.114353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2055.115399] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 [ 2055.144530] FAULT_INJECTION: forcing a failure. [ 2055.144530] name failslab, interval 1, probability 0, space 0, times 0 [ 2055.146390] CPU: 1 PID: 11006 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 2055.147437] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2055.148676] Call Trace: [ 2055.149098] dump_stack+0x107/0x167 [ 2055.149657] should_fail.cold+0x5/0xa [ 2055.150249] ? create_object.isra.0+0x3a/0xa20 [ 2055.150949] should_failslab+0x5/0x20 [ 2055.151524] kmem_cache_alloc+0x5b/0x310 [ 2055.152144] create_object.isra.0+0x3a/0xa20 [ 2055.152807] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2055.153586] kmem_cache_alloc_trace+0x151/0x320 [ 2055.154296] __io_queue_sqe+0x666/0x9d0 [ 2055.154899] ? io_issue_sqe+0x7700/0x7700 [ 2055.155545] io_submit_sqes+0x4461/0x85c0 [ 2055.156204] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2055.156957] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2055.157696] ? lock_downgrade+0x6d0/0x6d0 [ 2055.158318] ? find_held_lock+0x2c/0x110 [ 2055.158932] ? io_submit_sqes+0x85c0/0x85c0 [ 2055.159589] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2055.160310] ? wait_for_completion_io+0x270/0x270 [ 2055.161049] ? rcu_read_lock_any_held+0x75/0xa0 [ 2055.161751] ? vfs_write+0x354/0xa70 [ 2055.162318] ? fput_many+0x2f/0x1a0 [ 2055.162865] ? ksys_write+0x1a9/0x260 [ 2055.163436] ? __ia32_sys_read+0xb0/0xb0 [ 2055.164058] do_syscall_64+0x33/0x40 [ 2055.164622] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2055.165388] RIP: 0033:0x7fe5a49a6b19 [ 2055.165955] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2055.168664] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2055.169813] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 2055.170873] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2055.171932] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2055.173004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 19:11:36 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000213d00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) [ 2055.174074] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:11:36 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0xb00, 0x0, 0x2}, 0x8) 19:11:36 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000006000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:11:36 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x11, 0x0, 0x2}, 0x8) 19:11:36 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c02000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:11:36 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x401, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:11:36 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0xc00, 0x0, 0x2}, 0x8) 19:11:50 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 58) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:11:50 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000240)={0xa, 0x0, 0x0, @private0}, &(0x7f0000000280)=0x1c, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000340)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x2, 0x0, 0xffffffffffffffff, &(0x7f00000001c0)={0x80000000}, r4}, 0x3) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2, 0x50, r0, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:11:50 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 74) 19:11:50 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c03000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:11:50 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0xd00, 0x0, 0x2}, 0x8) 19:11:50 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x12, 0x0, 0x2}, 0x8) 19:11:50 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000020000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:11:50 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff}) syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_MADVISE={0x19, 0x3, 0x0, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil, 0x1000, 0x65, 0x1}, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r1, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r2, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r4 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f00000001c0), 0x8480, 0x0) fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000000240)=0x4) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) r6 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(0xffffffffffffffff, 0x0) pwrite64(r6, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r6, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, r6, 0x8000000) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r6, 0x4058534c, &(0x7f0000000440)={0x5, 0x400, 0x4, 0x0, 0x7fff, 0x3f}) [ 2069.762315] FAULT_INJECTION: forcing a failure. [ 2069.762315] name failslab, interval 1, probability 0, space 0, times 0 [ 2069.763598] CPU: 0 PID: 11056 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 2069.764215] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2069.764944] Call Trace: [ 2069.765199] dump_stack+0x107/0x167 [ 2069.765536] should_fail.cold+0x5/0xa [ 2069.765877] ? create_object.isra.0+0x3a/0xa20 [ 2069.766297] should_failslab+0x5/0x20 [ 2069.766649] kmem_cache_alloc+0x5b/0x310 [ 2069.767014] ? mark_held_locks+0x9e/0xe0 [ 2069.767385] create_object.isra.0+0x3a/0xa20 [ 2069.767782] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2069.768204] kmem_cache_alloc_bulk+0x168/0x320 [ 2069.768585] io_submit_sqes+0x6f76/0x85c0 [ 2069.768947] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2069.769359] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2069.769786] ? lock_downgrade+0x6d0/0x6d0 [ 2069.770127] ? find_held_lock+0x2c/0x110 [ 2069.770487] ? io_submit_sqes+0x85c0/0x85c0 [ 2069.770870] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2069.771306] ? wait_for_completion_io+0x270/0x270 [ 2069.771740] ? rcu_read_lock_any_held+0x75/0xa0 [ 2069.772120] ? vfs_write+0x354/0xa70 [ 2069.772436] ? fput_many+0x2f/0x1a0 [ 2069.772737] ? ksys_write+0x1a9/0x260 [ 2069.773073] ? __ia32_sys_read+0xb0/0xb0 [ 2069.773447] do_syscall_64+0x33/0x40 [ 2069.773753] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2069.774192] RIP: 0033:0x7f3acf5e4b19 [ 2069.774516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2069.776053] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2069.776673] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 2069.777256] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2069.777871] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2069.778449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2069.779059] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 [ 2069.813544] FAULT_INJECTION: forcing a failure. [ 2069.813544] name failslab, interval 1, probability 0, space 0, times 0 [ 2069.815311] CPU: 1 PID: 11060 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 2069.816349] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2069.817584] Call Trace: [ 2069.818013] dump_stack+0x107/0x167 [ 2069.818581] should_fail.cold+0x5/0xa [ 2069.819155] ? __io_queue_sqe+0x666/0x9d0 [ 2069.819793] should_failslab+0x5/0x20 [ 2069.820353] kmem_cache_alloc_trace+0x55/0x320 [ 2069.821052] __io_queue_sqe+0x666/0x9d0 [ 2069.821689] ? io_issue_sqe+0x7700/0x7700 [ 2069.822307] io_submit_sqes+0x4461/0x85c0 [ 2069.822988] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2069.823754] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2069.824477] ? lock_downgrade+0x6d0/0x6d0 [ 2069.825118] ? find_held_lock+0x2c/0x110 [ 2069.825794] ? io_submit_sqes+0x85c0/0x85c0 [ 2069.826454] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2069.827184] ? wait_for_completion_io+0x270/0x270 [ 2069.827898] ? rcu_read_lock_any_held+0x75/0xa0 [ 2069.828580] ? vfs_write+0x354/0xa70 [ 2069.829140] ? fput_many+0x2f/0x1a0 [ 2069.829717] ? ksys_write+0x1a9/0x260 [ 2069.830253] ? __ia32_sys_read+0xb0/0xb0 [ 2069.830898] do_syscall_64+0x33/0x40 [ 2069.831425] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2069.832208] RIP: 0033:0x7fe5a49a6b19 [ 2069.832778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2069.835439] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2069.836593] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 2069.837688] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2069.838749] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2069.839796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2069.840865] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:11:50 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c04000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:11:50 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0xe00, 0x0, 0x2}, 0x8) 19:11:50 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x13, 0x0, 0x2}, 0x8) 19:11:50 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = syz_io_uring_setup(0x45bd, &(0x7f0000000240)={0x0, 0x87e2, 0x4, 0x1, 0x12f}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000440)=0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r7 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x40082406, &(0x7f00000000c0)='\x00') io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r6, &(0x7f0000000480)=@IORING_OP_WRITE_FIXED={0x5, 0x2, 0x2007, @fd_index=0x5, 0x401, 0xffffffffffff0000, 0x8001, 0x8, 0x0, {0x3}}, 0x5) r8 = syz_open_dev$vcsu(&(0x7f00000004c0), 0x40, 0x6000) sendfile(0xffffffffffffffff, r8, &(0x7f0000000500)=0xe5dc56, 0x400) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, 0xffffffffffffffff, 0x8000000) io_uring_enter(0xffffffffffffffff, 0xda3, 0xc727, 0x2, &(0x7f0000000540)={[0x2]}, 0x8) fspick(r7, &(0x7f0000000180)='./file0\x00', 0x0) 19:11:50 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000200000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:11:51 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x14, 0x0, 0x2}, 0x8) 19:11:51 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0xf00, 0x0, 0x2}, 0x8) 19:12:04 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000100007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:12:04 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 59) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:12:04 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0xe14fe75ea411543c, 0x0, 0xfffffffd, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f0000000440)='|\x8bcUQ\xe6\xeb\xea\xb6\xbd\xdb\xe7\xe4\x01\xf4\x99\x19\xa2\x86\xab\x16k\xbdN\x95\xe5w\xbf\b\xcd\x83\x84x@N\xdb)nZ\xbf\xd0q\x062bL\xba\xc1\xf2\xff6\x1bX\xd7\xe0\xc0\x81\xeb\x1c\x92\xd5\x06\xee\"\x82\xb7\x8a\x1a\xa5\x14J\xc1\xda\x8b\xdcV\xc8@B\x9e\xf5#\x19;a}\xf7\xb30\x19j>\xad\xe1\x1a\x85\x06\x92\x04\xb4\"x\xec\x8e\xe5\xe0_\x14\x90\xd3\xbb\xc9\xa0\xf3qTh5m\xd0\xb0\x00\x00\x00\x00pG\x9dj\xdb8\xd6\f\x1077\xee\xa7\xc8-\xdc\xd4\xc0\x05\xee\xb8\xcd??\xee?\x9b\xdfs\xe5\xb8\xc5\xf2\xd0t7\xb3AeS\"FL\xb6\xee\x03\xf8\xd3mN\xf3 &B\x1dTQ\x05B4A\xbe\xf1\xbd\xd7I\\\x9a#\xfc\xbb\x18(') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FALLOCATE={0x11, 0x59f5ee0a7c70a1ba, 0x0, @fd_index, 0x3, 0x0, 0x1, 0x0, 0x1}, 0x8000) r7 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(0xffffffffffffffff, 0x0) pwrite64(r7, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r7, 0xffffffffffffffff, 0x0) r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, r7, 0x8000000) syz_io_uring_submit(r8, 0x0, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x400e, @fd, 0x2, 0x1ee, 0x5, 0x4}, 0x7) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x4, 0x0, 0x8bd, 0x0, 0x0, 0x0, 0x0, 0x1, {0x3}}, 0x6) 19:12:04 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x1, 0x2}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8010, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x300000c, 0x40010, r0, 0x0) syz_io_uring_setup(0x6cd5, &(0x7f0000000040)={0x0, 0x71ee, 0x1, 0x1, 0x2d0, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0), &(0x7f0000000180)=0x0) r8 = syz_open_dev$vcsu(&(0x7f0000000280), 0x0, 0x30040) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r8, 0x9, 0x0, 0x0) syz_io_uring_setup(0x20ff, &(0x7f0000000340)={0x0, 0x9ec8, 0x1, 0x0, 0x76}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000003c0), &(0x7f0000000400)=0x0) pipe2(&(0x7f0000000440)={0xffffffffffffffff}, 0x800) syz_io_uring_submit(r1, r10, &(0x7f0000001940)=@IORING_OP_RECVMSG={0xa, 0x5, 0x0, r11, 0x0, &(0x7f0000001900)={&(0x7f0000000480)=@ax25={{}, [@bcast, @remote, @remote, @default, @default, @remote, @netrom, @bcast]}, 0x80, &(0x7f0000001780)=[{&(0x7f0000000500)=""/205, 0xcd}, {&(0x7f00000006c0)=""/155, 0x9b}, {&(0x7f0000000780)=""/4096, 0x1000}, {&(0x7f0000000600)=""/17, 0x11}, {&(0x7f0000000640)=""/19, 0x13}], 0x5, &(0x7f0000001800)=""/249, 0xf9}, 0x0, 0x12140, 0x0, {0x3, r9}}, 0xfffffffa) syz_io_uring_submit(r6, r7, &(0x7f00000001c0)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x1, 0x2004, @fd_index, 0x1, 0x0, 0x0, 0x1, 0x1, {0x3}}, 0x8040) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r3, 0x8982, &(0x7f0000000240)={0x3, 'bridge0\x00', {0x80}, 0x7ff}) 19:12:04 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x15, 0x0, 0x2}, 0x8) 19:12:04 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x1100, 0x0, 0x2}, 0x8) 19:12:04 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 75) 19:12:04 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c05000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) [ 2083.929059] FAULT_INJECTION: forcing a failure. [ 2083.929059] name failslab, interval 1, probability 0, space 0, times 0 [ 2083.931003] CPU: 0 PID: 11107 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 2083.932016] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2083.933223] Call Trace: [ 2083.933642] dump_stack+0x107/0x167 [ 2083.934187] should_fail.cold+0x5/0xa [ 2083.934766] ? create_object.isra.0+0x3a/0xa20 [ 2083.935449] should_failslab+0x5/0x20 [ 2083.935467] FAULT_INJECTION: forcing a failure. [ 2083.935467] name failslab, interval 1, probability 0, space 0, times 0 [ 2083.936029] kmem_cache_alloc+0x5b/0x310 [ 2083.936059] create_object.isra.0+0x3a/0xa20 [ 2083.936080] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2083.936110] kmem_cache_alloc_trace+0x151/0x320 [ 2083.939775] __io_queue_sqe+0x666/0x9d0 [ 2083.940373] ? io_issue_sqe+0x7700/0x7700 [ 2083.941009] io_submit_sqes+0x4461/0x85c0 [ 2083.941698] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2083.942429] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2083.943146] ? lock_downgrade+0x6d0/0x6d0 [ 2083.943758] ? find_held_lock+0x2c/0x110 [ 2083.944365] ? io_submit_sqes+0x85c0/0x85c0 [ 2083.945015] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2083.945749] ? wait_for_completion_io+0x270/0x270 [ 2083.946463] ? rcu_read_lock_any_held+0x75/0xa0 [ 2083.947146] ? vfs_write+0x354/0xa70 [ 2083.947704] ? fput_many+0x2f/0x1a0 [ 2083.948241] ? ksys_write+0x1a9/0x260 [ 2083.948813] ? __ia32_sys_read+0xb0/0xb0 [ 2083.949450] do_syscall_64+0x33/0x40 [ 2083.949999] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2083.950754] RIP: 0033:0x7fe5a49a6b19 [ 2083.951303] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2083.953975] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2083.955094] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 2083.956139] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2083.957183] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2083.958255] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2083.959300] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 [ 2083.960379] CPU: 1 PID: 11111 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 2083.961022] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2083.961772] Call Trace: [ 2083.962021] dump_stack+0x107/0x167 [ 2083.962363] should_fail.cold+0x5/0xa [ 2083.962708] ? create_object.isra.0+0x3a/0xa20 [ 2083.963122] ? create_object.isra.0+0x3a/0xa20 [ 2083.963534] should_failslab+0x5/0x20 [ 2083.963883] kmem_cache_alloc+0x5b/0x310 [ 2083.964261] ? mark_held_locks+0x9e/0xe0 [ 2083.964631] create_object.isra.0+0x3a/0xa20 [ 2083.965027] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2083.965493] kmem_cache_alloc_bulk+0x168/0x320 [ 2083.965908] io_submit_sqes+0x6f76/0x85c0 [ 2083.966301] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2083.966745] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2083.967181] ? lock_downgrade+0x6d0/0x6d0 [ 2083.967561] ? find_held_lock+0x2c/0x110 [ 2083.967933] ? io_submit_sqes+0x85c0/0x85c0 [ 2083.968328] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2083.968768] ? wait_for_completion_io+0x270/0x270 [ 2083.969204] ? rcu_read_lock_any_held+0x75/0xa0 [ 2083.969625] ? vfs_write+0x354/0xa70 [ 2083.969960] ? fput_many+0x2f/0x1a0 [ 2083.970289] ? ksys_write+0x1a9/0x260 [ 2083.970640] ? __ia32_sys_read+0xb0/0xb0 [ 2083.971017] do_syscall_64+0x33/0x40 [ 2083.971351] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2083.971937] RIP: 0033:0x7f3acf5e4b19 [ 2083.972289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2083.974219] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2083.974895] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 2083.975536] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2083.976173] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2083.976807] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2083.977447] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 19:12:04 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x1200, 0x0, 0x2}, 0x8) 19:12:04 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c06000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:12:05 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x16, 0x0, 0x2}, 0x8) 19:12:05 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000200007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:12:05 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) inotify_rm_watch(0xffffffffffffffff, 0x0) pwrite64(0xffffffffffffffff, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000240)={0x0, @ethernet={0x0, @random="7c4051700257"}, @hci={0x1f, 0xffffffffffffffff, 0x3}, @l2tp={0x2, 0x0, @loopback, 0x2}, 0x4, 0x0, 0x0, 0x0, 0x800, &(0x7f00000001c0)='ip6gre0\x00', 0x834, 0xd26, 0x4}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x102b0, 0x0, 0x0, 0x0, 0x7f, 0xfffffffd, 0x0, 0x0, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_READ=@pass_buffer={0x16, 0x1, 0x6000, @fd_index=0x4, 0x8, &(0x7f0000000440)=""/245, 0xf5, 0x4}, 0x4) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = syz_io_uring_setup(0x457f, &(0x7f00000000c0)={0x0, 0x58c5, 0x2, 0x4, 0x8b}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000002c0), &(0x7f0000000180)) io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2000000, 0x80010, r5, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:12:05 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = inotify_init1(0x0) r5 = inotify_add_watch(r4, &(0x7f0000000040)='.\x00', 0x2000003) r6 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(r4, r5) pwrite64(r6, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r6, r4, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, r6, 0x8000000) io_uring_setup(0x40e, &(0x7f0000000040)={0x0, 0xfea6, 0x4, 0x0, 0x99, 0x0, r6}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r7, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:12:05 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x1300, 0x0, 0x2}, 0x8) 19:12:05 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 76) 19:12:05 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c07000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) [ 2084.379241] FAULT_INJECTION: forcing a failure. [ 2084.379241] name failslab, interval 1, probability 0, space 0, times 0 [ 2084.380295] CPU: 1 PID: 11144 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 2084.380871] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2084.381570] Call Trace: [ 2084.381807] dump_stack+0x107/0x167 [ 2084.382117] should_fail.cold+0x5/0xa [ 2084.382455] should_failslab+0x5/0x20 [ 2084.382773] kmem_cache_alloc_bulk+0x4b/0x320 [ 2084.383140] io_submit_sqes+0x6f76/0x85c0 [ 2084.383499] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2084.383901] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2084.384424] ? lock_downgrade+0x6d0/0x6d0 [ 2084.384767] ? find_held_lock+0x2c/0x110 [ 2084.385228] ? io_submit_sqes+0x85c0/0x85c0 [ 2084.385744] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2084.386135] ? wait_for_completion_io+0x270/0x270 [ 2084.386522] ? rcu_read_lock_any_held+0x75/0xa0 [ 2084.386906] ? vfs_write+0x354/0xa70 [ 2084.387313] ? fput_many+0x2f/0x1a0 [ 2084.387606] ? ksys_write+0x1a9/0x260 [ 2084.388036] ? __ia32_sys_read+0xb0/0xb0 [ 2084.388509] do_syscall_64+0x33/0x40 [ 2084.388809] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2084.389223] RIP: 0033:0x7fe5a49a6b19 [ 2084.389531] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2084.391219] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2084.392018] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 2084.392583] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2084.393143] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2084.393712] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2084.394280] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:12:19 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 60) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:12:19 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000600007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:12:19 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000180)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r5}}, 0x88b) r6 = accept$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000080)=0x1c) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000000c0)={'team_slave_0\x00'}) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:12:19 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 77) 19:12:19 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = syz_io_uring_setup(0x457f, &(0x7f00000000c0)={0x0, 0x58c9, 0x2, 0x3, 0x8b}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000002c0), &(0x7f0000000180)) io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0) pwrite64(r6, &(0x7f00000001c0)="908601aee5d4203cae74a57de4f8d0be71e11711e5554c9dea4f8801871c2f797c27bab75c27a25964080698fffc46c36a7c128153559a27a37efc1516bf", 0x3e, 0x1) r7 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r7, &(0x7f0000000180)='./file0\x00', 0x0) 19:12:19 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x1400, 0x0, 0x2}, 0x8) 19:12:19 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c08000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:12:19 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x17, 0x0, 0x2}, 0x8) [ 2098.098983] FAULT_INJECTION: forcing a failure. [ 2098.098983] name failslab, interval 1, probability 0, space 0, times 0 [ 2098.100317] CPU: 0 PID: 11160 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 2098.100973] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2098.101778] Call Trace: [ 2098.102035] dump_stack+0x107/0x167 [ 2098.102368] should_fail.cold+0x5/0xa [ 2098.102721] ? __io_queue_sqe+0x666/0x9d0 [ 2098.103100] should_failslab+0x5/0x20 [ 2098.103440] kmem_cache_alloc_trace+0x55/0x320 [ 2098.103845] __io_queue_sqe+0x666/0x9d0 [ 2098.104195] ? io_issue_sqe+0x7700/0x7700 [ 2098.104573] io_submit_sqes+0x4461/0x85c0 [ 2098.104957] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2098.105418] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2098.105862] ? io_submit_sqes+0x85c0/0x85c0 [ 2098.106246] ? recalibrate_cpu_khz+0x10/0x10 [ 2098.106632] ? ktime_get+0x158/0x1f0 [ 2098.106986] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2098.107479] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2098.107942] ? trace_hardirqs_on+0x5b/0x180 [ 2098.108346] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2098.108837] ? syscall_trace_enter.constprop.0+0x3f/0x1e0 [ 2098.109316] do_syscall_64+0x33/0x40 [ 2098.109681] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2098.110154] RIP: 0033:0x7f3acf5e4b19 [ 2098.110491] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2098.112044] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2098.112745] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 2098.113400] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2098.114067] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2098.114686] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2098.115292] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 [ 2098.145056] FAULT_INJECTION: forcing a failure. [ 2098.145056] name failslab, interval 1, probability 0, space 0, times 0 [ 2098.146177] CPU: 0 PID: 11164 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 2098.146801] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2098.147498] Call Trace: [ 2098.147751] dump_stack+0x107/0x167 [ 2098.148085] should_fail.cold+0x5/0xa [ 2098.148436] ? create_object.isra.0+0x3a/0xa20 [ 2098.148850] should_failslab+0x5/0x20 [ 2098.149197] kmem_cache_alloc+0x5b/0x310 [ 2098.149560] create_object.isra.0+0x3a/0xa20 [ 2098.149957] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2098.150421] kmem_cache_alloc_bulk+0x168/0x320 [ 2098.150840] io_submit_sqes+0x6f76/0x85c0 [ 2098.151243] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2098.151699] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2098.152118] ? lock_downgrade+0x6d0/0x6d0 [ 2098.152487] ? find_held_lock+0x2c/0x110 [ 2098.152835] ? io_submit_sqes+0x85c0/0x85c0 [ 2098.153228] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2098.153650] ? wait_for_completion_io+0x270/0x270 [ 2098.154091] ? rcu_read_lock_any_held+0x75/0xa0 [ 2098.154483] ? vfs_write+0x354/0xa70 [ 2098.154825] ? fput_many+0x2f/0x1a0 [ 2098.155140] ? ksys_write+0x1a9/0x260 [ 2098.155490] ? __ia32_sys_read+0xb0/0xb0 [ 2098.155843] do_syscall_64+0x33/0x40 [ 2098.156184] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2098.156610] RIP: 0033:0x7fe5a49a6b19 [ 2098.156946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2098.158467] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2098.159153] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 2098.159752] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2098.160342] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2098.160937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2098.161538] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:12:19 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c09000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:12:19 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000002000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:12:19 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x18, 0x0, 0x2}, 0x8) 19:12:19 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x1500, 0x0, 0x2}, 0x8) 19:12:19 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c0f000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:12:19 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x1600, 0x0, 0x2}, 0x8) 19:12:19 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000006000000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:12:19 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x19, 0x0, 0x2}, 0x8) 19:12:35 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 61) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:12:35 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c60000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:12:35 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 78) 19:12:35 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r7 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r7, &(0x7f0000000180)='./file0\x00', 0x0) r8 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x7230c2, 0x9) r9 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_mreq(r9, 0x29, 0x1b, &(0x7f0000000080)={@remote}, 0x14) syz_io_uring_setup(0x457f, &(0x7f00000000c0)={0x0, 0x58c9, 0x2, 0x3, 0x8b}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000002c0), &(0x7f0000000180)=0x0) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r11 = inotify_init1(0x0) inotify_add_watch(r11, &(0x7f0000000040)='.\x00', 0x2000003) syz_io_uring_submit(r6, r10, &(0x7f0000000280)=@IORING_OP_STATX={0x15, 0x3, 0x0, r8, &(0x7f0000000440), &(0x7f0000000240)='./file0\x00', 0x7ff, 0x800, 0x1}, 0xfffffaff) 19:12:35 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x1700, 0x0, 0x2}, 0x8) 19:12:35 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r5 = inotify_init1(0x0) r6 = inotify_add_watch(r5, &(0x7f0000000040)='.\x00', 0x2000003) r7 = creat(&(0x7f0000000040)='./file0\x00', 0x10) r8 = fspick(r7, &(0x7f00000000c0)='./file0\x00', 0x1) syz_io_uring_submit(r4, r2, &(0x7f0000000580)=@IORING_OP_WRITEV={0x2, 0x3, 0x4007, @fd=r8, 0xffff, &(0x7f0000000540)=[{&(0x7f0000000180)="e48a320b62daec00b430277edea67b2777fc0bee0beb4c9963b1017d5f9c980aef39f6d4148089d175e9c78728e5466d9607878ffb29d252ef091425eaaadb5802fa8a9ac71776deb0363480353cd9b16a1e3d1718bb4f33a322fe44869df5652f61", 0x62}, {&(0x7f0000000340)="b943c3cc18dacf2ab99b3aa8609d99326189f0711fde6a71592a6d04d8e530aed33651b4f184a68299967316ba31d898752127de5d390e20012aab37e119de0fa8fad331c85a621140eb255365e5142e8831fea6b188a1a6a03834b7193a06a2f203579212e263bbf1f80b37dc7e7ea6370dd51518bdd8ae7888fdd112c5490e6460d5a6f6c13e61127b2aafad17f9117eb18b385e596fecf483d4aaec665a267555fad3d68b097495c9ed9e4b008e214c0b9fb73d972abe9fc5e9b63181f6bbb28b9b33ba3910947656cd6b633a4071192389844f", 0xd5}, {&(0x7f0000000440)="4cb81825f16ea31f3aaf020b220d0be1f998ad2867e069406c168037c2924024e2641948609de1188474ae8027c939b62a709ccf2ed54940f9699335861b368ccde72724ab3eccbc2aabbde6ce8e901c10070673e747b69a0462a44ea7c48d51bb3f279a6cde261c90c956ba216bcc1f3feb70281d5aa87a595c5464ac47a7a54791fc145cd594365185433b24f358641321afa1bb5ebc71c5e6a46e7f8adc0663b4478256415bc4e1116b86536d9e037206200902633a6c0661442e8a7c3c70161540297e08eed4108757811db2f150bda96c", 0xd3}], 0x3, 0x14, 0x1}, 0x101) inotify_rm_watch(r5, r6) pwrite64(r7, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r7, r5, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, r7, 0x8000000) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='maps\x00') mmap$IORING_OFF_SQ_RING(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x13, r7, 0x0) 19:12:35 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x1a, 0x0, 0x2}, 0x8) 19:12:35 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000060000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') [ 2114.598417] FAULT_INJECTION: forcing a failure. [ 2114.598417] name failslab, interval 1, probability 0, space 0, times 0 [ 2114.600139] CPU: 1 PID: 11210 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 2114.601170] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2114.602411] Call Trace: [ 2114.602824] dump_stack+0x107/0x167 [ 2114.603389] should_fail.cold+0x5/0xa [ 2114.603971] ? create_object.isra.0+0x3a/0xa20 [ 2114.604663] should_failslab+0x5/0x20 [ 2114.605228] kmem_cache_alloc+0x5b/0x310 [ 2114.605840] ? mark_held_locks+0x9e/0xe0 [ 2114.606445] create_object.isra.0+0x3a/0xa20 [ 2114.607100] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2114.607856] kmem_cache_alloc_bulk+0x168/0x320 [ 2114.608537] io_submit_sqes+0x6f76/0x85c0 [ 2114.609189] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2114.609930] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2114.610649] ? lock_downgrade+0x6d0/0x6d0 [ 2114.611261] ? find_held_lock+0x2c/0x110 [ 2114.611867] ? io_submit_sqes+0x85c0/0x85c0 [ 2114.612522] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2114.613242] ? wait_for_completion_io+0x270/0x270 [ 2114.613969] ? rcu_read_lock_any_held+0x75/0xa0 [ 2114.614652] ? vfs_write+0x354/0xa70 [ 2114.615205] ? fput_many+0x2f/0x1a0 [ 2114.615747] ? ksys_write+0x1a9/0x260 [ 2114.616310] ? __ia32_sys_read+0xb0/0xb0 [ 2114.616925] do_syscall_64+0x33/0x40 [ 2114.617482] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2114.618244] RIP: 0033:0x7fe5a49a6b19 [ 2114.618810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2114.621493] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2114.622633] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 2114.623673] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2114.624712] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2114.625764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2114.626808] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:12:35 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x1800, 0x0, 0x2}, 0x8) [ 2114.711838] FAULT_INJECTION: forcing a failure. [ 2114.711838] name failslab, interval 1, probability 0, space 0, times 0 [ 2114.713717] CPU: 1 PID: 11216 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 2114.714745] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2114.715954] Call Trace: [ 2114.716352] dump_stack+0x107/0x167 [ 2114.716900] should_fail.cold+0x5/0xa [ 2114.717470] ? create_object.isra.0+0x3a/0xa20 [ 2114.718159] should_failslab+0x5/0x20 [ 2114.718725] kmem_cache_alloc+0x5b/0x310 [ 2114.719319] ? mark_held_locks+0x9e/0xe0 [ 2114.719933] create_object.isra.0+0x3a/0xa20 [ 2114.720584] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2114.721348] kmem_cache_alloc_bulk+0x168/0x320 [ 2114.722036] io_submit_sqes+0x6f76/0x85c0 [ 2114.722689] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2114.723417] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2114.724140] ? lock_downgrade+0x6d0/0x6d0 [ 2114.724747] ? find_held_lock+0x2c/0x110 [ 2114.725360] ? io_submit_sqes+0x85c0/0x85c0 [ 2114.726014] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2114.726730] ? wait_for_completion_io+0x270/0x270 [ 2114.727436] ? rcu_read_lock_any_held+0x75/0xa0 [ 2114.728119] ? vfs_write+0x354/0xa70 [ 2114.728669] ? fput_many+0x2f/0x1a0 [ 2114.729217] ? ksys_write+0x1a9/0x260 [ 2114.729783] ? __ia32_sys_read+0xb0/0xb0 [ 2114.730404] do_syscall_64+0x33/0x40 [ 2114.730951] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2114.731705] RIP: 0033:0x7f3acf5e4b19 [ 2114.732255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2114.734965] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2114.736072] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 2114.737117] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2114.738162] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2114.739194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2114.740236] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 19:12:35 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210cf0000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:12:35 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 79) 19:12:35 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x1b, 0x0, 0x2}, 0x8) 19:12:35 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210cdb010000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) [ 2115.016251] FAULT_INJECTION: forcing a failure. [ 2115.016251] name failslab, interval 1, probability 0, space 0, times 0 [ 2115.018039] CPU: 1 PID: 11230 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 2115.019083] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2115.020315] Call Trace: [ 2115.020735] dump_stack+0x107/0x167 [ 2115.021300] should_fail.cold+0x5/0xa [ 2115.021895] ? create_object.isra.0+0x3a/0xa20 [ 2115.022581] should_failslab+0x5/0x20 [ 2115.023149] kmem_cache_alloc+0x5b/0x310 [ 2115.023770] create_object.isra.0+0x3a/0xa20 [ 2115.024423] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2115.025177] kmem_cache_alloc_trace+0x151/0x320 [ 2115.025887] __io_queue_sqe+0x666/0x9d0 [ 2115.026483] ? io_issue_sqe+0x7700/0x7700 [ 2115.027116] io_submit_sqes+0x4461/0x85c0 [ 2115.027771] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2115.028509] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2115.029225] ? lock_downgrade+0x6d0/0x6d0 [ 2115.029843] ? find_held_lock+0x2c/0x110 [ 2115.030454] ? io_submit_sqes+0x85c0/0x85c0 [ 2115.031104] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2115.031814] ? wait_for_completion_io+0x270/0x270 [ 2115.032525] ? rcu_read_lock_any_held+0x75/0xa0 [ 2115.033214] ? vfs_write+0x354/0xa70 [ 2115.033782] ? fput_many+0x2f/0x1a0 [ 2115.034326] ? ksys_write+0x1a9/0x260 [ 2115.034890] ? __ia32_sys_read+0xb0/0xb0 [ 2115.035507] do_syscall_64+0x33/0x40 [ 2115.036057] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2115.036805] RIP: 0033:0x7fe5a49a6b19 [ 2115.037354] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2115.040061] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2115.041175] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 2115.042233] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2115.043476] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2115.044738] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2115.045786] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:12:36 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000200000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:12:36 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x1900, 0x0, 0x2}, 0x8) 19:12:36 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:12:50 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = openat(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x101000, 0x131) io_uring_enter(r5, 0x13fc, 0x9123, 0x1, &(0x7f0000000500)={[0xb4ca]}, 0x8) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) r7 = creat(&(0x7f0000000280)='\x00', 0xc2) fsconfig$FSCONFIG_SET_PATH_EMPTY(0xffffffffffffffff, 0x4, &(0x7f00000001c0)=':(!%\x00', &(0x7f0000000240)='./file0\x00', r7) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000440)={r0, 0x3, 0xffffffffffffe7e7, 0x80000000}) io_uring_enter(r8, 0x53f9, 0x3241, 0x1, &(0x7f0000000480)={[0x4]}, 0x8) r9 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r9, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r9, &(0x7f0000000180)='./file0\x00', 0x0) 19:12:50 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r6 = syz_io_uring_setup(0x457f, &(0x7f00000000c0)={0x0, 0x58c9, 0x2, 0x3, 0x8b}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000002c0)=0x0, &(0x7f0000000180)=0x0) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0) syz_io_uring_submit(r7, r8, &(0x7f0000000300)=@IORING_OP_FALLOCATE={0x11, 0x59f5ee0a7c70a1ba, 0x0, @fd_index, 0x3, 0x0, 0x1, 0x0, 0x1, {0x0, r9}}, 0x8000) syz_io_uring_submit(r7, r2, &(0x7f0000000280)=@IORING_OP_SENDMSG={0x9, 0x1, 0x0, r3, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=@l2={0x1f, 0x1f, @none, 0x4, 0x2}, 0x80, &(0x7f0000000180)=[{&(0x7f0000000340)="eec29c168a3917915673f116433b90a0ceeb8967a6410ddb47ec138e10574c2bb7b7a9927779d3a0260ec5d2df6cebb805c6a9183a64b96e3ee519c67f21b7160861ef958120db32151f28732faf33ed3147f96eab96482e1aa63ccb4afedc060ff71a03a279364100041876a55d057438ac15c45459f208277b040486e6ab53204e92d9a18f6b277e4ca8b7e8a2a346bab6bea5a523c76b616425dd495cd26ebe6c3fbddd982b795e57e4e57c40226d76b4dc59b2659f730e92ee65dc44cd20fa0136170f0ade2f82420b39b4b9b8132cbbcdfcdb99c3f451dc3144438e50d049a9fedb66292199", 0xe8}, {&(0x7f0000000440)="5096a99f934c2e0afded385d8a4c07dd57fe7d6469a3b5ee2894b0b33b676b494d0d837653b4b38c5eccd5a79ab3f156bfc025fdc86d5688c9b18373e7bc0c16a73fc53475e79dc982bff0a688d9c843ce8263808104a5296028d62b23d73739af55df222c6504d0749939182221b0fa58df3fd39f063630061b9ee1690d91f4d17342bccef374703682a55d7e49140eaeebd1a05c3a04862958f6272cdf7ab6b82924dba42af52698bd3e36f48632fc520b232a0396d76ad08b730fea28d06f2d8c023da6039f3f6648c24d9842", 0xce}, {&(0x7f0000000540)="9450fd6cb2c8183f938a000105623e66404900986678c8e26c7eb312a481cbacc0aed6735f39659a4996a5d8e4da9567d83ea3b1a53891add302d553d04bcc83c34c20e8002015573c0ea4634ccc61197f5b84ca91a0d8796c8078d080b49ba901078c2a24d176cf6af0266fe708808e647f19972d09e0c245c35888e5324b085e884fb63b3c788be5398f63809b5c24a039ff5b41523ec2d853d12a4db30eb58bcd", 0xa2}, {&(0x7f00000006c0)="021a5aaeb1cb6e9613c63d9370e0a28a8f9dd648297a2956211f0528bf6e73869d07e7b05646848c0ee6ee1bd78aa522e41dc08e12646512f94136d9e13ae306198aa8b999704c13afa52c023e105b4b8f461666d4a22a90659cba2b68094c9e1da3e1df7e034e9c5b9127ff99c53618c88d6c988592277c0a67c54dec9d21e6f9516a72d7a6315f4d39b34f63f5902a1dde0abd1002073d09b8dec3aaac621de5f56f45fe7b33aab53048c4e6ba979cdc7ac7bcdb81b2f63a313e5d4c7c7fcbc8b7e8834bb0fb128cee4f63b91ab9e5f2cd52682de4784c194cc31db45062402ce446ec675cff9eb483e2b1fd1c9c", 0xef}, {&(0x7f00000000c0)="66c443c4dc6a5ef25aa204a3a211307bd2728c8f389697001c3802217cc37c60e730554b7f60ecd2876290394df913594e5abc1037366dc85fca", 0x3a}], 0x5, &(0x7f00000007c0)=[{0xb0, 0xff, 0xaa0, "598f4b4c444597ba353b9d4ba89615fb0ea0e7d68e24e2d1bc91fc0e07856bd5dd17917b9662b5483db0bb84360ffde837fcc00e5426873dfc4c62ab0a7df99ff6ff3b9ff1e562bfb172a132c290e92891c8160d910fa8a9cb2c635ca044d679678b6894ed697eccfb2bd7ad3744e10051b0015d4b3e319397be4f2c57c499c2526c60b41c0d51bcdc871535a172885ee5e2f793ab2466365e547c"}, {0x20, 0x29, 0x384, "06c853e2802402c065f59ad2d9b8"}, {0xe8, 0x114, 0x3, "e61dbdfa9c767468a711a8cc7771b627ce3443eaa9e853ea5c10ed31400224c52c464d3a4bcbd756c53387e07a36067b286757d9d69f12b244f669817526e81914709289da050167b95fbaa8f47da251f79ae18a0e1d9968e482efab003464dd0cfda201313cd5ae4052a4c34c9af64c7868a72e52de8b2f7294d1db895fce6c5bbd9ac8f6047ccec1895a49992554834518e3585f80f7c625c36be3699c71230b97e1a1b54ba819f6dfdb0988a283e7d4b21baeab543e21f78b91736863adeb4defcda53f2bbc34e1341ae153575e5ef86b"}, {0x90, 0x1, 0x3, "faee5e257fccdb49fd1dfb0c68bea2b5928812f2ca5897d1554928eb1544d20bc144cfae2283db90411eb7c4f565e27ab4fc2ee96982f937c25952f61a9d4bda0ad5be32a69afcfbd22d3303e66f9cdc80a3bc3e7f11381b8cb4f9bbce114cd3a497ea56de69933c20c3066eb2e3aaed64272404b6f9b6cdef9f49c5"}, {0x10, 0x102, 0x3}, {0x48, 0x102, 0x4, "8659d07903e86192202da03e764aae2a3099727b017dad9a9c66a8019a3a54bc03c26c0cba8fce5b5ced0d5937b2eac1ad139065289e"}], 0x2a0}, 0x0, 0x20008091, 0x1}, 0x8) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:12:50 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x1a00, 0x0, 0x2}, 0x8) 19:12:50 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00030000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:12:50 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x1c, 0x0, 0x2}, 0x8) 19:12:50 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000002000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:12:50 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 62) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:12:50 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 80) [ 2129.689682] FAULT_INJECTION: forcing a failure. [ 2129.689682] name failslab, interval 1, probability 0, space 0, times 0 [ 2129.690937] CPU: 1 PID: 11267 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 2129.691653] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2129.692492] Call Trace: [ 2129.692799] dump_stack+0x107/0x167 [ 2129.693181] should_fail.cold+0x5/0xa [ 2129.693579] ? __io_queue_sqe+0x666/0x9d0 [ 2129.694003] should_failslab+0x5/0x20 [ 2129.694376] kmem_cache_alloc_trace+0x55/0x320 [ 2129.694830] __io_queue_sqe+0x666/0x9d0 [ 2129.695231] ? io_issue_sqe+0x7700/0x7700 [ 2129.695657] io_submit_sqes+0x4461/0x85c0 [ 2129.696083] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2129.696555] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2129.697029] ? lock_downgrade+0x6d0/0x6d0 [ 2129.697439] ? find_held_lock+0x2c/0x110 [ 2129.697839] ? io_submit_sqes+0x85c0/0x85c0 [ 2129.698283] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2129.698758] ? wait_for_completion_io+0x270/0x270 [ 2129.699226] ? rcu_read_lock_any_held+0x75/0xa0 [ 2129.699686] ? vfs_write+0x354/0xa70 [ 2129.699808] FAULT_INJECTION: forcing a failure. [ 2129.699808] name failslab, interval 1, probability 0, space 0, times 0 [ 2129.700056] ? fput_many+0x2f/0x1a0 [ 2129.701996] ? ksys_write+0x1a9/0x260 [ 2129.702368] ? __ia32_sys_read+0xb0/0xb0 [ 2129.702773] do_syscall_64+0x33/0x40 [ 2129.703127] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2129.703616] RIP: 0033:0x7f3acf5e4b19 [ 2129.703977] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2129.705710] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2129.706434] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 2129.707106] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2129.707788] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2129.708455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2129.709127] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 [ 2129.709837] CPU: 0 PID: 11268 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 2129.710883] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2129.712093] Call Trace: [ 2129.712495] dump_stack+0x107/0x167 [ 2129.713041] should_fail.cold+0x5/0xa [ 2129.713611] ? create_object.isra.0+0x3a/0xa20 [ 2129.714295] should_failslab+0x5/0x20 [ 2129.714970] kmem_cache_alloc+0x5b/0x310 [ 2129.715585] ? mark_held_locks+0x9e/0xe0 [ 2129.716194] create_object.isra.0+0x3a/0xa20 [ 2129.716848] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2129.717603] kmem_cache_alloc_bulk+0x168/0x320 [ 2129.718301] io_submit_sqes+0x6f76/0x85c0 [ 2129.718934] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2129.719669] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2129.720382] ? lock_downgrade+0x6d0/0x6d0 [ 2129.720990] ? find_held_lock+0x2c/0x110 [ 2129.721597] ? io_submit_sqes+0x85c0/0x85c0 [ 2129.722248] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2129.722965] ? wait_for_completion_io+0x270/0x270 [ 2129.723680] ? rcu_read_lock_any_held+0x75/0xa0 [ 2129.724367] ? vfs_write+0x354/0xa70 [ 2129.724918] ? fput_many+0x2f/0x1a0 [ 2129.725433] ? ksys_write+0x1a9/0x260 [ 2129.726009] ? __ia32_sys_read+0xb0/0xb0 [ 2129.726626] do_syscall_64+0x33/0x40 [ 2129.727178] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2129.727932] RIP: 0033:0x7fe5a49a6b19 [ 2129.728482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2129.731171] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2129.732293] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 2129.733341] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2129.734424] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2129.735487] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2129.736545] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:12:50 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x1d, 0x0, 0x2}, 0x8) 19:12:50 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00050000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:13:06 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000001007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:13:06 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = syz_io_uring_setup(0x457f, &(0x7f00000000c0)={0x0, 0x58c9, 0x2, 0x3, 0x8b}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000002c0), &(0x7f0000000180)) io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000004, 0x4000010, r3, 0x8000000) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = accept4$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x0, 0x0, @empty}, &(0x7f0000000240)=0x1c, 0x0) setsockopt$sock_void(r5, 0x1, 0x36, 0x0, 0x0) syz_io_uring_setup(0x1634, &(0x7f0000000040)={0x0, 0xa0fe, 0x2, 0x2, 0x2aa}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000180)) syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x80800}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:13:06 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 81) 19:13:06 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x1e, 0x0, 0x2}, 0x8) 19:13:06 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00060000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:13:06 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 63) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:13:06 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x1b00, 0x0, 0x2}, 0x8) 19:13:06 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r6 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(r6, 0x6612) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r7 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r7, &(0x7f0000000180)='./file0\x00', 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r7, 0xc018937c, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) io_uring_enter(r8, 0x273a, 0x667a, 0x0, &(0x7f0000000240)={[0x65]}, 0x8) [ 2145.341265] FAULT_INJECTION: forcing a failure. [ 2145.341265] name failslab, interval 1, probability 0, space 0, times 0 [ 2145.343133] CPU: 0 PID: 11300 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 2145.343990] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2145.345003] Call Trace: [ 2145.345341] dump_stack+0x107/0x167 [ 2145.345803] should_fail.cold+0x5/0xa [ 2145.346316] ? create_object.isra.0+0x3a/0xa20 [ 2145.346953] should_failslab+0x5/0x20 [ 2145.347473] kmem_cache_alloc+0x5b/0x310 [ 2145.347980] ? mark_held_locks+0x9e/0xe0 [ 2145.348483] create_object.isra.0+0x3a/0xa20 [ 2145.349031] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2145.349663] kmem_cache_alloc_bulk+0x168/0x320 [ 2145.350259] io_submit_sqes+0x6f76/0x85c0 [ 2145.350808] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2145.351418] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2145.352028] ? lock_downgrade+0x6d0/0x6d0 [ 2145.352542] ? find_held_lock+0x2c/0x110 [ 2145.353046] ? io_submit_sqes+0x85c0/0x85c0 [ 2145.353595] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2145.354216] ? wait_for_completion_io+0x270/0x270 [ 2145.354813] ? rcu_read_lock_any_held+0x75/0xa0 [ 2145.355395] ? vfs_write+0x354/0xa70 [ 2145.355863] ? fput_many+0x2f/0x1a0 [ 2145.356330] ? ksys_write+0x1a9/0x260 [ 2145.356807] ? __ia32_sys_read+0xb0/0xb0 [ 2145.357331] do_syscall_64+0x33/0x40 [ 2145.357792] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2145.358446] RIP: 0033:0x7fe5a49a6b19 [ 2145.358914] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2145.361140] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2145.362090] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 2145.362974] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2145.363848] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2145.364718] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2145.365596] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:13:06 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00070000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) [ 2145.404959] FAULT_INJECTION: forcing a failure. [ 2145.404959] name failslab, interval 1, probability 0, space 0, times 0 [ 2145.406881] CPU: 0 PID: 11301 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 2145.407793] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2145.408795] Call Trace: [ 2145.409129] dump_stack+0x107/0x167 [ 2145.409586] should_fail.cold+0x5/0xa [ 2145.410084] ? create_object.isra.0+0x3a/0xa20 [ 2145.410656] should_failslab+0x5/0x20 [ 2145.411132] kmem_cache_alloc+0x5b/0x310 [ 2145.411647] create_object.isra.0+0x3a/0xa20 [ 2145.412191] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2145.412821] kmem_cache_alloc_trace+0x151/0x320 [ 2145.413402] __io_queue_sqe+0x666/0x9d0 [ 2145.413903] ? io_issue_sqe+0x7700/0x7700 [ 2145.414455] io_submit_sqes+0x4461/0x85c0 [ 2145.415007] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2145.415621] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2145.416227] ? lock_downgrade+0x6d0/0x6d0 [ 2145.416738] ? find_held_lock+0x2c/0x110 [ 2145.417250] ? io_submit_sqes+0x85c0/0x85c0 [ 2145.417796] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2145.418420] ? wait_for_completion_io+0x270/0x270 [ 2145.419016] ? rcu_read_lock_any_held+0x75/0xa0 [ 2145.419587] ? vfs_write+0x354/0xa70 [ 2145.420047] ? fput_many+0x2f/0x1a0 [ 2145.420497] ? ksys_write+0x1a9/0x260 [ 2145.420969] ? __ia32_sys_read+0xb0/0xb0 [ 2145.421483] do_syscall_64+0x33/0x40 [ 2145.421946] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2145.422591] RIP: 0033:0x7f3acf5e4b19 [ 2145.423047] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2145.425251] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2145.426199] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 2145.427066] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2145.427924] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2145.428787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2145.429649] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 19:13:06 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x21, 0x0, 0x2}, 0x8) 19:13:26 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 64) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:13:26 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 82) 19:13:26 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x1c00, 0x0, 0x2}, 0x8) 19:13:26 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x8, 0x80010, r3, 0x8000000) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) r7 = syz_open_dev$vcsa(&(0x7f00000001c0), 0xffffffffffffffb2, 0xdc041) r8 = socket$packet(0x11, 0x2, 0x300) r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000140)={'lo\x00', 0x0}) bind$packet(r8, &(0x7f0000000240)={0x11, 0x0, r10, 0x1, 0x0, 0x6, @random="ca73da4133fc"}, 0x14) sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000440)={&(0x7f0000000a40)=ANY=[@ANYRES64, @ANYRES16=0x0, @ANYBLOB="000229bd7000ffdbdf250c0000003c0103809c000380340001800400030008000100020000000d0002002f6465762f627367000000000d0002002f6465762f62736700000000040003003800018008000100060000000400030008000100070000000f0002002e2727da2a272d2d532d0000080001000010000008000100030000002c0001800f0002002f6465762f7663736123000008000100ff0f0000050002000000000005000200000000007800038014000180080001000600000005000200000000003800018004000300060002002f000000080001000e000000090002003a2f2b7b00000000040003000800010048000000050002000000000028000180080001007e000000040003000400030004000300050002000000000008000100010100001c000400970938303341915783a3448815322565c7ff43950160dc3208000200000100001c0001800800030003000000080003000200000008000100", @ANYRES32=r10, @ANYBLOB="dc000380d700050030d6c1ee45d3b3ddb2188ccd3900ef2602ab16e4698b7f8c7441e13a257a42d476746a74d0ae01cff48693ecf9c239b8d1d418f9be7bc6f3e686e132487ad0ecc86a781d27cf926a6491c90280a95936bf3dc29b78a9164e2e88347c9669910eaff4300f90ec1a341c39147c91967697e874591a4a804fe4ce5cecbf5a78073fbfc07670cdf34172e2adc7f79d1ad51f4cdb275b10b0e94e12e7371249676378cad180b6fbd4600b36dd3a832ee51d59ea0ef2c566d17d14ab5c71a93993d8270dc5ad0d4efb9f76701a837950197f3af2a6b2bbf1577cffd743b6bc3d0806436d2ae63cc7d88effa7987a7a000c00018008000300030000000003000100010000000000000000002d8cc40a65deb2866cf54b5e2ad66d673433b8d7700717eee0e6122000000000000000000000000000bbb4aba4e119d86144268adf84200524743c7dabb8acc3755d33f9969e2dd30f7e8bff5fae7f306541ceeecbfe7d95e6222f4faab7bc89f1eb490db644b6dee9d823965af0af45bd13a2e2d08dd7dc8d529d052ee9f5d23d3d68a9d86a9653b256f1965938038fc1399bc46e5121f4a5ea685508fd2ff18665d5ce040cfd84ab95b46a25044db34f39928f39848118982bc69469e0499d40fc86a46321c74c46b9a70e97ff06a8370903d48665396e83bba2d52aac76aae40ed40411f2b66cdb"], 0x270}, 0x1, 0x0, 0x0, 0x2000c001}, 0x24001055) io_uring_enter(r7, 0x72b1, 0x8523, 0x3, &(0x7f0000000240)={[0x1]}, 0x8) 19:13:26 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00090000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:13:26 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000002007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:13:26 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r5 = inotify_init1(0x0) r6 = inotify_add_watch(r5, &(0x7f0000000040)='.\x00', 0x2000003) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FALLOCATE={0x11, 0x59f5ee0a7c70a1ba, 0x0, @fd_index, 0x3, 0x0, 0x1, 0x0, 0x1, {0x0, r7}}, 0x8000) r8 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(r5, r6) pwrite64(r8, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r8, r5, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, r8, 0x8000000) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_READ_FIXED={0x4, 0x4, 0x400e, @fd, 0x2, 0x1ed, 0x5, 0x4, 0x0, {0xfffd}}, 0x8) r9 = syz_open_dev$tty1(0xc, 0x4, 0x4) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x2, 0x0, @fd=r9, 0xffff, 0x0, 0x5, 0x4, 0x1}, 0x7) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:13:26 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x22, 0x0, 0x2}, 0x8) [ 2165.622829] FAULT_INJECTION: forcing a failure. [ 2165.622829] name failslab, interval 1, probability 0, space 0, times 0 [ 2165.625041] CPU: 1 PID: 11336 Comm: syz-executor.1 Not tainted 5.10.218 #1 [ 2165.626113] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2165.627399] Call Trace: [ 2165.627821] dump_stack+0x107/0x167 [ 2165.628393] should_fail.cold+0x5/0xa [ 2165.628988] ? __io_queue_sqe+0x666/0x9d0 [ 2165.629636] should_failslab+0x5/0x20 [ 2165.630231] kmem_cache_alloc_trace+0x55/0x320 [ 2165.630959] __io_queue_sqe+0x666/0x9d0 [ 2165.631589] ? io_issue_sqe+0x7700/0x7700 [ 2165.632256] io_submit_sqes+0x4461/0x85c0 [ 2165.632948] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2165.633722] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2165.634484] ? lock_downgrade+0x6d0/0x6d0 [ 2165.635126] ? find_held_lock+0x2c/0x110 [ 2165.635769] ? io_submit_sqes+0x85c0/0x85c0 [ 2165.636453] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2165.637212] ? wait_for_completion_io+0x270/0x270 [ 2165.637963] ? rcu_read_lock_any_held+0x75/0xa0 [ 2165.638692] ? vfs_write+0x354/0xa70 [ 2165.639279] ? copy_kernel_to_fpregs+0x9e/0xe0 [ 2165.639992] ? trace_event_raw_event_x86_fpu+0x390/0x390 [ 2165.640836] ? ksys_write+0x1a9/0x260 [ 2165.641430] ? __ia32_sys_read+0xb0/0xb0 [ 2165.642076] do_syscall_64+0x33/0x40 [ 2165.642671] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2165.643465] RIP: 0033:0x7f3acf5e4b19 [ 2165.644045] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2165.646865] RSP: 002b:00007f3accb5a188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2165.648039] RAX: ffffffffffffffda RBX: 00007f3acf6f7f60 RCX: 00007f3acf5e4b19 [ 2165.649143] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2165.650241] RBP: 00007f3accb5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2165.651349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2165.652447] R13: 00007ffc77c597bf R14: 00007f3accb5a300 R15: 0000000000022000 19:13:26 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c000f0000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) [ 2165.718489] FAULT_INJECTION: forcing a failure. [ 2165.718489] name failslab, interval 1, probability 0, space 0, times 0 [ 2165.720261] CPU: 1 PID: 11338 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 2165.721318] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2165.722595] Call Trace: [ 2165.723015] dump_stack+0x107/0x167 [ 2165.723586] should_fail.cold+0x5/0xa [ 2165.724188] ? create_object.isra.0+0x3a/0xa20 [ 2165.724908] should_failslab+0x5/0x20 [ 2165.725507] kmem_cache_alloc+0x5b/0x310 [ 2165.726139] ? mark_held_locks+0x9e/0xe0 [ 2165.726798] create_object.isra.0+0x3a/0xa20 19:13:26 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x23, 0x0, 0x2}, 0x8) [ 2165.727496] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2165.728420] kmem_cache_alloc_bulk+0x168/0x320 [ 2165.729142] io_submit_sqes+0x6f76/0x85c0 [ 2165.729836] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2165.730625] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2165.731375] ? lock_downgrade+0x6d0/0x6d0 [ 2165.732015] ? find_held_lock+0x2c/0x110 [ 2165.732656] ? io_submit_sqes+0x85c0/0x85c0 [ 2165.733341] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2165.734096] ? wait_for_completion_io+0x270/0x270 [ 2165.734857] ? rcu_read_lock_any_held+0x75/0xa0 [ 2165.735590] ? vfs_write+0x354/0xa70 [ 2165.736179] ? fput_many+0x2f/0x1a0 [ 2165.736762] ? ksys_write+0x1a9/0x260 [ 2165.737359] ? __ia32_sys_read+0xb0/0xb0 [ 2165.738004] do_syscall_64+0x33/0x40 [ 2165.738596] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2165.739402] RIP: 0033:0x7fe5a49a6b19 [ 2165.739986] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2165.742824] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2165.743999] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 2165.745110] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2165.746206] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2165.747312] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2165.748421] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:13:26 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x1d00, 0x0, 0x2}, 0x8) 19:13:26 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000006007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:13:26 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x100000e, 0x10, r0, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:13:26 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00600000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:13:27 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x1e00, 0x0, 0x2}, 0x8) 19:13:27 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x24, 0x0, 0x2}, 0x8) 19:13:45 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210cc27f0000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:13:45 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) openat(r6, &(0x7f00000001c0)='./file0\x00', 0x100, 0x100) 19:13:45 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x25, 0x0, 0x2}, 0x8) 19:13:45 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000020000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:13:45 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 83) 19:13:45 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x1f00, 0x0, 0x2}, 0x8) 19:13:45 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:13:45 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r5 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r6 = dup(r5) ioctl$sock_SIOCSIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r6, 0x8983, &(0x7f0000000040)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) [ 2184.607213] FAULT_INJECTION: forcing a failure. [ 2184.607213] name failslab, interval 1, probability 0, space 0, times 0 [ 2184.608905] CPU: 1 PID: 11391 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 2184.609928] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2184.611160] Call Trace: [ 2184.611565] dump_stack+0x107/0x167 [ 2184.612121] should_fail.cold+0x5/0xa [ 2184.612701] ? create_object.isra.0+0x3a/0xa20 [ 2184.613380] should_failslab+0x5/0x20 [ 2184.613942] kmem_cache_alloc+0x5b/0x310 [ 2184.614553] ? mark_held_locks+0x9e/0xe0 [ 2184.615162] create_object.isra.0+0x3a/0xa20 [ 2184.615811] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2184.616571] kmem_cache_alloc_bulk+0x168/0x320 [ 2184.617256] io_submit_sqes+0x6f76/0x85c0 [ 2184.617906] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2184.618647] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2184.619362] ? lock_downgrade+0x6d0/0x6d0 [ 2184.619979] ? find_held_lock+0x2c/0x110 [ 2184.620590] ? io_submit_sqes+0x85c0/0x85c0 [ 2184.621238] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2184.621955] ? wait_for_completion_io+0x270/0x270 [ 2184.622680] ? rcu_read_lock_any_held+0x75/0xa0 [ 2184.623373] ? vfs_write+0x354/0xa70 [ 2184.623931] ? fput_many+0x2f/0x1a0 [ 2184.624471] ? ksys_write+0x1a9/0x260 [ 2184.625036] ? __ia32_sys_read+0xb0/0xb0 [ 2184.625651] do_syscall_64+0x33/0x40 [ 2184.626201] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2184.626959] RIP: 0033:0x7fe5a49a6b19 [ 2184.627512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2184.630189] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2184.631317] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 2184.632357] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2184.633394] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2184.634436] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2184.635487] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:13:45 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00810000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:13:45 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2000, 0x0, 0x2}, 0x8) 19:13:45 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000060000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:13:45 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x26, 0x0, 0x2}, 0x8) 19:13:45 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) ioctl$sock_SIOCSIFVLAN_SET_VLAN_FLAG_CMD(r3, 0x8983, &(0x7f0000000040)={0x7, 'ip6erspan0\x00', {0x8}, 0xff00}) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:13:46 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2100, 0x0, 0x2}, 0x8) 19:13:46 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c7fc20000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:13:46 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x27, 0x0, 0x2}, 0x8) 19:13:46 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x5, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) io_uring_enter(r0, 0x2dcc, 0x84b3, 0x0, &(0x7f00000001c0)={[0x4]}, 0x8) r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000240), 0x80, 0x0) r7 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) close_range(r6, r7, 0x2) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1000001, 0x20010, 0xffffffffffffffff, 0x8000000) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000540)={{{@in, @in6=@local}}, {{@in=@multicast1}, 0x0, @in6=@loopback}}, &(0x7f0000000440)=0xe8) 19:13:46 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000600007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:13:46 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c01db0000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:13:46 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2200, 0x0, 0x2}, 0x8) 19:13:46 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 84) 19:13:46 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x28, 0x0, 0x2}, 0x8) [ 2185.530242] FAULT_INJECTION: forcing a failure. [ 2185.530242] name failslab, interval 1, probability 0, space 0, times 0 [ 2185.531873] CPU: 0 PID: 11436 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 2185.532675] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2185.533619] Call Trace: [ 2185.533939] dump_stack+0x107/0x167 [ 2185.534361] should_fail.cold+0x5/0xa [ 2185.534814] ? create_object.isra.0+0x3a/0xa20 [ 2185.535344] should_failslab+0x5/0x20 [ 2185.535789] kmem_cache_alloc+0x5b/0x310 [ 2185.536256] ? mark_held_locks+0x9e/0xe0 [ 2185.536730] create_object.isra.0+0x3a/0xa20 [ 2185.537237] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2185.537822] kmem_cache_alloc_bulk+0x168/0x320 [ 2185.538353] io_submit_sqes+0x6f76/0x85c0 [ 2185.538869] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2185.539435] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2185.539983] ? lock_downgrade+0x6d0/0x6d0 [ 2185.540452] ? find_held_lock+0x2c/0x110 [ 2185.540920] ? io_submit_sqes+0x85c0/0x85c0 [ 2185.541421] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2185.541971] ? wait_for_completion_io+0x270/0x270 [ 2185.542525] ? rcu_read_lock_any_held+0x75/0xa0 [ 2185.543049] ? vfs_write+0x354/0xa70 [ 2185.543474] ? fput_many+0x2f/0x1a0 [ 2185.543893] ? ksys_write+0x1a9/0x260 [ 2185.544330] ? __ia32_sys_read+0xb0/0xb0 [ 2185.544804] do_syscall_64+0x33/0x40 [ 2185.545228] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2185.545804] RIP: 0033:0x7fe5a49a6b19 [ 2185.546228] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2185.548279] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2185.549131] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 2185.549930] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2185.550736] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2185.551534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2185.552334] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:13:46 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000002000007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:13:46 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:13:46 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00f00000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:13:46 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x29, 0x0, 0x2}, 0x8) 19:13:46 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2300, 0x0, 0x2}, 0x8) 19:13:46 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2a, 0x0, 0x2}, 0x8) 19:14:01 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 85) 19:14:01 executing program 3: r0 = syz_io_uring_setup(0x4d4b, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r3, @ANYBLOB='\x00\x00\x00\x00\x00\x00@\x00./file0\x00']) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3000006, 0x13, r5, 0x10000000) 19:14:01 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x3, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:14:01 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) r7 = syz_genetlink_get_family_id$tipc(&(0x7f00000005c0), r6) sendmsg$TIPC_CMD_GET_NODES(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x1c, r7, 0x700, 0x70bd2d, 0x25dfdbfc, {}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x24000000) r8 = open_tree(r6, &(0x7f00000001c0)='./file0\x00', 0x8901) io_uring_enter(r8, 0x73a5, 0x345c, 0x0, &(0x7f0000000240)={[0x80]}, 0x8) r9 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x8282933c78396be9, 0xf1189337e9adef99, r8, 0x0) syz_io_uring_setup(0x200, &(0x7f0000000440)={0x0, 0x8fda, 0x4, 0x2, 0x31a}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000280), &(0x7f00000004c0)=0x0) r11 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0) syz_io_uring_submit(r9, r10, &(0x7f0000000500)=@IORING_OP_FSYNC={0x3, 0x2, 0x0, @fd_index=0x5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r11}}, 0xee) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:14:01 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00000800000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:14:01 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000020007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:14:01 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2400, 0x0, 0x2}, 0x8) 19:14:01 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2b, 0x0, 0x2}, 0x8) [ 2201.036533] FAULT_INJECTION: forcing a failure. [ 2201.036533] name failslab, interval 1, probability 0, space 0, times 0 [ 2201.038289] CPU: 1 PID: 11472 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 2201.039310] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2201.040501] Call Trace: [ 2201.040901] dump_stack+0x107/0x167 [ 2201.041441] should_fail.cold+0x5/0xa [ 2201.042007] ? __io_queue_sqe+0x666/0x9d0 [ 2201.042624] should_failslab+0x5/0x20 [ 2201.043192] kmem_cache_alloc_trace+0x55/0x320 [ 2201.043869] __io_queue_sqe+0x666/0x9d0 [ 2201.044465] ? io_issue_sqe+0x7700/0x7700 [ 2201.045098] io_submit_sqes+0x4461/0x85c0 [ 2201.045754] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2201.046475] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2201.047207] ? lock_downgrade+0x6d0/0x6d0 [ 2201.047813] ? find_held_lock+0x2c/0x110 [ 2201.048422] ? io_submit_sqes+0x85c0/0x85c0 [ 2201.049068] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2201.049783] ? wait_for_completion_io+0x270/0x270 [ 2201.050496] ? rcu_read_lock_any_held+0x75/0xa0 [ 2201.051179] ? vfs_write+0x354/0xa70 [ 2201.051722] ? fput_many+0x2f/0x1a0 [ 2201.052262] ? ksys_write+0x1a9/0x260 [ 2201.052819] ? __ia32_sys_read+0xb0/0xb0 [ 2201.053428] do_syscall_64+0x33/0x40 [ 2201.053972] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2201.054732] RIP: 0033:0x7fe5a49a6b19 [ 2201.055275] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2201.057942] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2201.059054] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 2201.060080] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2201.061111] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2201.062141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2201.063180] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:14:02 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r5 = inotify_init1(0x0) r6 = inotify_add_watch(r5, &(0x7f0000000040)='.\x00', 0x2000003) r7 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(r5, r6) pwrite64(r7, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r7, r5, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, r7, 0x8000000) r8 = syz_open_dev$tty20(0xc, 0x4, 0x0) r9 = syz_io_uring_setup(0x457f, &(0x7f00000000c0)={0x0, 0x58c9, 0x2, 0x3, 0x8b}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000002c0), &(0x7f0000000180)) io_uring_register$IORING_REGISTER_PERSONALITY(r9, 0x9, 0x0, 0x0) r10 = syz_open_dev$hiddev(&(0x7f0000000040), 0x7, 0x4e8080) io_uring_register$IORING_REGISTER_FILES(r7, 0x2, &(0x7f0000000080)=[r8, r9, r3, r10, r3], 0x5) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2, 0x4000010, 0xffffffffffffffff, 0x0) 19:14:02 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210cfffff000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:14:02 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2500, 0x0, 0x2}, 0x8) 19:14:02 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x2}, 0x8) 19:14:02 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000017ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:14:02 executing program 7: r0 = syz_io_uring_setup(0x534d, &(0x7f00000002c0)={0x0, 0xaf05, 0x10, 0x4001}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), 0xffffffffffffffff) r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01000000000000000000050000000c00018008000100", @ANYRES32=r8, @ANYBLOB="200003801c00038018fe00800800010000000000040041b6354003000400130004000300"], 0x40}, 0x1, 0x0, 0x0, 0x4008010}, 0x0) sendmsg$ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f00000001c0)={&(0x7f0000000980)={0x2b0, r6, 0x8, 0x70bd06, 0x25dfdbff, {}, [@ETHTOOL_A_WOL_SOPASS={0x22, 0x3, "da7614bacdf1824d2d83f773544d41496cc70b251a38f41685bab379f8fd"}, @ETHTOOL_A_WOL_SOPASS={0xc2, 0x3, "e864dab2066580d8951efdca1e1a56869d1d53348bdc85ec96e960b34b8cdf6c958de1f73fcfcceb9d94d0660cfb55d4b3d6ad0c65847c7556598a95c59a1e29b852a477daeee41c8734bd537f1df4f6532eaa34dc6e742e560ed1718388fd5b18cbb627597b9b27e7ff58af377f6a79e689a9fd1fe232e61cdc55c71dab5bd0ca3a018c479edd684a8910b1402b9c7d265db3fe39d0a9a28127dc54df445cd03ef0a5d4f546b541d90e76c4d112886bf46a83bf1e4ae5e0f2fd42e509c5"}, @ETHTOOL_A_WOL_MODES={0x1b4, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x3}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x1}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_BITS={0x190, 0x3, 0x0, 0x1, [{0xfffffef5, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x101}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1000}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1ff}]}, {0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, ',+(^-/{&\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3ff}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2}]}, {0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x101}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, '-!\r^]#%\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, '/dev/bsg\x00'}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x34}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1000}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x222}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '*+&\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}]}, {0x60, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, '8Fev/bsg\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, '/dev/bsg\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x101}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, '/dev/bsg\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8001}]}, {0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xe, 0x2, '([+\xd4\'*\x01#%\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, '^)^&\\*{\x00'}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '@\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}, {0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, '/dev/bsg\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_NAME={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xbc6}]}]}]}]}, 0x2b0}, 0x1, 0x0, 0x0, 0x24}, 0x4004040) syz_io_uring_submit(r1, 0x0, &(0x7f00000005c0)=@IORING_OP_WRITE={0x17, 0x3, 0x4004, @fd_index=0x5, 0xfffffffffffffffe, &(0x7f0000000500)="bcfa545dd44143b92b096407b324f205e3975f93d936d06e6f7cae4a4c1934258ef1e6a978112d2e74fb3fcd2e09e5a04325e3d76afcdac23059f397c8a357a4da8a273d9ad1861af107ab0938ac75dde87ea73c036c6a50283837393ddbcd641204686c4d5db85da3ef59144b325a8fc965e939c2f384657b2d2a2511e76ae78272da18035f5dd6ea057f79f9d317f2f6d16d458eece9029c90caa2c063e2503b869399883a8dc18b5c74a02b", 0xad, 0x2}, 0xffffff80) r9 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) dup2(r0, r3) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r9, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x7ffe) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r10 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r10, 0x40082406, &(0x7f00000000c0)='\x00') dup2(r5, r5) 19:14:02 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00000001000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:14:02 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2600, 0x0, 0x2}, 0x8) 19:14:20 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 86) 19:14:20 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x2, 0x2}, 0x8) 19:14:20 executing program 3: r0 = syz_io_uring_setup(0x5371, &(0x7f00000002c0)={0x0, 0xbaa4, 0x1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = inotify_init1(0x0) r5 = inotify_add_watch(r4, &(0x7f0000000040)='.\x00', 0x2000003) r6 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(r4, r5) pwrite64(r6, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r6, r4, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, r6, 0x8000000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4000000, 0x10010, r6, 0x0) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r7, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:14:20 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000027ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:14:20 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x12121}, 0x200) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:14:20 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00000002000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:14:20 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2700, 0x0, 0x2}, 0x8) 19:14:20 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x300, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) [ 2219.769713] FAULT_INJECTION: forcing a failure. [ 2219.769713] name failslab, interval 1, probability 0, space 0, times 0 [ 2219.771494] CPU: 1 PID: 11520 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 2219.772522] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2219.773743] Call Trace: [ 2219.774158] dump_stack+0x107/0x167 [ 2219.774722] should_fail.cold+0x5/0xa [ 2219.775319] ? create_object.isra.0+0x3a/0xa20 [ 2219.776010] should_failslab+0x5/0x20 [ 2219.776579] kmem_cache_alloc+0x5b/0x310 [ 2219.777193] create_object.isra.0+0x3a/0xa20 [ 2219.777853] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2219.778619] kmem_cache_alloc_trace+0x151/0x320 [ 2219.779334] __io_queue_sqe+0x666/0x9d0 [ 2219.779941] ? io_issue_sqe+0x7700/0x7700 [ 2219.780586] io_submit_sqes+0x4461/0x85c0 [ 2219.781232] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2219.781965] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2219.782690] ? lock_downgrade+0x6d0/0x6d0 [ 2219.783307] ? find_held_lock+0x2c/0x110 [ 2219.783915] ? io_submit_sqes+0x85c0/0x85c0 [ 2219.784563] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2219.785290] ? wait_for_completion_io+0x270/0x270 [ 2219.786013] ? rcu_read_lock_any_held+0x75/0xa0 [ 2219.786691] ? vfs_write+0x354/0xa70 [ 2219.787260] ? fput_many+0x2f/0x1a0 [ 2219.787811] ? ksys_write+0x1a9/0x260 [ 2219.788376] ? __ia32_sys_read+0xb0/0xb0 [ 2219.788991] do_syscall_64+0x33/0x40 [ 2219.789552] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2219.790308] RIP: 0033:0x7fe5a49a6b19 [ 2219.790855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2219.793543] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2219.794666] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 2219.795708] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2219.796748] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2219.797800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2219.798856] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:14:20 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2800, 0x0, 0x2}, 0x8) 19:14:20 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x8, 0x2}, 0x8) 19:14:20 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00000003000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:14:21 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000067ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:14:21 executing program 3: r0 = syz_io_uring_setup(0x4d52, &(0x7f00000002c0)={0x0, 0x0, 0x20, 0x0, 0x12}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:14:21 executing program 7: ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f0000000240)={0x2, 0x4}) r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0x65}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = getpgrp(0x0) pidfd_open(r6, 0x0) syz_open_procfs(r6, &(0x7f00000001c0)='net/vlan/vlan0\x00') r7 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x40082406, &(0x7f00000000c0)='\x00') r8 = getpgrp(0x0) pidfd_open(r8, 0x0) r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0) perf_event_open(&(0x7f0000000440)={0x3, 0x80, 0xff, 0x8, 0x22, 0x3, 0x0, 0x2a7f, 0x2815, 0x2, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x7, @perf_config_ext={0x400000000, 0x5}, 0x10, 0x6, 0x7, 0x8, 0x800, 0x7, 0x6, 0x0, 0x7ff, 0x0, 0xfa}, r6, 0xb, r9, 0x2) fspick(0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x0) 19:14:21 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00000004000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:14:21 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2900, 0x0, 0x2}, 0x8) 19:14:36 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x3}, 0x8) 19:14:36 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x2000, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:14:36 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)={0x24, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @fd}, @typed={0x8, 0xf, 0x0, 0x0, @u32=0xbac3}]}, 0x24}}, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r7 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r7, &(0x7f0000000180)='./file0\x00', 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN_STATUS(0xffffffffffffffff, 0x8040942d, &(0x7f00000001c0)) 19:14:36 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 87) 19:14:36 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r3) 19:14:36 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2a00, 0x0, 0x2}, 0x8) 19:14:36 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00000005000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:14:36 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000200007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') [ 2236.004075] FAULT_INJECTION: forcing a failure. [ 2236.004075] name failslab, interval 1, probability 0, space 0, times 0 [ 2236.005993] CPU: 0 PID: 11577 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 2236.007130] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2236.008475] Call Trace: [ 2236.008919] dump_stack+0x107/0x167 [ 2236.009518] should_fail.cold+0x5/0xa [ 2236.010145] ? __io_queue_sqe+0x666/0x9d0 [ 2236.010833] should_failslab+0x5/0x20 [ 2236.011478] kmem_cache_alloc_trace+0x55/0x320 [ 2236.012243] __io_queue_sqe+0x666/0x9d0 [ 2236.012909] ? io_issue_sqe+0x7700/0x7700 [ 2236.013621] io_submit_sqes+0x4461/0x85c0 [ 2236.014349] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2236.015177] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2236.015980] ? lock_downgrade+0x6d0/0x6d0 [ 2236.016663] ? find_held_lock+0x2c/0x110 [ 2236.017354] ? io_submit_sqes+0x85c0/0x85c0 [ 2236.018067] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2236.018880] ? wait_for_completion_io+0x270/0x270 [ 2236.019696] ? rcu_read_lock_any_held+0x75/0xa0 [ 2236.020470] ? vfs_write+0x354/0xa70 [ 2236.021095] ? fput_many+0x2f/0x1a0 [ 2236.021707] ? ksys_write+0x1a9/0x260 [ 2236.022348] ? __ia32_sys_read+0xb0/0xb0 [ 2236.023045] do_syscall_64+0x33/0x40 [ 2236.023675] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2236.024533] RIP: 0033:0x7fe5a49a6b19 [ 2236.025165] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2236.028129] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2236.029402] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 2236.030596] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2236.031812] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2236.033024] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2236.034234] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:14:37 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00000006000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:14:52 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x4}, 0x8) 19:14:52 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r5 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x3000002, 0x40010, r0, 0x8000000) r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.throttle.io_serviced\x00', 0x0, 0x0) io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r6, 0x7, &(0x7f0000000080), 0x1) r7 = inotify_init1(0x0) r8 = inotify_add_watch(r7, &(0x7f0000000040)='.\x00', 0x2000003) r9 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(r7, r8) pwrite64(r9, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r9, r7, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, r9, 0x8000000) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r9, 0xc0189378, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r3, {r5}}, './file0\x00'}) 19:14:52 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 88) 19:14:52 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x800000, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:14:52 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000600007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:14:52 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) ioctl$F2FS_IOC_DEFRAGMENT(r0, 0xc010f508, &(0x7f00000001c0)={0x0, 0x1}) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccdefbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:14:52 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00000007000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:14:52 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2b00, 0x0, 0x2}, 0x8) [ 2251.728788] FAULT_INJECTION: forcing a failure. [ 2251.728788] name failslab, interval 1, probability 0, space 0, times 0 [ 2251.730250] CPU: 0 PID: 11606 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 2251.731061] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2251.731908] Call Trace: [ 2251.732191] dump_stack+0x107/0x167 [ 2251.732575] should_fail.cold+0x5/0xa [ 2251.732972] ? __io_queue_sqe+0x666/0x9d0 [ 2251.733401] should_failslab+0x5/0x20 [ 2251.733794] kmem_cache_alloc_trace+0x55/0x320 [ 2251.734263] __io_queue_sqe+0x666/0x9d0 [ 2251.734679] ? io_issue_sqe+0x7700/0x7700 [ 2251.735116] io_submit_sqes+0x4461/0x85c0 [ 2251.735575] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2251.736083] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2251.736592] ? lock_downgrade+0x6d0/0x6d0 [ 2251.737021] ? find_held_lock+0x2c/0x110 [ 2251.737448] ? io_submit_sqes+0x85c0/0x85c0 [ 2251.737898] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2251.738400] ? wait_for_completion_io+0x270/0x270 [ 2251.738897] ? rcu_read_lock_any_held+0x75/0xa0 [ 2251.739377] ? vfs_write+0x354/0xa70 [ 2251.739763] ? fput_many+0x2f/0x1a0 [ 2251.740138] ? ksys_write+0x1a9/0x260 [ 2251.740527] ? __ia32_sys_read+0xb0/0xb0 [ 2251.740952] do_syscall_64+0x33/0x40 [ 2251.741333] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2251.741850] RIP: 0033:0x7fe5a49a6b19 [ 2251.742233] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2251.744108] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2251.744879] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 2251.745611] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2251.746349] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2251.747082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2251.747816] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:15:07 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x1000000, 0x0, 0x2}, 0x8) 19:15:07 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x1000000, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:15:07 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 89) 19:15:07 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x20, 0x0, 0x2}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r5 = syz_io_uring_setup(0x457f, &(0x7f00000000c0)={0x0, 0x58c9, 0x2, 0x3, 0x8b}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000002c0)=0x0, &(0x7f0000000180)=0x0) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000300)=@IORING_OP_FALLOCATE={0x11, 0x59f5ee0a7c70a1ba, 0x0, @fd_index, 0x3, 0x0, 0x1, 0x0, 0x1, {0x0, r8}}, 0x8000) r9 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000004, 0x10, r0, 0x10000000) r10 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_io_uring_submit(r6, r9, &(0x7f00000001c0)=@IORING_OP_SENDMSG={0x9, 0x3, 0x0, r10, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=@generic={0x22, "53d3b057e080800f8f7f574e1add2b9bbded3ea4b7d0d18c867e46fd41a75086e47d50968c3c1c92dae9ec0d6f52fc4115fecd7b4320cd3d3e5e52b1b983e680bb68b8e519f6c6d89acbe3fba564ce4c5821ab92c49a94bec609f8a4145e41ac73579039a6a9bddd7885b7283280ee396bbc0c0f5fbb493fef02f2c9ba84"}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000340)="8c3c963cf15c63b369fddaa250f6bf0de0080397b7c122d96a72794eec09756b4f7222d4c546a8e8918297988382b9600c707d09fabc219e5cd8e7614879e41e878900feaae91c80f2f0457135a036a1d92a312e5a94afd687c2c48f8b91de2b6d03c75d8a84b34194e0aca4d6627bf9da525ba8fd7616b7c855c2fdd30bcff91f79741594dae8699ff4ed08c0bbf63fdff2c979111d934bc4f97e3a33a1065007a6c4a46bf13040264acd55799c9a65b559fbf50755182861aee786bbed489baab55e8798ea0b607bc46378539b5bbd05ab0434db6ff7e0600d902d95dffa00fd35e9", 0xe3}, {&(0x7f0000000440)="84e9cb259ac8093a87a80a1a4b8a06b9e6ac7a9f5b2b3410ed982a2b5e785dcc1bad286129b62fcc9f9419ba4353c5ebfddd8a10c944f575218ec36881c1c0fcbabf77724580bbe79fd546269c33db45d4bd0d4f31a2faa2e26a1d29acd63d725970caa13b0a5fc8f7f2914fdcd2b1807ba8346741f8766de8e171bf250d8c7fa29c0b03f433dd2820dae90d8a9b10d69c7856e5269526d9a8f349100f598597f53dc58b936c7c6dee1d0aba84", 0xad}, {&(0x7f0000000500)="3b0c2e25a0402b5c6874694a342b29f30cae1ee551f02860b9b5039b63765698b6407dc734a892861a513cc41eed0ac6b0fae37b0f88c0797ff1c8503333b41a484bda355357cb264bb39d862b14c35bc645fb3e392beb831d9fb8cd0776a01ff4822b737520ad868a1e354736dd65f0a5f41bcd9b9d4032de68dc4af99bb6bb1fcd67ac48a972988485ad0f811bee90cef883eede169c1620b3525dfd4088caf45fd4d5b4f1f41377d97befe37aab60fdfdef8d3d6b0eb6aff1c9d973ecc54065222b4f19cf5616ab842e278bcd2f1433e5a50f0a91ee367bc8ea7457ddcfae580c0e8552e13d5394704c0be250e1b9be2dfb", 0xf3}, {&(0x7f00000006c0)="17e03ab463c7190a16a6365215aceddce5618b75a60bb92f8a89742dfc7497d5e161fd429e9a788fbfd8ca9471e274dd81078b27b9caf8edfb0ada4a202a6b0a0b0e80f5a4986c1b64207e784fa578e39390739e6b3c65c80d9c84e840c73d1313c2662ba667ff3c3156a68b3e79796dcdf2d325457c727267d0601bccf8c8efbd47ec4078313c3e337d1806a30354578a88ce881e3ad29286c11b9b91ca249c45ce558930b2435c8a", 0xa9}], 0x4, &(0x7f0000000780)=[{0x50, 0x0, 0xffff, "779eed0db4c0846e9dbe2c7cbc82f3c67aea33920c789c4ab9727bfb4fda1c2751d0b9e1ed8e845405499bf5abc53f717b51b92df2bef66f53ff070f"}, {0x68, 0x107, 0x0, "050ec8dc28db97e93ebd95b676cc7d2c90784cfa4a57de109d577d6f1700f451b74ca4dd531cc482dd6aaf0632a8953e6c0d43c9436f02c4a8050e6274d59866155105a1e27435446509c39882303046bf91e4"}], 0xb8}, 0x0, 0xc000, 0x1}, 0x14) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:15:07 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x5}, 0x8) 19:15:07 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00000009000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:15:07 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000006007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:15:07 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0xe, 0x4010, r0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) pwrite64(0xffffffffffffffff, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, 0xffffffffffffffff, 0x8000000) syz_io_uring_submit(r7, 0x0, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x400e, @fd, 0x2, 0x1ee, 0x5, 0x4}, 0x7) sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f00000004c0)={0xa, 0x4e24, 0x6, @empty, 0x63d4}, 0x1c, &(0x7f0000000540)=[{&(0x7f00000006c0)="f6f3ccc1402f538b2cefbc990b9b0d03d793b0b73a46ec1626c36702b0d9d8148edac9e14a34ff142f2cfeabdca18ee90f6720037ea8ed36802ab2503b94ae617e2b001aea41b7d0d4aa7de71cc4fa3019dcda314358d210902fb47e5c116e09ff0241568c20b84028732b2cb4328c21360d15fdbc9efa38fd788b4ed135d8f35e372833cbc1c85194b45352a098d1999621e6bd4bfa0de75017a90ac4fee8c072ee86f67e2a25e082360e9e89d02445639d48670a40c015012b90d6f7cc4544d8316e68e7b91d8c413e55a6f137f8aa80cb35fb158428d8a8752eda0371ffa745763769531b8574dbc4211c01e9e59ea9b48ada0518502f88465b6c62662371383541fba1f0fa61e2b89864f088f7f42aa5dd9cd645640f91543c24c189abbda6c4ea268a785416b89544b1edff11329efc853b7b0f494fe565b09aef2730a9d6344e4266e5406df8c9fb5ead7ff32defeb842e4f947ee90f4f62551b1006302a0499c63fa76afd308f63d84a27e4fe1fa9eea6e87f450b9b28ee66e3f7a0c87577fd16af52d8caf93ca3f546781a04301da522462a48ebf421ceb7813b0a1ccc8c55688ec7d2b84f1610a37279f4b80ef53496c01723ea1cf164fbb33be6e364b965b76992fce665f4b704ebbb919808f734eadd7fdd076d5155f9f33cee29a11205497c673e9bac702d45c6ef943097337bba0ed0e29666c0a5bf9fd83692f5d939fa3839ba7d1465cb72c0d2a10659d32c191bb1e456cb2a82faaf0455aa0880d843fe538e686328243ee2b024f0e3734f13dece0ad26a8d72ecd8399d2a044e71cd3185e72853319af84b7ee5e0326844087c7d95dede975851059ba0ea20bbacc45ea220aad8cbe96df12913dec4dbbcd30d2cbe90c1989214b2223c72d9e88b39dae793753799d3cb0872e1af30957a7cbe9d8958f4ac8dde8af4da992f30388f63fefa1c957208eb7b7c6c23f8a6bd98c060d762e703946db5e083f4bb4f4bc1b678574b5e481e192e405d1cf07ab6225564cbf95ef143893ac4aff0d0302b00aca5d172bcc1a4f692c4d6854b88d05044894f8eb2557af144aeb0061f1d2af9e433b164cd755e2f90c41e99303e40433bf84fbba9a43cc23e05167938c83c14d3393d259520d17432a8afd6763e7beec8272b37de920227afe2576a671bdca22e6443e5968ca973d6bdd746de8e2976e681b5706faf9efd5f6fef1e157363e6f976de789777fc48dafd90ca90fe58830ac2b2b2ff14f0aaf79de6baa3ae01464c6143772605497f13c355db6f5e240748243679dae834c3f2381bb7e37fd8e062fe0a8122f00a3a5e7e22c984b45f8724e1e8096cf8c723fb82ad9628926cfd402a5d08f24bdcdf9499dfa29da9f63440fc83f3734caf0110ce08d293ee9066742e2ec43502e7890254c8df0e7552722af491c5938a7825329de1a311a0f05e1816419ea4c2f8ec6b3967bffc53b3ea10071ecd563271126b77a7825395f5aad637deb5b061a9287ed09e1e706db31993b140ab77eb1ac4b121d150e97c88f75506c2d7a70bd8c9174412ee9ee2d5eb7310fba9a63b4c494c0c50cd1f188961b0a0ffc9d53a215ecf007649f2418d7f97ddcda9a21a72ab4d30a7994a684256d6992b16da2353d25a1c8dca2df2c1e0155633ad0498f121b8b0ed5929e02b558d304c8aaa74e08041d8194e1f2887545ef7dde9197b4210d6fe6843853179bd2a458bc0d55565b94c0f607171e4657a29febb1ea0845f8e02d10bb88b29e2d01cd471bb8d4717b773f27e38680e6a4e03fd872370c2e1717edcedf8104605b670251127379c75f4a19fc1da49ce39b0beef7829a13930adcdee2d230f47156a6268537d16744ba052c89398fd0ab84b0ea1303da6f3eae3ec2ec16e4f9c6d5fbe6423fd6d1be1ad8987a61dd8b9cdcc81a495742d22fc1c78c74b310cc8dbba1e2474c81f046add0d6aa6800b605bc45a005ca96e12fd6064e679ae122e5661b8d50263ca738ea453fc061ed7c5560b7d01d109a8dd4a02b4b286f5e50a94ef45583bca3aad0cc8df90f7cce8535712d742a0bc3a49723ff031f62ec2830e80cb3c70746115c41c0d66c8f841ddb48380dcf78bd5c5005d5633c9041f732bb1db6c75e123ea03725257ac7b16af312bf4534d4ba3c10a0aef8fa962b741efcd4d0e7faa137bfd3fefa0a572ac6fce2997592f7d1fffc071774e35e96cb6cb79db1cf76a747d19c547ac91cbcd057c5566e55bc6c9c5755c6e5b9b27868d702c7a3d65663f8d7cec38b50ecfe4a20e9754502ab788e640144a6a2bb7bec818e5e2c2433937250e6756e0874785c0b2ecc23df1cbfb9016d554b4edf916010b32fc38b50c0a173a7c300205ea1bc548e912f9817a4ee5383fc5254def9a5fbdab1140d9781580a76246c6a125d7bbf508004002e10687f658d42f5e17e472b408b3d70c76f65ca74240667be8705002a55d98e6128ed3c0114cb5ff136084348b1dabf2d2ae28985b79e4fef7f6e15440070f1a7979150bbc2340b1d65c4205be5b41def8c084424ce308ddc98a3f954dc52af89825568bd33e58e42ba3262df86e231904d385b80d80d8c0a7cdd231f478963a98efd40c1b9653651df4afd69829d8a0e80ee17ce94eed930436f1db742a0160d62820fffac926ad1e16e9587fbd65776254fddbe2b30b457486f779d7d45bece47368d3db568303968e9a2a145515ba083f4630699ee84cea03ce4d19d32c765c00f5fb26aaf17154868924074e36f6ee953092c1c76c4226a9672c3e50a7b5069a119d1f2a92f8aeedb375142c750921e6716403c37baf6a7740360e0810817a88f4bc0c28b9158d17c6b1bb7b60fbb1861d78130e53d3d7d9b78fb18deeb59ab0f92b4d0e00d9e3018bd19a9943da542785ddeb4c1a0d9929b354dd01fcfd184233c4327ed937a04c99bf618a359f59ade97298390650260858aaadd466aeefcad3e20f404adce01bf9830c61ed775e82f2475f7343ce7bcc26dbcbec772444aa19ec6b78f8504b4525be2983aaab74522660ef9b6f985a8de413f0d8ece39662146f5231e9f4b22b517154f3ccc661628c2d1b88e84ed09c0bf091fab1dc84cdb4a29fc4390fd37774fbc7573992b5ea7ce133dcb8c156f69421785778ed7fd5d644dc2cf32300efc14c0e0193e0ed2ca979f3ffb1d97d6ea0a038511e4004b2fd47b8b8b074c66c83723347be1c8b92c270ec0e2da330525fb0c3b5fcda4a96be5d3e385c426d379663a1f26767ca1b585b7214af25b19ff793d2db9c25e1db1ddeb21aaa31f10bdebc08b50d72f474e9750498f9c2a8f04f3f1dfa70482d2d6efbbf4d391ab1aa3ce4c759c7395c17632e5cf33f42d2c1703a8b1c7b67f0738eae6a9f241a2bbed2e4370cca70e5c8ec66cf7456c1db8adb7383537b42d0caddf99e47809a3c80bbdc8213f2f1b61c1b22ef2af191c2845c46e9ea2e65b5356fa8c46eed06438072a41a699a9aeb66499ef08d573d45c453e826c8b810bbd6e977ab5989d6d7404e14dedecedb427db0b9f8e87167a9f86898216aee7854550085d0770348681898b4f54d0c267f4ae366e5a0059b7894b99c465fbd1a1c808de91ade80822aba7766fef9aceb707a288025aa7b82ecd563d5b348a76d02dcb97785040c5d1264150bbf47e4be0b523f21a12dca15a93242edc5183687fae930f59ebdad87d96ea10bba7ef521ce4ba68109132110f3683aee71b50f62ea5643b03d5ccc23445d930ad4cff7cf8e765179fb85acbe44df13afe5330ae3b2188c1ee4a8acf60e744a3cfdb9f3d5f0b93d7633a597a6a3942a69b1e9c2e1bc8afe2a633906d1acbb0869a7d6618ce7a77dce1b073d69d2695b3d90918edf440452b517e9dda3836b837d6bd0742c62e137d9131af2e464bc543eeccac2653d57ec02ebe1dd2392fb69bc8cee304fdbe1821c0db9c6d3e473082aafa72a91f334ed822a1eb0d813ec8f81f480f273059962c1c5d39fd778bfdbefbd77e72bc047be05ac18ce7c71ad2172d74729949aab56ac7736dd8accb2054d5cdd87e9710999f8d952a290812ca575348335c219bd591d04cb61deda391e65c0b65940b78da8e4ba65568f4889cbdbe1d81dda7d42b1b5c4ed817dc23bf165e570f4d8abac550494a6b79eca229b1b64f3a6ff579c8e90b7de6b54e65eb468366e0121035eb4fdc46cbf4950e079f2c278231ff91fb95b1da27cd9931df69386223e52007656e86d40216827a54e934a5a0273a7316a212a6eaab92d5ede07d0e71244f740dbd52093b42e641f99d652debb78815879db2ddc729fa8ef4252a7ba53e5854a89468afbbf0953561722944a4115f73cd2de10825cf69d66d5b54aac91ae49ef110d1b4fa97717c7d3bace8c5229a87100b6ed1e807774d94643dcc5c07de99b3126247b7f45a26467fb9b69040634546f7f99deed1b243bc9ecd5f29e5242a7a674fb854d8b98519f1d5e6ca1c9bae00dcd8f36e84264ab5f7f2388461fb636ba36b9d14b94e2d746b1acca2f002bebcdf6315ebb61d00d0f60339a7aa1e888922c4e646544c288696ee62c90d06ca9e0be10e67db2b18bceeaa8d2db0d753cd0f6b7eac5c0372627ca637df2ccc951ef516e1afe65473a5434c6543eb48b334f4fcad664b92e789bdcc0c3bc03fe34b70e7bb83957c38f884bc014c077038083dc1534ae1f5bb058e92909463b8d0218a44ec7649173af94a7b3222986194af2eac7ee25df6120e44186bed8f49081c824280d330e336b05bf8490f290809474eb98cb411273dd96d2310d149c5f6cb73edfea4e63b8aa8e16a2c5faf73b21d7999e49b70008b4bcbe6dc865a3eba5686b479a5cc64a74415d944698621178e5bae65db259f0861e36c74d1de1cb0ce3326d975b1747e725a38f34b3a009c5e3a749d4ee3c8e768344e4685c945e41a596f8af423f7de1ed2a253f6c475d148e9a246675c63c7c66b0c3c5ac584f26f294e3396887fb288c0d3a57569d791e5584f725b8c988e355b9276d5395511ac4062d352a4b17e2e0d24ac1e4c061b3317c7b3b018a383c814bc3e333b997bddba07e910d423c5243de0c675c47b1e3eb86e470308c36c242de02b695d0b7846b1c5872a7533e4027b4299803cf356b57e9b8dc3c982ecc42589e400974e9f970a1c80a6be902b5303d8d85f39ae6e8b3423a9ef3a2bad0cc2261e3dbf2340effe71bfa3f5467dd6a066afe76af93fcb383bbf111738d1e2e0feae77040d3122fd3d866d5263336cafbfb87cb067dfc3307adecdcfd7baee2c00c933ae7f479447c8636ef13775862593783ba9f3b04b6a11c463bdb911dff4c96c60927286be21dd10ca8d9719bfc8a380ae4638f095dab662ecd4a5f41d938d869588189471587e2b28789d698438953a10e3c1ee346126b937aedd48150c6ffda92516941714162f9edb31506272a1d9ff0a9f667b4938b44524469641ca75bff342598a13459a0e3d677c68bf60933406b210407d436f2bd2bd5cbd91ce778e59b0104ec7ad2a1f234ff28b617026d5eb80cf46cd685d57729c79a5a9f5947d3c0809dff8d02099f3067524e7880458a6af53c26f8c7d541daa1744b1ff0c443f206305b21db91eeff45df93deb3a0dc77f0d447fec79e1a794904c909fb0910232a73353b12f1fb4f95a70ac58486078b7608cb12e2c63d37f8c83416cf219c26a645a370fd3b780c864fd27b93932e291a9f0e25c97a8365986090d1c3d755ecaf70723cca43c145153284e4686c8b0962466cee5e5cd1ef15ff", 0x1000}, {&(0x7f0000000500)="f1b0366c7dc47a3fc2aed3f8cfc2ab75066b22ef66f7dc96a8d7bf2a307cb6eaefcaf740cfe8fc97", 0x28}], 0x2, &(0x7f0000003180)=ANY=[@ANYBLOB="380000000000000029000000370000000703000000000000000100c20400010000c910ff0100000000000000000000000000010000000000140000000000000029000000430000000a0c00000000000048000000000000002900000039000000ff06030500000000fe88000000000000000000000000010120010000000000000000000000000001fe8000000000000000000000000000bb1400000000000000290000000b000000000004000000000098000000000000002900000039000000871001630000000000000000000000000000000000000001fe8000000000000000000000000000aafe80000000000000000000000000002e00000000000000000000000000000001fe8000000000000000000000000000bb00000000000000000000ffff7f00000120010000000000000000000000000002fc0200000000000000000000000000001400000000000000290000000b00000000000002000000001400000000000000290000000b0000000000000200000000700100000000000029000000040000002a2b0000000000000710000000020200030003000000000000000da37ae9b720bfc1c31445f1fca772fedb8ae975954ce5676d62b314abac50717034659685fd896415ce0f423c0f924a5b4914ada251b131c52c06eff5d42d874a2d9462c69a3d2b8f472e4ac0573326f45a7608df06e183f69ea598bf85c3f49f82da7995e60bddc40772aa403baf0f3e2677cbf0fb56937363d4207ad74a0eb77e6498996a2722ca358594abf4c8b31499e2255548b1f1f2209e61bba1fc5f294dde350e0708000000010008ca9e04010505020401c910ff0200000000000000000000000000013f7c47099f298114e14df059ddf472b1d25636e67dd0886fb7a607eaf523fec4c19e7c15c5d4b81aee92cb2e83318242f2f443442b968017a899af62d82695dd6fcdd09ee7b66be407b566cc8999ccf9871e7bc9ee6dafb2cc44ad9b8432d4b1d2539615e031a10e9284d9379062a270652a325880128f3108ea11c297ef701000000000000029000000360000002f0a000000000000060074af9bd5cab97993e3b9d2d9ce1ce1ded3c69749f6f141b919c19d2869deda9f6f7d7816622b15061bbd1fa3af25870f2a4ec4ea72171af7b416318c65b795183c8c834648a20da239c5617d03a70c0e373e15e8925e3827374f4a5317a8090b9e642dd7d4227d4d7de36789495a095ae6050bfaf4fd8016db16e2a1f861ea7c0e494ef185b4e1cf8e119cbb3f49768486582a4d0cf4d0df29ce0a0403d087a3eb3dacc6d7e91004599e8c86a11ba4ee1a00252b9354df882df2688a1b2498e3696fa7918779dff7155d675183111bdaf9b0022df347a2847c1c4ab5456b1ae0d605016cfd8cf68f3c0b20eefa2d295719f5dda5df6257023a7d42e0dba1b93b4e643b81a14b3041746faff7e3ce7384f565ab4248c894047c584e1fbe36894491e871439a6762751eaf479ab2cef3a9aeb1b988a9ad865e1bc9607154e1ebb3161a439818f962478b16dcccca9046dc46864ddb7a6e96671841a4685f869daab3d0fe9aac86febb02b1e5315ef56c117e49a46986e361a4c549d463e0dcce6d2e0780e24403b4fe7b74b04cc91b2b1f01a3f543ba38c87ab2b367e56c313c9723e714cc4a6c1e1ebd5fdc705663c28527646cd18feffefe5f406a7a5451ffcd1273dbd2e2d922a053eb30645bb9f93672b8d9e90ecf837f219671499e736af9cf6c62d5842a2e1f55048c025b4c560f03d5c9c20a7aa1bb63f5260e81c65bac899c38d09923a68299bb95ea798a049261e342aa4e71ea18f8e054b6ad4a9afd1ec25e3361c49282712c0a1b636cd10e7665994396307d43a7bfbed91f8b05840b51221fb3dc060771abfa685b66a383a3f45f251cb6f3e83f623ae97c3941bb8ce15b1894f4017921eb1b7284416471714a19f48cee3f187c9fda4e0f3894dc8ef75f07949bea7c61e4ec848967ebf9bbf2f1f2f95efa6814ac0115045f3368ac85ea3de5c8da023f13316a8c783f73d538d0a62b8393566d08b2f318606f61e9553b40f40d3c7be1c6c9b3d45dabe6d31d6dd0cf62effeb7368d29c615f8f152faba6fca550958ed5f0990d3e3ef414cb09ba1ab1b7ffb5af07bc72925b475acaec8cb2478acd3740246b10e116e6e010974c9242e6900756031d7c8c82594ae20f0527a03480e9fbce150877d4ca71377d196d08dbfb94fc7aeb90648e31f7ae8f602820ade4185b38bd50a14a1f1e8de7600714cf86858ef591eb8f0be36203824a4e129f87dd16f0ad9a90e85f659e28eb45bee645ec7c43a8c1c03e2438d488009b51bfa0545c1564165741b0213ff8b0aec5ba6857ff178cba64b3b7aeef96064ab7b30f343e37b91f12a23f343d3d37d2d293e9608533911e98571edaa8ebec22455b101c5b62aaa90a3cadaed5300b2d384606b7367835744f16538ac75046597666951c5f9a3bee3ceac1bd966c705dbe873c7b7cacf5ff3956917a5b9822b90a919de3bc56acf1929f3c7e98880aaa4471900bfa566a16b0848e026daf28299a7ad8b97e7a9d04b33c2f40110f6747ca9239e132bbe3c9cdd8c507cdd3adc10714923af75d62f8062f56cbcb2b89026288d78fc1a9d04600ea603d42a89c4725b64f048ada6066853eeddf97f6b856873ac6aa9dc8b6d457a1cfc5bf22625e4d8310b1d869d5a182287ed95af6833e6bb226bb0402ab1a709f8bef77224a7c0df44e6e7badbf504e706c85b4a11f558adf551de5f56ffd2569b943d5dc75f6c6d41bb36e2a149497e62ffe40996535e0ed213e6b23ab3117b9c86cddf45f910ceec7517747c88b6785911bd96b2e92d7268a964f7642f3722428154aa0cf2886f3ee1cf6abee8bf62f7536ce1f97638cd25fba505793f2dc410c6e557584f0c9445d0374cce2ce7a111c8a1d138907238b93f49e8983ce5432415eebc7fc0ca850110fd1cbb91208c1ed901187ee6f78f6da3132b3c005434d8a11a847ddd09d3fc027a42cbac16cf7da80c49f4aef2db5bda507a856fcf8de79cfee9d2e689b1824b268b2c12ea92222f742d89f6b2a49280d3cb3fa4a2fb4201d68bb2ea3ec5fca71e3c1535c549fae09d6d7396f4b8489dd541d893e5c31e270080eef21e512bc6c1e838ff0d584df577cb12234ed0cb097f716ebe4c2cc1ef4864134c6f581417d53cf39f282c7eaf8558e93155b7536c66903f23d3f2f2480a1efb5e655e65ac8ce08856595a16865527283a1bc7054634097ba76e3150a1e12ba31dcceaceebb1cfaf09e2f89ffd19e5092cd36dffb837bba4131e4cd9bd3da636cff7db897f38eca77c0b925ffd7bb5c15ba93d4db9dbcd7caf2789a3c49283430e8f116da8697dfb552948fcc12a9b2e212422d3bba7e1e436b55eb0a382ffcc8d56a066f2c1f94bd0a29282e9adf45d4e8fac4f9577e5c7c9ef77e39f0cae099a68fbc741f5aafabf069768ffb38f1cd812cb3df9c2bc4176446c4ccf0a2731e5f159a9904a7c4841e6d3a017a66c055766cabbd5a34c557e7a2a54a8e89ef0f6fc7fdce98f1dcb86e1d319569fb098f90892c4c55700ed9ba820eb7522aaffaa119a9d3b264185430adaba4e921c13540b5baf430be3e05bacf5ef53e41c8794a75d823c29d552c525d03135ab787f022c9efeb59deb82c1857e7e6cdd5fdf1afac0e3172cb4435a8b785d9754ef9064416084ee769c1cde9f4d14b3a888a84acae71e1d2499b63c121edc10a68cfa7cdbb50d12ade2bd281a390ee21983eb3bb569f30b08760ecbd8c7265175bb903ec50fdfb0db5a363014c6a771a52db527d490bd4cb13377e7550e51e4b88b94012ad59fda6d32aa4ff4de398383306c25ab0eceb83b8e695745c1155919fed524c14d33f90bcfeb17cfce6f9e0078528e08e916e260d05e40109d59c8d67295a39b8f00b0b4cfc16e8224d5efe2529ad6bf043ae2016d35b3e4a30088e29540f4635937727cffd56a072901bbce810f31a53622702c44e3eeb3f9eb671ff640d565726602ad97949ff1e7c07999bec4ee5a40b5d3f2918baaee032e04c5c79135d14e2c49a76bd8174d7dc168b54f4ef5c2a70d11cefff27639b5d369dbd0c2c311d02e52269f40256d62bfbe3c4aa9c666aaa0bfe25dec9f21ba3728c822afbfa8b5222bc7ac892c18b28564f8ac8b871a4e8f189d83d641c373c4222767885e65214a981a2ee29f71f8d2e468fb9a2413977e08586888d497f1a0631eb25291487fca759920c51fb6f6659758e58c2bc42840f4f3569f8daa51b71d935ec7e13b577e8dc727994eb8f33d6677e00cfd9e62d1f65aaf8fc806ea23887ffe2aada2fcfefc9f42e47a20305432af137a324d0cea81eec440bb3ea841a827d4d875fc610cc5bd81c25e1808a2d40510ec3d55415bf61f791e75730b3d602a31b8cd811e050dd4e02c34cbd97950aec571a3cf6e89538b2dafe3f207cc5384c8a4595172eb19f5ae5a9f6c2908b88662646920940c5728796565f69e976b36bb4cd56564603eab641e711ea0261488a73caa7f8bcc4ee00b0715a57649d9548810cde79f3c05b5b962758fd7276cabcfb15246833e6e31d16af4be4d097871627776d921aa2cea1690a20ea6d3b9e60aed07fb3b8ad2eca7ec9de6dd47da53e823513ba4d81c4e2987b45451c35d4a48869c72f8a430c13e0fee5c0ad8f5f20be236d33d3d3e2804ff83a63f6da6b9eb24d5bc70b43a8a099a2a3b358a8c0a85383b7f8005f551dadc108aad4641217a63e05e13436c951cc2d3fb72d179469ab388cc55f110c5e1e8a09a48fb20b2c40877d1bb01067b0a9310d8cb625be5eeb9d5fc07e106526197b60cf4c39ad594fa499073e2175dd89c0e99579028aec637c9dc8796baefbd18574cb7183129fbaaa6161b3852cf360f0d754ca4ecdb19dd0ef8acd573b9b823549266defe29a27ed374f5b00b05a7309c2a6340023d6d92c32275d6650d71f6d7577e0c45c31b29de207ae08c89d6b5b25c45cf9bdb96c996bd1d67517f75d4044f6b414086de703ea0cabc759f246b4a281974eac4d2a6ecbdbc90be5ea3de80e72fef40f18c30f5ce514596a6b0d8977547a38c590b7d6c5487e64d5a4f285020a1cde27296b0fc64c074f94bf167866241cbd9a0e95c9e38dda10a942e6a7bc738d94859529851eb9d4b4bc055a9ee8bbdd17a1fdd72aa74d0b8a1495f84b4414cd6126f602106e1e7890100931cd55e4e9cea6fae09f7ab9c389f982036b5173c2b96389b048c0b377db5340d338b638a184263e2c82bc51b280c32fb6bdae6ee9c52b14dbcac7d810061a0699b155b5fba63c7cdfccf455f0ea5ba5f479cc6331bc765a1d7b3572fccffdf73d6ed76eee942000ff18e4280b88bf1a848d452835a574318404922896b475c868a797a994596c897ac57ddddd0712f029afa214f861fb97625ed70fc2ac190c9989ccef0a860a368020916797d30ad3753e63d48008a96461378a8df5ad2f546ed0f2e687b21cb96e8eca13cddc323d2a5bbd7259f15222785ce96dc0e6249a31dc7859f2ecb543b896c8f29db744fbfd8502ef8638b6643b22e1b290a42aae389c0eacbd8e097a79ca187e7dcdaaaa7a3a783a590be65d28f680aee09cebc5bf43227e8b57131eb23d0e2fc4843971caecdd45eaaca076b599ae7c722a416c60b43a6494982416b22b9b45e8753c3381fa8091ffa90f7c2178c4227766b7e576ee1f4565bc98e9d6bb33bedeabcbcf7cb22a48e20123eabb607a97bd287c201b5bd20f66f3670202738f6f8fc25ff80da1ddf59986e38466a214c8ee9d5195f9ec55e6252c38d4c3948624662383287a0ef1ada366b7bcd472384f706070663e9af2c0ce4dc2060ddd1950f31d948c94b3d7a70a802003bd488b75db27de88e1ccdd54c0f64e8c913438b269b6c06272404f674e01f57843157bdd5bf812528574d97d285bc97e3b007b601776492d234aa61b8ae4b7748a40061fce028cb112e06e94e7f30a7c170c746abf99dfd26d6bb6b00310fc4ca3d0e6e2e480898410a398aa5d9c9a77916ce6a9f686b039b7a4d8f7c5bb9e2627104a03d2e52e6df0e7ef6a609693e01bac2297bc70f8cb40c851e1fed9464922a76ebb9a31ecaef832eacbcd083f507d67b23d28805832ddb9cacbd4821842dcda4baf65a9d8e9b95367d9abc603b3416af805a34a3356196d88d7b4871d500b915fc64f97929b865640090782f4641ac097417de031d367a6c5c8aa33d82f7af4f373b33876328f461a9ff5a01578e60d343c6d6bf06709aac92b16687cfe17f83893e1d5b6bc8db0db6833fb6e82b359ec4f3f59ed484885a8e48d03b056cb9780f9496985c1b03ab5c58e610d46cab80e16212ddd979e15f35453c3ebf03fa71cd062b8864a1582c9006a4540e43411aed5c5b99cb864a4d36cd3749a298c871913932ee303f0d5aa831f775e1124e8d5b6519685df3607f03f9eb7d18d9f98a87922486646f3bcd6ac5b1324a836b80e7336ed4911f8088620c7333fc3a3b78bc588c5787d8ef4fa2be4345769fcb8f7082e5f63f8a8ca6e6810241491dd6ae449f56772ab42353c158d7f7c6b2faa343f0bb5543b755d0183b7e62eb0239772b0100000000000000060576c544f9640c5732a3bdd4481c999ff75727570e3bf1221f6f2e3fb704cddf3f4f5de8411e48e7a06f1ef915145619caa2ee1bb2d68edece2b095051cf7d133fd6420cd0a2283ba17b747d7ce07cf16818e91c35f6bd5cd3bae0dab4b5e8eca3efbba792173ea2523aed4c6a6b6f1b2d3fc1146b661fe4d13cb8230a7ca4f3a2f7cbc8c01fbf290bb8abc80102000001080000000000000000050200020502ce21040169000c30ab95b071aad047aa423b52c20400000002072000000003060407001d500000000000008100"/4962], 0x1358}, 0x4) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r6, 0xc0189372, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r4, {0xebf}}, './file0\x00'}) syz_io_uring_setup(0x3096, &(0x7f0000000240)={0x0, 0x743b, 0x4, 0x1, 0x289, 0x0, r8}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000440), &(0x7f0000000480)) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) [ 2266.218858] FAULT_INJECTION: forcing a failure. [ 2266.218858] name failslab, interval 1, probability 0, space 0, times 0 [ 2266.220827] CPU: 1 PID: 11637 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 2266.221953] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2266.223294] Call Trace: [ 2266.223749] dump_stack+0x107/0x167 [ 2266.224349] should_fail.cold+0x5/0xa [ 2266.224984] ? __io_queue_sqe+0x666/0x9d0 [ 2266.225680] should_failslab+0x5/0x20 [ 2266.226317] kmem_cache_alloc_trace+0x55/0x320 [ 2266.227090] __io_queue_sqe+0x666/0x9d0 [ 2266.227766] ? io_issue_sqe+0x7700/0x7700 [ 2266.228480] io_submit_sqes+0x4461/0x85c0 [ 2266.229206] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2266.230033] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2266.230834] ? lock_downgrade+0x6d0/0x6d0 [ 2266.231525] ? find_held_lock+0x2c/0x110 [ 2266.232209] ? io_submit_sqes+0x85c0/0x85c0 [ 2266.232939] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2266.233737] ? wait_for_completion_io+0x270/0x270 [ 2266.234530] ? rcu_read_lock_any_held+0x75/0xa0 [ 2266.235292] ? vfs_write+0x354/0xa70 [ 2266.235914] ? fput_many+0x2f/0x1a0 [ 2266.236512] ? ksys_write+0x1a9/0x260 [ 2266.237139] ? __ia32_sys_read+0xb0/0xb0 [ 2266.237816] do_syscall_64+0x33/0x40 [ 2266.238438] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2266.239274] RIP: 0033:0x7fe5a49a6b19 [ 2266.239903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2266.242869] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2266.244117] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 2266.245275] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2266.246438] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2266.247613] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2266.248774] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:15:07 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x6}, 0x8) 19:15:07 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c0000000f000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:15:07 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2000000, 0x0, 0x2}, 0x8) 19:15:07 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) syz_io_uring_setup(0x667d, &(0x7f0000000240)={0x0, 0xec2a, 0x20, 0x0, 0xbc, 0x0, r0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00007fe000/0x800000)=nil, &(0x7f00000001c0)=0x0, &(0x7f0000000440)) r7 = mmap$IORING_OFF_SQES(&(0x7f0000cf0000/0x1000)=nil, 0x1000, 0x2000003, 0x100010, r0, 0x10000000) r8 = signalfd4(r0, &(0x7f0000000480)={[0xffffffff7fffffff]}, 0x8, 0x80000) syz_io_uring_submit(r6, r7, &(0x7f0000000540)=@IORING_OP_CONNECT={0x10, 0x1, 0x0, r8, 0x80, &(0x7f00000004c0)=@pppol2tp={0x18, 0x1, {0x0, r4, {0x2, 0x4e21, @local}, 0x3, 0x0, 0x4, 0x2}}, 0x0, 0x0, 0x1}, 0x6) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r9 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r9, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r9, &(0x7f0000000180)='./file0\x00', 0x0) 19:15:07 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000020007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:15:07 executing program 3: r0 = syz_io_uring_setup(0x3233, &(0x7f0000000180)={0x0, 0x435f, 0x10, 0x1, 0x1ad}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) inotify_rm_watch(0xffffffffffffffff, 0x0) pwrite64(0xffffffffffffffff, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, 0xffffffffffffffff, 0x8000000) syz_io_uring_submit(r4, 0x0, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x400e, @fd, 0x2, 0x1ee, 0x5, 0x4}, 0x7) r5 = inotify_init1(0x0) r6 = inotify_add_watch(r5, &(0x7f0000000040)='.\x00', 0x2000003) r7 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(r5, r6) pwrite64(r7, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r7, r5, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, r7, 0x8000000) syz_io_uring_submit(r4, 0x0, &(0x7f0000000040)=@IORING_OP_READ_FIXED={0x4, 0x1, 0x4004, @fd=r7, 0x7, 0x3, 0x8, 0xb, 0x1}, 0x5) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:15:07 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x7}, 0x8) 19:15:07 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 90) 19:15:07 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x3000000, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:15:07 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00000060000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:15:07 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x3000000, 0x0, 0x2}, 0x8) 19:15:07 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x8}, 0x8) 19:15:07 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000002007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:15:07 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x4000000, 0x0, 0x2}, 0x8) 19:15:07 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r5 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x2, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa34, 0x7ff, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r6 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_mreq(r6, 0x29, 0x1b, &(0x7f0000000080)={@remote}, 0x14) r7 = syz_io_uring_setup(0x457f, &(0x7f00000000c0)={0x0, 0x58c9, 0x2, 0x3, 0x8b}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000002c0), &(0x7f0000000180)) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r9 = inotify_init1(0x0) inotify_add_watch(r9, &(0x7f0000000040)='.\x00', 0x2000003) io_uring_register$IORING_REGISTER_PERSONALITY(r7, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ASYNC_CANCEL={0xe, 0x4, 0x0, 0x0, 0x0, 0x23456, 0x0, 0x0, 0x1, {0x0, r8}}, 0x10001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r10 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x40082406, &(0x7f0000000240)='\x00\xa1\xc8i/\xac\x8c\xba6\xf1\x13\xbc.\xaf\x152/\\NqZ\aw\xef\xdcO-F\xd7\xe2W\xe6\xafT\x05Q\xe8\xe8\x98\xc2\x95\xe0n\xcad7C\xc7\xe5\xe7\x91\xf2\xbd6&\x8bE\x01&\xee6\x8d->\x96\xa3\x82|TvQ#04\x13\x1c\x12P@\x93l\xf7HD\xb50\xb3^\x85x\xc5') mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000000, 0x8010, r0, 0x8000000) fspick(r10, &(0x7f0000000180)='./file0\x00', 0x0) 19:15:07 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r6 = inotify_init1(0x0) r7 = inotify_add_watch(r6, &(0x7f0000000040)='.\x00', 0x2000003) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FALLOCATE={0x11, 0x59f5ee0a7c70a1ba, 0x0, @fd_index, 0x3, 0x0, 0x1, 0x0, 0x1, {0x0, r8}}, 0x8000) r9 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(r6, r7) pwrite64(r9, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r9, r6, 0x0) r10 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, r9, 0x8000000) syz_io_uring_submit(r10, 0x0, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x400e, @fd, 0x2, 0x1ee, 0x5, 0x4, 0x0, {0x0, r5}}, 0x7) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x4, 0x4000, @fd_index=0x5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x1}}, 0x9) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) [ 2266.772560] FAULT_INJECTION: forcing a failure. [ 2266.772560] name failslab, interval 1, probability 0, space 0, times 0 [ 2266.774373] CPU: 1 PID: 11675 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 2266.775371] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2266.776681] Call Trace: [ 2266.777210] dump_stack+0x107/0x167 [ 2266.777860] should_fail.cold+0x5/0xa [ 2266.778419] ? create_object.isra.0+0x3a/0xa20 [ 2266.779085] should_failslab+0x5/0x20 [ 2266.779653] kmem_cache_alloc+0x5b/0x310 [ 2266.780271] create_object.isra.0+0x3a/0xa20 [ 2266.780998] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2266.781733] kmem_cache_alloc_trace+0x151/0x320 [ 2266.782421] __io_queue_sqe+0x666/0x9d0 [ 2266.783016] ? io_issue_sqe+0x7700/0x7700 [ 2266.783653] io_submit_sqes+0x4461/0x85c0 [ 2266.784297] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2266.785025] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2266.785735] ? lock_downgrade+0x6d0/0x6d0 [ 2266.786338] ? find_held_lock+0x2c/0x110 [ 2266.786942] ? io_submit_sqes+0x85c0/0x85c0 [ 2266.787599] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2266.788312] ? wait_for_completion_io+0x270/0x270 [ 2266.789014] ? rcu_read_lock_any_held+0x75/0xa0 [ 2266.789694] ? vfs_write+0x354/0xa70 [ 2266.790239] ? fput_many+0x2f/0x1a0 [ 2266.790780] ? ksys_write+0x1a9/0x260 [ 2266.791335] ? __ia32_sys_read+0xb0/0xb0 [ 2266.791951] do_syscall_64+0x33/0x40 [ 2266.792498] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2266.793245] RIP: 0033:0x7fe5a49a6b19 [ 2266.793786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2266.796453] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2266.797568] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 2266.798600] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2266.799638] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2266.800667] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2266.801720] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:15:07 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00000081000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:15:07 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x9}, 0x8) 19:15:08 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x5000000, 0x0, 0x2}, 0x8) 19:15:08 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000006007ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:15:08 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210cffffff9e000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:15:08 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x1, 0x2}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = syz_io_uring_setup(0x457f, &(0x7f00000000c0)={0x0, 0x58c9, 0x2, 0x3, 0x8b}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000002c0), &(0x7f0000000180)) io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r3, @ANYBLOB="00ea5dc06b000000002e09138644653035c97283cc8548bc5d7d0ce15ba581584c53d3b832e6fd9560d50bc7c8a48bd619814a01707599bc1373913ada9ffd4055921e98c16350166964"]) io_uring_register$IORING_REGISTER_FILES(r4, 0x2, &(0x7f0000000240)=[r5], 0x1) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040), 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NBD_CMD_RECONFIGURE(r7, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x440000}, 0xc, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="5c040900", @ANYRES16=0x0, @ANYBLOB="02002dbd7000fcdbdf25030000000c00020000000000000000000c00020081000000000000000c00060001000000000000000c00060001000000000000000c0004000a070000000000000c0002000200000000cf3a9be6db5a521f71ea000000"], 0x5c}, 0x1, 0x0, 0x0, 0x10}, 0x4080) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r4, 0xa, 0x0, r8) r9 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r9, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r9, &(0x7f0000000180)='./file0\x00', 0x0) 19:15:08 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0xa}, 0x8) 19:15:22 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 91) 19:15:22 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000001c0)={0x0, 0x2, 0x0, 0x8000000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x20, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_bp={&(0x7f0000000040), 0xa}, 0xa30, 0x0, 0x5, 0x6, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r6 = inotify_init1(0x0) r7 = inotify_add_watch(r6, &(0x7f0000000040)='.\x00', 0x2000003) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FALLOCATE={0x11, 0x59f5ee0a7c70a1ba, 0x0, @fd_index, 0x3, 0x0, 0x1, 0x0, 0x1, {0x0, r8}}, 0x8000) r9 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(r6, r7) pwrite64(r9, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r9, r6, 0x0) r10 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, r9, 0x8000000) syz_io_uring_submit(r10, 0x0, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x400e, @fd, 0x2, 0x1ee, 0x5, 0x4, 0x0, {0x0, r5}}, 0x7) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_NOP={0x0, 0x3}, 0x10000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:15:22 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x6000000, 0x0, 0x2}, 0x8) 19:15:22 executing program 7: r0 = syz_io_uring_setup(0x4d4b, &(0x7f00000002c0)={0x0, 0x0, 0x10, 0x0, 0x20000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:15:22 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x20000000, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:15:22 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0xb}, 0x8) 19:15:22 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00007fc2000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:15:22 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000067ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:15:22 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c000001db000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) [ 2281.278813] FAULT_INJECTION: forcing a failure. [ 2281.278813] name failslab, interval 1, probability 0, space 0, times 0 [ 2281.280134] CPU: 0 PID: 11735 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 2281.280764] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2281.281429] Call Trace: [ 2281.281655] dump_stack+0x107/0x167 [ 2281.281959] should_fail.cold+0x5/0xa [ 2281.282273] ? __io_queue_sqe+0x666/0x9d0 [ 2281.282620] should_failslab+0x5/0x20 [ 2281.282941] kmem_cache_alloc_trace+0x55/0x320 [ 2281.283323] __io_queue_sqe+0x666/0x9d0 [ 2281.283665] ? io_issue_sqe+0x7700/0x7700 [ 2281.284024] io_submit_sqes+0x4461/0x85c0 [ 2281.284379] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2281.284792] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2281.285192] ? io_submit_sqes+0x85c0/0x85c0 [ 2281.285555] ? recalibrate_cpu_khz+0x10/0x10 [ 2281.285913] ? ktime_get+0x158/0x1f0 [ 2281.286225] ? setup_APIC_eilvt+0x2f0/0x2f0 [ 2281.286583] ? clockevents_program_event+0x131/0x360 [ 2281.287007] ? tick_program_event+0xa8/0x140 [ 2281.287380] ? hrtimer_interrupt+0x771/0x9b0 [ 2281.287766] do_syscall_64+0x33/0x40 [ 2281.288072] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2281.288498] RIP: 0033:0x7fe5a49a6b19 [ 2281.288807] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2281.290274] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2281.290891] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 2281.291478] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2281.292057] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2281.292642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2281.293228] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:15:22 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x7000000, 0x0, 0x2}, 0x8) 19:15:22 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0xc}, 0x8) 19:15:22 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000207ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:15:22 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x5, 0x0, r3, 0x0, &(0x7f00000006c0)="0c2ab19e2f0a1bde5bbb95738abf170df5cdcdcd89e8c39efab73dc5c77fda20df637d57d364685720bfaf6fd9c11988650c3d001c8c3b1d15ea4a0db3b94d81af4cf03aa4a37df628e7228428cc71700f014a7bbf69e0419ecc1e41839a74b5ce41ade8d62f7f63cfe362b7041d35b448b1dd7e73fe190821f8f1b78cc82bea5240e9ebb81701ded05dbede31b4230a2ffe648256185c050d589a42c6ff9419c5e80230f85b954dab351759890efecde4ec28cc2937981ddfe69bf2bde32fc266d39e6486b2827c95bd13d6f749aa59d04a25cf9e0bc2e7ab353fd6a47b5eed41c3ce0855c92dcf7c01f5f86c1cbb47867b231a04879de7487415c9de2638e1487d94811365c63baf0f81ed7f8ce21f8ce4dac405a08a616a0a1a690906a60d974ee9015874a9d325d7d50ea6d66e9dde7062eabeb7597e67d9ba4bc61715c09581e932771c805a4b02d1f0b7b6c4feb6a908a2f83618a53ba5f677bcd57f780b158e02ea2c7b390e91796341594df686e77a68d68e37f391ea1d09f73d70a7d6dc4e5cca061497b71d0cacccf46743df8bd7c196380f0cff09e5ac2d9de76b122a9bd4c2c0e6c2a5aa7848419a48e2fb9ac2737f1ac6019a922862a2210dd81200c07f2c927b3ba9fdb42b3d09b393d1683fbcf6bc5e6dadad2f8262b8b9de2c7bf880485dd5c210fe72348eaf2a3ed06421aea440b9fe5e3d4c0ff294add6f872c6eb36aa0670342615094aa4ac639e40b92d10482274ff94e4df4e2bdb1a360209a781be12dddf68a7650e6124ef68e7fe25be0da3fd59954f628043183c4580f59b8b136bdd0874a483dd54493379086d226bbc05021674b47ac76a14d029684738ad13147361d0188036d4e37545d8e218ebaecb75f04c5641e31b7a2c5a043f4dcc3ee558b34059f6ca10c6d5b313dc6ae805242981012bbf661a761790cfc57b64132e38f4218e0d799e0ef76d5da65a3da301858ec4ecfbe2b5501724a98298a2fe7d96e4fc492c7fd8d5558af07e337d459b9c339ab541f368f305d4bb54f8d3f89a2fcb6b8c603686c2e8dd90fe4f98a462e31bab41393422c8ef26d3951a0a398d64347597d61ef06292c2203ff023cfc7e557d018d3ec796612363ca53fe092c5b832126adc28f884ac655bd1a8b244a5be121e3f4ce16c4f66b237f054efebdc20ff4e8ebb7f3c8a9fb8689afa2328fab3511d3e83aa163591b10e8a818732f8b51298613407a98aa1b4042d4cd837757f7e7b3a2287dde27ac42eda3b8c9481f04dc55afc1851b8589cbceefe0526bd4d316d8c1f0ee0d15c569c46548669606f2c53f2e2762a182cc09971beb17cb96addea994be3f916190cfb609087b8dc101608272d552facd6fe9f115826daf20e800106416aef7fab32d84d493a92dc52ba404781355bacd390ac7ceb31e3049a39b118b9fe1df1d5137864c0107f67078d93f382d37c05c489e8461434d03b28f75cd83af82bc8759382a06b839e0a71e20bfb56dc9f0d387b76f99bfc3f0072666194cc94e2d6b0285ddc1a058807b6bc8553cdfb0bab1fcbd4e69494a8ea3b5d4c5d80502c1282117e54d1a429992fda672788275679d4d26a3c9acaaaa7f749f677af5fe3c4c0a4beabae0aeb1554e826e14884abcc4a62c35498483092da869c28db40308efed8925779117103c5c2d6f1697457144a64c4bfb2108c6b76e3e0ceb94d8bfb419508d11ed1c6f01b3bf56bcf1fc66f5cf2ef134c3f522ecc5c6d490a49cf5b06da3eeddd970c32a54edaf8d15130c432bf0e43354f5fbb5e54e600ae9bac723da25627e1fe601cf8bcc7be92570c155e32b9d2a2641105f5cc7a8fd5372393296d0c81e913b166202440895712cd81536511b61eb01e3b3e0c974defbfd0a5e2f3cf6ecd94976eccdef2c2ca5356cab34126ac75bf676b2261fdbf87f0c4fad1f260eef0ce220d1eb0f5237c70b2bfd5a3516f77a06c0ef000f33a13028e69b01077aa1c2d8f62d90ab4d2a0a7e48f291c76665ef3b0aa28732772c2b5d3127e8252174384255091291457a717cbd04667738c7aa10c2455e3005a9b7faae9c558ef4647e408417d0f4514d662d72daf46c255aa5647456f967517f2ad0140338bcc2aa0e0c0437b92b769625b0128f8c2c93cf203555a6412dafa07b2238c1bcf0662c99fafcfe8b246c876d9b4d833d61414d95db8caf9e35612a18c6e26215a934a5a5b40221cfdf3a7e405e3fa92c87e65a8c405c0e6212b81f3479279b32cb35bf0b08d71f57e5418834a6ca3368e6fbaa0b19932a87df7abc0e8442cde2ca6e7bcf4266ff9b5547f9304f58884ba397522c1094b047b892f1ba73927525743bcf215abddf0fcfb4917b30fc7e4260a13a65c2d02c93b9e8166837e95b786f8906be6fa6766aec6f56dcd60f2dd5369e6aceb6f60aedd8694a8d4294ee2c5bb4530a33b3cfebc0a8982f2f87ebc2f948910f18c008b7487f474ba2797d16df17060956b9c2e9578be9b9e794ca2f6df6573d0739bc918ba92aa93ea00008a1a424e63071b1c3b04446e5fc66df1df8eb873560a26b3c881ff1601d4f66e3ba733e6a04ed305ef4e253267fbca19116edf89ad890d7f8947fdf0b460ead5d0b65bfdb5f7aa0fc11afcd3230cc439c26fe9aa506cecc6dc7e02b42fbda9468db650b900cd91ee6f3b8903ccfda35e97ff484bcef91b3b73452ab7b7981ff5913c2388d42729704504e042e8298d8d640e626d1050e9e98749ea09e859f1bab395d7a73ecbf9e1bbfd69d4bd4e32d6de336d4fd3511dc8646d4ee531c831e53d4159b5cff88d11a30003055a93fef1333432e59cb22b3cf1f61e8b115ba98f33d9b1b6a054650a3f46289c584950b447d44f64113f940f56073a736eb0f8cef50e22ea982104c4de7061a975633068741795e45a885cfe1d96a0c318498bc6e025d69d7b988835f8dd5762ed2e833c3091528a2ee5bd6a7b0741d234a82f55e53b0ec04af0059f36f3aa59f2dc58ad9e0da85f520f5cbde9bb21aff7b027943f2539885a1f549e0ca5f5db6807f0805ba18fae72cac6754482dd1671f31ffdf2e259a38cf116192f1b2a2f9bb12ae874f6e4e88d940e4b9bc7f728d462dcb940c0ff12fa8246683da0cc35758c8f802a6e358840707377d867bd5218e92c5e7dc6f06275434bd21de40052dbba4dec1fb2641abf1afd099ad31bab3f82e65635ef2648907aa227373b0ed19bd83fcf9946800de4a21ea0a9c0adab1aed01d7acd740365e78a642d64b7508d3618e4b37dcba0e59f9cfe24b721835d3c345f523b947391f96861809a61892bc9605bb5a6a36c8297c24fcbced51118985fff12da1f2e7f6ca1452e239a2df4c804b26354bafdf33e6ba1d5ac89d3d43f3dde3c7e05b0c666d2b97c12e29817564a10723f7988f9280d21d200cbbf6af5e762c288e882ffc46d0b6c36ab545123c0c306bd16c062d99709f612d0bde908586fb9ecff399df37a4d066989b1b34999b9f28296a4f7fe64822e74054fbf21ed21c367b283556d25fe2b3626b8a50bb48c45dc511be5c917fbe18489bb7ebfbafde28433b3842e88a420d7b1504d4cc104a64975c37997a632a712244f62b8d92f36471eebfd8de83d99e12956af94cc4df0b1a2713877c410aaf2430a6d00547cb8d91918907e70b73e34e7873c9d1b5792a569fe4eb4bd2780f273229ee652538950c20d61d8e866343e589aa5bda3947c57d0503278ada6a5a1dad1190454f40345835480038aa988ebc7112a1745b52fa5dc5b595c36c492d61f142ca002b812df99414281bb6cafb776fa925339aa6be7a18b615bab14bbd043de9ed4291f26c7a92b6f73339a6920b86febae8332409472f46a83cf48d8b884792cb5c2edbc461b1c56ed38555c7dc1bbd03e39f2dbec62a9a001d47a4659078dc7d6fb83aa6b7699eaf72abaed94278376915e423d50c2bc8cd5134260905a3ea67b185510a64aa57b9e0e3a1cb3e58b982ba0dbd619afa2e2f4c555c415c65ad5425ab41a5fb7c9d57d24f5eeeb0770c611df2677ef1ac50a304f0a646fef9b7f6af28ea68509f305e8e730ab41df9cd022d35bf7f151905793b2f2f24f190a4975cb2e61f06b3647bcdccb0b5cf2581731e91871def668f42cf1af60ba6f144d6e76a7f0c4296e44c1bdb75ef46f4aed8cfbc86eb63c2be904c1873b84d89f92e2524c847b0620f802a0d93855fe48a693868c73d1b59c69cb151936f2f49caf298ccfa05645496b3d4d4b6bbb409bdf76c6451d35df1444541f1a56183d3cb1b790fc7bc47f627e0d0d30b0e1ad58b198a9f240c13bd973720110cdce52008bcef1182f3c8a60b0071219abea420d8840350ad7a75b3293e0102cae21f3a4bd855d7433989cf50008e2f08bfade6b5699ce90907b7bad82ed79167a78a68620710fc1aaaba2aef392e47fe215b03ce8306f98d82c58738abc2b9e42df814245b952199306dd4f2e3fd15ce42b95c8af15b3cbe0147193be0bdd87cd5e676f687bbea1e19ae786d764d42fd458319ba168b6094d5ab27822f1f94eb9d2270e214fe0851920c39df4d17b05c5841f7e4d3686cea454db389995a9467b1337174cfb9799d1f736459fe4749df50e142eb3e4deac758ca1ae959201e0217adf6d3be22ee914b67721960fb0cec1dd02cf8feb620cd41d5fd0be1911c900f4c04c3cdaa7c0c9e9fc9b5ca71c7a31762e4dbf1ef141aca230f4f47f5ffac230636eb35b2de150f2c3a22fdc457caa7fedd3e2e778396096324d06d48329499388a642422d790c070566a4bda856aa91fc1d178eb34d127d582f8416e545003c5466a7f095704f12d1c41188e64842385b296df685283342a9c043f3859572aa767b0af9c9ce2b97de4710e2f1cc62c4df2d71379226810c5ff1c7267f389fc3f3a0f6a3f75c9e474dc8610a229480996f0721049be8866ac11b21a7d47d54de8e58f41864f8cf0f8b12f56650b4937d6b4e5926041968c8502a629193d5585412618d3a9ccf60aefaf670535950d480b5ccfa27aa8d9f50d260366786fc43aa6c95a1d237e677ea3e47e35ee25a2f0f3d66efc3571b928f76566661b0536d3612dd673bdea1a7f1ebac3241babbb612cc32d589903b17301718063ee69b84d7ac9f8b83e3e3fddff8a05a1405341af6ec3a3eec446e4a37e088e8a5ce66250ca277ec18a6e2899cee1826a630913f5239eca6ed0b6d27aa5575a431b5947a35dd08aecb7ac8b0d047b9c926e411804115cd14d99a6a39a745613489f97c35194aff9e80f94cd233ab5394ab96515e4ff0dbe1663ccf88e6cad8749c98756411dbb4b0731e3eef53b9ff5b02f4b898fa973d7ea7e4550d30a3392ec2ee1e12fadcc3ba07c7e5a4505f379f36b1683d89ffc3ca3333da2a23171de8699213230b8ee70ceabcb3ae62eec731a16d4c706318b9dc38a0ec3b4312d7ed9ca56d6d56268a52775d3902d8c5063aeb0fb5517154c6c235d8543e59a0814e3421dc26958ff8250462b4f19e51ad17c70db87897973c8aed80c8015db0b6c96bed1628db332904d6ad0e5836d34d2ff5100fec434a6196ed6a4384ca91d28776a102c1a2c0fd37c4ce5c6feb5c7541e9ae50045819bfe026f4eb6ee31d4e8e4c502da518e7581f3252a6714f0dea2edce0a40e3126628e41de0bca2a533f6a79e0a68da2b6a8cc76d68bd25aaaec616ae4eaadcf3b49bb459b41719913fde2e09867531f75a22738760feceb77c41c208f50e2e2284e0b5c3e58f1f452165e0e7f413c212af667b19fc22", 0x1000, 0x10042}, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, 0xffffffffffffffff, 0x8000000) syz_io_uring_submit(r4, 0x0, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x400e, @fd, 0x2, 0x1ee, 0x5, 0x4}, 0x7) r5 = inotify_init1(0x0) r6 = inotify_add_watch(r5, &(0x7f0000000040)='.\x00', 0x2000003) r7 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(r5, r6) pwrite64(r7, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r7, r5, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, r7, 0x8000000) r8 = socket(0x8, 0x5, 0x7) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_CONNECT={0x10, 0x2, 0x0, r7, 0x80, &(0x7f0000000040)=@pppol2tpv3in6={0x18, 0x1, {0x0, r8, 0x4, 0x2, 0x2, 0x4, {0xa, 0x4e23, 0x7f, @private1, 0x8}}}, 0x0, 0x0, 0x1}, 0x1) r9 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r9, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:15:22 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210cfffffff0000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:15:22 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x8000000, 0x0, 0x2}, 0x8) 19:15:22 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff}) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r2, 0x8982, &(0x7f00000001c0)={0x8, 'nr0\x00', {'syz_tun\x00'}, 0xd5}) syz_io_uring_submit(r3, r1, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r4 = inotify_add_watch(0xffffffffffffffff, &(0x7f0000000040)='.\x00', 0x2000003) r5 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(0xffffffffffffffff, r4) ioctl$FIBMAP(r0, 0x1, &(0x7f0000000000)=0x2bce) pwrite64(r5, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r5, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, r5, 0x8000000) perf_event_open(&(0x7f0000000440)={0x1, 0x80, 0x81, 0xb5, 0x80, 0x3, 0x0, 0x100000000, 0x10060, 0x4, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2, 0x0, @perf_bp={&(0x7f0000000240), 0x6}, 0x4001, 0x9, 0x101, 0x6, 0x9, 0x2, 0x5, 0x0, 0x8, 0x0, 0x80000000}, 0x0, 0x4, r5, 0x3) writev(r2, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:15:35 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 92) 19:15:35 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x100000e, 0x1010, r0, 0x10000000) syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x5, 0x0, 0x5}, 0x4) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:15:35 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff}) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r1, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r2, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) fchmodat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x1) r4 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(0xffffffffffffffff, 0x0) pwrite64(r4, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r4, 0xffffffffffffffff, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x400e, @fd, 0x2, 0x1ee, 0x5, 0x4}, 0x7) r6 = accept4$bt_l2cap(0xffffffffffffffff, &(0x7f00000001c0)={0x1f, 0x0, @none}, 0xfffffffffffffffc, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x1, 0x0, r6, 0x0, &(0x7f0000000440)="e559cf48ac5dd90d20569371e819bb1e673f7e8963b0a612eb339c97177c49d60c2d1725eef0fafaf15f55261b1c02bb67f9770e178bbe737b70c00521738021e2a276003defebb0efe640c7bcb14aeb51362078ae5700ea3ab9bca305ff128b8c2a6010293ed79b7cf40146c1e68ca1a3cc0a89f95014282e9b7c2542a3f207ce15ea6396e52ef1f5c22006e5e111211b0d95dab7d74ea0b1474bdf6e977d9bdeeb2e401fccce9a9ab4b27ce68ffdab45b41d8fe4b1de0ad931191b010da6d88b5d8a3a9756c04f4f03a65d96f9182fbf", 0xd1, 0x101, 0x1}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r7 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r7, &(0x7f0000000180)='./file0\x00', 0x0) 19:15:35 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210cfffffffc000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:15:35 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000027ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:15:35 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x9000000, 0x0, 0x2}, 0x8) 19:15:35 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x3, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:15:35 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0xd}, 0x8) [ 2295.045208] FAULT_INJECTION: forcing a failure. [ 2295.045208] name failslab, interval 1, probability 0, space 0, times 0 [ 2295.046070] CPU: 1 PID: 11792 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 2295.046575] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2295.047179] Call Trace: [ 2295.047383] dump_stack+0x107/0x167 [ 2295.047654] should_fail.cold+0x5/0xa [ 2295.047949] ? create_object.isra.0+0x3a/0xa20 [ 2295.048333] should_failslab+0x5/0x20 [ 2295.048658] kmem_cache_alloc+0x5b/0x310 [ 2295.048979] create_object.isra.0+0x3a/0xa20 [ 2295.049312] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2295.049731] kmem_cache_alloc_trace+0x151/0x320 [ 2295.050092] __io_queue_sqe+0x666/0x9d0 [ 2295.050427] ? io_issue_sqe+0x7700/0x7700 [ 2295.050754] io_submit_sqes+0x4461/0x85c0 [ 2295.051090] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2295.051464] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2295.051842] ? lock_downgrade+0x6d0/0x6d0 [ 2295.052185] ? find_held_lock+0x2c/0x110 [ 2295.052519] ? io_submit_sqes+0x85c0/0x85c0 [ 2295.052858] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2295.053222] ? wait_for_completion_io+0x270/0x270 [ 2295.053590] ? rcu_read_lock_any_held+0x75/0xa0 [ 2295.053938] ? vfs_write+0x354/0xa70 [ 2295.054217] ? fput_many+0x2f/0x1a0 [ 2295.054514] ? ksys_write+0x1a9/0x260 [ 2295.054799] ? __ia32_sys_read+0xb0/0xb0 [ 2295.055119] do_syscall_64+0x33/0x40 [ 2295.055406] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2295.055829] RIP: 0033:0x7fe5a49a6b19 [ 2295.056135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2295.057485] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2295.058047] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 2295.058640] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2295.059174] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2295.059695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2295.060225] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:15:36 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0xe}, 0x8) 19:15:36 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00f0ffff000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:15:36 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0xa000000, 0x0, 0x2}, 0x8) 19:15:36 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000067ff0b787000000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:15:36 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0xf}, 0x8) 19:15:36 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c7fffffff000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:15:36 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0xb000000, 0x0, 0x2}, 0x8) 19:15:36 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3, 0x10, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r6 = signalfd(0xffffffffffffffff, &(0x7f00000001c0)={[0x9]}, 0x8) fsmount(r6, 0x0, 0xf0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x9, 0x810, r0, 0x0) r7 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r7, &(0x7f0000000180)='./file0\x00', 0x0) 19:15:52 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 93) 19:15:52 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x300, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:15:52 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x10}, 0x8) 19:15:52 executing program 7: r0 = syz_io_uring_setup(0xb60, &(0x7f00000002c0)={0x0, 0x3127, 0x0, 0x1000, 0xffffffff}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff}) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FALLOCATE={0x11, 0x59f5ee0a7c70a1ba, 0x0, @fd=r0, 0x3, 0x0, 0x1, 0x0, 0x1}, 0x8000) r4 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(0xffffffffffffffff, 0x0) pwrite64(r4, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r4, 0xffffffffffffffff, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x400e, @fd, 0x2, 0x1ee, 0x5, 0x4}, 0x7) syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_NOP={0x0, 0x3}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_TIMEOUT={0xb, 0x2, 0x0, 0x0, 0xa, &(0x7f0000000480)}, 0x0) r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r7 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r7, &(0x7f0000000180)='./file0\x00', 0x0) 19:15:52 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b787020000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:15:52 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c9effffff000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:15:52 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) syz_io_uring_setup(0x2df2, &(0x7f0000000040)={0x0, 0xdcf8, 0x12, 0x1, 0x133, 0x0, r0}, &(0x7f0000fed000/0x13000)=nil, &(0x7f0000ff6000/0x1000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000180)) r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x100000d, 0x20010, r0, 0x10000000) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000240)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f00000001c0)={0x4}, r3, 0x1, 0x0, 0x1, {0x0, r7}}, 0x8) r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:15:52 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0xc000000, 0x0, 0x2}, 0x8) 19:15:52 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210cf0ffffff000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:15:52 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b787060000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') [ 2311.678197] FAULT_INJECTION: forcing a failure. [ 2311.678197] name failslab, interval 1, probability 0, space 0, times 0 [ 2311.680506] CPU: 0 PID: 11844 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 2311.681636] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2311.682844] Call Trace: [ 2311.683238] dump_stack+0x107/0x167 [ 2311.683786] should_fail.cold+0x5/0xa [ 2311.684365] ? __io_queue_sqe+0x666/0x9d0 [ 2311.684984] should_failslab+0x5/0x20 [ 2311.685562] kmem_cache_alloc_trace+0x55/0x320 [ 2311.686246] __io_queue_sqe+0x666/0x9d0 [ 2311.686847] ? io_issue_sqe+0x7700/0x7700 [ 2311.687495] io_submit_sqes+0x4461/0x85c0 [ 2311.688149] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2311.688892] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2311.689617] ? lock_downgrade+0x6d0/0x6d0 [ 2311.690229] ? find_held_lock+0x2c/0x110 [ 2311.690852] ? io_submit_sqes+0x85c0/0x85c0 [ 2311.691499] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2311.692233] ? wait_for_completion_io+0x270/0x270 [ 2311.692965] ? rcu_read_lock_any_held+0x75/0xa0 [ 2311.693820] ? vfs_write+0x354/0xa70 [ 2311.694506] ? fput_many+0x2f/0x1a0 [ 2311.695081] ? ksys_write+0x1a9/0x260 [ 2311.695659] ? __ia32_sys_read+0xb0/0xb0 [ 2311.696300] do_syscall_64+0x33/0x40 [ 2311.696866] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2311.697635] RIP: 0033:0x7fe5a49a6b19 [ 2311.698191] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2311.700914] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2311.702051] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 2311.703107] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2311.704179] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2311.705238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2311.706299] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:15:52 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0xd000000, 0x0, 0x2}, 0x8) 19:15:52 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x11}, 0x8) 19:16:08 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210cfcffffff000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:16:08 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r5 = creat(&(0x7f0000000040)='./file0\x00', 0x190) mmap$perf(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0xc, 0x110, r5, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:16:08 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x12}, 0x8) 19:16:08 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 94) 19:16:08 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0xe000000, 0x0, 0x2}, 0x8) 19:16:08 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b787000600000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:16:08 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) r6 = inotify_init1(0x0) r7 = inotify_add_watch(r6, &(0x7f0000000040)='.\x00', 0x2000003) r8 = creat(&(0x7f0000000040)='./file0\x00', 0x41) inotify_rm_watch(r6, r7) pwrite64(r8, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r8, r6, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, r8, 0x8000000) perf_event_open(&(0x7f0000000240)={0x5, 0x80, 0x2, 0x3, 0x1, 0x8, 0x0, 0xe71, 0x480, 0xc, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x2, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x9, 0x2, @perf_config_ext={0x5, 0x7ff}, 0x1000, 0x0, 0x8, 0x7, 0x7fff, 0x9, 0xe17d, 0x0, 0x101}, 0xffffffffffffffff, 0xc, r8, 0x368438a47b36d99f) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r9 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r9, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r9, &(0x7f0000000180)='./file0\x00', 0x0) 19:16:08 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x2000, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) [ 2327.402328] FAULT_INJECTION: forcing a failure. [ 2327.402328] name failslab, interval 1, probability 0, space 0, times 0 [ 2327.404063] CPU: 1 PID: 11878 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 2327.405098] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2327.406340] Call Trace: [ 2327.406745] dump_stack+0x107/0x167 [ 2327.407301] should_fail.cold+0x5/0xa [ 2327.407899] ? create_object.isra.0+0x3a/0xa20 [ 2327.408623] should_failslab+0x5/0x20 [ 2327.409214] kmem_cache_alloc+0x5b/0x310 [ 2327.409862] create_object.isra.0+0x3a/0xa20 [ 2327.410549] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2327.411344] kmem_cache_alloc_trace+0x151/0x320 [ 2327.412084] __io_queue_sqe+0x666/0x9d0 [ 2327.412732] ? io_issue_sqe+0x7700/0x7700 [ 2327.413403] io_submit_sqes+0x4461/0x85c0 [ 2327.414086] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2327.414856] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2327.415625] ? lock_downgrade+0x6d0/0x6d0 [ 2327.416278] ? find_held_lock+0x2c/0x110 [ 2327.416912] ? io_submit_sqes+0x85c0/0x85c0 [ 2327.417604] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2327.418365] ? wait_for_completion_io+0x270/0x270 [ 2327.419113] ? rcu_read_lock_any_held+0x75/0xa0 [ 2327.419838] ? vfs_write+0x354/0xa70 [ 2327.420429] ? fput_many+0x2f/0x1a0 [ 2327.421005] ? ksys_write+0x1a9/0x260 [ 2327.421603] ? __ia32_sys_read+0xb0/0xb0 [ 2327.422244] do_syscall_64+0x33/0x40 [ 2327.422833] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2327.423632] RIP: 0033:0x7fe5a49a6b19 [ 2327.424224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2327.427066] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2327.428256] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 2327.429354] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2327.430460] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2327.431562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2327.432688] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:16:08 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x13}, 0x8) 19:16:08 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00000000000008000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:16:08 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x800000, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:16:23 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0xf000000, 0x0, 0x2}, 0x8) 19:16:23 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000340)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=0xffffffffffffffff, @ANYBLOB="00021c00000000002e2f66696c653000f1baf43e9201d222b8cb388f1a93ad5d465cc455089e356a6722cf27a0f6afcba76ac4f45c4ccf4a749a0cf70303f197c63e99a642986a479a2b1abccbc296f4b97096d8cc970fe10ba73522340b032b01acb87ce8aa14c682bfab446dcc6a8b472bf3610eed0de055e1e0bc31ef8a333b45c5a5396afbf444485eb113"]) mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1000000, 0x80010, r5, 0x10000000) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:16:23 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') syz_io_uring_submit(0x0, r2, &(0x7f0000000240)=@IORING_OP_TIMEOUT={0xb, 0x2, 0x0, 0x0, 0x2, &(0x7f00000001c0)={0x0, 0x989680}, 0x1, 0x1}, 0x2) fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:16:23 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 95) 19:16:23 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210cfffffffffffff0000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:16:23 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x14}, 0x8) 19:16:23 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x1000000, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:16:23 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b787002000000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') [ 2342.691988] FAULT_INJECTION: forcing a failure. [ 2342.691988] name failslab, interval 1, probability 0, space 0, times 0 [ 2342.693686] CPU: 1 PID: 11917 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 2342.694673] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2342.695858] Call Trace: [ 2342.696250] dump_stack+0x107/0x167 [ 2342.696790] should_fail.cold+0x5/0xa [ 2342.697338] ? __io_queue_sqe+0x666/0x9d0 [ 2342.697934] should_failslab+0x5/0x20 [ 2342.698492] kmem_cache_alloc_trace+0x55/0x320 [ 2342.699154] __io_queue_sqe+0x666/0x9d0 [ 2342.699731] ? io_issue_sqe+0x7700/0x7700 [ 2342.700375] io_submit_sqes+0x4461/0x85c0 [ 2342.701003] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2342.701723] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2342.702420] ? lock_downgrade+0x6d0/0x6d0 [ 2342.703014] ? find_held_lock+0x2c/0x110 [ 2342.703611] ? io_submit_sqes+0x85c0/0x85c0 [ 2342.704468] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2342.705315] ? wait_for_completion_io+0x270/0x270 [ 2342.706268] ? rcu_read_lock_any_held+0x75/0xa0 [ 2342.707008] ? vfs_write+0x354/0xa70 [ 2342.707550] ? fput_many+0x2f/0x1a0 [ 2342.708060] ? ksys_write+0x1a9/0x260 [ 2342.708610] ? __ia32_sys_read+0xb0/0xb0 [ 2342.709195] do_syscall_64+0x33/0x40 [ 2342.709738] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2342.710462] RIP: 0033:0x7fe5a49a6b19 [ 2342.710997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2342.713609] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2342.714687] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 2342.715687] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2342.716691] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2342.717694] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2342.718700] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:16:23 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x15}, 0x8) 19:16:23 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x10000000, 0x0, 0x2}, 0x8) 19:16:23 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00000000000000010200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:16:23 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000480)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) sendmsg$NL80211_CMD_DEL_MPATH(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)=ANY=[@ANYBLOB="97000000", @ANYRES16=0x0, @ANYBLOB="00012abd7000fcdbdf25180000000c00990008000000760000000a001a00ffffffffffff00000a001a0008021100000000000a001a0008021100000100000a001a0008021100000100000a001a0008021100000000000a001a00ffffffffffff00000a00060008021100000000000a000600ffffffffffff0000"], 0x80}, 0x1, 0x0, 0x0, 0x48000}, 0x20004081) syz_io_uring_submit(r5, r2, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x2, 0x4007, @fd_index=0x8, 0xe1, 0x80000000, 0x7f, 0x4, 0x0, {0x1}}, 0x23f) r6 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(0xffffffffffffffff, 0x0) pwrite64(r6, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) r7 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x80010, r6, 0x8000000) syz_io_uring_submit(r7, 0x0, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x400e, @fd, 0x2, 0x1ee, 0x5, 0x4}, 0x7) ioctl$sock_netdev_private(0xffffffffffffffff, 0x89fb, &(0x7f0000000240)="82c493fd9f45feacda0ef2afd41a99bb259188a5f7c4db32c53a1bae57e103f42f346503ba9547e458a66c8fc9cb17") mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r8 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r8, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r8, &(0x7f0000000180)='./file0\x00', 0x0) 19:16:23 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x3000000, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:16:23 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b787000020000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:16:38 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00000000000000020200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:16:38 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x11000000, 0x0, 0x2}, 0x8) 19:16:38 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FALLOCATE={0x11, 0x59f5ee0a7c70a1ba, 0x0, @fd_index, 0x3, 0x0, 0x1, 0x0, 0x1, {0x0, r4}}, 0x8000) r5 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(0xffffffffffffffff, 0x0) pwrite64(r5, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r5, 0xffffffffffffffff, 0x0) r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, r5, 0x8000000) syz_io_uring_submit(r6, 0x0, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x400e, @fd, 0x2, 0x1ee, 0x5, 0x4}, 0x7) syz_io_uring_setup(0x2240, &(0x7f0000000040)={0x0, 0xe995, 0x0, 0x3, 0x306, 0x0, r0}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000000180), &(0x7f00000001c0)=0x0) r8 = syz_mount_image$nfs4(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x7fffffff, 0x5, &(0x7f0000000580)=[{&(0x7f0000000340)="68b4a731957bcd5c69f4ee395ecd64726a52631a2de7a2a24f973303456ddb7c04f12bef2b04a5122064f648801c4304119897bffefaf07aa1388c29e5d81dbc3f2a5345a957c2053ab562676343209d6f2095d0e9e2f849099bea9352ab492e1d57c0069d32b6aad0d45ab065", 0x6d, 0x80}, {&(0x7f00000003c0)="76d03b85e7b5b8502dc0f26224e676ac8a2e1ff7ba9af5434e41ac6701f2301b733ebd793d8c8728b3e67ca13c3115b97b8fe1372aeac63cf80f0008b2ce21f0b15411517778f5968e098a5ea9b56e505e8e45b8511c24d49aa2adc4a5c35bdc49d59f8b7e", 0x65, 0x7}, {&(0x7f0000000440)="433d655431f7eb0591f6", 0xa, 0x6}, {&(0x7f0000000480)="7a0e7f22bc84052dc965797024020910fcf8e5b2eb12b40b41ee3bfd9248263c19f45248f2e747658a8b340e757b99002cf78c9ed86ac5cda409a623fa7a3a8cba412e66bb8850df755c26746316cbe11d8950f54ee68f29ef09cfd209908d1060d9c1d59d3913603c3ea45250a757c0cdf0420c9843d2345cd64803eeb590140503c2697ddb905c27879462", 0x8c, 0xd71}, {&(0x7f0000000540)="aabcdf36366c82d218ecbb340d5d59a2e252c43acacf9712c032d36bcdf54a50097ecb69b26d093f31e1", 0x2a, 0x3}], 0x8000, &(0x7f0000000600)={[{'htcp\x00'}, {'['}, {'htcp\x00'}, {'\x00'}, {'\''}], [{@defcontext={'defcontext', 0x3d, 'root'}}, {@appraise}]}) syz_io_uring_submit(r6, r7, &(0x7f0000000780)=@IORING_OP_STATX={0x15, 0x0, 0x0, r8, &(0x7f0000000640), &(0x7f0000000740)='./file0\x00', 0x200, 0x800}, 0x7) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r9 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r9, 0x6, 0xd, &(0x7f00000000c0)='htcp\x00', 0x5) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:16:38 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r6 = syz_open_dev$mouse(&(0x7f0000000440), 0x7, 0x4000) fcntl$setstatus(r6, 0x4, 0x44400) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) setxattr$trusted_overlay_redirect(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x8, 0x0) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r7 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r7, &(0x7f0000000180)='./file0\x00', 0x0) 19:16:38 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x20000000, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:16:38 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 96) 19:16:38 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b787000000010000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:16:38 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x16}, 0x8) [ 2357.282732] FAULT_INJECTION: forcing a failure. [ 2357.282732] name failslab, interval 1, probability 0, space 0, times 0 [ 2357.284500] CPU: 1 PID: 11967 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 2357.285538] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2357.286769] Call Trace: [ 2357.287176] dump_stack+0x107/0x167 [ 2357.287723] should_fail.cold+0x5/0xa [ 2357.288308] ? create_object.isra.0+0x3a/0xa20 [ 2357.289009] should_failslab+0x5/0x20 [ 2357.289598] kmem_cache_alloc+0x5b/0x310 [ 2357.290224] create_object.isra.0+0x3a/0xa20 [ 2357.290880] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2357.291650] kmem_cache_alloc_trace+0x151/0x320 [ 2357.292342] __io_queue_sqe+0x666/0x9d0 [ 2357.292963] ? io_issue_sqe+0x7700/0x7700 [ 2357.293609] io_submit_sqes+0x4461/0x85c0 [ 2357.294264] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2357.295005] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2357.295727] ? lock_downgrade+0x6d0/0x6d0 [ 2357.296341] ? find_held_lock+0x2c/0x110 [ 2357.296960] ? io_submit_sqes+0x85c0/0x85c0 [ 2357.297614] ? __mutex_unlock_slowpath+0xe1/0x600 19:16:38 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x12000000, 0x0, 0x2}, 0x8) [ 2357.298335] ? wait_for_completion_io+0x270/0x270 [ 2357.299238] ? rcu_read_lock_any_held+0x75/0xa0 [ 2357.299924] ? vfs_write+0x354/0xa70 [ 2357.300489] ? fput_many+0x2f/0x1a0 [ 2357.301028] ? ksys_write+0x1a9/0x260 [ 2357.301587] ? __ia32_sys_read+0xb0/0xb0 [ 2357.302211] do_syscall_64+0x33/0x40 [ 2357.302763] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2357.303502] RIP: 0033:0x7fe5a49a6b19 [ 2357.304055] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2357.306699] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2357.307787] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 2357.308813] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2357.309836] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 19:16:38 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00000000000000030200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) [ 2357.310857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2357.311960] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:16:38 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x7ffffffff000, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) [ 2357.327239] nfs4: Unknown parameter 'htcp' 19:16:38 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x17}, 0x8) 19:16:38 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b787000000020000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') [ 2357.406486] nfs4: Unknown parameter 'htcp' 19:16:38 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:16:38 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b787000000060000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:16:52 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x18}, 0x8) 19:16:52 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00000000000000040200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:16:52 executing program 3: r0 = syz_io_uring_setup(0x4d50, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x36f}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000240)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x3}}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r5 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r5, 0x40082404, &(0x7f0000000040)=0xffffffff7fffffff) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_OPENAT2={0x1c, 0x4, 0x0, 0xffffffffffffffff, &(0x7f0000000140)={0x8000, 0x82, 0xc}, &(0x7f0000000280)='./file0\x00', 0x18, 0x0, 0x12345}, 0x8001) dup3(0xffffffffffffffff, r0, 0x0) r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, 0xffffffffffffffff, 0x8000000) syz_io_uring_submit(r6, 0x0, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x400e, @fd, 0x2, 0x1ee, 0x5, 0x4}, 0x7) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000000, 0x810, r0, 0x10000000) r7 = accept$packet(r0, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000180)=0x14) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f00000006c0)={0x0, 0x0, "57a8eb36a5bf34ae866f227520d2900f8781cffbec0c52ffaa21d1b4c692995d173aff65c032ec783a723a94489cf19264cbe7a4961f4680a4f6ea65c5f3a221027cfe8ee59055f7f11a6f7cb6b56dfa3c945c6b4cc9e0b8209dfbb7d021f684245969a79a5edc8a4e4945d739d203a38b073f2a14364a0fce101b969e903ee947b4682cee2e0bb57684150dc1b51c2789c6bcce45c98661f951b3f724990486f7b2d8f318189256a2376979536b4f22fe1bdf21eeab3f416c9bc26e70635ddac2463502b82daf401fa78623ac09232120a6dd728a5d8339bc863757e7944cab6f41885a5aab0f967874815ec2fc5ad01a97731a7aa1951b75063b429d73af7e", "8dbc313241c2108b871dcfb9f5d337de21a228924d9a41a42fd37a7473614bbbf9cb841f13327d8d9ea911e2a3dce3a4b1d2c9721e5a3cb163b2f8680a25dae382b3fbd4f96d6a91a97356639554e7f4fcd031f2dea3c0b114ecce8355d4f5322711e4710f59b9f04f93b5fca5fc6267b516705c1dae2a1752e8940ce5c4f3a54e708c2973d84324ba286e1b42f23f0beff7877c70b6a1dd3c3504a0945f2077e3013a446001d4d8ff4f1c4047ad7074afe898239e37253f4491f2655ff2b35ac106f2edd54f83179628557d48de74c43f0b6493375d48b6502c1f87a8efb2ee14afc51bbbf76262de74262774f72d4a2b71174d1b08662914441f2dd0a5956224de8181769bb510e41727558157bc921b25306fbd3e94c746c5afc570c975f033144ed4b8ac30549b436b8979bd185316010a3cc6a44e33f0b5a8f71d40ae5a56925d2a7356d970a737a17c8fd31e346fc2b7e928bb3296a139be6cba3e3f1e9abc05df784ec536d2e67ddd0bd6a3f11e3464e41c312b6db7e22d1313e0fbc727e803e9978fe8bf60eeda2771b0ac973c6db60ccd69c3a8eaadca901dbff0cdf0804c7f738b261d93f1a3fedd28bb8cc4ade1f365fdfd8ba92045a165a116170e0dc52272e87cfd79169595f16731dd6ef85102bce66b1ab527663ec4fc47a1b26e161909bc725578064946106eac8134dd3526140dab5a877879ac1f26d0206343036ef05372df7d8093412bec85b651d01dc3ee115e248147740217c88cbf4a48d4708f64c4b7744fe9d0e616a7e77b909888913ee3873c308f16f8ba4672aec111a1b53b25adf5ed0f7911b5b3c8d4f82878a079921c0d1ae6205ddd23abf0a0f5f9ab3947b9b370f3b33ff11d61c1c34e527abaf3f50a4c5bf03f57923cbca253771699beca16c8c5d0f0f784ad9af15b2144d3414c725857e44d4c942e4a3742af7a38fa6d1c401060e505b3ed9d22722b23343c3a0a6174f8d2d25be29da81ff14d1eee4c1e5f1cea9dc708cb2e7f6ae3d09d00cfe50e237a5ae40c804efb21c4daff0b26422443a931030737983aea87d0ab99af8b7ca7dda530e68f826e229628e9e6aaa9a4b8c1598f9a7f09fb67a2a51693b6716fe6f333de4647bd43bef3137228f54cd6c5bce08c8ccbcbaedc0ccdd71b15e494d791bf9905bb9740ab547ff4a1c2fb6257040e250572e3c60f2caa1b653af1141ae01fa617d7a6567a9e145589763334706878196f3ed1210fb23740018d7f6236637db5e25076109706ffaa0e8f3875d6d4ae57aaa93ec7df1a1b65cdaf7fbfbfe2119e51da40f81cce781e43e88414d5e6b76b8103f102216b6aaccf9ca6daaccb9e25244ea9a302ea7ae86b0e21883e7fcf76c37917018c3b23788ba62f4c7230ca988f30b331680173b95c60bec036952b067c48ee0408ef2e9ea7f5d30db5606821d1f8b7e5ba5e13f7c92ca12e7b840661bcaa3d6462879325748fcaee451d6370a7a88dce1dda8a22130dcc0705d75a65bcb53f0f467ada7f8cde1cb21589b9272d3f3ae2c8e6c8402c941b2ddae7006c1a3998cd67c0612b4e293a750e772bde4668b5e734007f1cfbe2bb855645cda45d68a8c41a68b0737a0abea736883004d9b987a6919e16fbf875dd68331d79249c5de00e982945e2314ac0c88cce8ef5c9596a4f6894554113c29c8f38d197c46626d36871bc470a3a51026a3432c3db1671a4e6fbcca4b266830d998eecbdbb86e511f8f67ca46ede755b7c797ed662b3801c6a79a3d4e242a26ff41d63284e462a210e53acd5b405cfb915a583e1bf35c78031b48228290bc435e46d9a661c0f6f1a2911de925031d38e16264e5661435a535c56afa6827293eee7d9e2e56b3bd627f7b2ee778bf1f91bf0825fbb67e60bb161d3217ae5a5cf025f5c468dc05ec67a2469989161f0b711c20b8018e6fb9da8bb638fa947d5f7cdf2376806c65e4f641d89da1613d36d52a178892414eb1bac66b82ddbd868c6e183641714bcd0a46863b25f753210dd09b4f9f3b67ee0349e8c63181de7a52dac18cd9af49367ad1f7a7b12b0bb7c04d7b66f5778af9c0d7c4d078612d1816d8673d3ac4c321ae793b398330da53fe5e643fd0ca19f0cfdf5a9fef527b3fd17ea315027d5810bf147fb849509a291c2622fd72e01792986223dddcbcb199d89e38efb5def63c327c9a29c1e2ff7c5b19ee2af0cbf8a6bb8121c148bc6fe5f535ccd95f5c41adb5a5ce09779273228a1e06118a47b749bef0790f925a7d4ebafba5285ad6638b0d50fba5102bf21db79dcb8c0c4685eb915ab35837d8f5a8e91e58c4711e1d49139020a42f7b41ed7a0e613109ad8ae6eeb1e81f814fd2a20a0745778d3efe1ca2a2af2e092ac68b78479f60d1e3e42fc0a86304a7ba0a2c62c0ae49cf95fd1b87901054dc4436b10dfa3bb8ff8793bfc1d94547afb2fab9e378a2dfc3cfbd51844d296b5b7f98cdc4015bdfb03b125eba28d2552af2e051b1d4d196176313efcec0c8ed243d858fdbddf7700df1c9fda7640b090dad61c642e519a006ff268a0fcef93fa24d6056ba0f418c1be3805d5670dc56f40d1957bd34b2dce6cc846707cb00898b8faa573bacfd54b6c57779af7c5d5836c5c6ad49895fdc540f3c29ebdfe5a3dcfdaada4a4c55fd5676d9cff3106c33d792bcae6115d4a5227e077ced33fbd1316cdc12e1ca70cda9d73252fe49558b9e97926b2c688c0f6f506148496e3d070709fee233b90f7b7343ad5ec7b8cfd135a785237bae4d53c9bdf9c08772ff0c8dbdc9059d8ef1665b4e05b6e60346494f60c1863ded2da2496bed88a603a1e2e900f0219f0d803b72051e6f0c4aa8ac491906152bdc37ad40fc082c953064084c7e13fe225d1470d17f511729a796fa6f02a7d86aad5ac11f572844dfaf0bcc3409653213ce5c1f1791e8f761c49f6190cf55873f113c7c50df153ed681ba6f97ce6107a61174839700cd4446526affdc06bf7bc5eec20fd21ee6369e2f34a6b8c0eed2c36c76c2bc6ba1d48c1fbdb2608e977378733c0bcc5ca31c3c9d3a2e26c71f17c84f40c5712b24c30e0ef5349da142c148ae93d029fb84e808bc42cd2e11ba2c79228a065716aa2048c27ddf518458b9edd8e15a41d6cebabfb35ddffd27c54cb1472a599a5fa98b1b4adb36d58366b223f64362747887194706b765b4915e4b849f1e375fd442dc4a8e232322cba2fa28e4851d6a7011b111bb78b1d71f947e6cbb4d1991252bc8c508450bb256aa86bed096d406ce8ae8a73a0c634e95c3b5c296665a58b306fa1e14e6ab8f2ec348aab6ae1feed4e37d448b3ffad1398d19889ae0eca7633dcf57b8d6d552782012ec87b78bf6aae09c150f3f9f3d61869b59cd5edff1ac0c9d9a992832442a9731c7dd1c8dc1e2f5a1a3854f500fd0e54172ca0f47ff5ca9f98d08f42e3b302ecc4c7b2c3791f5922c9e1e9880b438087e7e46034aa5a175246466148992e4bf03a5d8fede15834095f02e765accfc5e92f633d637c12b96c1cb1bf73572b9d6265285fc4cc7a1cc86bf071c1c93a196587c94c3fd49b6db8562ac92460d56fc7aa410ae7d87b11c8c4a77952a3d21ade6b3385ff86117ded969e18cae695c33001caa0f06c78ae5b34bc404c2c98b6c3805a036f2221c8560fbed834bd4002bf192f048afb6364bacfdb007dfac7f5062463ae22014fd43ffc7fd377903e74eb8f5c04821e8af9fd30fbbb123437666526000f888fb57b21a33abf9ae91e539f138b48e7e2719e0dc3c96556c4ba95cab0013fc341fbada577632e6e01f55582452af365027048b807b37688bfcac47c4edb0feb3385f39d88ef90e748773b3ce6d3045d5598bd80343990ccd5a71c772702cabab49c757dca5ade0d6e9547fd716324f92846437c36ef53a1dfc91d19e75935b6d77ec64ca95b44ba9cdd662ef070064ede8ce9ed431a569b057b78375ad2e26f59431d1655eb856e6be85db9bcf949291cf3fc28e9cc7b189d62ea8e4473703a966610600fe16fada56203d803e5912bb6aa925dc77a35347dd225bb090a1279873f902863b20e33a9b5f698946db485c9026ae65ab30af0e989855ab7432d9d957047854db54c76389ee0d252306e50f5786306944400f3844659b0c879f0ee7313e03fef11341d49b1ef20751be23db0903282ed2b63dc819ac7ed0bf439bedc354d3e339420ccb041cbf245c953cf55e28eb4ee7ce884bd61e1f0d8bbc1037716629629c7bdb40e7e1b38f5f8caa6d9e3f78fb51e50de0a7cea5e291157a4eff3e6db4dc5323755e1b5e1e1991caed530a18f2d92e44ffd1c654d1250a5b0a8f6df2f33a563f0ca516bb395e9c0c3c78d4c7d183c51323e31d18d1df95dc53cd65f18d9a83fd3443bc54fb6a4383db4b22e7c5181a238e7bec88aa1502465c62363e987909e950aed9acffc13f2ebf4990854d0dc05b105c49361cb196c3b9647f00184737ef086acba862558349a1544cb7c428e01780eee62612c569f9071becf72c46d78be34860573dfcc04eb51d7ceb01bf08f2fe43eb71383243de38d85d02e01c0a3f41af686564a0f765749d5337e3aeea7550316a6f2f25451e384d10332efad16d2a31000f57c21a2a375162425608f1d826fa449cb3a35bb0ba186896ef3e48d52d460fe2f891d775a1437abed8fc44df101195e04bdf1855034c9ce297fbe792dc739584b2116aefb4965761468c4713897e6c992b560a474603d0a16d7f749bfc8852e42f042f3860c7f5295082d4a1f9c6154ada9ec5a0fbc7bffd8d7963b3e164eecb8fba89e03f2b011a604de2ca4118225f4a2de834b2e11af5d40554b7099637d4f5b1543892e936fdace008c1b53703afffa9592ca0126a5db5db23ba7db11c76646bd82563b041b96ecfaa1f69059420f7df2468b2be2ff31622a2338e4dbd74c8038a907e6f86b2be10bb18c7ea0513d9a77ad0cc8915b80338665dff4e3e9f92260a5475be7d79776f0a19a19fdc1c96f6c0f16b65655143794ad66335ec4bfe61c726c9bd408779a57c00fec9b4d0a24c2dc53906276df82b090fe32cd0ca3cd11c0db32c27ebca56843378ea8293107e3192512abfca0db267880b7b21fbe8b80067d5857cdbf3528d5543bb2e3585448e6e27af25ba05b3a64a00152433647c69a30405d0b2d6abce6395a7b9cfe09a05847fad1df454c67cef6f67c36bbde62a24bd87b8ec899928789a16bf09b49b8da7f5f8dab48830ed3d15619c0f1a332d2477d30a2f75c00eb2365a39c68b66b23487a9eeea2278b8fabe42b293f236fdd3a243337d00e67db29fd783da366ed73404ed7f9f09e5ffc373838267695ce12c350940d9e0e35fe74cd56451550c2f116052a599c05efaed6211f70a196735861ed85067004c6"}) ioctl$BTRFS_IOC_TREE_SEARCH_V2(0xffffffffffffffff, 0xc0709411, &(0x7f0000000340)=ANY=[@ANYRES64=0x0, @ANYBLOB="0100010000000000060000000000000001800000000000008000000000000000020000000000000000000000000000000000002d29e1864a1b133d001f000000f50c0000020000001f00000000000000d9000000000000000200000000000000060000000000000000000000000000000000000000000000000000002000000000000000a9ca02b1e57b6459b62a093a2776a4bae0152170af0f34ebb455df3518fc730e11ff9ef421c1954f7230cb405de9c23878ca86"]) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r7, 0xd000943e, &(0x7f0000002e00)={r8, r9, "1a26e0ea64a92b66ba5f560027cc16cffa0f868aece4e9ad72b3c6be15b79ba1ac70e54809bda066ddbf0fec1b83d70389e39266bfe3514f0fd0ade1dd3c3fe7feb223b476ce2e6f32abc669ddfe418ec37c087a8d973f0172525c9710556f16f98b44f2805330a02e0a20cb1da6bb0c4cd39178265ad8758c7bc898b8a976a1d3beb1c8f02b7b50a77337210c289913e9f56f6b504adcd98694bd8bd3d2192c1b20c14696a6e63e2f642eee93dcfe8343edb6699a28ffa86d7c37f37f8d2be7f85d96e415e9c9c97b56b08c0fc7a6e3b7844313363308f977fed3e2609d66502b85cd6c5d0c5653e309590d1362c03de4914b08f1dd5fdc47e8bf647666b327", "601964d1664503450630511f335c9005639af5a75e33c6032312e7a7489278cc2bf22f1b78569ce5cda12eddae4ca911c16e823e5719fc7e9a6c2200305a57a2c78e94388c02f3280129c31eb9da59527eeedb6e2fc176e10d2f782e82eccea9723673d1997d0e516537699c69e7d8d190594f49261d65c5fe2ec0f29388db9b2b0aaee379e07d1611519329d52f7f0735d7c3fdd2696865db53df6f16438ceccb6b3c6d427c22fd74f7f71b93ca09c2e8d12652cb6a58a3525e711723b77abec5d07651fd21aa1f9de0f3cd7abff14d354312210202a2cc465b228af777c523524834a8d650bd1323a551b46b7b8521d25b0ce2787253aaf0806bc3adc2eb0250cfb66f04c7b930a3887767a5937f17929e643fd7da379b5fa14b7848f63d40d38ca089bc38f3c6fb42072b557e87e636e72d156408f442387728bd18e51d0641ba176b6358975672e1f7ca05122118468a083eedc7e4609ecdccbe39dfbb44b7271a41288e177609da46472891725895572020444d44cd661cd30a49dacd21da4efab526e52c51e08206c37b761a425b0e5bfef3498e5ff44e907a288853337d030532307e2fd143d9956e33924b067963aa3de094d8b90ec9670d141e0ffb433b01c781d58a24c1f9197d63f749f2e41fa8ecde78ea42d7475795a13870ba3e61bf62c9763ac3d96ff43574ece730749c250e2e6b0e48e7f6be7dd08b3ccbb879424a12dca1423ecc7eef079b79549d78cf5fdc81ffadb030b45f5f022a632c7b672ebb2d8ac4ab27482e2fcd3a517707959a01ba0bd52699a85757da4bf344433e81f96d6101559a3866a1aa3026f81e19f3b24b18fccdd9941f47126c8231aa5b6f83f00cea91efec001bc9e41edfaccf7974ee923b88f0828ed9a15d9e4ac5739877e032126f95f98157f2ec8e905d8d52ce2363c7bd0282371ed219e1d0ef47e800e6729089b86d495582dbd222587134f3a6603d01bc08175a013cbe3dec3544baefe63ef17765d0f5edf0a055928427e5e69a895381ebad063e9374fc920322cd5c8efc946a712dc52040a591015f92cb31db1516b8df0a7900d8b29bb00a678b51688240df115148da4e259ddfcc0db56a7ff3a0afe3a2a781593f2513cacc8086a19d8ea3fd2f1e51505fa63f9d6a305dfad120cdb23fa6f4f08d99acaf6beabece2f7b774e13d3ddfb1e4f5025b6f34d185181c15ee6298cac80f5ae8d1eba6c7cbb8545403ab2c629fe2096ea3349bb8b6b8bdc6734f6580ab8ab7f368bb268b58e7d8f1cd70d6187948678dbd7a16c236a8a9752126775f82d48a7c8f0ab667ad5a8b5cd884a3feb606bd92d34afe447105d5577a62910c692fa3d9a99c30b1d6918470330a9cc59d1155e0d7992ffbc4c5ac582aeabc20ecbef5048ab0c12377b0b594566242080ee825791f66c5cbb834a24e599b51854bda896338f10fb021feeac26129cc407521646edebfb640b774ca7ec267057d692609ea74de33f8f41edb92d4799f0743e5fce00a8446ac978e5e5399e688e0b8ec166a166e06b21d3401402262b8d24642abfbaded7f907b52539f51e9f10a8b497919b3793958f571e00b16581a3e149f9c40d69a0ba192ceb39a49f3ddc29567a88c5a660d4803693d40a970231a982bf40193745be3edb2826e774b15855cbd7c4f9d445036d7905c2fef4bc979bf04b629a7a3cc36248ae3dd4149ab6c21c0bc749b125bccfd800495692700d2ea63fc9b70f885546a5599ad6ddd2066ba49688f7855ac4112be25347daa197519e287ca216ce70d9f47e8e9063393e0151ddca4091dddeec443bb86e3a1b90ea77161acb2735703904dbf6c38013d882453f4b8aa8dae2a2fceeb178e11460f82c24e5c68c347dc8e2c3d86733852c6470d162f1ce05d3675de35613febfa8349d9020f86c97bc80388b1f1f7b270440c0153426452f3f7b4794378b3ef8ee354594649f50a212892f0702a358e7dbe2065dc3908ef04157a8d0e969c2f08d3cd09517f2f6035ba6a0034513b18cf2be432e6fac04f613edb953763aba51ad76a41cfc7bed225e55ef3a63a827806818919fd98155e7b87ee78def7887dbc4b5e2b3f6fa936cb0285bb4687e4ceb7bc6d925755469773de4c4357672e33e599af21c726098f17d2f9bc33466ae4f99c49a45f06d4d7c494582aa4b16daa3249e6d2b0bfeef7624ef499ab25f974be223e4b5b0b38e3352d9514cdf276c4d6daa98a34cc51ca7962ffcc2716023a4222ce77c6d91d29e6cf9d43c083f8b53061be7c862595d2ac156b182c9efc8171465dd34c4af09689adb6fe4b232bc402e565606031f22aa3ab6c7ef815efc95ce8096e43bb28290315476e934493d495b1941d45d6cd5f8baba3c8d0988d151fc1cfe37377ed261242fe6b5066b3e3eb057e803e94e83fdfdc813f34895d9cbfa620e36b7340e82b1b573f0ebc92aca62b21255ac42220f01e56a21318eb564051b306a789c5b67ece7bb2fbfff807e95fe861a3ead9928b5190cea1dea233c932572b71546a59b5ff6345dc1282246eb8a10fde06ba911df91f4c07e60b1916541a93474bc23ab46fdef93f145cfa57a8862ad6dbf3ce479f833ec22bcf973b91241219ad21fe1b9c11150094b01bbf6c154641f835f4378617762cd6c78c95558f9b109f3373c1606926af0040b59028c7cf7ffece579a19eb766a8324595c37396a291abfa044c37a5796763725d8efaa57baac8e6005814174e5068cf6aaecceaa4c52b72a860189d92a00848798699ad1e2fa3158fe15dba06d48293437e716c1d292f7ec379455d4b7e878dc70040f672d607d6210be1bc769444b005ad680fd5e63a336366a9b5548af37f43a0d5b1475d6f9fb60d8cea0042708c733cd92cf6c643a3ac156e6c8224d83cd0b238426e32036904f14f319805e8a98b5e7c29e97f35526290c61ee438063c764648f59f2f0728d4d3a1b158113e304b6b54aed802d7367ac93d2eaa5e06fb530dab2fb38133c39d10548546b6b89b9b80900644d16c00a888fb0bc378a80f9d67c28304b0f86a5b2b60a144c9884fee7ce7412cab8e1f3753f2eb968d1480b3405c17e267ad53903349f917da8b0795897577120c7d6652fa2d501f8edbbcd68595954cfe235633ff129a6782691f5cdf63cd71ce380bb06b51416d3890c3c19ad5776f3d4bd9b87a4034dfa97b1c5c48962431245898087582caf1c0d18d0c1fef3d6d42bc33ed1da337bfdc5b457b609e0de8c62fd0c4e5f442f16c81af3dca25dc16444a40a0752962b517fea33633c16ff9a341851ab965401d622fb30c3d70d2d62ca1445347fae84f72ed6a419177b26d3b8b6f15bb8fd1715791bcc649f26eed859bffec93d5274b9581428f797f6245fa27ce239345b1466fd9fe8725918de7b07b7edf3a7dbc8a242a3975de11f7f8c1d4a4b0581bf4928a992dc977df95afece773983086de0e53878839c5817db1b5878f0d5244990363dc46fd56ddda96956cc0dfb3718f1d8b07a5112e7e479e4035606d39917c8b6b8ec221e95b5bcc5db4b2ad4f22b7e99f7e2686353078091b374f26f020ba9b421cd8ab57ed12cff90b59f01c8cd11b598f3b3bd809940399b5649305bb36d8c724d5cb140dbd3c8cdcbfb221a0fb1674ffc52dae37430545c20eb9e5d374e13ca5c6a476293345017a6291fc76dbd461133561754d46b8115f05abfcfd4e7243f1310a1743be0fdddb417da2a68f14e2e304f9a076e835302948155bff584c24d152f5c8bbee9548632cbf72c5deb72e19655d034f7a0d1c03de0ea65861f49060a080bdd3b126ffe9a878510a7305d0bae4991d25b8978623613cd65e313d144edb96e4f435ffe478249f61d78a50bcfe77c78e5d22ab03961549dabf3508c59ba40dd4b182f897aa918bcedbd64514ba7c3f092a88075b7ceb05a03ab844fe203166e24d13dfb66fc8836fea3795274ab16121ceff1f4c605d531e6cac5ff71665c0d16e569227efe864a5a022b841e781b52ee17e8c75988c2a03630d34a737c15f0326a780511e7b88fa1ab21e5c59020e3a9b5a589d9982d813c7679ba5ef1f5450b2ba8975444d234e34bc2bce886c91a9242c853fada02772e497fb969120cf1e7c8c2d8071c9be3ebdb4704bc80885b737b592d6cd7ee525b2e240e7e225a3ced625a7ae605626088ea8d4e2faa131f77041ecb26fff6307237bcb978c812e8b8c123e32850ff512feaac6be57de5416473a3027b39bb8e5121dfa2aba869d581c44d22781764fc796495932ff10831ecba943cc3b5aeaa7c26d60de4184f41f9eda74efce151c8c7e480bcc8659f7e760ffc866467c1ac709ee9a716d48083ffb65958c0d4011c5ad8a38669c28943e190c97c8875c22f5222c8d4704096a108aaedc402845db4cba4cadb2cdbef78f7b2fc3b8a1446ca9b5b5f53b35045afc4d6a5463f78a9f65e5e2c12be02bf85ee5b6533edad853df850c844fa453819e6761b861fe5fc2c86dfa0cfb5bbfcf066282d2ef8e2baf91b39ef015126c7faeea7cb70c395f7a5c008644531c439af0148e3607b30c53235701ebc61305b975b6801ec8f4eca10a96375eaf9c8521a574c243677b9a6af46a4bcf98114da61004dd829353730d7dc3ca4c138f188aecd22960d6058f1ca8298bd9bad27fce56cff2a92d75b4acf41bc83d1bc3dba219d7356097510bec7bbdbb5d5aa71c3eec1d5fe4408be6def2525aaa99e834d66562a7682ba1561bd0fab54fd30baafc45c112a4415a132afdcc674048c3441295999109592c2de51605ff4acde434a044a35be6328024b456e04adc3fed972529fb6cb7b5c14aa80c1144dad891a0fd66b578de43273e7ef3013d4e6bd15982621df4d651ee296325d6a2a243bcbac2f5aee3d3f16b1726c944d1fb4a1821a71a09431a508f117341c49c2b337371944daa9e047b55d75b87e082d07433a4afdda13bbfcc691b5e85a292cdefd06ba49e31a142b43139d828a8da9697a09705dec597b350123998c05f04b12e3832e660127ad7c12c2c98ab50fd6ed45b04773e98bca4192cd9bbcf70e65fca9cf1672e2c1568e5a7461dea25837ab539fc3286264d8797dc43cbf00f4c84651f868cf2a935ceeaa2f11eb21954e84fe48ec9c8ef04dee09c44baec6b2c4682ccb763b06f0d80d76e49ba645f10ccd127dc1c01436bc22caf9bebbd457bbb4a87f5d6208e90f8c5f5d20f569649ab770025df16734c41659f4a34a0208f8453743c6a0c10f935ff97ca751e7284556f01b44a3d25719b7435d7c0db7f390d304e721df4855ea611db2f76582485c70c5e6bcf7a04feddde54a8b6e09464d274c8b442173e5a9dbe2c2be4cc7fae8d29ae9f7206200391d0dfe1ca8cc699f0a8031f45ef5a7d"}) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x8000000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:16:52 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b787000000000000200000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:16:52 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x80000000000000, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:16:52 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) syz_io_uring_setup(0x732d, &(0x7f0000000240)={0x0, 0x365a, 0x1, 0x0, 0x33}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000001c0)=0x0, &(0x7f0000000440)) r8 = syz_io_uring_setup(0x457f, &(0x7f00000000c0)={0x0, 0x58c9, 0x2, 0x3, 0x8b}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000002c0)=0x0, &(0x7f0000000180)=0x0) r11 = io_uring_register$IORING_REGISTER_PERSONALITY(r8, 0x9, 0x0, 0x0) syz_io_uring_submit(r9, r10, &(0x7f0000000300)=@IORING_OP_FALLOCATE={0x11, 0x59f5ee0a7c70a1ba, 0x0, @fd_index, 0x3, 0x0, 0x1, 0x0, 0x1, {0x0, r11}}, 0x8000) syz_io_uring_submit(r7, r2, &(0x7f00000004c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r6, 0x0, &(0x7f0000000480)='./file0\x00', 0x1, 0x11000, 0x0, {0x0, r11}}, 0xa63) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:16:52 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 97) 19:16:52 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x13000000, 0x0, 0x2}, 0x8) 19:16:52 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00000000000000050200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) [ 2371.412236] FAULT_INJECTION: forcing a failure. [ 2371.412236] name failslab, interval 1, probability 0, space 0, times 0 [ 2371.413505] CPU: 1 PID: 12021 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 2371.414270] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2371.415201] Call Trace: [ 2371.415475] dump_stack+0x107/0x167 [ 2371.415839] should_fail.cold+0x5/0xa [ 2371.416220] ? __io_queue_sqe+0x666/0x9d0 [ 2371.416645] should_failslab+0x5/0x20 [ 2371.417110] kmem_cache_alloc_trace+0x55/0x320 [ 2371.417568] __io_queue_sqe+0x666/0x9d0 [ 2371.418030] ? io_issue_sqe+0x7700/0x7700 [ 2371.418552] io_submit_sqes+0x4461/0x85c0 [ 2371.419068] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2371.419554] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2371.420129] ? lock_downgrade+0x6d0/0x6d0 [ 2371.420536] ? find_held_lock+0x2c/0x110 [ 2371.421019] ? io_submit_sqes+0x85c0/0x85c0 [ 2371.421462] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2371.422037] ? wait_for_completion_io+0x270/0x270 [ 2371.422579] ? rcu_read_lock_any_held+0x75/0xa0 [ 2371.423036] ? vfs_write+0x354/0xa70 [ 2371.423407] ? fput_many+0x2f/0x1a0 [ 2371.423815] ? ksys_write+0x1a9/0x260 [ 2371.424248] ? __ia32_sys_read+0xb0/0xb0 [ 2371.424669] do_syscall_64+0x33/0x40 [ 2371.425092] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2371.425668] RIP: 0033:0x7fe5a49a6b19 [ 2371.426095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2371.428048] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2371.428913] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 2371.429613] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2371.430449] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2371.431202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2371.432000] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:16:52 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x14000000, 0x0, 0x2}, 0x8) 19:16:52 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x19}, 0x8) 19:16:52 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_PROTOCOLS(r0, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="040028bd7000fedbdf250700000006000b000a0000000800020005000000080002000000000008000700ac14142f08000c000000000008000700ac1414bb1400050000000000000000000000000000000001"], 0x58}, 0x1, 0x0, 0x0, 0x84}, 0x8000) r1 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r5}, 0x0) r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x4, 0x8010, r1, 0x0) syz_io_uring_submit(r7, r3, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r1, 0x0, 0x0, 0x0, {0x1000}}, 0x8) r8 = inotify_add_watch(0xffffffffffffffff, &(0x7f0000000040)='.\x00', 0x2000003) r9 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(0xffffffffffffffff, r8) pwrite64(r9, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r9, 0xffffffffffffffff, 0x0) r10 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r3, &(0x7f0000000400)=@IORING_OP_FILES_UPDATE={0x14, 0x2, 0x0, 0x0, 0x2, &(0x7f00000003c0)=[0xffffffffffffffff, r4, r5, r5, 0xffffffffffffffff, r4, 0xffffffffffffffff], 0x7, 0x0, 0x1, {0x0, r10}}, 0x463) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r6, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x180000a, 0x40010, r1, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:16:52 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b787000000000000000100000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:16:52 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00000000000000060200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:16:52 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) r6 = openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x103002, 0x16) sendmmsg$inet6(r6, &(0x7f0000000580)=[{{&(0x7f0000000240)={0xa, 0x4e20, 0x1, @loopback, 0x5}, 0x1c, &(0x7f0000000280)=[{&(0x7f0000000440)="f2e7501a90cbaa8d94d149cdabc2e4029718b3b3c4ab7a0542c2851355c6b7886eca76782c04ed56a10a1114aa9099806b124677a39a2490252e9cbb9122dee7fc571096a37a34424018ec4c3547a7db9d5cca1ffec09adf99c258209a712e1af090a49803a26c3e4996376115c5ce344329744e0e814d31bc43b5485dcc464a57d316ea61cd0f8b42ac7304d6c66ac0440637850cd2b216be0c183629185737935c89c03681ab89", 0xa8}], 0x1, &(0x7f0000000500)=[@hoplimit={{0x14, 0x29, 0x34, 0xc48}}, @rthdr={{0x28, 0x29, 0x39, {0x33, 0x2, 0x2, 0x4, 0x0, [@dev={0xfe, 0x80, '\x00', 0x26}]}}}, @rthdr_2292={{0x28, 0x29, 0x39, {0x2c, 0x2, 0x3, 0x4, 0x0, [@ipv4={'\x00', '\xff\xff', @local}]}}}], 0x68}}], 0x1, 0x4000000) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r7 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r7, &(0x7f0000000180)='./file0\x00', 0x0) 19:16:52 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x1a}, 0x8) 19:16:52 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x15000000, 0x0, 0x2}, 0x8) 19:16:52 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00000000000000070200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:17:08 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x1b}, 0x8) 19:17:08 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b787000000000000000200000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:17:08 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000019c0)=@IORING_OP_POLL_REMOVE={0x7, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x5) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r5 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x80000000, 0x9, &(0x7f0000000700)=[{&(0x7f00000000c0), 0x0, 0x100000000}, {&(0x7f0000000340)="5f2f9c50cde60a0506573a7bd5ff059949104b46e589ed09721c74a11b33385a6eb828bb0db019ed2c01e08484b846a1e97060ef436bae2344d7781602156e549805f5297f5a90270bd7067ca61009233f25aa1ec8e2c43d8c2ecbee7452212b1fa0c84b8ea0e3cba5d08e9b844685d7d138b297c4f7e5d9b37c93862c4021d507709fad4573e5e456c8931602ec4da9", 0x90, 0x1f}, {&(0x7f0000000180)="a1c0", 0x2, 0xff}, {&(0x7f0000000240)="64954b21e4099cb2419b7c9c0c204918c97c410979fc6904aea673e7cd704c2c2d6170a53cccb96ba2b1d1385992a98fcab9d5d7e3ffa1f13b4a43d940ac37e32954aa3573b581962c16edc6ca7ffc05c665f7bb8125b768cd9d6ed4e091", 0x5e, 0x8000}, {&(0x7f0000000400)="a44d10437df68d8583c1c71d25f4d2b08b977f6ea4931135cbb89e53ba78e13d05899a901b1de1807f3965d3655054c4f04663697545b6b614bd53554c47573ed35e6a5e747a72bba2a6509c47f4129c242d24e7c6af26ce6ca1c6a4b6e7aed738cb40e85925aea88ac8e6925a8ca83c59399f0e5e7cd3997260e8102cf620cec0ee8308cfba5cbfdffb62547034a4a256da61d577eb6a417bfcd8d426ec791eb9207bcf15d451c02e2c68b6603b19df77a2fa49ea0ec60db2ef3c2c81df4fa7160cb7b6ded31c19d253c5cf31fb890b8229f58113df699fe86119723b60f11bf22e71", 0xe3, 0x7ff}, {&(0x7f0000000500)="2d418c7e18c8428ec0dc3c9f12f50a04d35e695f05bec1599129b35ba7615e25a12e9ae3484bcaf76c030b6be0f206d8ae21de65b14e605e4d44ba55414b191f2b4959df785b88be16472bd18e54d0e8de3544526d816103b8f4623452adbd9a8a25a9925fa2b2fbbda416c28889b056a39e2e8e722432bd30d6fb6cb3f58fd016", 0x81, 0x3}, {&(0x7f00000005c0)="57124d69b53ae2d4be5c6d2cc1118040f8cedcc2dcdd0f0b54046e36d1d55dd7a1d5b0863e398c8a60483a204866e385159d95890a5dc0156054b868920b42a6efb69c9d4ecf10345c30c9b564bd27d11a23c05ed2a9d416e0fe72d5d4562d8cbe4f73c95e4638a926f98fa00e6e769ede64a40dc1f3a1d374dd21ab5888d958929868a82ba4bb856537dd3fc0b444df9ae02654688f37137ed0c7", 0x9b, 0x3}, {&(0x7f00000001c0)='u', 0x1, 0x1}, {&(0x7f00000006c0)="85f91c0251ff", 0x6, 0x8f}], 0x0, &(0x7f0000000800)={[{@debug}, {@nobh}, {@nodelalloc}, {@nobh}], [{@smackfsfloor={'smackfsfloor', 0x3d, '\x00'}}, {@smackfstransmute}, {@uid_gt}, {@permit_directio}, {@seclabel}, {@context={'context', 0x3d, 'staff_u'}}, {@subj_user={'subj_user', 0x3d, '&'}}, {@obj_user={'obj_user', 0x3d, '!\\*,'}}, {@obj_user={'obj_user', 0x3d, '\xf2*}H:.!(%!'}}, {@subj_user={'subj_user', 0x3d, '\x00'}}]}) r6 = syz_open_dev$mouse(&(0x7f00000000c0), 0x9, 0x4000) fchmodat(r6, &(0x7f00000018c0)='./file0\x00', 0x20) r7 = openat$null(0xffffffffffffff9c, &(0x7f0000001940), 0x101000, 0x0) io_uring_enter(r7, 0x5f1c, 0xf376, 0x2, &(0x7f0000001980), 0x8) openat(0xffffffffffffff9c, &(0x7f0000001900)='./file0\x00', 0x4802, 0x1) getdents(r5, &(0x7f00000008c0)=""/4096, 0x1000) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:17:08 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0xffffffffffffde6f}, 0xa30, 0x0, 0x0, 0x0, 0x1000, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000240)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba9652752a582f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd73bebf5577f5ce13e2d178001000006668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}, {&(0x7f0000000440)="abc51525a59d413a93e316c90e10dd5504b50fd314fae56defbbcfcc4fc60060d96170518b259f543cf67c943467e66e768e3b45499d0fada92c79d876c987ebb191db2fea95cda27aa45385d99242d5adcd0425e56201e33dd1ed818efa28968b315e08daab159e0a2edd56c440603cc71576be91210c7490973fcab7354609fda209d596938d14", 0x88}, {&(0x7f0000000040)="6393c39239b72016a883f2d695", 0xd}, {&(0x7f0000000500)="db7e97315543066455c24f0e7228b79c8c79934e2ee8fb0396d37aa9c3046f9a88ba8458d4c6d12715ad1b308d8715acf4b9a9f277a24df13067ced69a22ef81a26ff86f99bb266198bec48d320749d9bf19a97a7be05243d564a8c4ca317c9af22e3223d9914a9d8eecc1f5951084aaaab23415c779ad5fb80033d129bca88f3787a492d15e199afc19d56bbfc6e418b65c1f6f00346379645ea7eb9e8c46068127d247e86a7657aaf5595b4b0472559a788800", 0xb4}, {&(0x7f00000005c0)="bf2fa3af49680ab804d6eba59bec2ddc9e976f7e3c21c7cbea8432e44aed83e0c35ba7e6fdcfcfceb042356274610f9f1fd4ee1d1e38e79fe1985de3a044394f1ba5abdb68f4cb38728fb1c480d5ee007de2efce49a9abc5af81eb09d9ddc947dd2ac0839415aaadc36e3f90515a471e251cee0a0e054cc4a51b3444ece9840737c6eaff07e07b2fe41295e32fc05a8f711c4d3b5180598a2754f80566c7c0f99801cdea2223763a2684668d2699b295049bfa576e91249c116a0a12336c87", 0xbf}], 0x5) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:17:08 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 98) 19:17:08 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x16000000, 0x0, 0x2}, 0x8) 19:17:08 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00000000000000090200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:17:08 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0xf0ffffff7f0000, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:17:08 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x17000000, 0x0, 0x2}, 0x8) [ 2387.142954] FAULT_INJECTION: forcing a failure. [ 2387.142954] name failslab, interval 1, probability 0, space 0, times 0 [ 2387.144737] CPU: 0 PID: 12079 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 2387.145742] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2387.146784] Call Trace: [ 2387.147135] dump_stack+0x107/0x167 [ 2387.147602] should_fail.cold+0x5/0xa [ 2387.148093] ? create_object.isra.0+0x3a/0xa20 [ 2387.148669] should_failslab+0x5/0x20 [ 2387.149160] kmem_cache_alloc+0x5b/0x310 [ 2387.149686] create_object.isra.0+0x3a/0xa20 [ 2387.150246] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2387.150888] kmem_cache_alloc_trace+0x151/0x320 [ 2387.151481] __io_queue_sqe+0x666/0x9d0 [ 2387.151998] ? io_issue_sqe+0x7700/0x7700 [ 2387.152540] io_submit_sqes+0x4461/0x85c0 [ 2387.153104] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2387.153733] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2387.154353] ? lock_downgrade+0x6d0/0x6d0 [ 2387.154879] ? find_held_lock+0x2c/0x110 [ 2387.155398] ? io_submit_sqes+0x85c0/0x85c0 [ 2387.155948] ? __mutex_unlock_slowpath+0xe1/0x600 19:17:08 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b787000000000000000600000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') [ 2387.156565] ? wait_for_completion_io+0x270/0x270 [ 2387.157278] ? rcu_read_lock_any_held+0x75/0xa0 [ 2387.157859] ? vfs_write+0x354/0xa70 [ 2387.158324] ? fput_many+0x2f/0x1a0 [ 2387.158779] ? ksys_write+0x1a9/0x260 [ 2387.159261] ? __ia32_sys_read+0xb0/0xb0 [ 2387.159778] do_syscall_64+0x33/0x40 [ 2387.160248] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2387.160903] RIP: 0033:0x7fe5a49a6b19 [ 2387.161367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2387.163614] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2387.164562] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 2387.165460] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2387.166347] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2387.167253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2387.168142] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:17:08 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x1c}, 0x8) 19:17:08 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c000000000000000f0200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) [ 2387.209456] EXT4-fs (loop3): VFS: Can't find ext4 filesystem 19:17:08 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x100000000000000, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:17:08 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00000000000000600200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:17:08 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x18000000, 0x0, 0x2}, 0x8) 19:17:08 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, r0, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) [ 2387.482702] EXT4-fs (loop3): VFS: Can't find ext4 filesystem 19:17:22 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x1d}, 0x8) 19:17:22 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x200000a, 0x80010, r0, 0x0) syz_io_uring_setup(0x2ee, &(0x7f0000000040)={0x0, 0x6c82, 0x10, 0x3, 0x1bc, 0x0, r0}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000000c0), &(0x7f0000000180)=0x0) r7 = socket$inet6(0xa, 0x4, 0x5ceb) syz_io_uring_submit(r5, r6, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x1, 0x0, @fd=r7, 0x0, 0x0, 0x0, {0x10}, 0x1}, 0x6) 19:17:22 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00000000000000810200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:17:22 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x300000000000000, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:17:22 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 99) 19:17:22 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b78700000000ffffffff00000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:17:22 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x19000000, 0x0, 0x2}, 0x8) 19:17:22 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) r6 = inotify_init1(0x0) r7 = inotify_add_watch(r6, &(0x7f0000000040)='.\x00', 0x2000003) r8 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(r6, r7) pwrite64(r8, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r8, r6, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, r8, 0x8000000) io_submit(0x0, 0x7, &(0x7f0000001980)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x8, 0x8, r3, &(0x7f0000000440)="7be14abb90fbe641cdd7661379c2a9214b654cb70bc91426b23ffcb6ab37e3b14f792e921131ee39fcdb85cb1047f506a9b27d7b5f61cfdfbb255b67af2dbf9011a47c7e465b48d763f3ddf0c16fab19617d2a12f765bd4c59d8594a82019fa954080087066f56a1e263911422b9857eefb5c3528bc0a06d6bdd48e78a338743c82c484749de47d0dfaade2849964c15e342b44a72e246daf063e3deebb557f144899278d5281de7e07038f50e24d02dce0e66a5eb295ba9ce244f5a50dc5d4adb12c7a018b4bc0f94b52cd716a41a7200be25ccee63e6f93eaf37bc8ae0d0c39ee31fc9b14ee74c996214d3af4ab3f89c8d6ea13cf462a1f190ae", 0xfb, 0x1, 0x0, 0x1, r4}, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x1, 0xff7f, 0xffffffffffffffff, &(0x7f0000000580)="43348a", 0x3, 0x7fffffff, 0x0, 0x3}, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x7, 0x4, 0xffffffffffffffff, &(0x7f0000000600)="e0ff05df76192b80", 0x8, 0x3ad, 0x0, 0x2}, &(0x7f0000000780)={0x0, 0x0, 0x0, 0xb, 0x81, r4, &(0x7f00000006c0)="745092d3ec7c5a422966ca57166e18dbd601dc2330127836ff0e55220c11bf925c234944d31ad53fbdd78c980e0f76a4b8e6edf8ac8ac4ebcd7ee6845358adf3b1a95b16de12dbfb099444b77f324d38731578af2c0b49da4106a84c46dd632a54675775333fb8c14d5155b95dd7f76a76caf29ee7cd6a09169bb2ee688ae6780545083f54f026cde06c8151fd798d6c3b8a3c4498a9cd991f1d04440ea4182d3e6ffc9dfbd369b354ed", 0xaa, 0x1, 0x0, 0x1}, &(0x7f00000017c0)={0x0, 0x0, 0x0, 0x1, 0x2, r0, &(0x7f00000007c0)="c1f404939d15fead22ed140d235880e6494958987f8d2fdb9438502749473626d4e604ef40fd3cdef2016067f56ff901e6a68627500d770bbc06447dd8587b759ed18013a11c53657f9c9d8248882cd87c091a152ec6f957a587be18d33011ea4490e47ee5df210917c6b3084d7549e255364157bf5fd8eda9ecdbafa146e6a61b6fb6f5be61cb7b3bf622cb0cb866dca0d38dde30f0cc8e581ba6e150c8210d9690f25f4318a7e66a1e58a308868ea29be3759f81d70801cc8178294fe01bac8e42af46b65a77a28f40f66554a23e468088212220461ea48a7c03ac8b14165b91717a339094c514e24ce6f05446ce7d8befa90e7a8d7770491b7c4ed7fa5207c34ff513463bb5d54ca7a96be8ea7335180bcac83b27cf4e1344e69c8d2653923d7b438ff53b0cd4cfc62986a8b8ce8bc740c8317a05319180e2a18535777583e6c8480eb4b5c52de8f995f75631297419e7977a84a9fd526a5e12b7adc8b4d41290bc608697917d7b1d670d79b2c2c9e4ae9764be6c05b18cda55cbc16a03036d8bf29771f08d0818f158adef4bbb3739ee5b334f018a3146920d90e4e88f67b9c303a05767f0dae47b28b7a0e2254456da640c3582d57e73032d6819ad3e7490938f00646ca487e851d4d0d64292c408a421c121b1630ce747c028b28d1654be30b42c6bfa87244cd7c3e010b6697eb206a5b9eb51e2176a9ca9bee8bebc99702ad7767983a412223784073550ff980f02a3e639131b21569da523f95426fd725da37396d447ec5258528ab4ba64c38fda7717f9a98ff9d3f30a1c96dbd66b6fad13c20b8fa4fe857ddc292a658dc335b0201b50df75fae1ae4429ccd317eb691e7a348f83571f407f6c360f2eaffe1e6a283cedb57225b6cb44b054b0d997b0e89dd862fa4af8b3ed424a3bba6ce9a9f4b342a5e8fc4a0e5d6e30066ac05908b901fd4fa3660acee415551810c00b71d4d8326750be9562a294fce8b2cc69d43b5949eb568cec45260c7add628f93abd1eb4f5f3d5a4e74c4007517bde9ad34be99df23ed2d9f030912cde1186ab6274c0ee51d3889e040f3b813a932c4000ea466e8d193374c36c23fb2447661577ce5c9584d818571939a61d3e750fc8edabe495a41b1b6ab624c03f9c6379aa6869380c4b9b479d1695604de9fcb16f534090e07abbebd7245bae45f626459625a18bb8d5082ffee1902ccb3247d6d51132bc3665605b4c1a28b1a2c143f0930f633e7b55b5fd26b64261bf95c63c0ec7961fa1e77f98942ecdf52ec69233ca0d7781918dd948bcbda557277c1b03e52b2f20267f86a16e544a355c46130deda41a03486a74df6d168e19bc31ecde5d39b2e345fcaf8cd39b2c9b00daeaa7bb0186c9f17b5f10819c79af2cde5e066fd1f9d685d40ed45733fcc71efc1d2f5229b90f1e9e1ae1f7332109af6b5708023792bed654d0d126e5b68aa59f5ce761adb73b19b6ba711aa4f632a596082eaf1eb0ce62dc5f1096ec2686b371679150432fb806a0ba5be9df22274b586dc8b59d63bc0ecbf41d9c5a82d3715950949c8fcd9c2fa598dd6280eef78cc1d1efdc98c318e3511f49522259d09010424157d53b611fd7a71270a5f47af13813a3d7c8d9aa77e8aa24c25c3b7b1d0b4c02650c7f078f3c807f35d35f6fce9c8408eab4dea3a24a782921148b67f9ddd4f747403d30d53466d65f89388cd2198791b48f9bbd4c409ff6d3650d517abf1cdcb033dc46a22143d1e8405f67a05bd87422c99b544021200eabb0609e52e8851c90ff1d3e00d453c3854d1adfd7759822cfedc9d8d418c47b8ed584765b306767cf2f8525e54b50ba27411ef64920cc2384b5534bc9df2f89456d15cde07bcf01595c2d65b466a1f407d32c2dd83f500264ac3ccdba4573944c1a704f055cef093b3a5e521dd2449211ab86040e0475909586d62c2948d90da0cea4ea2bd427f767aaf568adcb7966529bc8671f05100b2f03c9d1152ae301c8a566241764a1be0c30f0e5f60320474b57bc795509bcab65b59d5f824b2867a391819565e4d21a3e8c409788ba7a670ac13156aa31a4aa0879fc7396358fb2e0784adb5e161a2aa127be1713023db6ad15d6ccf730fb2b9456438e3e21c9e800a6358e3e428fa2719a4b2ce21969eccc4107981a6dfc6a47c01f33ad8785c217df826725fa7385d6d9e1023348f821820cef30b8481ec4918202cb2294d8345553dc1fd133d877350b8f54c728ffb115bf1c429c4e722ed35332b349b33b0937f49a3b29f55ea23c2dab5b5bc5277ad76d241fba5c64e140dde924a6eea36b77d8363b936aebe74e4cb1ffe2e3b9e3b2a7015a7023f2d70618695844fcec005279128be886a6705e5ebbc081df76dce0fadcb17c853d675b7fecffa1ea10cc91ce2b2dd2b59e593b2341ccf51b288ae892990e6737d4beb2f1a533e897f3cc8964a1c166ec72fc7f33eb0c4b4d580058d4f34c0361c9f1e38ac225ffcd36f002d880e3c843435028136dd2babea0ffcb6016041ac24b6a57504dfd775a428af157b90165ef6533ba74f0f478145de54b505c5480bd8c380562972d42c33fcb968f6e59ffc514cef87dc8a4fc6676c074b4cb8c6bb9a7fb40c06fcf75e7379b61864d6f3b116b131de0813387ad86c04642d461b0b2182e9ff5f67f742040a6405bd38f4021c42400c603de700798daac86de7f6c5f9e709ca1888bdf126cff50d864e1d63f355c23338e1dcee6f0e3d37ea6fabb48891b1c9b2c76160563b2f75139d21e6b9e7891a9c20ad1e67c326827d23922484623e0115f7b15ce28d9499d7cb4d28f3f3c59b86a52ff620e566851dbb0d686f7a1f03914f0373e5f10a5cef90aa0b52fd632e460b83920047257cf51e5fd84eea905c572e02de31644814cf57bf8fcec79e6a7f7c6a7e1c14d4c22ae63330a896dbda6e8972a07c73e5d962bba7a9ae83d5fc389ba2f7089ecd17d4c559aeaf0b9254bfc06d6b65e7776ba32f9ceeb5c29958bed41e8efc3f3dc792e67dd278bb2d33d243ebb1d6fae9fc8aa0a5c3447eef870f829c86c51c2b32f9c8bc75ee665a613912663583bfe3e8896afa334d6c37c1bf64fa4cec382be6d1b0130585e08af55e6c7d0f9f028d87db9c0e019fac548b7e6784b3d703b101b60f43e734cdf468ade78e98551e40a9e6375941e3f84609201425ecfb1eb704ae7ece8d5564544b310af4feb6250df8aedb4477cf75600bc0996cfae0b300b7270758fee1c7b461fe412a259eca64082ed249b8bde29cc5782680b466dfed72a5b5cb3cdab9f7b9bebe05eabbe5ab1fde4155fb60708a1a8b333d47208201350d23f2c448cdbb821e9797756708cb562511498de4b28cc831eb6b577a619d78cbe5dcc1a45b389d389649c2b7ac55b957a9447326b3637d4219c4318f2bafefc1d3ab7e86c5d518fae4afd0827f85211798c50dc2dded37ec88d9cea18b0a2fa14f2695b301793ebeb7c36ec5a35090bdc46229b7b7bf930997e6557ca367bacdf6a8308388abb3f375aa88bd3b096f3aab115f2975da54a594e7082500e7ad91dcfd5229ecc25f92dd054bbcf02b3e53cce2c1e318978c2d0df9640cf45cf7675990cd09813e12d221f9c3360f28145449ed11e56be25181ab6091e8c54de12bc1f7ce1bfbe3b2bc29836241fb78c43df2debe2fa0557d5eeeb425cf216ac8daeba9c5757f731b6a8ea622392bdff0c5b82e44c1abfc028ea22998bd8c85c07485e99878740ee3f733c99dbcc3756dd08b74aa8943c6b71aa31466d78c6e7f9f8bd9ed09028dd106b5b941a5750411ab697c59015cc10db39cdbb76e4f965ae7714775195531adf759f43eb518f6ae5f3d3edb574d5a3812dc46c0ae036be3763b97dae5e4eb91d6f549bc4f669ff25a73b9edae720fba3690fb6fa4e86d0238f621ffc584d614670cc96ac708e870188c104abf60ae82c48d2af183e8d7fdee67d168a26e0ef6f9ab1d9867997b3794765b2f795d0dbd7956d4d0c7e811df23973022dfd9d38f381044b5b0296f33188502dac6620504c6e1167f80f90027430c80342384ec868753ec6b4bdc1a19a41f63793ad58b33b4d78987d53ae307f81db6100c760dfa43b8c7c8632194b392bd3da77a1539860a77e8307da9351a239bc74f6480fd8476208dd04b82ab4dc0f4863a5d931c180543fcdac4a6aa12359d2dc527bddee0a54b1243c03aa6bc6b30fe2b27a51d639962b06ea05391c2933bffe2378feb93ce5c9ffd6c03bcc28cbaaebd8e48622daa9b26d9e8ff5661c506f240b2848b099ee5617eee2a0a859bfe04e4ddb3bbc29c40db6bf6d2378ac03e21c34c389f6d3a87fbef95d47894c2519188206101178edf019a3bce54492e3ca6deb72410013224de920bd0584b8a35f75a97b92e79231f1869b597d7010f15d82cc789c298e2cb2dd370ab3753f326ce634cba111a9480b7f85fa7d4817334ed6cfb79e75d55ad9abf97fe4f3750e52f9c7beec78fa6a34ab08eb003c0748a8b59a35ec7f6b08eda2a2bf66e730d015af7f0b9fe5b732a465df2b64a86396abafcbad0af87a7ac663605a39670ca63e1ef7123bf6c82cee3d0cf45fa1a4155c977a03589159762ff6c3215c0614d08e58826fd470536e2c27689da825c4e66a8b8bf1c1a68e264dccb4fed1001cb4260f49c73923fa67a9dd0ce8584f1f6e2731d390e60b21c907e9084ec8097c7ff1a7911a771b2498047a9f200b7eecf592b766d0bf2d70cd89c5100dbc1afbce7295551c7df47922e93837a79d39042ac34bcde6ecd9586ed8adf729e08f08d1f60988d760c86250cbdb0bb47a926bbc58e70d15ab10ac5b1191f92dadf68f7ce6366ca083661b4297e62a8a9dd73cf80070e764f7d00a0ea59fadafee31c45776452bba8638dd8c70d5a232b1db2808e367d7cdd4086af5f96913a0ccfefa59ce4f4d14504635e30333b70e8aa8f8e8174ee667f1e03244a9746f164f98dd87ffc448cd9bb938c80927c166830e4fd15584a092382bd25c4b30ef834284351d4a0054cdc351fabdf3ea072faff469ff80787b17a53378bb9be5d0a7441f022f50e9ac35772f914ccff1ee415af14d2c7e25209fc3a3f0ee87db3acafc343a97e17babecf389d7233b28550573c86b6ae28dbd9dcd17e2cf3ad82ad84fe6e8f4791117099316ad5615980b1aa28c92fafe3add02ce3460d20fc528533dc6b774c4daed1d37240eac64b54eee7230da59eac1b8bdb0a698593bb8a3200f568a8c7db9fc8a4c8a120b8540f92b2fff3321ea32bdc7d404559059a7d065b7f11d84ef182388df7d4066758f5390e8d42239209df6eb9a35911f9f0cb39c020fa74bd1df0dc2e0fc5a76efa26f7f4256e1764d89fa354d06c2167aabe7385dc3ee6580d4903087ff5e86b22a5c443ba61ae0bd15ad6fb64dccb11154444086acaaa81e879ab71e7d5066f898ea3048e8245eb6caecf4c6c0a5c14393234a477fd1db84f084f50017122d15f068e2f0b11a95137d7d6d8371b024fff0172615907c816a2c44f6b1c77f9c9c37b073276f4510265ca20d04b4dfb54f2dd6d3241f0c84929f45442de2dc755c9ef533c22acc5a3c3bbb9c4ab7e1986184c2faf96e0f5cef3fde26b229c981916360305913715dd84b90d963a4f8faa98c7ae9aa28d1392b630a1e804665216b655c5af813ad667bfc3dcea98bd861f86ebd01877851087f9d3e7a41b57838f5b98741733f07b7ccc933f5a2eafb00069d524db106ae67cb6944806e2a8332ec1cde990375ccc1cd58926448e2e", 0x1000, 0x100, 0x0, 0x1}, &(0x7f0000001880)={0x0, 0x0, 0x0, 0x7, 0x1, 0xffffffffffffffff, &(0x7f0000001800)="27349a4cbd90c6a46ae9fbccc63a466b9c5db19ccd7c19245df6b0487d85ee01202140a7062fff301b6278848b3f81a5c619776a6f77a57c9c723cb6d0ba2e11527bbc72210c405847276670dfc9693315e006ad1463b47d521105f76cf0dca416be99baf19cd6cadf2c88230db21ce393db", 0x72, 0x4000000000000, 0x0, 0x1}, &(0x7f0000001940)={0x0, 0x0, 0x0, 0x5, 0x293, r4, &(0x7f00000018c0)="4dc0f827a87b0cad550e80a01a6e550c6f09e3465ce2cb152386de71e8efe0fc83dab347d8afbb57bb17856275834bed800fbe2e11c9ad07de8cf98dc9c695e9cbdee3f48bf83d3bd79ea5b16b6489b62a651223091d7840273b4ebdc9910b767efb6c8c0a5b5ccf4fb7856bd0085a42f2803b67300a9d", 0x77, 0x6, 0x0, 0x2, r8}]) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r9 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r9, 0x40082406, &(0x7f00000000c0)='\x00') fspick(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x1) 19:17:22 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00000000ffffff9e0200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) [ 2401.312207] FAULT_INJECTION: forcing a failure. [ 2401.312207] name failslab, interval 1, probability 0, space 0, times 0 [ 2401.313566] CPU: 0 PID: 12131 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 2401.314232] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2401.315023] Call Trace: [ 2401.315292] dump_stack+0x107/0x167 [ 2401.315647] should_fail.cold+0x5/0xa [ 2401.316011] ? __io_queue_sqe+0x666/0x9d0 [ 2401.316408] should_failslab+0x5/0x20 [ 2401.316774] kmem_cache_alloc_trace+0x55/0x320 [ 2401.317215] __io_queue_sqe+0x666/0x9d0 [ 2401.317599] ? io_issue_sqe+0x7700/0x7700 [ 2401.318008] io_submit_sqes+0x4461/0x85c0 [ 2401.318434] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2401.318907] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2401.319371] ? lock_downgrade+0x6d0/0x6d0 [ 2401.319767] ? find_held_lock+0x2c/0x110 [ 2401.320162] ? io_submit_sqes+0x85c0/0x85c0 [ 2401.320587] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2401.321063] ? wait_for_completion_io+0x270/0x270 [ 2401.321528] ? rcu_read_lock_any_held+0x75/0xa0 [ 2401.321977] ? vfs_write+0x354/0xa70 [ 2401.322331] ? fput_many+0x2f/0x1a0 [ 2401.322681] ? ksys_write+0x1a9/0x260 [ 2401.323045] ? __ia32_sys_read+0xb0/0xb0 [ 2401.323445] do_syscall_64+0x33/0x40 [ 2401.323802] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2401.324287] RIP: 0033:0x7fe5a49a6b19 [ 2401.324640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2401.326364] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2401.327080] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 2401.327752] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2401.328418] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2401.329093] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2401.329764] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:17:22 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x1e}, 0x8) 19:17:22 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) execveat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', &(0x7f00000001c0)=[&(0x7f00000000c0)='\x00', &(0x7f0000000180)='[\x00'], &(0x7f0000000340)=[&(0x7f0000000240)='\x00', &(0x7f0000000280)='\x00'], 0x400) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$binfmt_elf64(r5, &(0x7f00000006c0)={{0x7f, 0x45, 0x4c, 0x46, 0xa6, 0x1, 0x6, 0x4, 0xd8c6, 0x2, 0x3, 0x3, 0x173, 0x40, 0x31b, 0x9, 0x9, 0x38, 0x1, 0xfffa, 0xe7, 0x1}, [{0x1, 0x2, 0x3, 0x525a, 0x5, 0x5, 0x1, 0x4b7}, {0x7, 0x401, 0x7, 0x400, 0x1, 0x2, 0x8}], "6e006cee69168798ce090b7c204c4bc2cd979c", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x8c3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:17:22 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x1a000000, 0x0, 0x2}, 0x8) 19:17:22 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b787000200000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:17:22 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c0000000000007fc20200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:17:22 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x20, 0x0, 0x180}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITE_FIXED={0x5, 0x1, 0x6003, @fd_index=0x3, 0xfffffffffffff3fe, 0x3, 0x3e2c, 0x4, 0x1, {0x3}}, 0x401) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:17:22 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00000000000001db0200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:17:22 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x2000000000000000, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:17:22 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x1b000000, 0x0, 0x2}, 0x8) 19:17:22 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x21}, 0x8) 19:17:22 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b787000600000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:17:37 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00000000fffffff00200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:17:37 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000140)=0x0, &(0x7f00000001c0)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000080)={@remote}, 0x14) r4 = syz_io_uring_setup(0x457f, &(0x7f00000000c0)={0x0, 0x58c9, 0x2, 0x3, 0x8b}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000002c0)=0x0, &(0x7f0000000180)=0x0) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r7 = inotify_init1(0x0) r8 = inotify_add_watch(r7, &(0x7f0000000040)='.\x00', 0x2000003) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000300)=@IORING_OP_FALLOCATE={0x11, 0x59f5ee0a7c70a1ba, 0x0, @fd_index, 0x3, 0x0, 0x1, 0x0, 0x1, {0x0, r9}}, 0x8000) r10 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(r7, r8) pwrite64(r10, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r10, r7, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r11 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r11, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:17:37 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r6 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r7 = perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x0, 0x0, 0x93, 0x60, 0x0, 0x100000000, 0x8000, 0x8, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0xfffffffffffffff8}, 0x40908, 0x5, 0x8, 0x4, 0x3, 0xe20a, 0x1, 0x0, 0x8, 0x0, 0x8}, 0x0, 0xffffffffffffffff, r6, 0x3) perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x5, 0x0, 0x3, 0x5, 0x0, 0x0, 0x100, 0x5, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xff, 0x4, @perf_bp={&(0x7f00000001c0), 0x8}, 0x2000, 0x7, 0x28, 0x0, 0x3, 0x0, 0x7, 0x0, 0x7, 0x0, 0x1ca}, 0xffffffffffffffff, 0xd, r7, 0x8) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r8 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r8, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r8, &(0x7f0000000180)='./file0\x00', 0x0) 19:17:37 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x22}, 0x8) 19:17:37 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0xffffffff00000000, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:17:37 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x1c000000, 0x0, 0x2}, 0x8) 19:17:37 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b787000006000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:17:37 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 100) [ 2416.225168] FAULT_INJECTION: forcing a failure. [ 2416.225168] name failslab, interval 1, probability 0, space 0, times 0 [ 2416.226362] CPU: 0 PID: 12194 Comm: syz-executor.6 Not tainted 5.10.218 #1 [ 2416.227003] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2416.227774] Call Trace: [ 2416.228037] dump_stack+0x107/0x167 [ 2416.228386] should_fail.cold+0x5/0xa [ 2416.228749] ? create_object.isra.0+0x3a/0xa20 [ 2416.229200] should_failslab+0x5/0x20 [ 2416.229568] kmem_cache_alloc+0x5b/0x310 [ 2416.229956] create_object.isra.0+0x3a/0xa20 [ 2416.230371] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2416.230849] kmem_cache_alloc_trace+0x151/0x320 [ 2416.231297] __io_queue_sqe+0x666/0x9d0 [ 2416.231679] ? io_issue_sqe+0x7700/0x7700 [ 2416.232084] io_submit_sqes+0x4461/0x85c0 [ 2416.232498] ? __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2416.232958] __do_sys_io_uring_enter+0x6b5/0x18c0 [ 2416.233422] ? lock_downgrade+0x6d0/0x6d0 [ 2416.233814] ? find_held_lock+0x2c/0x110 [ 2416.234202] ? io_submit_sqes+0x85c0/0x85c0 [ 2416.234618] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2416.235071] ? wait_for_completion_io+0x270/0x270 [ 2416.235528] ? rcu_read_lock_any_held+0x75/0xa0 [ 2416.235964] ? vfs_write+0x354/0xa70 [ 2416.236319] ? fput_many+0x2f/0x1a0 [ 2416.236665] ? ksys_write+0x1a9/0x260 [ 2416.237029] ? __ia32_sys_read+0xb0/0xb0 [ 2416.237426] do_syscall_64+0x33/0x40 [ 2416.237780] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2416.238265] RIP: 0033:0x7fe5a49a6b19 [ 2416.238616] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2416.240329] RSP: 002b:00007fe5a1f1c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2416.241036] RAX: ffffffffffffffda RBX: 00007fe5a4ab9f60 RCX: 00007fe5a49a6b19 [ 2416.241704] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2416.242372] RBP: 00007fe5a1f1c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2416.243030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 2416.243695] R13: 00007ffd72df2f4f R14: 00007fe5a1f1c300 R15: 0000000000022000 19:17:37 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00000000fffffffc0200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:17:52 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 19:17:52 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b787000020000000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:17:52 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:17:52 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(0xffffffffffffffff, 0x0) pwrite64(r5, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r5, 0xffffffffffffffff, 0x0) r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, r5, 0x8000000) syz_io_uring_submit(r6, 0x0, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x400e, @fd, 0x2, 0x1ee, 0x5, 0x4}, 0x7) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000240)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r4, 0x0, &(0x7f00000001c0)="0a14d69d946c41d3c62e04644e574d03e03963b3742c61d5687c9f100dd96f5566020ca9aa8e54041545260710fd7072826f32c0f74bda8c", 0x38, 0x1, 0x1, {0x0, r7}}, 0x5) r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r9 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r9, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r9, &(0x7f0000000180)='./file0\x00', 0x0) 19:17:52 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x1d000000, 0x0, 0x2}, 0x8) 19:17:52 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x23}, 0x8) 19:17:52 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c000000007fffffff0200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:17:52 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_IOC_SETTIMEOUT(r3, 0x80049367, &(0x7f0000000040)=0x3) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:17:52 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x1e000000, 0x0, 0x2}, 0x8) 19:17:52 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x24}, 0x8) 19:17:52 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b787000000200000000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:17:52 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00000000ffffffff0200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:17:52 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x1f000000, 0x0, 0x2}, 0x8) 19:17:52 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') open(&(0x7f00000001c0)='./file0\x00', 0x2, 0x80) fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:17:52 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x25}, 0x8) 19:17:52 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00f0ffffffffffff0200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:17:52 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 19:17:52 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x20000000, 0x0, 0x2}, 0x8) 19:17:52 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b787000000000100000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:17:52 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x300) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:17:52 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000003, 0x110, r0, 0x8000000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000080)={&(0x7f0000000340)={0xdc, 0x3f, 0x1, 0x70bd29, 0x25dfdbfd, {0x12}, [@typed={0x7, 0x31, 0x0, 0x0, @str='!Y\x00'}, @typed={0x8, 0x4e, 0x0, 0x0, @ipv4=@empty}, @generic="03b953a8e2dc7e681c703216ccf6e73e65d80ea4c4b207e59a8a02041fbb920ed2919f97552b86929fd19f8589007ace9e682f3ada91523dc9d6ddc1fa0930f07b6f5e88b8dfb103a73dca9bad5c7f4b2513fb2b4f6849f795de50ef0caee017b00e8c300a7dec6fb3ebf237bba37ecda5ca14e00398664bd31dc9c229ff460d38f7de71e62099e39805c39f1ea70112a39b5fb16db134c95107203ef595a55348849e84cd04ba2323296f5bc38c9f7e5d31d0dfda23"]}, 0xdc}, 0x1, 0x0, 0x0, 0x4000000}, 0x8004090) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:17:52 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210cffffffffffffffff0200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:18:06 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x3, 0x0, 0x0, 0x0) 19:18:06 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r6 = inotify_init1(0x0) r7 = inotify_add_watch(r6, &(0x7f0000000040)='.\x00', 0x2000003) r8 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(r6, r7) pwrite64(r8, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r8, r6, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, r8, 0x8000000) write$nbd(r8, &(0x7f0000000240)=ANY=[@ANYBLOB="67446698000000000200010004000000b18856afb64d6e6017bfd83cfdef81e055de38991bf861f1fc1d4001d141e093aa883345485675971fd37c1372421fbb688240da21"], 0x45) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_config_ext={0x8000, 0x3}, 0xa24, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r9 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r9, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r9, &(0x7f0000000180)='./file0\x00', 0x0) 19:18:06 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x2, 0x0, 0x0, 0x0, 0x12345, 0x0, 0x0, 0x1}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0xfc, 0x0, 0x0, 0x0, 0x20000000062, 0xca904ae578de5ed5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x2, @perf_config_ext={0x8, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x3, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r5 = eventfd(0x0) io_setup(0x3, &(0x7f0000000700)=0x0) r7 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) io_submit(r6, 0x1, &(0x7f00000009c0)=[&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, r7, 0x0, 0x0, 0x0, 0x0, 0x1, r5}]) r8 = dup3(r0, r3, 0x80000) r9 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000040)='syz1\x00', 0x200002, 0x0) ioctl$FS_IOC_FSSETXATTR(r8, 0x401c5820, &(0x7f00000010c0)={0xfffffffc, 0xe9, 0x2, 0x33, 0x9}) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000180)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r8, @ANYRES32=r9, @ANYBLOB="0000cbd52c2f330000653000a93f6f6ae5ff7f000000000000503ed2fc185a4c7a60c43820ecb3bdbf089a65d91f7885e224c426e66214e6c73f56d7794fbbaca42987bb14e6ade3b8e1376ea79cf2"]) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) recvmmsg(0xffffffffffffffff, &(0x7f0000006240)=[{{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000080)=""/105, 0x69}, {&(0x7f0000000340)=""/130, 0x82}, {&(0x7f0000000400)=""/130, 0x82}, {&(0x7f00000004c0)=""/132, 0x84}, {&(0x7f0000000240)=""/113, 0x71}, {&(0x7f0000000580)=""/138, 0x8a}], 0x6, &(0x7f0000000740)=""/132, 0x84}, 0x7}, {{&(0x7f0000000800)=@caif=@rfm, 0x80, &(0x7f0000000640)=[{&(0x7f0000000880)=""/178, 0xb2}, {&(0x7f0000000940)=""/101, 0x65}, {&(0x7f00000009c0)=""/194, 0xc2}], 0x3, &(0x7f0000000ac0)=""/174, 0xae}, 0x6}, {{&(0x7f0000000b80)=@qipcrtr, 0x80, &(0x7f0000000d00)=[{&(0x7f0000000c00)=""/111, 0x6f}, {&(0x7f0000000c80)=""/63, 0x3f}, {&(0x7f0000000cc0)=""/46, 0x2e}], 0x3, &(0x7f0000000d40)=""/52, 0x34}, 0x20}, {{&(0x7f0000000d80)=@nfc_llcp, 0x80, &(0x7f0000001200)=[{&(0x7f0000001e00)=""/4096, 0x1000}, {&(0x7f0000000e00)=""/134, 0x86}, {&(0x7f0000000ec0)=""/223, 0xdf}, {&(0x7f0000000fc0)=""/151, 0x97}, {&(0x7f0000001080)=""/21, 0x15}, {&(0x7f00000010c0)}, {&(0x7f0000001100)=""/249, 0xf9}], 0x7, &(0x7f0000001280)=""/61, 0x3d}, 0x10001}, {{0x0, 0x0, &(0x7f0000001680)=[{&(0x7f00000012c0)=""/172, 0xac}, {&(0x7f0000001380)=""/217, 0xd9}, {&(0x7f0000001480)=""/6, 0x6}, {&(0x7f00000014c0)=""/158, 0x9e}, {&(0x7f0000001580)=""/225, 0xe1}, {&(0x7f0000002e00)=""/4096, 0x1000}], 0x6}, 0x2}, {{&(0x7f0000001700)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @empty}}}, 0x80, &(0x7f00000019c0)=[{&(0x7f0000001780)=""/159, 0x9f}, {&(0x7f0000003e00)=""/4096, 0x1000}, {&(0x7f0000001840)=""/100, 0x64}, {&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001900)=""/8, 0x8}, {&(0x7f0000001940)}, {&(0x7f0000001980)=""/35, 0x23}], 0x7, &(0x7f0000001a40)=""/203, 0xcb}, 0x6}, {{&(0x7f0000001b40)=@qipcrtr, 0x80, &(0x7f00000060c0)=[{&(0x7f0000001bc0)=""/251, 0xfb}, {&(0x7f0000001cc0)=""/60, 0x3c}, {&(0x7f0000001d00)=""/23, 0x17}, {&(0x7f0000001d40)=""/62, 0x3e}, {&(0x7f0000004e00)=""/228, 0xe4}, {&(0x7f0000004f00)=""/238, 0xee}, {&(0x7f0000005000)=""/132, 0x84}, {&(0x7f00000050c0)=""/4096, 0x1000}], 0x8, &(0x7f0000006140)=""/215, 0xd7}, 0x3f}], 0x7, 0x0, &(0x7f0000006400)={0x77359400}) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2, 0x10, r10, 0xde049000) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:18:06 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x21000000, 0x0, 0x2}, 0x8) 19:18:06 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x26}, 0x8) 19:18:06 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00000000000000000100000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:18:06 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b787000000000200000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:18:06 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x2000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:18:07 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00020000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:18:07 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x22000000, 0x0, 0x2}, 0x8) 19:18:07 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x27}, 0x8) 19:18:07 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b787000000000600000000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:18:07 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x953d, 0x1, 0x0, 0x1e8}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mknodat$loop(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x4, 0x1) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:18:07 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00030000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:18:07 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x219}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000001c0)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ff8000/0x8000)=nil, 0x8000, 0x3000007, 0x10, r0, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:18:07 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x23000000, 0x0, 0x2}, 0x8) 19:18:07 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x300, 0x0, 0x0, 0x0) 19:18:07 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x28}, 0x8) 19:18:07 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00040000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:18:07 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b787000000000000002000000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:18:07 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000001c0), 0x282902, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0x20, 0x0, 0x2, 0x5, 0x1}, 0x7fffffff) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r6 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r7 = syz_io_uring_setup(0x457f, &(0x7f00000000c0)={0x0, 0x58c9, 0x2, 0x3, 0x8b}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), &(0x7f0000000180)) io_uring_register$IORING_REGISTER_PERSONALITY(r7, 0x9, 0x0, 0x0) r8 = syz_mount_image$nfs4(&(0x7f0000000280), &(0x7f0000000340)='./file0\x00', 0x0, 0x1, &(0x7f0000000440)=[{&(0x7f0000000380)="6043964ee55509565824b154328aacf685e4634bb408d66f17fba22474a44aa6a62dd1c788570c000dff17ce71ed45896f30808d4f74bbd72e17997c5f691fd0153565cc7b8638834844c0a30ccfc332aa6c471b50f2fc769f0a857bb76eaf2f8bbb6da714975d0fa4197013cf71bff99babf63cf19373a16b5d15a37adae634d91e13edc6d155ccaf66ce4d5dbacb4fe9fcebd3005f4043dcf14a66797e50c4", 0xa0, 0x9}], 0x1000001, &(0x7f0000000480)={[{']#'}, {'\x00'}], [{@audit}, {@smackfstransmute={'smackfstransmute', 0x3d, '/dev/hwrng\x00'}}, {@euid_eq={'euid', 0x3d, 0xee00}}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@dont_hash}]}) ioctl$FITHAW(r8, 0xc0045878) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x10, r0, 0x8000000) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000040)={{0x1, 0x1, 0x18, r6, {0x6cb0}}, './file0\x00'}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x110, r9, 0x0) [ 2446.833013] nfs4: Unknown parameter ']#' 19:18:22 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x24000000, 0x0, 0x2}, 0x8) 19:18:22 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x800000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:18:22 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x2000, 0x0, 0x0, 0x0) 19:18:22 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x29}, 0x8) 19:18:22 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b787000000000000000001000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:18:22 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_mreq(r6, 0x29, 0x1b, &(0x7f0000000080)={@remote}, 0x14) r7 = syz_io_uring_setup(0x457f, &(0x7f00000000c0)={0x0, 0x58c9, 0x2, 0x3, 0x8b}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000002c0)=0x0, &(0x7f0000000180)=0x0) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r10 = inotify_init1(0x0) inotify_add_watch(r10, &(0x7f0000000040)='.\x00', 0x2000003) r11 = io_uring_register$IORING_REGISTER_PERSONALITY(r7, 0x9, 0x0, 0x0) syz_io_uring_submit(r8, r9, &(0x7f0000000300)=@IORING_OP_FALLOCATE={0x11, 0x59f5ee0a7c70a1ba, 0x0, @fd_index, 0x3, 0x0, 0x1, 0x0, 0x1, {0x0, r11}}, 0x8000) syz_io_uring_submit(r5, r9, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r12 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r12, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r12, &(0x7f0000000180)='./file0\x00', 0x0) 19:18:22 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00050000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:18:22 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x10, r0, 0x0) r3 = syz_io_uring_setup(0x457f, &(0x7f00000000c0)={0x0, 0x58c9, 0x2, 0x3, 0x8b}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000002c0), &(0x7f0000000180)) io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2, 0x40010, r3, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3e, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xa, 0xffffffffffffffff, 0x0) r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x12, 0xffffffffffffffff, 0x8000000) syz_io_uring_submit(r6, 0x0, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x400e, @fd, 0x2, 0x1ee, 0x5, 0x4}, 0x7) syz_io_uring_setup(0x5d39, &(0x7f0000000040)={0x0, 0xff9c, 0x1, 0x3, 0x48, 0x0, r0}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000240)=0x0) r8 = syz_io_uring_setup(0x1958, &(0x7f00000000c0)={0x0, 0x58c9, 0x2, 0x3, 0x8b}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000002c0)=0x0, &(0x7f0000000180)=0x0) r11 = io_uring_register$IORING_REGISTER_PERSONALITY(r8, 0x9, 0x0, 0x0) syz_io_uring_submit(r9, r10, &(0x7f0000000300)=@IORING_OP_FALLOCATE={0x11, 0x59f5ee0a7c70a1ba, 0x0, @fd_index, 0x3, 0x0, 0x1, 0x0, 0x1, {0x0, r11}}, 0x8000) syz_io_uring_submit(r6, r7, &(0x7f00000003c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r4, &(0x7f0000000280)=0x80, &(0x7f0000000340)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @multicast}, 0x0, 0x800, 0x0, {0x0, r11}}, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x8, 0x8010, r0, 0x8000000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:18:22 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x25000000, 0x0, 0x2}, 0x8) 19:18:22 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x2a}, 0x8) 19:18:22 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff}) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x3, 0x0, r3, 0x0, 0x0, 0x0, 0x10000, 0x1, {0x3, r4}}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x5199, 0xa797, 0x0, &(0x7f0000000000)={[0x8]}, 0x8) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r6, &(0x7f0000000180)='./file0\x00', 0x0) 19:18:22 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00060000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:18:22 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b787000000000000000002000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:18:22 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f0000000040)={0x0, 0x20000000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:18:22 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x26000000, 0x0, 0x2}, 0x8) 19:18:22 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x2b}, 0x8) 19:18:22 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00070000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:18:22 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1000000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:18:37 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x800000, 0x0, 0x0, 0x0) 19:18:37 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x3000000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) 19:18:37 executing program 3: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000001900)=[{{&(0x7f0000000040)=@vsock={0x28, 0x0, 0x0, @my}, 0x80, &(0x7f00000005c0)=[{&(0x7f00000000c0)=""/64, 0x40}, {&(0x7f0000000180)=""/15, 0xf}, {&(0x7f00000006c0)=""/4096, 0x1000}, {&(0x7f0000000240)=""/80, 0x50}, {&(0x7f0000000340)=""/138, 0x8a}, {&(0x7f0000000400)=""/120, 0x78}, {&(0x7f00000001c0)}, {&(0x7f0000000480)=""/189, 0xbd}, {&(0x7f0000000540)=""/125, 0x7d}], 0x9, &(0x7f00000016c0)=""/98, 0x62}, 0x9}, {{0x0, 0x0, &(0x7f0000001840)=[{&(0x7f0000001740)=""/214, 0xd6}], 0x1, &(0x7f0000001880)=""/73, 0x49}, 0x4}], 0x2, 0x40000100, &(0x7f0000001980)={0x0, 0x989680}) r4 = inotify_init1(0x0) r5 = inotify_add_watch(r4, &(0x7f0000000040)='.\x00', 0x2000003) r6 = creat(&(0x7f0000000040)='./file0\x00', 0x10) inotify_rm_watch(r4, r5) pwrite64(r6, &(0x7f0000000200)="1eecd93735c44fb403292adf1183b1b37359fc5d952f72f57313fc71da00043824a7a91b66e3c15e690475706eacaa2a11516f6bdae1719641e9ca9ac07109a1c771750aea11c86edd4a2fe38badde5b051700e793ededbbc3e9658668347430b90c87a15deeaa274587570734535ff56936598d90b1bb184947987611e123040b62e1b5021d19c2e5c200"/150, 0x96, 0x0) dup3(r6, r4, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0x1010, 0xffffffffffffffff, 0x8000000) r7 = syz_io_uring_setup(0x457f, &(0x7f00000000c0)={0x0, 0x58c9, 0x2, 0x3, 0x8b}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000002c0)=0x0, &(0x7f0000000180)=0x0) r10 = io_uring_register$IORING_REGISTER_PERSONALITY(r7, 0x9, 0x0, 0x0) syz_io_uring_submit(r8, r9, &(0x7f0000000300)=@IORING_OP_FALLOCATE={0x11, 0x59f5ee0a7c70a1ba, 0x0, @fd_index, 0x3, 0x0, 0x1, 0x0, 0x1, {0x0, r10}}, 0x8000) syz_io_uring_submit(r1, 0x0, &(0x7f0000001b40)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, r6, &(0x7f0000001a80)=0x80, &(0x7f0000001ac0)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, 0x0, 0xc0800, 0x0, {0x0, r10}}, 0x8) r11 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r11, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) 19:18:37 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x2}, 0x8) 19:18:37 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00080000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:18:37 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b787000000000000000006000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:18:37 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x1, 0xfffffffc}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) syz_io_uring_setup(0x558f, &(0x7f0000000240)={0x0, 0xd924, 0x0, 0x3, 0x328}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000000), &(0x7f00000001c0)) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff}) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x3000000, 0x10, 0xffffffffffffffff, 0xb7a2b000) syz_io_uring_submit(r3, r1, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r2, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r4 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r4, &(0x7f0000000180)='./file0\x00', 0x0) 19:18:37 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x27000000, 0x0, 0x2}, 0x8) 19:18:37 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x28000000, 0x0, 0x2}, 0x8) 19:18:37 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c00090000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:18:37 executing program 5: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x2, 0x0, 0x2, 0x2}, 0x8) 19:18:37 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="66696c7465720000000000000000007ff0b7870000000000ffffffff000000000400"/104], 0x68) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x9, 0x0, 0x0, 0xa0d800, 0x0) setresuid(0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040), 0x4) symlinkat(&(0x7f0000000100)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 19:18:37 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r4}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000340)="e0e33ff67b60ee20ef8b2776d3b6699226ba8f52def3022f7018d76beb7c1de3361684caa4b1f72caab02172384ee283827b762378a924d4ec69349820f23a78ab8f712dad761de4c3e9606d488f50d64cff93fa472c6161320ccd6fbebf5577f5ce13e2d17898d4e1e76668e1236d8449c984896d1f2b4896559e6a6fc1d4decfbe559af615074c8b07a4fa24ea8d4ef61177ec6efb4294177c6177a56a6231fd9a91bfea02414bdf11824a7ec5695ce53c15e6e1ad9ad47a4bc483b4340a6d104a", 0xc2}], 0x1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) ioctl$F2FS_IOC_ABORT_VOLATILE_WRITE(0xffffffffffffffff, 0xf505, 0x0) r6 = syz_io_uring_setup(0x457f, &(0x7f00000000c0)={0x0, 0x58c9, 0x2, 0x3, 0x8b}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000002c0)=0x0, &(0x7f0000000180)=0x0) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0) syz_io_uring_submit(r7, r8, &(0x7f0000000300)=@IORING_OP_FALLOCATE={0x11, 0x59f5ee0a7c70a1ba, 0x0, @fd_index, 0x3, 0x0, 0x1, 0x0, 0x1, {0x0, r9}}, 0x8000) r10 = syz_io_uring_setup(0x457f, &(0x7f00000000c0)={0x0, 0x58c9, 0x2, 0x3, 0x8b}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000002c0), &(0x7f0000000180)) io_uring_register$IORING_REGISTER_PERSONALITY(r10, 0x9, 0x0, 0x0) syz_io_uring_submit(r7, 0x0, &(0x7f0000000240)=@IORING_OP_EPOLL_CTL=@mod={0x1d, 0x6, 0x0, 0xffffffffffffffff, &(0x7f00000001c0)={0x6}, r10}, 0x7fffffff) syz_io_uring_submit(0x0, 0x0, &(0x7f0000001840)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000001800)={&(0x7f0000000440)=@rc={0x1f, @none, 0xa9}, 0x80, &(0x7f0000000280)=[{&(0x7f00000006c0)="59a09e9c4ac9d5306a7b3a383238b7ebe523ede2acb98021d1f1710a5300c05cb2325e8a4d4194e51a520ce66ec36018465688efb79b0ad4cdb4a0d649bfb25baa27b7cac4b42509c58f22b86210d066624c64db1b99d868c435763a12dbfd054f57c7f455ccc048e7e5f30ef926dc9fa6eb5c345e16a96b05b7b41a9f8202411b0601f490c48ad51022beff8304e9c593d74544332f9c997f4a703da7ab163a1bb1d8f2b82346e5d0e42e04058cf6eed7049ed515361f199277581c592c1d7cc7b1de88b9e82eef1a41b8d2997ff4430972ab76ddd9d0d2ff85fecf8994ae3bcc94514184cacce109ed9aa51a6a6a67f2e25afa4fc004fe10cca9e6b0e222b66d210bbb7c7f0d41b3cf5ecfad8327cf62253c574e891ce4916dc6ffe3e3a1969ccecf884580a6bccd97fcc174b1e2deb864f94f354c283648d52121ee1496c8e2e93b84946be0ae59939437e40a6af0afc067154f179e3c8834fe1534f2453e880c8a3ed97ee6ea1ce3f9812c947bb3f786c50fdbd42af63a917d1b7d2b08e04741a423b3963a33833727d71fbfc021a07ba67dd2555e64b16d8a1444b9ca10d65cb777d9b6d55f868e0ff65024f6c410c029d720c9024943aca0ea489221287e6dff934fabd5817281350bb0055765db1236956f0e409d777548c308672b43187f6419af8ed8b970e2c89c9660ee110af6e8a29a6ee32066b05f56fd91c4edf4639d9ad7fdeb4539bd2a4c90aa9421f844e82f10e6ede64569945cdaefea7cb33247c57273e77d28aa10ae595c303fbe44432f304f3f62d85285174197efc7ad3c7016446f5fd8739e75ee45f7f1ceb96f5e8f7581e97bb9e5a63373ef64c3914e5cb1de254709b8c36c314decde2b6176ef37f85aa0b8dc8eee4d82ecf02de5551113516fba45494678ecdedd444f36d0305bbfbd6a08e8240d7097d11b6b4858456a31f85f24f3d426ed24151f2c5d3a37d211b21f9a94fcc822d24d29451cd7b57ea3e011ea2f36ba9a102531c814dba15ea9f817db39269cd48db346736bdc07c65af9e451c03675ccc8f12cbe1a5dc498494c275803e11f7047ac9b09c3e3e8a1c6e054b40595b464e3f47f9bf29339b3d1f6167dbc92da8378ad275bd2d7cda2173fd60728fd3c2edbcf32f3ee5fa8259e4245e703277a99430897fcd40f85c7f9fd30495073f79f82abfee1aa0737bfd7496d6fa51d8526d168ad5ff0c42bda0e82c29d4a18b553b69bbfc7e9cea5aa3afa09d8767fc25015ef837afa31ff34b79e166e4fd94f63fe64cba892dfa5476079a6021b6a68660075a527397255c5c79f6cc39c7d5bf17b01c2cb2baf6d9582d035e758f2e95bdf6a53a839e8791150f89c3c7e8e7ef4b64d0021cce2e79053ced74c7cac5237c519057909b8fe55f4e32c9a1260febb944ed4e7ee1259da1cb85d95be4a4bba859202021ad1d59e4f1eabade612d870953e70abcaedba086ac82a9860a67ffcf7041cfe09f227885fa77889fff29d8b89cf12026e096d3db058dc4e7c70c1449506124a72537857b377fcb6c9cbc310fa311aa1f2bcb22036dd1d97f9afc9f5314699f34547a20ebdc28ea72dcf6915d06589a5a4d8f33bc1fb690806df749042a01772f93093181e22783283872d1cac452e41bf3d603084f701efc0d5f091faee2b78e503f5eab6bf5219a19159ae5df1435f969801ca46b11b26a942b0cee1e0c5531987614bbbc9d9edabc5233747bd95b51f281f716bf1b078cb6cdc00e1a77ae677ddf539ff0d132093f498301409693c4a3914bd135eec15be1fd1958db0b91d3f347d8bd27bdd516ae53870cfa5bf5f3d52a4e6506eb93faaae35aabebf838c827f6b5de97cb259cf1b40902129cc31d9ab50d0817682b1af9bc72b3fd0437edf75d0c73694a99d85f13d8936c2c52ca836ebc2a4dacf0098e83c0bbc953add85db5d79008b91232cad14ade9b0e28b877efb7405d3404b3a0753e1c3f8c15c7d717a0b7b98039106430d4f5f749306d1a155315b64097c5afd2170254441035144055a2db5405162b775733df9cfd5801dc2cc33232ff73626b72a170a513323c272104c094e653e5f956769a0a7ae22bf329b46c5a2506c6e153826ca388fe71e5cd610815fff511ad0db65ac4f0cc51c2456b3a60f2f8bfb5b98a6ba30a2ae9fffdc5d7f2288921a114c974f7ce5cdaccaff5b07633643534018da234df847b664f4deecab37ce28a3ebf7bfe0506e6a10bf2bc0c92f06215305a927a2d5e9d70044b4ae119412ae565c7914b731903950ec80942a68e7d0abc31c38c5e0fe7ed43be14f87b5137058d1492d4005ca3fe4c8412b23f2c9aba90cb106afec7eae075a1b7e5c403dd793dcb1d6fa2f66ebaf2b6357e77f02c787a35671bf06594af908a8571ad2481d0d1ca13fe634bf04653c374b4c3a012cada6bad6ec141d222c7f8fc1cb5cc7a03c8890a0b0f50c17fe340cb5115544b2efd7078013a0deb5d851bdbff725d7998ac27e550cf7cc484fe1ce12701fd442accbc99124350fbb06da1505bfb0c0e5aab88ae919c73aaf6a458d78a6ccca43e9f22c5ca3966d2ef885c934f50efb678a88d670d96d206728cfe68f6576a3aa29849272a5572d64a310cc3fe15c239e52680f1263ed0ffe9514a3a0c3d0b4e343e30c3331f7660dc423675de5944e20417b68db980233a26425aa9a8f3264481a1690cdbac385369ccd45f484f20d093bcb357d378897ce7e88d19d300cdc0503d2acf454daa536b2e5bf0df46c713f51bd651c9e683c450d9ee27857b2bb8428cab1dc1d6b0f1c7d65c7c86f79e716d996579d62739319963253d00d05631a81008052fd2e67872279cd0f47179852024f4c9b87e44233e733b5c73b5123f909af06bf585e3cd1a27d960f63d3d749b6eac49967a452d2883afe44fdf6d7770fc1c2db1d3d89adbfb64fdcdde42b60aa5293d40bc555a0c93f4b6b84617c11a0b1530effc18b7d3e3951458fb79174858e31e27e6b7452ba57b6db6e6c577e37f82240b5118c0edaf294c62955eac630da338818fea4300d202aca9329e88e381b9fb6d4e0b99797431155d15e5a083312d5711d292d95f5c88e0e248a14600fe5f2d753206098133236e23242ba32617ce66426e513f5223379ea76dc3d1c026ef62afd9de61180eeee6a2d6a23135672f7f2e1e8aaf3e5bf90ebba382491228a9c0689e1219a73b1b0b0104bddf6f732d67b82631916b285d1b48f49df20f559c10ba1e02f3c3c8f8bcf99836f3015abefedf41862a10ddac8e34965ff84f071c0b1ae85c77e5217fccaa0c4961400a06173d12a5488e2cb6c603222971b37b2d3a675e97a2ef187fe43915cfa07d31e075f06cc09da5e0c4bc26463fa3d3f4f1f56178e277b2cd05c768c2e520137c2e13c08efc1f654686a3a92f499d3b95c37d71e862c9db6d65420d98f9073160e8b7823f447e2677dd377cc7509838dc6847bc94a8dd1a6c207706a472966c91ef855c4631ff5acb6d3fab2e626fe166db0175c8cf3d8188a915f7fc4fd7e986b498f2d30404b362b897e9c92b33d2ae73fb1b6661e47c12ab415dec842605d5708d38e21afa023444fe1bcec50e0c8a4272b552799cbfb7293c621008830dd5b766073de263cda1e08e382540798fbc6870c580434e007d5a2375c317cd81a470e2325419e5eb1a6e809cf04de181480f25fa138b17601afdbb478cb759a6a844d5a8bb71d6261a64f3994b45504b6dade60be439eac57f51baf953cadb12704e887fa6a61afb52b155a6d63a661c3fa9eff79929d81ada345481ebe5443264c30429c7426f6dc0141d98156a03125691d8b39af71851bb9c2622f5dea8f12bea803e73d9c48285d9d75ddc2c6615eec5fad675172fae8407cfc4f9dad56d94af6c91600bd00f8435525886752359a37221d6fe6c7d88e48815adcf79ae64f00585cdae3fc14105039d8a0f22951464f2f5bf4efb9c2d35a278123771fb15daf094d11691dbcff755c09a25e1d8b9ed48673fd5aefa72bc889364da5685e0af3b969f403f71aa098c05d7081c39f62b64d980447dc11106156f954adfbd64bebfc74c2ba4e63fcd2646afd57eb6af32b8fee3bbaf459f1ec76e8bd04e56aafa6c7d27820e5ac8620d9651595c19d22e8b5960cc2e9b3c7b1f6b61e0378a602246d6f29ce1a7f4d1a04786bb6d98cf5faf2a52c17a3187eda44d3367c5d734f2cc92458438ad092667b27c62a9b29de3114c0910eb9c91985d329a42fc4fd244028679d2948c763527b0ff0e97166b31021154f439d74d74d632fb419db694425af4612b7c82f5562c04dd0e57b28add37c21a768b5a3d617c0a320ca58f2703ea5f4bf13e56678a654da684a76361f0dc765da0541364790d5dccda0ddb5f7e863b3a33da526d2b44726c801e393454aa46fcf134bb94454ae9e26b2e220f76b8adcb9b4e7ff565f4313e6a48dc47a7217519c5c864ad58f98856a8688c9c6698b03cc61f7cf78fad0f93dc59de13137b220d6ad01ed8129583697916ddce5310cdbd7aa209a59afbbc5bbfd1c8d26f5840ea8db441b2e28ce7c44e050441043557d5d497904becd14d9878c81144e2e8d8767f6efe2c6ae16116474dbc32ec6b80f2af2bd6ef52edf408d4a9187f7c240a2f93aaaf56aa99b99cd442c98b2e353bd8a76397a761927e585544a00d361b1e9f5843de4e818c4f0aaba748de655d6635f44b1dd00748d9d66e62bb7decfec0d46310ecda7f5a2a47815a04f8016d6dd669806397a9db55e4420d577ec1a06d39a6b16346f530f231d63e732939da77f53cc275b097d2d4e904f03287027c67ecb7376ba597ee1678a0656eb7383c029baba1985c032983be48712279e4ddd895dbc09229802301d9ea623a7d4eaa0a623cec7a1854187c9b85a30d09332c91122b4bc30fcb0a80f73b6d36778226947c9f73e41ee9392ccd3304b4470a031913852a36bf135b6d2de6df630ba150005a84da275039f142ba62512feace45dc5d114a68420ebe5fd4406f093ac6532697014baf7106f21064fa6d12292a5897fd52d8eb854bbec5d61e3c89a2c9d85092c8054d04a64408a1a45e453bffb166872180eca63d39e32cd2be44ff707378a368ef871202204928de97b5360a22c2621030cdd86decc69771f89199c9c60188b629a6b9630a0df09998b950610bf4ee8086ffe72ca214d18e9417367151c8691b0daef60ae5849b1013c76f83ae99b2efcf06115960e65dbc13c0a0f020080c703e3dbd7df28f91f823968f2795a70ba6e870cf633e0ad7b9a7b273b1d0e83c509b313903fc38fb4017a4eda907406a44f4214d08618fc525bf911aefba4fef32f211c65c12ef4977b4e28686d35d7b3aa3a239f5bd5abbc1401f72fb8bf356ff2af0034dbb1a0fb609317883173da45b52fe820deeb66e7a0ebe166e822e7c94f324d85699574e9e2f716c8ba24edff1c621b7e6175a5fef6081219780b415b308703f842142c7c5eb3db1237a931c4e184631bbbbcd1d7ba812e37b360b69c5b7d83f6adc352bec21f5d7b4e85569dc94682845a214b9a7d2672ebdd731e9399e66f730068883444a02043542362b7a07e81e50252d05f5251bd8ccf184f3334356afecbf45285b138292416d59bebdd37532fe602465c07b4cd0699f8ad3de2c9918a238271fd7fc3eb4e029bdaf73cc40d9171a64e950aeceed19ab92fc0bed5034769c2fd846483985f8b8502bafc52b91f95dfcd9aba232213081458a57b4bc06526248e06ede49429f8cae1e92b", 0x1000}, {&(0x7f00000004c0)="ddeb2456cfc70b3af2783dd283f61d7cb2aabf9632e45b8297795b396dba24823b3c73e2e013b22cc8c0cd3ba29265ba928c1cca10f4b5f7773ddc5501b5a8efdd4058326df2604144a11a457ed995d23dc20c78a8dd14d3c13335e42a13d23ee30b2535875c4cfa0157b2d7f29991e6c5e53c907ed0e56e0145e637a1634943113235b3189498277bde59f1b0129ea4e995dfbadba5b15fb8f539524011bc48cb346b720fcbd5c5852f61fe8549cd83cf", 0xb1}, {&(0x7f0000000580)="e89cbbddc5e8e1b6ace03c5cac709b5a3ef22b016a882d8ad22c24bbeabb584fd280e529ba35e72bb11feb9955ce9ebec16f929a600b4c059ed72a99478fff4fd423159b6d78cec72d8842f446d3a028811520b2387c8feb9d3eb2eb746c9f25d11da29caff91d8d1498c7a495affd1b9044935726966c8b5b8920e6b130d3ef30097b1f61a0737775c531c1903e4931cc08236db6acaccf0502e984a07d3cb8c5857a91b51fe6d07467f973bea3aaac638a43fcf6a8fc841778983cd357f5082d9e24061fef57cf390d17f35c6ae4329991ea5d7943a016bfa55c8c573daf94", 0xe0}], 0x3, &(0x7f00000016c0)=[{0x70, 0x84, 0x1, "bb6c993c09dd65c06f9294d0c308690c1ef32e916d46234bdccc2a4508ce28a51a6089065b879851e47b7a9c1c533dc534a4e0fb5f367f24cd40cd095311270ebb1aaaa1900db4420a691c611b1eb68da8544ff7ea94a970fbf72a3cf106119c"}, {0xc8, 0x108, 0x5, "b091bf126576b7d01fec6d64224d1274ccafabd02492c302aa12c0ef3c56deb9db6217df30669234629e28a31edc285168de14a8b6c67fca8e12531d8433ba46efc3352b57e61e45371561311c379895d8f1b0b3c66fc5d40b80d1bf6d0af2f16ac792e4ac1e7d39dc91bf0cdb7652e26a3f3cfad4784739d61be0caedc6ec2af9619fc8aa7f7835f5274e88629a5698a2cb67943acdb06f1c86c735eb71ebf222140be66a1d6c34157751dd9e99f554bda8a301eb"}], 0x138}, 0x0, 0x40000}, 0x7) r11 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r11, 0x40082406, &(0x7f00000000c0)='\x00') fspick(r11, &(0x7f0000000180)='./file0\x00', 0x0) 19:18:38 executing program 6: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x1000000, 0x0, 0x0, 0x0) [ 2477.079844] [ 2477.080017] ====================================================== [ 2477.080571] WARNING: possible circular locking dependency detected [ 2477.081114] 5.10.218 #1 Not tainted [ 2477.081428] ------------------------------------------------------ [ 2477.081960] syz-executor.5/12447 is trying to acquire lock: [ 2477.082437] ffff888008d64ae8 ((work_completion)(&hdev->tx_work)){+.+.}-{0:0}, at: __flush_work+0xdd/0xa90 [ 2477.083282] [ 2477.083282] but task is already holding lock: [ 2477.083789] ffff888008d64f40 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0xef/0x1240 [ 2477.084531] [ 2477.084531] which lock already depends on the new lock. [ 2477.084531] [ 2477.085224] [ 2477.085224] the existing dependency chain (in reverse order) is: [ 2477.085878] [ 2477.085878] -> #3 (&hdev->req_lock){+.+.}-{3:3}: [ 2477.086438] __mutex_lock+0x13d/0x10b0 [ 2477.086813] hci_dev_do_close+0xef/0x1240 [ 2477.087208] hci_rfkill_set_block+0x166/0x1a0 [ 2477.087636] rfkill_set_block+0x1fd/0x540 [ 2477.088030] rfkill_fop_write+0x40f/0x4b0 [ 2477.088436] vfs_write+0x29a/0xa70 [ 2477.088790] ksys_write+0x1f6/0x260 [ 2477.089150] do_syscall_64+0x33/0x40 [ 2477.089524] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2477.090006] [ 2477.090006] -> #2 (rfkill_global_mutex){+.+.}-{3:3}: [ 2477.090573] __mutex_lock+0x13d/0x10b0 [ 2477.090952] rfkill_register+0x36/0xa10 [ 2477.091338] hci_register_dev+0x42e/0xc00 [ 2477.091743] __vhci_create_device+0x2c8/0x5c0 [ 2477.092182] vhci_open_timeout+0x38/0x50 [ 2477.092582] process_one_work+0x9a9/0x14b0 [ 2477.093258] worker_thread+0x61d/0x1310 [ 2477.097507] kthread+0x38f/0x470 [ 2477.097848] ret_from_fork+0x22/0x30 [ 2477.098209] [ 2477.098209] -> #1 (&data->open_mutex){+.+.}-{3:3}: [ 2477.098775] __mutex_lock+0x13d/0x10b0 [ 2477.099150] vhci_send_frame+0x63/0xa0 [ 2477.099529] hci_send_frame+0x1b9/0x320 [ 2477.099917] hci_tx_work+0x10af/0x1660 [ 2477.100302] process_one_work+0x9a9/0x14b0 [ 2477.100709] worker_thread+0x61d/0x1310 [ 2477.101098] kthread+0x38f/0x470 [ 2477.101440] ret_from_fork+0x22/0x30 [ 2477.101795] [ 2477.101795] -> #0 ((work_completion)(&hdev->tx_work)){+.+.}-{0:0}: [ 2477.102478] __lock_acquire+0x29e7/0x5b00 [ 2477.102890] lock_acquire+0x197/0x470 [ 2477.103261] __flush_work+0x105/0xa90 [ 2477.103636] hci_dev_do_close+0x131/0x1240 [ 2477.104041] hci_rfkill_set_block+0x166/0x1a0 [ 2477.104463] rfkill_set_block+0x1fd/0x540 [ 2477.104864] rfkill_fop_write+0x40f/0x4b0 [ 2477.105270] vfs_write+0x29a/0xa70 [ 2477.105625] ksys_write+0x1f6/0x260 [ 2477.105981] do_syscall_64+0x33/0x40 [ 2477.106338] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2477.106819] [ 2477.106819] other info that might help us debug this: [ 2477.106819] [ 2477.107508] Chain exists of: [ 2477.107508] (work_completion)(&hdev->tx_work) --> rfkill_global_mutex --> &hdev->req_lock [ 2477.107508] [ 2477.108593] Possible unsafe locking scenario: [ 2477.108593] [ 2477.109093] CPU0 CPU1 [ 2477.109490] ---- ---- [ 2477.109881] lock(&hdev->req_lock); [ 2477.110198] lock(rfkill_global_mutex); [ 2477.110753] lock(&hdev->req_lock); [ 2477.111278] lock((work_completion)(&hdev->tx_work)); [ 2477.111724] [ 2477.111724] *** DEADLOCK *** [ 2477.111724] [ 2477.112243] 2 locks held by syz-executor.5/12447: [ 2477.112650] #0: ffffffff8561afa8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_write+0xff/0x4b0 [ 2477.113442] #1: ffff888008d64f40 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0xef/0x1240 [ 2477.114219] [ 2477.114219] stack backtrace: [ 2477.114609] CPU: 0 PID: 12447 Comm: syz-executor.5 Not tainted 5.10.218 #1 [ 2477.115189] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2477.116069] Call Trace: [ 2477.116304] dump_stack+0x107/0x167 [ 2477.116629] check_noncircular+0x263/0x2e0 [ 2477.116995] ? register_lock_class+0xbb/0x17b0 [ 2477.117391] ? print_circular_bug+0x470/0x470 [ 2477.117778] ? stack_trace_consume_entry+0x160/0x160 [ 2477.118224] ? alloc_chain_hlocks+0x342/0x5a0 [ 2477.118614] __lock_acquire+0x29e7/0x5b00 [ 2477.118981] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2477.119431] ? SOFTIRQ_verbose+0x10/0x10 [ 2477.119779] ? SOFTIRQ_verbose+0x10/0x10 [ 2477.120127] lock_acquire+0x197/0x470 [ 2477.120457] ? __flush_work+0xdd/0xa90 [ 2477.120803] ? lock_release+0x680/0x680 [ 2477.121169] ? lock_release+0x680/0x680 [ 2477.121533] ? lock_chain_count+0x20/0x20 [ 2477.121898] __flush_work+0x105/0xa90 [ 2477.122230] ? __flush_work+0xdd/0xa90 [ 2477.122583] ? queue_delayed_work_on+0xe0/0xe0 [ 2477.122970] ? hci_dev_do_close+0xef/0x1240 [ 2477.123344] ? __cancel_work_timer+0x2a9/0x4c0 [ 2477.123736] ? mutex_lock_io_nested+0xf30/0xf30 [ 2477.124142] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2477.124590] ? __cancel_work+0x250/0x2b0 [ 2477.124931] ? trace_hardirqs_on+0x5b/0x180 [ 2477.125294] ? __cancel_work+0x1bb/0x2b0 [ 2477.125639] ? try_to_grab_pending+0xe0/0xe0 [ 2477.126050] hci_dev_do_close+0x131/0x1240 [ 2477.126405] ? rfkill_set_block+0x18f/0x540 [ 2477.126770] ? hci_dev_open+0x350/0x350 [ 2477.127107] ? mark_held_locks+0x9e/0xe0 [ 2477.127455] hci_rfkill_set_block+0x166/0x1a0 [ 2477.127833] ? hci_power_off+0x20/0x20 [ 2477.128162] rfkill_set_block+0x1fd/0x540 [ 2477.128525] rfkill_fop_write+0x40f/0x4b0 [ 2477.128879] ? rfkill_sync_work+0xa0/0xa0 [ 2477.129235] ? security_file_permission+0x24e/0x570 [ 2477.129659] ? rfkill_sync_work+0xa0/0xa0 [ 2477.130011] vfs_write+0x29a/0xa70 [ 2477.130312] ksys_write+0x1f6/0x260 [ 2477.130623] ? __ia32_sys_read+0xb0/0xb0 [ 2477.130984] do_syscall_64+0x33/0x40 [ 2477.131303] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2477.131737] RIP: 0033:0x7f38fad1ab19 [ 2477.132053] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2477.133596] RSP: 002b:00007f38f8290188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2477.134247] RAX: ffffffffffffffda RBX: 00007f38fae2df60 RCX: 00007f38fad1ab19 [ 2477.134858] RDX: 0000000000000008 RSI: 0000000020000080 RDI: 0000000000000003 [ 2477.135451] RBP: 00007f38fad74f6d R08: 0000000000000000 R09: 0000000000000000 [ 2477.136040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2477.136630] R13: 00007fff8b6f42cf R14: 00007f38f8290300 R15: 0000000000022000 19:18:38 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002000210c000f0000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0003"], 0x28}}, 0x0) 19:18:38 executing program 1: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x0, 0x3}, 0xa30, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x20000000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x0) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x98100, 0x0) fspick(r5, &(0x7f0000000180)='./file0\x00', 0x0) VM DIAGNOSIS: 19:18:38 Registers: info registers vcpu 0 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff822d192c RDI=ffffffff879eb2c0 RBP=ffffffff879eb280 RSP=ffff88804afff298 R8 =0000000000000001 R9 =0000000000000003 R10=000000000000000a R11=0000000000000001 R12=0000000000000020 R13=fffffbfff0f3d6a5 R14=fffffbfff0f3d65a R15=dffffc0000000000 RIP=ffffffff822d1980 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f38f8290700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f38fae2e018 CR3=00000000519fa000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=ffffffffffffffffffffffffffffffff XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000040000 RBX=0000000000000000 RCX=ffffc900019e8000 RDX=0000000000040000 RSI=ffffffff81ee20c8 RDI=0000000000000005 RBP=ffff88804b4e7d00 RSP=ffff88804b4e7c08 R8 =0000000000000000 R9 =ffffffff8567410f R10=0000000000000000 R11=0000000000000001 R12=000000000000001b R13=ffff888051c00000 R14=ffff88804b5eac80 R15=ffff888053f86000 RIP=ffffffff8140a765 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f3accb5a700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fa930adb547 CR3=000000004b5bc000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=ffffffffffffffffffffffffffffffff XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000