5a7f4269424c32d43d75d6eb07b023e18927fb1a900213f50b16d1108bd6a2958024165764fc3c1eed31573e9afb3ad0627a00bdfbe35cabd7a946d67e88ffce357ef81268e0e25208bacf3bfafb63c00f09e30e40b94edc04480b9f757c42c82b174d5b6f2633c49ef779368f96556aa6423fd810029751ccc027f7084f406c7199023323a52c790026622c2073ca96243fdfe7614a8bdb8bfe53a6471c43148a31dd0d25c905bfc72ac37d1e59ab98e4298f01a3c870ad42c92f145d072836cf70d7b59ae002240880541f93ed40a285876849fb56f76c03c4b746d10f321d9678e3092d4808d371a36ec457dd07ce08d1d0fcd600724acbf82b5f25d8524f0f5919a14f5825df62a33df326369a5ec0bbe4c343522a804aebf3646d4005ebf89ca6ea1427f5efc520c1350eb50e0f90dc0dfc11ce31a3ad031825bf47649d69d098adb8e06d842e902bc601a5b1c91139fb56664d39eb4a85335529d52b20d6b8956521d3be65c060f10633db9bcb9d8d22e5956600b76a77c534c7e3b6ac5c780387da2640ae54ba8008570c86e8b1c8abcd2fcfda3f803683e4e6f49d0e94c023c695899da2b2e917fe6a6967ce9770a1a7ff1745783ff74a93cbd0d92a3ef9fafdea04661d14e09ef419445a24a0480b4069aeb26fa0ad6677f9e0f7dd9512cd0b7b1ca6812ec893752a695b95c418711dc2dec42e19ad64d2453fdf6ec3baf69ff666f4f798e1efe29a4e136fd57b690b64b62fa3888e84741f5e810ad8cee5677e6091103750e83461808a6345fe5119e930375626042f14c5fce977ae37df27fa9e23b184247f70561ea999fc103a959986413c716e630ed8bc8b0b4953a23da39821776121713b054db6b447d1d3266834c8ca7b92717cdcd6711cf0b4e487e1d284eee9c1b5602f01b418275c35fe6b37d218579b90ff9056dabb66a9db14ad1122e2fa50727de04ab4ad1777cf6480e466a2ebbd898c7aad3293e5e4cb11ce32dce46fb92eda2a213b7f6c7dd10a00815632de3cd8a7445ab1cbbda37b2fe59527b39603d987ebc3761c1c75fa2e5506f8327f816eda916d7de5c7a22696e7c89d8c58dc2a832cf1d7c49853bc9a68671337c0c8f64deac385e2e0ac3003ec67db3724ddad17625f0106924118e0be76cd95d4ee96ba44939d21db28087f61f203a9f994c987f2cccaf1497e34b6276de8eea9af83a449a86eb8f316b289eebe65a4e0af628a45721a4bc72d17e690ce196b625485de7b0b39af51eebce84e5e248eea3dc77f32ebe501f8fdb1f555137632f101e674a7939f1de9bf0aeeded8bb00a8836292a54220ecf561ff4161e7fd6c682da59c530b6a8b66adddf1373f492603ddc4bd681678cf2007ca6177cfea465b34edf6bde1cd98f87005ab314030abed5e442fb4ca4262946970aaffbfd5a8e919e7c07c89d20add3f3b90b8f3a9aa1c9780d944f93b1556694a25ad2d40dd83a270f654051c15bd9251a69fce8428185fbc0f9144e7252aebec99b29ed67ce48b54a7f85a3d97195f4d93fd65f7fc5d6863c1239f29623a4c46cb5d26201d565e670fc6d23b8eab401e2b1c1c6481cf98921ef35c1743335c2117401d62ee32652482e9c67df31aac95954721de50bc4b89e75f066e7eaea207a61985b44a921a518c7c1b629439d725ac9478c4fa5770723d93502d9b2e2354a3741f152d6f0c913a4e304e693f979fa3da835e5e8ed969abe90ac0b25c3ad346260009c5b87459a093d9326884058fab34fcbdd30711941df871faf5f52e6f70e2035887467e5ed5858f86a80b707d1ebc21a2cff85c97c80a3136e982aca3bb741e969568a624fa86768d21fa227a18588911af96b27c9a178f8589938f9c5128f5016364f007016a4310a5c8a51ad12fda516c7fbe13406b6e76590c138ea29af697777dcb42f52ea184f00460e32e93fbb278fa80e293009d96d3e267da869230532549c5e67de1783ef7ef64600d7e1b5487cbe07d86e2eacd1034328d540c14b7b33f5305cd7afc2749a7b62169981c2eaedf5ba14459470cac126d8e4d197d666daada15bbe5010820b1e0ac4262dac3f6ddd297d6ad687c1597567e2f71f3efc1b313b8e5b622b911a1192321a44a8ef40280f48c8c78db2b6635fae4bfab2eaed5ee863cb1978fe3b4ff1c4d489e04010ba9100317a67b7b0a0bb2de05b98e0afd9df8ebd375bc9d96609ddbfabe4599722c638c11ff46ad29c483f2e842d06de483a93a7ce4287ef9983acd9158a0efc1a81fbbcbaca5a50e3950199104823b86677e8fc93d79539947a4469644a1b40efda587ef6ab6db594f86915cd3d8361a6a7736991db35465330e795517586c8506d578c1c89e69e3dcfd12ac55973912208775e01f81e66f81c68bb90310141ba214296ca45e6195ed817e8fb83a850d466b671694d6b8ec3098ab697eff36063df90818fd443c7cd3f8ed60c5c9f65b0154809d2a5b96c22cecc5514f44ab0d3cfb17ec24a168b3a8bf3ca75994210f540c70a7ef0c14038be28f5c83a6851f482b198cde33bd0709a3916d5dcb730d9de35e34660fbb13a9ae8c6264181ce46749e2f6942819d76aa6c3dc0484fe0dcccdf6664468cab3b870b8efa516d87f78a0a1ab76d91dac68081dd1eae0e76d207ea54b5155b0158b580c3a34d47b981e2f89c00027fcff3d0319652cd9095a33f82bfe7c8cb1fdd468de1b6d826ee997058ec61fa646e30284366e577abd5c8c083fbbd26d670ffdae2cecfec217f82560f3e456788efafd246081507b8ee05e9843cbf19463c2791c147a42313406f0da6b05ad67b820c6b72bdbbda349fcecbada8156f434a0dce17609b44c94d6d887366b6a3a90c94f80f9da080383fe130a7514136d481ed5125758d507737db09966b7b49b1f8291d8fb0dc3f150603404111b95fee59eb44c056c3153a845a57490c7b07ca61291d920805126cb309c4cff05b0a5c932fa8b4b0d6af9877e01585a6f426fce00ae9c2f631e54ecc605b551393a598e1cc8b651bcd5ebeb907e23954bc6cd60bcc76a5dc6c93ed119910a02fe7c9dbd5d9d18fdd8aac64c36bdbf0a2a442ab57580c75021ebdb67f292d18173ee9da0de1ed0168e0f463c667b48d3ec60777ca15f173f316f39497e77b429315eaa11d59e44bba422048a8c85e588ad81cceeb2480a78e852794c9f7d267388b802cdeb2e3f0d423429294fd1657ca31fc0d8109eef8dcca1ee5eb45e4e6756ed50aa128fda3afceb1c1e26123d771973750336a054a210935b15bae818b0fa8d6c87501b3c427a0cf9f88e593d1c0e60d27ab896a1accb3527afa99a2511bb23473ed3ff562a6fc4fd33082bb43824a6185972f13732a4a28b08dc8b72ff497c56735ae23df9b309a37334f21f41306cf86097c05a24ae8749f98874dc57fc5a81e00a6a54ccc2dee5233962730097269575280360f4025ca8d31803b4264e920fdd6ee538b6f537c35ae092337df74d0c4908e73ca1006ef7b45ce420932541118d08f96c527405ead267ad007529585aaa4ed8b7a9e87e2c5fbd85b1e3043a32cac21a2625e56bc062e4a40bed932fffe6cf7065ae64bdf185b55711204e1186cfd5becbdc8c8eb8e684145232bece7b4aa836f05c8a787afd7dbf560869aed6387c52b4cee442c7610594541e5e61468d4d084618ff1e55f6e54934be72039473579a0daa6017c9fe8731d1907bf5b3108d54f831327347fb4612a0c84c92ef362f84498f08ac1609b975f129b4e49cd90432de4abda45a04a738043ad72e529615e3c5c65502308f9efd04a40878009371e38ad41ee8a915c0856179b03df0c870b34e6e5ffbe327d5715d2468be61108b0b159cd44a238a6095e46db851db2912bf38f877ec5a883280796c59f2a1cd557257321bb2d7036371b0fef2c716b74767d68f54aeca621d7d8fdc282ff0a84a8a6a4710c1d2b2f4b5267edc30cfdd059f86f4beabfa5701fd2bfd80c68d272eedfefc4bc6d7375d383e839069e051e9ecf2947f8f0206826347048a369d898087ca9d205d8e66df2c08dcd6602f32bc8d15894c2847a5c74ac6d7de32dba5124628d94b4f767e5cd599277dcca0c5a0688ef51c4f926e0e838aba3cc29525d783265a2363c1d1f1d125ebb7216becf441745856b79ce85ee554129baaa90a2db68f91fb7db1da29c40ebfc74fb6d492c80dfa991b1bb14074be861fc89662b9a7e6f311eb04c0b34871a7a0bf31bbf2c904c8a578bd587c7fd714d9b0b273e96de3e780c0e6e3fc0fd875c6dbd2ab38a93f191000d61066d7714725873c3ebba85cd9ecfd82e366d1a3de6f370d5e8e8341607fd31bb24527331ecce97ad7c442408763b560563b2291513f915395219b3f720236983fe45dae68dceb132f2aa096da12abeebf8c33474c3ebd005fa4a7acb008e1bf720bea1a9c0bd547fea2213b7a473eaefcfdd96a15e86402b164dd22b4670335fa92ae0858f6f91748fc90c5196d964c0f2d64"}) ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f0000001e00)={{0x0, 0x1, 0x1, 0x80, 0x4, 0x47, 0x1, 0x6, 0x2, 0x5e, 0x3, 0x7, 0xb99, 0x7f}}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r1, 0xd000943e, &(0x7f0000002e00)={r2, r3, "9936eed114c26dff7d659180baae422c47c757af3339e9b14f84e001b3e0eec76f448fc37d5e01ba169696c85022841650acf20a17bbd4d0245754c4f50c9cd0479869a41f16aaa35d7b472995eb70a7128d97fd3ab873bd3e92d7b58eeb43e15fa80878ce5a25da3afbb0955ca02ff2a35b960030ea88dd0e0c3c1c0f6f7b2e654bea0fefbd71da93b3283269f6ccdab34c9d2916fa254195affa28d7ebdb758c319e63da6e7a3e3a9333d13298c1d74a0035ee2544a8709dcf7274691529069c7b9a422972682b51a4f36f22c6e47c2f6a460ac5a69dbe5175ccf86981faf0d52f47cd13ac401e43d80fa522d256554001adb6801590004f26e54e9c79cdae", "0d5d5a5260f9e68f5a902946f7298d77632a6a790ae8db4ae5935558ec37747de6402fb79b8c7948eec17a2fa49b010d9dbe16791d6c560b544e70ea1b780a53d8fd28a6d990d7a0c56b96cccd8b3a626e6cc58e68fbdafb1e3e6e9c221bfbfa7be4bb7859a03ba2af2b55c6168d97514891df5bfceba0d222dc82286b315e03f3d91ce70ac075dde0fa7ea7888df4cf2b6f6e908c8cd9db5b5035df47b2788edeb079af8598d1d18c7a167d2e0badccddd5dda4127d1ff1e1390e83d50674a1cbc938f0972f2903bac0a7d32966402246f33153289e5d8f0d0b2e9c2b7bd28c82840de44bbb4e4e360d51e6fca1390d6a817ab07619d68717fd19cb6e9d3d9272cfedacdd0f7c8b7141058cc8c0ad629b18fa451827602c7fdede27f4b01dc9d1d7a117268b1b6eeeada88576ecdcaeded7e8f433d598749d7976f590e8c48c07de2cf7917f30384960667feae1600d8ac79c509b97c57c11eaf7d265037a0c7630dac50cce8c5bb6cd819ae3e972aa2eb5ce6cc8de803c5590191c355b1c5bcfa693997192816823446198781723691aaeaeec0c62143ad3ed974fef21f698ee411a11ee08d4037047c0ddf2d44a75c9962436ee186f875f77bdf7dcd713259a38fbb7de0e2eb44e81680127309d74d2b55115ffa36c4613293cd63875504f1203640be7dcc690f904d809507818fba27ca94e7afbb6772521e9c7732d409ce7d8fcb9eb094ca7b9b0bff0156fd22cb7b6785d49ac82f1f4876b0c28445af08b0d812597bd1acf4e46c25b575ff7288f777460689b5714d770a7995ba534a9c28b1707370ce53d9770cfcc3691957a0c1d6e2c46b7647ed4c22d14b4c12a6d6ae41afd4a8126200c3b31effbf37bdd37e1a9e4ade71872ee0b266dd1576759eb5d6c69f942276ffdd0c0beb83768b919e620b005c89dd6b6932f7d11826afc664355887de302daa569b965db2a836404b4d0830dc904f241dfe3e3f8edcfc55a850f7dd729bb1fb3b43ed48474295cb77993f7a27ee15191d0aad4338534904eef9d5bd674814d4092d1c4632c447cbe8094f198c0b822e12fe31fbcc807f7ac1b2c2fe74ccc42f13c9e18d220f91d72c47c0f370afb2de1c83494f68a109ef5f0a7108d73af3cb29b5a95726967a1e3bc60aac3f54d27da7de2eed629eb79ac9c5cc01bb7e98e222956a33b95b29e2b3c3b8e200e93fd3bb03c3e697323084afac94b3cc342d5c0da4ff6d56223c68664293224aaada6feea62269f19bc4cb4d8f8cf70c956071f97919c5aae064630d452a03f91b6c5e874c550a77cc46f9746ddb22f3600e6361c121a5e718ff5c40394f01f426014c49d3c1e695536f995df79dd519924bac0c37ac6cd6a98fd7a28f2d85c576510afcdd1742fa1d0f8034a13048a24e60496f36922ec57ef4f3ffddca9beeaae543ad8e1c0e659c433bed99282f96dc32969a20cd5f4063ed18dd0521a4857d42cbaaf347befe64694566e7c5b1d66bf49af49c95bc594fee3544705a6b3fab9c266ee72930ac3b879a548c847878a85462cb2863266ee258ef656ebd6bbd22f0fb00bf1c9d17b329a7628f626976db54dadfaa052ad3ca0dbbfc35712f7bfb4375d2be6783a3052afd3088ac0f03f7afcecc146ba8597414cc42939616ac7dd2d77c631ed428e58c8d148db89ac24cf4e35b840fce13df7d08d0672246993b4d4a96430c7db89dffad9de01df7246636c4ff68c3811e4326dda3ec327c56a0c13c6e6304c1e34c3835be792eb1a83c663e06f8c8aab985ae9df24fa19cc27fb9d97c6707ba4575355939485598dc0c454bef43dbcea69bec9e78f5c9f4cfd5f05094c8505c3c3cc98569d4e2943037687e1f884b9f01943fe0ee9661fdaffb7511a591efce1fa254dd2f1a3db1b3547f95437b3d5c04e4077f9393961083fac66750fd242fb6ee6d1a92286d2238814214c4e23c4eacb99a55ff3372e31929b9615e28f97dcbedb95cb66d3e585a7fb66d3b7c058e1a2d1366c33b34db53d675479cfaf1ce47111eee820e955185456ff57ce6a6c82f52d83050cd6fc9840210afe72f6aa6f054542ca5651afe8ac6975aef95b062aff4f665f0311268a20ec6257b21c2c51ce31e746d20e33f01b712bab57828bfb257af458ad88d17cd148afd7a6c033067008f230bcd62a4fcd0e31b9aae0cfed344c17592784a59cedd589f2fa12a712216353a8616cad3971b820c88412526f5cc147c04976aa81a9142655b36cb35ac012464921eef044c0034e44837c0a53d049644bae9b61c6c98a82d235f8992f8481fe508bbc33cecc69150882e5c6493a3f73a2fc3dce29f7b4ced080ca13aa315fef13dc4f5594f0db4be0de3d552cdba12fddd00d87df3e6a6255454acb1c991b777e357b3ad73b8393070001160b09ff0744d3f7a4274864060a48973ce8b58fa3abfc326e694d8dcf059fc4a3e610e004052269496e9ce3c7a0957195367cae236fe9c40165041dd9239d6ca2c3931af5107f3478fbcd48e9f2dc45c51953ee4c3d333734f64c207e6717a2a170fe4095f8a3e140be04a1b796ea71bc58cc2f26f65a06f7ecff5a25807e33248b448e3d926c88311745847e06f9d1318733e01c2e5234902e480cf596e13d184cb5aaf16a433bbb173f5d9b14b4fe2161a726ddf8d10729228b1e48760ff2e203ed4e688ead2b08312ed272628d87a98a16d29611f02580d29f7f96c75439ba2cee2f6ed979fb29544c41f5a4fedb1e4f5128732180ac28bc2738be99091b0a195c1015b1b796847a84a1f9a3da43fd85f1dba92acaa51a2c3c69b1552e0c8207815aef97e32a640105e4a2b19437a061c2a6ab6bd807eff16a03b77f61ee523708b31a5622377a3fcd5997a8d3ba5014d5810216fad44ccd51cda0b75d49c8ba47d6f3581430cf7518561ef05dc112a7b6400beb4a52c9ec287950b0f1f09cbba8338e2907809017d962b2d79dab85f2bd2cd510a09f784c897130d68984cc56012838c9b724b16277f7e39c5615448854a7daad406e8a8826711745f583eb56adbe7f047d76a416f715104389b704036641f7cafb5a647ae94e9af775e0f7054b5d93df879ba629e6c6d5493408947b3e34788fc76a40e9589a867921092fef99b57422bce173f246a90af491a24a8f9a5b61a16deb6550e399aa7c89a08d37c5657da56799ce12e10b3a321f41b7b367716ecbe638be54dd50c481efea637c03f1837c785fe72e5bcc58fcc92c0aec537f314fd25c0eb5c3606097aaeac55a13ddc5d60e9efc953257d7e84e99317d49ea82ef8b839a1c02e75cbeb501a82387bb452e5594c066d0ef1ae52287271969cba278ed09e69434b2854f443f6f180db33c5444199a469572630d1b4e9e1f444e656c00eb1afd82f55efa3ef88642c9eaa07d8f812c8e2add0702b7b1dcb885d3b5da0b7462a3711d958f76ad424992a4d363522c72aaff675594c8a6672be6678ce61418c9ee36db5cb7874d5549252f9fbcca83817f47f3af3a78426ad61576ae452ae503fe108e201ae774a638de03ea0ecc761c932256fc3703322ba30a5b766dcbe86b6e9277d28f6cda6ea5e3d54ae8c70f8c0b96d3f5c35c0e39b4a577120329a11b0e6619656217d44667fd6830e9e656d69257bd043adba86fb635bc07907c29cb38fee3ad06f5d1a1b2d83982651aef849f00a499f1f556626ac932271e3544852a69876e7bd375bf2fcc8422c4af6848b3edcb5b59099553449a10ca372991e7eb133529c156e308e5f638a67a9ccf603254a1e6bbbc519f3c83d5d6ead0596d54087b8ef9f3536c85eb14fdbc5b9c8c3b0523f4323afba0007567b57403cb79fb1b2f3dde1994fd69531e30430ac57a40e61978b3cccbd6a9f0ffdde02b550ca7f15f39a4be64981895957b2bbbcefcfb1421d2aad1eb780d7ad6cee56931f005e2bd4d7118fb3876009d3bfd097112523467c107970055adda5c65125207f9e4a51c4c16cc8bfdd26a1999cfe59c9362b8710ef7046164e1c35f099ed44ba7ba2c01398ddb68df351bb3626f294a3bac433816cc48ad8408244604689dd84461efc52689db59d2665c4caf9f7d1c72e0f7c28438a8de6212aefed4f521be1d0c144e630544cff0672160e6d8d526261943eb1e785b876152d0782832fd36ec631ab15f9bbc647426f8c8032b7f90bf3e442261b1801a6cd6508e8cebc64231c1ee8b723972a914adb3b2bcfa8d9d120f6e7f3c592db7b441b7b98a312f24c3fd364414b6ab520d9f94917d6d6157e43685f862f0559a1d1eec4a6f86a01e726d18a9b0495714350bb14e3a2012dcdbef6c385216177f261edd8c834f15d260482e911e4854ed497add7a183096d48641d85457c55937621249185ec3b5e89ba4f1d88cf56cab9a43e5ae6dd514f1dfca1028393cbf060bea9092202d5795b9cd2416c882a7b65268de6f2fcb782ae3db34e4888297140d77dd6f50d840992bd9fa5c249b0def465f7adfe8ba4bf85174c918893eaeb486262429f06201a05e25fdf0f11449fc3a398b52de422281d5ed07b4a255f11fcf3d591fe7396f04bb29c5b39e35263f4a395a73523b530ff61e8d49e57ccfc6eeafbd7de9e68b748825459741923c359daa7a5e3327008f56179e1c00d1084a8e90756a7b4dc6cfacecb214f25644c21f0832e907cb222d5a78900ddceb45f815ab7366c23deb8cd8f71faa176bab14e9793d0ecf8e1590134762a644ea142a963a7abb5b4385a27c77a011f91529f24ff7a7c4431a91b2e4afc5c3835ee1e4b8141ab393d70605f6c2875e995138f77d0c88cc902a9f69e7ee35e61d5f82fc642dc4438281d2710e89f881fb550e94e77891763e3574d4fbe34a085429fd72d00abe837dbd06f3b27d7502a565a78ee9a2d986981aad3c4da25d13bd39c1ce045e808fbb7c1b67e3c5b22d3d7eaec4852b8a08be6456e1e5b3ec49eb47138852f9372e6874fa711b0a6df04f294cc02d100fa456bf0cb28ecc1063109c1a9e886e23a290315eecf371c9feb8bc357c7187597895fbde860df00e13c67371b1987096bfd5cd0d53ee480303474e9559a5c85d306050dafd9b46765b0344235f56a033c73ffeb2d88e498b765def3d21ca2bcbf728bc9b69d9027003024fb046103c41174ae439041ffd59760cda7316ef6a6254d3a6b3e2f563fada74b1d15e165b990c1ba6fc00b2157f532f714dcc7741a8dc73185659b3e6de4f46548c70a73190f03af41e1078ecbcd7fec0d597b5b5b82c5992aee6bdc3a6af3f656bb3787a34fab3f0af660a72b8259664f01436e3ceaf5b34a6ff4218a93bb0d493bc3c629adae0fffe81bbdf1011e5f9365ae8ccd820e9b46c4be6e523f72ffdddd2e65139000657606bd78cbc0278599854d813c102e4"}) pkey_alloc(0x0, 0x0) pkey_alloc(0x0, 0x2) 05:59:04 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000080)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0f", 0xc, 0x4000}, {&(0x7f0000010900)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100089eb70325132510000eb70325103", 0x5b, 0x4800}], 0x0, &(0x7f0000011300)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r0, 0x0, 0xffffffffffffffff, 0x0, 0x200f5ef, 0x0) creat(&(0x7f0000000140)='./file0/file0\x00', 0x0) mknod$loop(&(0x7f00000001c0)='./file0/file0\x00', 0x400, 0x1) 05:59:04 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(0x0, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 05:59:04 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(0x0, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 05:59:04 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(0x0, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 1667.682702] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 05:59:04 executing program 1: r0 = syz_io_uring_setup(0x0, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 05:59:04 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 1667.724419] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1667.725901] FAT-fs (loop0): Filesystem has been set read-only [ 1667.731757] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 0) 05:59:04 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000080)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0f", 0xc, 0x4000}, {&(0x7f0000010900)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100089eb70325132510000eb70325103", 0x5b, 0x4800}], 0x0, &(0x7f0000011300)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r0, 0x0, 0xffffffffffffffff, 0x0, 0x200f5ef, 0x0) creat(&(0x7f0000000140)='./file0/file0\x00', 0x0) mknod$loop(&(0x7f00000001c0)='./file0/file0\x00', 0x400, 0x1) 05:59:04 executing program 7: r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="ff070000", @ANYRES16=r0, @ANYBLOB="000127bd7000fcdbdf250f00000008002c0001010000"], 0x1c}, 0x1, 0x0, 0x0, 0x8081}, 0x20000000) r1 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000280), 0x400040, 0x0) sendmsg$NFT_MSG_GETGEN(r3, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x14, 0x10, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x5}, ["", "", ""]}, 0x14}}, 0x8000) setsockopt$inet_msfilter(r2, 0x0, 0x29, 0x0, 0x18) pidfd_open(0xffffffffffffffff, 0x0) close_range(r1, r1, 0xd2feab18fc3e5398) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)={0x1c, r5, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}}, 0x1c}}, 0x0) sendmsg$NL80211_CMD_SET_WDS_PEER(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x50, r5, 0x8, 0x70bd2d, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x2, 0x74}}}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}]}, 0x50}, 0x1, 0x0, 0x0, 0x4040}, 0x44000) pkey_alloc(0x0, 0x0) pkey_alloc(0x0, 0x1) 05:59:05 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(0x0, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 05:59:05 executing program 1: r0 = syz_io_uring_setup(0x0, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 1667.985691] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 1668.028832] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1668.029835] FAT-fs (loop0): Filesystem has been set read-only [ 1668.045084] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1681.628505] kmemleak: 15 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 05:59:26 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(0x0, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 05:59:26 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 05:59:26 executing program 1: r0 = syz_io_uring_setup(0x0, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 05:59:26 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x0, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x2) 05:59:26 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 05:59:26 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 05:59:26 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000080)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0f", 0xc, 0x4000}, {&(0x7f0000010900)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100089eb70325132510000eb70325103", 0x5b, 0x4800}], 0x0, &(0x7f0000011300)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x0, 0x0) creat(&(0x7f0000000140)='./file0/file0\x00', 0x0) mknod$loop(&(0x7f00000001c0)='./file0/file0\x00', 0x400, 0x1) 05:59:26 executing program 7: r0 = perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='attr/keycreate\x00') r2 = dup3(r1, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$HIDIOCGUSAGE(r2, 0xc018480b, &(0x7f0000000040)={0x1, 0xffffffff, 0x6, 0x7, 0x7, 0xffff}) pkey_alloc(0x0, 0x0) 05:59:26 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 1689.641581] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 05:59:26 executing program 1: r0 = syz_io_uring_setup(0x20, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 05:59:26 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 05:59:26 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 1689.692406] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1689.693500] FAT-fs (loop0): Filesystem has been set read-only [ 1689.715438] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 0) 05:59:26 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0x0, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x2) 05:59:27 executing program 1: r0 = syz_io_uring_setup(0x20, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 05:59:27 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 05:59:27 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 05:59:27 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000080)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0f", 0xc, 0x4000}, {&(0x7f0000010900)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100089eb70325132510000eb70325103", 0x5b, 0x4800}], 0x0, &(0x7f0000011300)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x0, 0x0) creat(&(0x7f0000000140)='./file0/file0\x00', 0x0) mknod$loop(&(0x7f00000001c0)='./file0/file0\x00', 0x400, 0x1) [ 1690.119549] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 1690.144884] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1690.147123] FAT-fs (loop0): Filesystem has been set read-only [ 1690.161663] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1703.626698] kmemleak: 24 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 05:59:49 executing program 1: r0 = syz_io_uring_setup(0x20, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 05:59:49 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 05:59:49 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000080)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0f", 0xc, 0x4000}, {&(0x7f0000010900)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100089eb70325132510000eb70325103", 0x5b, 0x4800}], 0x0, &(0x7f0000011300)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x0, 0x0) creat(&(0x7f0000000140)='./file0/file0\x00', 0x0) mknod$loop(&(0x7f00000001c0)='./file0/file0\x00', 0x400, 0x1) 05:59:49 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x0, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x2) 05:59:49 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 05:59:49 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0x0, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x2) 05:59:49 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 05:59:49 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 05:59:49 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 1712.085462] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 1712.098714] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 1712.100011] FAT-fs (loop0): Filesystem has been set read-only [ 1712.102412] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 0) 05:59:49 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000080)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0f", 0xc, 0x4000}, {&(0x7f0000010900)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100089eb70325132510000eb70325103", 0x5b, 0x4800}], 0x0, &(0x7f0000011300)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) creat(0x0, 0x0) mknod$loop(&(0x7f00000001c0)='./file0/file0\x00', 0x400, 0x1) 05:59:49 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(0x0, r1, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 05:59:49 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 05:59:49 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 05:59:49 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0x0, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x2) 05:59:49 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 05:59:49 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(0x0, r1, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 1712.331341] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 1712.399478] FAT-fs (loop0): Directory bread(block 72) failed [ 1712.408427] FAT-fs (loop0): Directory bread(block 73) failed [ 1712.409244] FAT-fs (loop0): Directory bread(block 74) failed [ 1712.411229] FAT-fs (loop0): Directory bread(block 75) failed [ 1712.412086] FAT-fs (loop0): Directory bread(block 76) failed [ 1712.412698] FAT-fs (loop0): Directory bread(block 77) failed [ 1712.413902] FAT-fs (loop0): Directory bread(block 78) failed [ 1712.414575] FAT-fs (loop0): Directory bread(block 79) failed [ 1712.415204] FAT-fs (loop0): Directory bread(block 80) failed [ 1712.415814] FAT-fs (loop0): Directory bread(block 81) failed [ 1712.442569] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 1725.199621] kmemleak: 34 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:00:10 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000080)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0f", 0xc, 0x4000}, {&(0x7f0000010900)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100089eb70325132510000eb70325103", 0x5b, 0x4800}], 0x0, &(0x7f0000011300)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) creat(0x0, 0x0) mknod$loop(&(0x7f00000001c0)='./file0/file0\x00', 0x400, 0x1) 06:00:10 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:00:10 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:00:10 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x0, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x2) 06:00:10 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:00:10 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:00:10 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000080)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0f", 0xc, 0x4000}, {&(0x7f0000010900)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100089eb70325132510000eb70325103", 0x5b, 0x4800}], 0x0, &(0x7f0000011300)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) creat(0x0, 0x0) mknod$loop(&(0x7f00000001c0)='./file0/file0\x00', 0x400, 0x1) 06:00:10 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(0x0, r1, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:00:10 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:00:10 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 1733.571697] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 1733.600656] FAT-fs (loop7): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 06:00:10 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:00:10 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 1733.697465] FAT-fs (loop0): Directory bread(block 72) failed [ 1733.698592] FAT-fs (loop0): Directory bread(block 73) failed [ 1733.702533] FAT-fs (loop0): Directory bread(block 74) failed [ 1733.703583] FAT-fs (loop0): Directory bread(block 75) failed [ 1733.705393] FAT-fs (loop0): Directory bread(block 76) failed 06:00:10 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 1733.706116] FAT-fs (loop0): Directory bread(block 77) failed [ 1733.706934] FAT-fs (loop0): Directory bread(block 78) failed [ 1733.707782] FAT-fs (loop0): Directory bread(block 79) failed [ 1733.708818] FAT-fs (loop0): Directory bread(block 80) failed [ 1733.714146] FAT-fs (loop0): Directory bread(block 81) failed [ 1733.754415] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 06:00:10 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000080)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0f", 0xc, 0x4000}, {&(0x7f0000010900)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100089eb70325132510000eb70325103", 0x5b, 0x4800}], 0x0, &(0x7f0000011300)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) creat(0x0, 0x0) mknod$loop(&(0x7f00000001c0)='./file0/file0\x00', 0x400, 0x1) 06:00:10 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000080)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0f", 0xc, 0x4000}, {&(0x7f0000010900)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100089eb70325132510000eb70325103", 0x5b, 0x4800}], 0x0, &(0x7f0000011300)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) creat(0x0, 0x0) mknod$loop(&(0x7f00000001c0)='./file0/file0\x00', 0x400, 0x1) 06:00:11 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:00:11 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:00:11 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:00:11 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 1734.044689] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 1734.049293] FAT-fs (loop7): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 1734.066726] FAT-fs (loop0): Directory bread(block 72) failed [ 1734.070143] FAT-fs (loop0): Directory bread(block 73) failed [ 1734.071373] FAT-fs (loop0): Directory bread(block 74) failed [ 1734.077675] FAT-fs (loop0): Directory bread(block 75) failed [ 1734.093192] FAT-fs (loop0): Directory bread(block 76) failed [ 1734.121647] FAT-fs (loop0): Directory bread(block 77) failed [ 1734.125212] FAT-fs (loop0): Directory bread(block 78) failed [ 1734.134681] FAT-fs (loop7): Directory bread(block 72) failed [ 1734.136466] FAT-fs (loop7): Directory bread(block 73) failed [ 1734.137311] FAT-fs (loop7): Directory bread(block 74) failed [ 1734.137938] FAT-fs (loop7): Directory bread(block 75) failed [ 1734.138962] FAT-fs (loop7): Directory bread(block 76) failed [ 1734.139657] FAT-fs (loop7): Directory bread(block 77) failed [ 1734.140344] FAT-fs (loop7): Directory bread(block 78) failed [ 1734.140957] FAT-fs (loop7): Directory bread(block 79) failed [ 1734.141886] FAT-fs (loop7): Directory bread(block 80) failed [ 1734.143062] FAT-fs (loop7): Directory bread(block 81) failed [ 1734.155631] FAT-fs (loop0): Directory bread(block 79) failed [ 1734.159391] FAT-fs (loop0): Directory bread(block 80) failed [ 1734.160088] FAT-fs (loop0): Directory bread(block 81) failed [ 1734.204246] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 1734.255579] FAT-fs (loop7): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 1745.680147] kmemleak: 22 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:00:31 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:00:31 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:00:31 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:00:31 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000080)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0f", 0xc, 0x4000}, {&(0x7f0000010900)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100089eb70325132510000eb70325103", 0x5b, 0x4800}], 0x0, &(0x7f0000011300)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) creat(&(0x7f0000000140)='./file0/file0\x00', 0x0) mknod$loop(0x0, 0x400, 0x1) 06:00:31 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x0, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x2) 06:00:31 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:00:31 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:00:31 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000080)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0f", 0xc, 0x4000}, {&(0x7f0000010900)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100089eb70325132510000eb70325103", 0x5b, 0x4800}], 0x0, &(0x7f0000011300)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) creat(0x0, 0x0) mknod$loop(&(0x7f00000001c0)='./file0/file0\x00', 0x400, 0x1) [ 1754.850891] FAT-fs (loop7): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 1754.852751] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 06:00:32 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(0x0, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:00:32 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 1754.895525] FAT-fs (loop0): Directory bread(block 72) failed [ 1754.919274] FAT-fs (loop0): Directory bread(block 73) failed [ 1754.920346] FAT-fs (loop0): Directory bread(block 74) failed [ 1754.922152] FAT-fs (loop0): Directory bread(block 75) failed 06:00:32 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 1754.935293] FAT-fs (loop0): Directory bread(block 76) failed [ 1754.936517] FAT-fs (loop7): Directory bread(block 72) failed [ 1754.940260] FAT-fs (loop0): Directory bread(block 77) failed [ 1754.940274] FAT-fs (loop0): Directory bread(block 78) failed [ 1754.940287] FAT-fs (loop0): Directory bread(block 79) failed [ 1754.940299] FAT-fs (loop0): Directory bread(block 80) failed [ 1754.940311] FAT-fs (loop0): Directory bread(block 81) failed [ 1754.945101] FAT-fs (loop7): Directory bread(block 73) failed 06:00:32 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 1754.952165] FAT-fs (loop7): Directory bread(block 74) failed [ 1754.952180] FAT-fs (loop7): Directory bread(block 75) failed [ 1754.952381] FAT-fs (loop7): Directory bread(block 76) failed [ 1754.962034] FAT-fs (loop7): Directory bread(block 77) failed [ 1754.962693] FAT-fs (loop7): Directory bread(block 78) failed [ 1754.967372] FAT-fs (loop7): Directory bread(block 79) failed [ 1754.974933] FAT-fs (loop7): Directory bread(block 80) failed [ 1754.975633] FAT-fs (loop7): Directory bread(block 81) failed 06:00:32 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000080)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0f", 0xc, 0x4000}, {&(0x7f0000010900)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100089eb70325132510000eb70325103", 0x5b, 0x4800}], 0x0, &(0x7f0000011300)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) creat(&(0x7f0000000140)='./file0/file0\x00', 0x0) mknod$loop(0x0, 0x400, 0x1) [ 1754.982172] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 06:00:32 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(0x0, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:00:32 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 1755.122690] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 06:00:32 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000080)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0f", 0xc, 0x4000}, {&(0x7f0000010900)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100089eb70325132510000eb70325103", 0x5b, 0x4800}], 0x0, &(0x7f0000011300)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) creat(&(0x7f0000000140)='./file0/file0\x00', 0x0) mknod$loop(0x0, 0x400, 0x1) [ 1755.126013] FAT-fs (loop7): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 06:00:32 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:00:32 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 1755.211520] FAT-fs (loop0): Directory bread(block 72) failed [ 1755.223868] FAT-fs (loop0): Directory bread(block 73) failed [ 1755.229230] FAT-fs (loop0): Directory bread(block 74) failed [ 1755.237853] FAT-fs (loop0): Directory bread(block 75) failed [ 1755.244205] FAT-fs (loop0): Directory bread(block 76) failed [ 1755.248089] FAT-fs (loop0): Directory bread(block 77) failed [ 1755.250698] FAT-fs (loop0): Directory bread(block 78) failed [ 1755.253629] FAT-fs (loop0): Directory bread(block 79) failed [ 1755.258080] FAT-fs (loop0): Directory bread(block 80) failed [ 1755.258746] FAT-fs (loop0): Directory bread(block 81) failed [ 1755.287385] FAT-fs (loop7): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 1755.315789] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 1755.320904] FAT-fs (loop7): Directory bread(block 72) failed [ 1755.326627] FAT-fs (loop7): Directory bread(block 73) failed [ 1755.327555] FAT-fs (loop7): Directory bread(block 74) failed [ 1755.328642] FAT-fs (loop7): Directory bread(block 75) failed [ 1755.330760] FAT-fs (loop7): Directory bread(block 76) failed [ 1755.332693] FAT-fs (loop7): Directory bread(block 77) failed [ 1755.333830] FAT-fs (loop7): Directory bread(block 78) failed [ 1755.334808] FAT-fs (loop7): Directory bread(block 79) failed [ 1755.335929] FAT-fs (loop7): Directory bread(block 80) failed [ 1755.337623] FAT-fs (loop7): Directory bread(block 81) failed [ 1755.377954] FAT-fs (loop7): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 1768.975115] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:00:56 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:00:56 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x0, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x2) 06:00:56 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:00:56 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000080)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0f", 0xc, 0x4000}, {&(0x7f0000010900)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100089eb70325132510000eb70325103", 0x5b, 0x4800}], 0x0, &(0x7f0000011300)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) creat(&(0x7f0000000140)='./file0/file0\x00', 0x0) mknod$loop(0x0, 0x400, 0x1) 06:00:56 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:00:56 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:00:56 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000080)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0f", 0xc, 0x4000}, {&(0x7f0000010900)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100089eb70325132510000eb70325103", 0x5b, 0x4800}], 0x0, &(0x7f0000011300)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) creat(&(0x7f0000000140)='./file0/file0\x00', 0x0) mknod$loop(0x0, 0x400, 0x1) 06:00:56 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(0x0, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 1779.219851] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 1779.222942] FAT-fs (loop7): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 06:00:56 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 1779.268213] FAT-fs (loop7): Directory bread(block 72) failed [ 1779.271063] FAT-fs (loop7): Directory bread(block 73) failed [ 1779.271896] FAT-fs (loop0): Directory bread(block 72) failed [ 1779.273416] FAT-fs (loop0): Directory bread(block 73) failed [ 1779.274242] FAT-fs (loop0): Directory bread(block 74) failed [ 1779.275541] FAT-fs (loop0): Directory bread(block 75) failed [ 1779.276628] FAT-fs (loop0): Directory bread(block 76) failed [ 1779.277959] FAT-fs (loop0): Directory bread(block 77) failed [ 1779.279190] FAT-fs (loop0): Directory bread(block 78) failed [ 1779.279866] FAT-fs (loop7): Directory bread(block 74) failed [ 1779.279950] FAT-fs (loop0): Directory bread(block 79) failed [ 1779.281674] FAT-fs (loop7): Directory bread(block 75) failed [ 1779.283391] FAT-fs (loop0): Directory bread(block 80) failed [ 1779.283415] FAT-fs (loop0): Directory bread(block 81) failed 06:00:56 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000080)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0f", 0xc, 0x4000}, {&(0x7f0000010900)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100089eb70325132510000eb70325103", 0x5b, 0x4800}], 0x0, &(0x7f0000011300)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) creat(&(0x7f0000000140)='./file0/file0\x00', 0x0) mknod$loop(&(0x7f00000001c0)='./file0/file0\x00', 0x0, 0x1) [ 1779.309103] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 06:00:56 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 1779.344405] FAT-fs (loop7): Directory bread(block 76) failed [ 1779.345760] FAT-fs (loop7): Directory bread(block 77) failed 06:00:56 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 1779.378394] FAT-fs (loop7): Directory bread(block 78) failed [ 1779.381833] FAT-fs (loop7): Directory bread(block 79) failed [ 1779.384878] FAT-fs (loop7): Directory bread(block 80) failed [ 1779.396289] FAT-fs (loop7): Directory bread(block 81) failed [ 1779.552779] FAT-fs (loop7): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 1779.560325] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 1779.638323] FAT-fs (loop0): Directory bread(block 72) failed [ 1779.641230] FAT-fs (loop0): Directory bread(block 73) failed [ 1779.643282] FAT-fs (loop0): Directory bread(block 74) failed [ 1779.646936] FAT-fs (loop0): Directory bread(block 75) failed [ 1779.667335] FAT-fs (loop0): Directory bread(block 76) failed [ 1779.674702] FAT-fs (loop0): Directory bread(block 77) failed [ 1779.678133] FAT-fs (loop0): Directory bread(block 78) failed [ 1779.684268] FAT-fs (loop0): Directory bread(block 79) failed [ 1779.703450] FAT-fs (loop0): Directory bread(block 80) failed [ 1779.710823] FAT-fs (loop0): Directory bread(block 81) failed [ 1779.804096] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 1793.036772] kmemleak: 20 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:01:18 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:01:18 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000080)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0f", 0xc, 0x4000}, {&(0x7f0000010900)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100089eb70325132510000eb70325103", 0x5b, 0x4800}], 0x0, &(0x7f0000011300)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) creat(&(0x7f0000000140)='./file0/file0\x00', 0x0) mknod$loop(0x0, 0x400, 0x1) 06:01:18 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x0, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x2) 06:01:18 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:01:18 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:01:18 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:01:18 executing program 3: syz_io_uring_submit(0x0, 0x0, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r0+60000000}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd, 0x0, 0x0}, 0xa16) io_uring_enter(0xffffffffffffffff, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:01:18 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 1801.729451] FAT-fs (loop7): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 06:01:18 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, 0x0, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:01:19 executing program 3: syz_io_uring_submit(0x0, 0x0, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r0+60000000}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd, 0x0, 0x0}, 0xa16) io_uring_enter(0xffffffffffffffff, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:01:19 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:01:19 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:01:19 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:01:19 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:01:19 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, 0x0, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:01:19 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000080)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0f", 0xc, 0x4000}, {&(0x7f0000010900)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100089eb70325132510000eb70325103", 0x5b, 0x4800}], 0x0, &(0x7f0000011300)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) creat(&(0x7f0000000140)='./file0/file0\x00', 0x0) mknod$loop(0x0, 0x400, 0x1) [ 1802.072703] FAT-fs (loop7): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 06:01:19 executing program 3: syz_io_uring_submit(0x0, 0x0, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r0+60000000}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd, 0x0, 0x0}, 0xa16) io_uring_enter(0xffffffffffffffff, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 1802.254627] FAT-fs (loop7): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 1802.296276] FAT-fs (loop7): Directory bread(block 72) failed [ 1802.297403] FAT-fs (loop7): Directory bread(block 73) failed [ 1802.298650] FAT-fs (loop7): Directory bread(block 74) failed [ 1802.299727] FAT-fs (loop7): Directory bread(block 75) failed [ 1802.301227] FAT-fs (loop7): Directory bread(block 76) failed [ 1802.302839] FAT-fs (loop7): Directory bread(block 77) failed [ 1802.304460] FAT-fs (loop7): Directory bread(block 78) failed [ 1802.305815] FAT-fs (loop7): Directory bread(block 79) failed [ 1802.307199] FAT-fs (loop7): Directory bread(block 80) failed [ 1802.308650] FAT-fs (loop7): Directory bread(block 81) failed [ 1802.373088] FAT-fs (loop7): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 1815.377690] kmemleak: 32 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:01:40 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:01:40 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x0, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x2) 06:01:40 executing program 3: r0 = syz_io_uring_setup(0x0, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:01:40 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:01:40 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:01:40 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:01:40 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, 0x0, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:01:40 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:01:40 executing program 3: r0 = syz_io_uring_setup(0x0, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:01:40 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:01:40 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:01:40 executing program 7: r0 = syz_io_uring_setup(0x0, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:01:40 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:01:40 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:01:40 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:01:40 executing program 3: r0 = syz_io_uring_setup(0x0, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:01:40 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 1836.958668] kmemleak: 9 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:02:01 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:02:01 executing program 3: r0 = syz_io_uring_setup(0x20, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:02:01 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:02:01 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:02:01 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000080)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0f", 0xc, 0x4000}, {&(0x7f0000010900)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100089eb70325132510000eb70325103", 0x5b, 0x4800}], 0x0, &(0x7f0000011300)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) creat(&(0x7f0000000140)='./file0/file0\x00', 0x0) mknod$loop(0x0, 0x400, 0x1) 06:02:01 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x0, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x2) 06:02:01 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x0, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x2) 06:02:01 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 1844.289491] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 06:02:01 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 1844.322820] FAT-fs (loop0): Directory bread(block 72) failed [ 1844.323785] FAT-fs (loop0): Directory bread(block 73) failed [ 1844.325025] FAT-fs (loop0): Directory bread(block 74) failed [ 1844.325871] FAT-fs (loop0): Directory bread(block 75) failed [ 1844.327428] FAT-fs (loop0): Directory bread(block 76) failed [ 1844.328421] FAT-fs (loop0): Directory bread(block 77) failed [ 1844.329540] FAT-fs (loop0): Directory bread(block 78) failed [ 1844.330523] FAT-fs (loop0): Directory bread(block 79) failed [ 1844.331513] FAT-fs (loop0): Directory bread(block 80) failed [ 1844.332493] FAT-fs (loop0): Directory bread(block 81) failed 06:02:01 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 1844.370129] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 06:02:01 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:02:01 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:02:01 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:02:01 executing program 3: r0 = syz_io_uring_setup(0x20, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:02:01 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x0, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x2) 06:02:01 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, 0x0}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 1859.923336] kmemleak: 27 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:02:24 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x0, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x2) 06:02:24 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x0, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x2) 06:02:24 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x0, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x2) 06:02:24 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:02:24 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:02:24 executing program 3: r0 = syz_io_uring_setup(0x20, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:02:24 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:02:24 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, 0x0}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:02:24 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(0x0, r1, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r2+60000000}}, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:02:24 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:02:25 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:02:25 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, 0x0}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:02:25 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:02:25 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:02:25 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 1880.074712] kmemleak: 25 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:02:46 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:02:46 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000080)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0f", 0xc, 0x4000}, {&(0x7f0000010900)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100089eb70325132510000eb70325103", 0x5b, 0x4800}], 0x0, &(0x7f0000011300)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) creat(0x0, 0x0) mknod$loop(&(0x7f00000001c0)='./file0/file0\x00', 0x400, 0x1) 06:02:46 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:02:46 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x0, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x2) 06:02:46 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(0x0, r1, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r2+60000000}}, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:02:46 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:02:46 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:02:46 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:02:46 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 1888.922564] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 06:02:46 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:02:46 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(0x0, r1, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:02:46 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(0x0, r1, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r2+60000000}}, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:02:46 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 1889.072854] FAT-fs (loop0): Directory bread(block 72) failed [ 1889.089143] FAT-fs (loop0): Directory bread(block 73) failed [ 1889.090768] FAT-fs (loop0): Directory bread(block 74) failed 06:02:46 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 1889.105611] FAT-fs (loop0): Directory bread(block 75) failed [ 1889.120241] FAT-fs (loop0): Directory bread(block 76) failed [ 1889.155904] FAT-fs (loop0): Directory bread(block 77) failed [ 1889.179354] FAT-fs (loop0): Directory bread(block 78) failed [ 1889.215246] FAT-fs (loop0): Directory bread(block 79) failed [ 1889.224261] FAT-fs (loop0): Directory bread(block 80) failed [ 1889.240442] FAT-fs (loop0): Directory bread(block 81) failed [ 1889.350590] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 1903.123884] kmemleak: 3 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:03:08 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x0, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x2) 06:03:08 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:03:08 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:03:08 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:03:08 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, 0x0, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:03:08 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:03:08 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, 0x0, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:03:08 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r2+60000000}}, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:03:08 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r2+60000000}}, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:03:08 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:03:08 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r2+60000000}}, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:03:08 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x0, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x2) 06:03:08 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, 0x0, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:03:08 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, 0x0, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:03:08 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:03:09 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r2+60000000}}, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 1925.369266] kmemleak: 18 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:03:30 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, 0x0, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:03:30 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:03:30 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:03:30 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x0, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x2) 06:03:30 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:03:30 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:03:30 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, 0x0, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:03:30 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:03:30 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:03:30 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:03:30 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:03:30 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:03:31 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:03:31 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:03:31 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:03:31 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:03:31 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 1947.585830] kmemleak: 15 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:03:52 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:03:52 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:03:52 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:03:52 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:03:52 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:03:52 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x2) 06:03:52 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:03:52 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:03:52 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:03:52 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:03:52 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:03:52 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:03:52 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:03:52 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:03:52 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:03:52 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:03:52 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x2) [ 1970.174707] kmemleak: 10 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:04:22 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:04:22 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x2) 06:04:22 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:04:22 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, 0x0, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:04:22 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:04:22 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:04:22 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:04:22 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x2) 06:04:22 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, 0x0, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:04:22 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:04:22 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:04:22 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:04:22 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:04:22 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x2) 06:04:22 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, 0x0, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:04:22 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:04:22 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 1999.054873] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:04:44 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x2) 06:04:44 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:04:44 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:04:44 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:04:44 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:04:44 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:04:44 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:04:44 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(0xffffffffffffffff, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:04:44 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:04:44 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:04:44 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:04:44 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:04:44 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(0xffffffffffffffff, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:04:44 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(0xffffffffffffffff, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 2022.351712] kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:05:08 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000080)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0f", 0xc, 0x4000}, {&(0x7f0000010900)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100089eb70325132510000eb70325103", 0x5b, 0x4800}], 0x0, &(0x7f0000011300)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(0xffffffffffffffff, 0x0, r0, 0x0, 0x200f5ef, 0x0) creat(&(0x7f0000000140)='./file0/file0\x00', 0x0) mknod$loop(&(0x7f00000001c0)='./file0/file0\x00', 0x400, 0x1) 06:05:08 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:05:08 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x2) 06:05:08 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:05:08 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:05:08 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:05:08 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(0xffffffffffffffff, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:05:08 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(0xffffffffffffffff, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:05:08 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2031.653096] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 06:05:08 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 2031.694645] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 0) 06:05:08 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2031.694658] FAT-fs (loop0): Filesystem has been set read-only [ 2031.697925] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 0) 06:05:08 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:05:08 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(0xffffffffffffffff, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:05:08 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:05:08 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 06:05:09 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:05:09 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2044.792052] kmemleak: 19 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:05:31 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:05:31 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:05:31 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 06:05:31 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:05:31 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:05:31 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x2) 06:05:31 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:05:31 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:05:31 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:05:31 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(0xffffffffffffffff, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:05:31 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:05:31 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:05:31 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, 0x0, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:05:31 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:05:31 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:05:31 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, 0x0, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:05:31 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:05:31 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(0xffffffffffffffff, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:05:31 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2067.551205] kmemleak: 14 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:05:53 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:05:53 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:05:53 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x2) 06:05:53 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(0xffffffffffffffff, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:05:53 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:05:53 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, 0x0, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:05:53 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) 06:05:53 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x2) 06:05:53 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:05:53 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:05:53 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:05:53 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) 06:05:53 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:05:54 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:05:54 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:05:54 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:05:54 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) [ 2091.826663] kmemleak: 22 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:06:17 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:06:17 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:06:17 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x2) 06:06:17 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:06:17 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:06:17 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:06:17 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:06:17 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:06:17 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:06:17 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 2114.093825] kmemleak: 10 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:06:38 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) 06:06:38 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:06:38 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x2) 06:06:38 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x0) 06:06:38 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:06:38 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:06:38 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000080)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0f", 0xc, 0x4000}, {&(0x7f0000010900)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c4530202020202020100089eb70325132510000eb70325103", 0x5b, 0x4800}], 0x0, &(0x7f0000011300)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) creat(&(0x7f0000000140)='./file0/file0\x00', 0x0) mknod$loop(&(0x7f00000001c0)='./file0/file0\x00', 0x400, 0x1) 06:06:38 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2121.257722] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 06:06:38 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) [ 2121.304276] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 2121.306289] FAT-fs (loop2): Filesystem has been set read-only 06:06:38 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:06:38 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:06:38 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 2121.332272] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) 06:06:38 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:06:38 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) 06:06:38 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:06:38 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:06:38 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(0x0, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:06:38 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 2136.096459] kmemleak: 31 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:07:00 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, 0x0, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:07:00 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(0x0, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:07:00 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:07:00 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:07:00 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:07:00 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(0xffffffffffffffff, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:07:00 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x0, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x2) 06:07:00 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x0) 06:07:01 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:07:01 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(0xffffffffffffffff, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:07:01 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:07:01 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:07:01 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, 0x0, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:07:01 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(0x0, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:07:01 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2158.417390] kmemleak: 39 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:07:22 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:07:22 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:07:22 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, 0x0) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x2) 06:07:22 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:07:22 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:07:22 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:07:22 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x0) 06:07:22 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(0xffffffffffffffff, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:07:22 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) setresuid(0x0, 0x0, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:07:22 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 06:07:22 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:07:22 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:07:23 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2180.731602] kmemleak: 13 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:07:44 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:07:44 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:07:44 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='attr/keycreate\x00') dup3(r1, r0, 0x0) pread64(r0, 0x0, 0x0, 0x0) 06:07:44 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 06:07:44 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:07:44 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:07:44 executing program 6: r0 = syz_io_uring_setup(0x0, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:07:44 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) setresuid(0x0, 0x0, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:07:44 executing program 5: syz_io_uring_submit(0x0, 0x0, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_FALLOCATE, 0x4) syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r0+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd, 0x0, 0x0}, 0xa16) io_uring_enter(0xffffffffffffffff, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:07:44 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:07:44 executing program 6: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='attr/keycreate\x00') dup3(r1, r0, 0x0) pread64(r0, 0x0, 0x0, 0x0) 06:07:44 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:07:44 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:07:44 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:07:44 executing program 5: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x34c}, 0x0, 0x0, 0xffffffffffffffff, 0x8) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x6800) r0 = fork() ptrace(0x8, r0) tkill(r0, 0x15) tkill(r0, 0x12) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_opts(r1, 0x29, 0x37, &(0x7f0000000040)=ANY=[], 0x8) getsockopt$inet6_opts(r1, 0x29, 0x37, 0x0, &(0x7f0000000100)=0xa4ffffff) ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000000c0)=r0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000140)=0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000180)=r2, 0x12) r3 = syz_io_uring_complete(0x0) perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x1a, 0x3, 0x6, 0x40, 0x0, 0x5, 0xa1e, 0x8, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x3, 0x2, @perf_bp={&(0x7f0000000000), 0xb}, 0x40000, 0x9, 0x80000000, 0x5, 0xadc, 0xfff, 0x8, 0x0, 0x3, 0x0, 0x3f}, r0, 0x5, r3, 0x2) pkey_alloc(0x0, 0x0) ptrace(0x11, r0) r4 = syz_open_dev$tty20(0xc, 0x4, 0x1) sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, &(0x7f0000000a00)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000009c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="9c0100000201010800000000000000000c0000070c001640000000090000ffff3c000f800800024000000004080001400000007f080003400000000408000340000000000800024000000006080002400000000608000240000000010a000740000008b888000680140004000000000000000000000000000000000114000380060002004e200000060001004e23000008000100ffffffff1c000380060001004e245a238d8501004e24000006d9d0207e741ea82782ac2166c7090f0001004e21000014000500ff01000000000000000000000000000108000100fffffffff6dc0380060002004e210000080001007f0000010800020000000000340018800800014000040800080003400000000508000240000000060800014000000004080002400000ffff08000140000000041c000f800800034000000fff080002400000000308000240000006a5600001800c000280050001003a000000060003400001000006000340000000000c000280050001003a00000006000340000300002c00018014000300fe8800000000000000000000000000011400040000000000000000000000000000000001656e34efed1077869c79e09988c468c87edfdef7cccf7de886334a19d8e51873ce22207169eeadfea87ec3c661d929595d2250c853e1f71a11545a04a6fce73a23955802530392a57d3044c853a9aa80f10bf26c7d69edcfe08f72fcb9835a3f84ade5c8272ab1f07900f20b4b7d8d75367a4db94bf8aecdf39729ade8cd44869392cef40330ea45b5420d9e6dd442f14651222da5759e68e60e4b1bd9dc252854ec273b3558791d8bfc779223e01736e572b2e8664be78963b1ce5263d0f46887b69e59d53ed1a73a8d5cf37089b7644dec56b8af82a0faa24446c7722cf7bf079a8ffaf7d0ac0a73891d2d87c92493803dca981a08dea4237ef5b38d414cc131f9e3a75154473038c071586f7bd595496ce9c6cae6a3d0f0187867922372658f9c2fa6950a1dd55a0125ae70f8f596f3026ebc6bc23e0f8bc05bd0c17b4e80f3af512daa1685aa3071630c897738d03e9418543b240b6214034d01bcb7c56446af6dfaa3639e6b07731e5bb62818f4896dede7a2fc2847d090565534449467d04c034cf47a4d061bfc449e9d4dd9876b7e59d7d9"], 0x19c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000800) ioctl$PIO_FONTX(r4, 0x4b6c, &(0x7f00000001c0)={0x200, 0x18, &(0x7f0000000380)="9cba00df4e60704b32d1985401ca2b9f295980ef105ba63f3a15105686786caf70cca594e94b1512b0d8f5c44dddd74456a887e2911f9cf0fa34794b1cd102eaedb102ca7975f1d96474263a49d56006a64bf657167de8a4d4f7ac00f143bfa139250dbf0b303cad6c88d2656b8e5d1e0150bdf01e5a73276f2f4ac53d7af6c5839c7897885267f47ee5031dae662eb44358e6e0bdc7c1d76440d35d369ef3754433a1d55617f433209f27718c11d4de973b7416c94433f9ad168de935cebfe95809e01766158efb4a37c9575a9a35d69abe1bcaff5f538a000b947eb6ad35be0b9cd11de8ba180e4b16035961b4208c985fdaa5875102639e3ba8dd78a100d37b2b661daa534805b118a54d709c76ab7f675ac948beecdae1b2e2bab8dbd4ce4f26b99c7606d08b4dada327e7497f9e840ecf849b2f27649f2fa6d4df7913362640b36c76ffdfbd46b34ecc76ad09f7ec2d6c3545dd209d2e7bc36cb5435436086f878d58d9161b8e27899d32a12b6b9c319f9e2b7292c2d5bdd5d936d060585a4d01e44b2f3fb37fe5361ea48f8977e3c5f40b0f0e204b6621221fde5b0ff67a3437f33c969b0ac07ec887618691cf70d875db1cc837e084b36c98208ad36fa0c867a7b108d4973ca2dc4ef4eb8d7fea997a92c6dd50f50038c6b546747357b63957b8a79204535a72cb4ddf98018ccd8f7f242ba4519728d7553008a5cc7e120ec9a969a7cb16140298673a0ffaec9b6f5c9ed5d420ccf30916413c1e913ced4c7db7993276278c451541f2a73ebc306210079a68d0bc4634d732346c0a7cd1f0955339497b97247ef4a1fe7c30de8b03a9d5baf893e4f8e584f55f67fda6b1ed0dba96b629526ec7cfc436e1e37e90885f98e8ff1950319f7d10169e519c3841c688e94184429aca8223b60d14b600e1309304e8203ae7f93053f0a6797728e68f6e8101e785c08d5b6cf43f61b641708b4d70253a6f026d7fb9ca2128cbf47e98810c5875a4695619d7277ea8d4c05db88502252f44c6866819c9eab0101b633102e52ed2cfdb0455741c7529b6b09c1a157f686968942dd002ebd20e46c06f65d53b20d871374f48e241dc8463b9862592ee9ca1782da2ecce35faf953f57c87c2b364d06b03bc6171dc71f52bfb08177c16edbd763320c3cbef286649580180f8c1b2761bd24a8e39e654f8a3dcac951da53bac1ad2cd5b6c43ff4fac09f020532902fe45fd9e32f591d6127c0d0cb6567982900a055181879f0ab033a54925d59eb88a66fed5c66559953dd5aa07c661b811a62472419f629dca443bf6b44ea692e3a566ed36c5a700f99d66a5951cd54ca19f160083f911b049766a25c9fee4268641c9978b0bb15bf58dc4fd941dc4f49e1a4b623f2f4fa887d60321c14204b442d8af29fca50da9526294d5106f4011067938f0fd2334d02c6ba3"}) ioctl$TIOCEXCL(r4, 0x540c) 06:07:44 executing program 2 (fault-call:4 fault-nth:0): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 2187.849307] FAULT_INJECTION: forcing a failure. [ 2187.849307] name failslab, interval 1, probability 0, space 0, times 1 [ 2187.849368] CPU: 0 PID: 13832 Comm: syz-executor.2 Not tainted 5.10.60 #1 [ 2187.849383] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2187.849389] Call Trace: [ 2187.849413] dump_stack+0x107/0x163 [ 2187.849430] should_fail.cold+0x5/0xa [ 2187.849444] should_failslab+0x5/0x10 [ 2187.849454] kmem_cache_alloc_bulk+0x4b/0x340 [ 2187.849470] io_submit_sqes+0x12e8/0x2730 [ 2187.849490] ? __mutex_lock+0x459/0x12e0 [ 2187.849501] ? io_queue_sqe+0x1010/0x1010 [ 2187.849510] ? __do_sys_io_uring_enter+0x14ab/0x1e90 [ 2187.849523] ? mutex_lock_io_nested+0x1190/0x1190 [ 2187.849533] ? find_held_lock+0x2c/0x110 [ 2187.849549] ? __fget_files+0x251/0x410 [ 2187.849569] __do_sys_io_uring_enter+0x14b7/0x1e90 [ 2187.849584] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2187.849596] ? io_sq_thread+0x1660/0x1660 [ 2187.849604] ? wait_for_completion+0x270/0x270 [ 2187.849615] ? rcu_read_lock_any_held+0x69/0x90 [ 2187.849623] ? vfs_write+0x34f/0xa50 [ 2187.849635] ? fput_many+0x2f/0x1a0 [ 2187.849644] ? ksys_write+0x1a5/0x250 [ 2187.849661] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 2187.849670] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2187.849682] do_syscall_64+0x33/0x40 [ 2187.849691] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2187.849697] RIP: 0033:0x466609 [ 2187.849707] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2187.849712] RSP: 002b:00007f18e68a4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2187.849723] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2187.849729] RDX: 0000000000000000 RSI: 00000000000076d3 RDI: 0000000000000003 [ 2187.849734] RBP: 00007f18e68a41d0 R08: 0000000000000000 R09: 0000000000000000 [ 2187.849739] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2187.849745] R13: 00007ffd03f4893f R14: 00007f18e68a4300 R15: 0000000000022000 [ 2201.830332] kmemleak: 8 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:08:07 executing program 5 (fault-call:6 fault-nth:0): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:08:07 executing program 6 (fault-call:6 fault-nth:0): r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x2) 06:08:07 executing program 4 (fault-call:7 fault-nth:0): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:08:07 executing program 7: syz_io_uring_submit(0x0, 0x0, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_FALLOCATE, 0x4) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r0+60000000}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd, 0x0, 0x0}, 0xa16) io_uring_enter(0xffffffffffffffff, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:08:07 executing program 1 (fault-call:9 fault-nth:0): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:08:07 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:08:07 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:08:07 executing program 2 (fault-call:4 fault-nth:1): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 2210.621456] FAULT_INJECTION: forcing a failure. [ 2210.621456] name failslab, interval 1, probability 0, space 0, times 0 [ 2210.622988] CPU: 0 PID: 13847 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2210.623864] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2210.625120] Call Trace: [ 2210.625433] dump_stack+0x107/0x163 [ 2210.625880] should_fail.cold+0x5/0xa [ 2210.626328] ? getname_flags.part.0+0x50/0x4e0 [ 2210.626874] should_failslab+0x5/0x10 [ 2210.627305] kmem_cache_alloc+0x5b/0x350 [ 2210.627764] ? rcu_read_lock_any_held+0x69/0x90 [ 2210.628350] ? vfs_write+0x34f/0xa50 [ 2210.628778] getname_flags.part.0+0x50/0x4e0 [ 2210.629285] getname_flags+0x9a/0xe0 [ 2210.629711] __x64_sys_execveat+0xd0/0x130 [ 2210.630184] do_syscall_64+0x33/0x40 [ 2210.630612] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2210.631203] RIP: 0033:0x466609 [ 2210.631581] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2210.633703] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2210.634582] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2210.635400] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2210.636235] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2210.637060] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2210.637901] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 [ 2210.645917] FAULT_INJECTION: forcing a failure. [ 2210.645917] name failslab, interval 1, probability 0, space 0, times 0 [ 2210.646399] FAULT_INJECTION: forcing a failure. [ 2210.646399] name failslab, interval 1, probability 0, space 0, times 0 [ 2210.647933] CPU: 1 PID: 13852 Comm: syz-executor.2 Not tainted 5.10.60 #1 [ 2210.650031] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2210.651707] Call Trace: [ 2210.652086] dump_stack+0x107/0x163 [ 2210.652663] should_fail.cold+0x5/0xa [ 2210.653240] ? create_object.isra.0+0x3a/0xa10 [ 2210.653931] should_failslab+0x5/0x10 [ 2210.654507] kmem_cache_alloc+0x5b/0x350 [ 2210.655126] create_object.isra.0+0x3a/0xa10 [ 2210.655784] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2210.656580] kmem_cache_alloc_bulk+0x168/0x340 [ 2210.657257] io_submit_sqes+0x12e8/0x2730 [ 2210.657875] ? __mutex_lock+0x459/0x12e0 [ 2210.658467] ? io_queue_sqe+0x1010/0x1010 [ 2210.659066] ? __do_sys_io_uring_enter+0x14ab/0x1e90 [ 2210.659811] ? find_held_lock+0x2c/0x110 [ 2210.660427] ? __fget_files+0x251/0x410 [ 2210.661026] __do_sys_io_uring_enter+0x14b7/0x1e90 [ 2210.661745] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2210.662449] ? io_sq_thread+0x1660/0x1660 [ 2210.663048] ? wait_for_completion+0x270/0x270 [ 2210.663719] ? rcu_read_lock_any_held+0x69/0x90 [ 2210.664403] ? vfs_write+0x34f/0xa50 [ 2210.664945] ? fput_many+0x2f/0x1a0 [ 2210.665477] ? ksys_write+0x1a5/0x250 [ 2210.666034] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 2210.666789] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2210.667538] do_syscall_64+0x33/0x40 [ 2210.668079] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2210.668846] RIP: 0033:0x466609 [ 2210.669316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2210.671952] RSP: 002b:00007f18e68a4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2210.673065] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2210.674121] RDX: 0000000000000000 RSI: 00000000000076d3 RDI: 0000000000000003 [ 2210.675193] RBP: 00007f18e68a41d0 R08: 0000000000000000 R09: 0000000000000000 [ 2210.676280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2210.677366] R13: 00007ffd03f4893f R14: 00007f18e68a4300 R15: 0000000000022000 [ 2210.678494] CPU: 0 PID: 13856 Comm: syz-executor.5 Not tainted 5.10.60 #1 [ 2210.679338] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2210.680686] Call Trace: [ 2210.681005] dump_stack+0x107/0x163 [ 2210.681422] should_fail.cold+0x5/0xa [ 2210.681885] should_failslab+0x5/0x10 [ 2210.682327] kmem_cache_alloc_bulk+0x4b/0x340 [ 2210.682860] io_submit_sqes+0x12e8/0x2730 [ 2210.683447] ? __mutex_lock+0x459/0x12e0 [ 2210.684061] ? io_queue_sqe+0x1010/0x1010 [ 2210.684705] ? __do_sys_io_uring_enter+0x14ab/0x1e90 [ 2210.685461] ? mutex_lock_io_nested+0x1190/0x1190 [ 2210.686055] ? find_held_lock+0x2c/0x110 [ 2210.686522] ? __fget_files+0x251/0x410 [ 2210.686995] __do_sys_io_uring_enter+0x14b7/0x1e90 [ 2210.687563] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2210.688132] ? io_sq_thread+0x1660/0x1660 [ 2210.688601] ? wait_for_completion+0x270/0x270 [ 2210.689118] ? rcu_read_lock_any_held+0x69/0x90 [ 2210.689643] ? vfs_write+0x34f/0xa50 [ 2210.690083] ? fput_many+0x2f/0x1a0 [ 2210.690496] ? ksys_write+0x1a5/0x250 [ 2210.690946] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 2210.691544] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2210.692167] do_syscall_64+0x33/0x40 [ 2210.692607] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2210.693207] RIP: 0033:0x466609 [ 2210.693730] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2210.696061] RSP: 002b:00007f7cbd897188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2210.696965] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2210.697796] RDX: 0000000000000000 RSI: 00000000000076d3 RDI: 0000000000000003 [ 2210.698622] RBP: 00007f7cbd8971d0 R08: 0000000000000000 R09: 0000000000000000 [ 2210.699450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2210.700302] R13: 00007ffd52d3967f R14: 00007f7cbd897300 R15: 0000000000022000 06:08:07 executing program 4 (fault-call:7 fault-nth:1): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:08:07 executing program 5 (fault-call:6 fault-nth:1): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:08:07 executing program 2 (fault-call:4 fault-nth:2): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 2210.764272] FAULT_INJECTION: forcing a failure. [ 2210.764272] name failslab, interval 1, probability 0, space 0, times 0 [ 2210.765793] CPU: 0 PID: 13864 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2210.766571] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2210.767869] Call Trace: [ 2210.768184] dump_stack+0x107/0x163 [ 2210.768596] should_fail.cold+0x5/0xa [ 2210.769037] ? getname_flags.part.0+0x50/0x4e0 [ 2210.769560] should_failslab+0x5/0x10 [ 2210.770001] kmem_cache_alloc+0x5b/0x350 [ 2210.770467] ? rcu_read_lock_any_held+0x69/0x90 [ 2210.770998] ? vfs_write+0x34f/0xa50 [ 2210.771439] getname_flags.part.0+0x50/0x4e0 [ 2210.771952] getname_flags+0x9a/0xe0 [ 2210.772389] __x64_sys_execveat+0xd0/0x130 [ 2210.772877] do_syscall_64+0x33/0x40 [ 2210.773300] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2210.773892] RIP: 0033:0x466609 [ 2210.774266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2210.776399] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2210.777276] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2210.778101] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2210.778918] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2210.779743] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2210.780595] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 06:08:07 executing program 1 (fault-call:9 fault-nth:1): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:08:07 executing program 7: syz_io_uring_submit(0x0, 0x0, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_FALLOCATE, 0x4) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r0+60000000}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd, 0x0, 0x0}, 0xa16) io_uring_enter(0xffffffffffffffff, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2210.851950] FAULT_INJECTION: forcing a failure. [ 2210.851950] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2210.853506] CPU: 0 PID: 13867 Comm: syz-executor.6 Not tainted 5.10.60 #1 [ 2210.854287] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2210.855586] Call Trace: [ 2210.855887] dump_stack+0x107/0x163 [ 2210.856328] should_fail.cold+0x5/0xa [ 2210.856774] _copy_to_user+0x2e/0x180 [ 2210.857226] simple_read_from_buffer+0xcc/0x160 [ 2210.857764] proc_fail_nth_read+0x194/0x220 [ 2210.858260] ? proc_exe_link+0x1d0/0x1d0 [ 2210.858890] ? security_file_permission+0x178/0x550 [ 2210.859472] ? proc_exe_link+0x1d0/0x1d0 [ 2210.859944] vfs_read+0x226/0x580 [ 2210.860364] ksys_read+0x12d/0x250 [ 2210.860774] ? __ia32_sys_pwrite64+0x230/0x230 [ 2210.861300] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 2210.861905] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2210.862498] do_syscall_64+0x33/0x40 [ 2210.862920] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2210.863507] RIP: 0033:0x41935c [ 2210.863877] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 2210.866000] RSP: 002b:00007f6ceb57d170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2210.866881] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000041935c [ 2210.867693] RDX: 000000000000000f RSI: 00007f6ceb57d1e0 RDI: 0000000000000006 [ 2210.868525] RBP: 00007f6ceb57d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2210.869353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2210.870174] R13: 00007fffbdc5750f R14: 00007f6ceb57d300 R15: 0000000000022000 06:08:08 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x540a, 0x2) [ 2210.919280] FAULT_INJECTION: forcing a failure. [ 2210.919280] name failslab, interval 1, probability 0, space 0, times 0 [ 2210.921474] CPU: 1 PID: 13873 Comm: syz-executor.5 Not tainted 5.10.60 #1 [ 2210.922730] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2210.924751] Call Trace: [ 2210.925248] dump_stack+0x107/0x163 [ 2210.925925] should_fail.cold+0x5/0xa [ 2210.926632] ? create_object.isra.0+0x3a/0xa10 [ 2210.927474] should_failslab+0x5/0x10 [ 2210.928183] kmem_cache_alloc+0x5b/0x350 [ 2210.928944] create_object.isra.0+0x3a/0xa10 [ 2210.929761] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2210.930684] kmem_cache_alloc_bulk+0x168/0x340 [ 2210.931546] io_submit_sqes+0x12e8/0x2730 [ 2210.932365] ? __mutex_lock+0x459/0x12e0 [ 2210.933132] ? io_queue_sqe+0x1010/0x1010 [ 2210.933905] ? __do_sys_io_uring_enter+0x14ab/0x1e90 [ 2210.934886] ? __fget_files+0x251/0x410 [ 2210.935653] __do_sys_io_uring_enter+0x14b7/0x1e90 [ 2210.936587] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2210.937498] ? io_sq_thread+0x1660/0x1660 [ 2210.938251] ? wait_for_completion+0x270/0x270 [ 2210.939100] ? rcu_read_lock_any_held+0x69/0x90 [ 2210.939963] ? vfs_write+0x34f/0xa50 [ 2210.940657] ? fput_many+0x2f/0x1a0 [ 2210.941334] ? ksys_write+0x1a5/0x250 [ 2210.942041] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 2210.943020] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2210.943961] do_syscall_64+0x33/0x40 [ 2210.944663] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2210.945592] RIP: 0033:0x466609 [ 2210.946195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2210.949567] RSP: 002b:00007f7cbd897188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2210.950988] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2210.952323] RDX: 0000000000000000 RSI: 00000000000076d3 RDI: 0000000000000003 [ 2210.953666] RBP: 00007f7cbd8971d0 R08: 0000000000000000 R09: 0000000000000000 [ 2210.955004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2210.956358] R13: 00007ffd52d3967f R14: 00007f7cbd897300 R15: 0000000000022000 [ 2210.966056] FAULT_INJECTION: forcing a failure. [ 2210.966056] name failslab, interval 1, probability 0, space 0, times 0 [ 2210.967545] CPU: 0 PID: 13878 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2210.968337] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2210.969638] Call Trace: [ 2210.969943] dump_stack+0x107/0x163 [ 2210.970356] should_fail.cold+0x5/0xa [ 2210.970794] ? create_object.isra.0+0x3a/0xa10 [ 2210.971397] should_failslab+0x5/0x10 [ 2210.971852] kmem_cache_alloc+0x5b/0x350 [ 2210.972351] ? lock_downgrade+0x6d0/0x6d0 [ 2210.972828] create_object.isra.0+0x3a/0xa10 [ 2210.973333] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2210.973915] kmem_cache_alloc+0x15b/0x350 [ 2210.974393] ? rcu_read_lock_any_held+0x69/0x90 [ 2210.974929] getname_flags.part.0+0x50/0x4e0 [ 2210.975439] getname_flags+0x9a/0xe0 [ 2210.975862] __x64_sys_execveat+0xd0/0x130 [ 2210.976362] do_syscall_64+0x33/0x40 [ 2210.976788] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2210.977365] RIP: 0033:0x466609 [ 2210.977733] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2210.979801] RSP: 002b:00007f8f4e8d1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2210.980683] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 0000000000466609 [ 2210.981495] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2210.982293] RBP: 00007f8f4e8d11d0 R08: 0000000000000000 R09: 0000000000000000 [ 2210.983102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2210.983898] R13: 00007ffc26035cdf R14: 00007f8f4e8d1300 R15: 0000000000022000 [ 2211.050588] FAULT_INJECTION: forcing a failure. [ 2211.050588] name failslab, interval 1, probability 0, space 0, times 0 [ 2211.052080] CPU: 0 PID: 13882 Comm: syz-executor.2 Not tainted 5.10.60 #1 [ 2211.052997] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2211.054306] Call Trace: [ 2211.054613] dump_stack+0x107/0x163 [ 2211.055030] should_fail.cold+0x5/0xa [ 2211.055472] ? create_object.isra.0+0x3a/0xa10 [ 2211.055999] should_failslab+0x5/0x10 [ 2211.056446] kmem_cache_alloc+0x5b/0x350 [ 2211.056926] ? mark_held_locks+0x9e/0xe0 [ 2211.057402] create_object.isra.0+0x3a/0xa10 [ 2211.057907] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2211.058491] kmem_cache_alloc_bulk+0x168/0x340 [ 2211.059030] io_submit_sqes+0x12e8/0x2730 [ 2211.059510] ? __mutex_lock+0x459/0x12e0 [ 2211.059981] ? io_queue_sqe+0x1010/0x1010 [ 2211.060469] ? __do_sys_io_uring_enter+0x14ab/0x1e90 [ 2211.061061] ? find_held_lock+0x2c/0x110 [ 2211.061530] ? __fget_files+0x251/0x410 [ 2211.062001] __do_sys_io_uring_enter+0x14b7/0x1e90 [ 2211.062572] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2211.063129] ? io_sq_thread+0x1660/0x1660 [ 2211.063599] ? wait_for_completion+0x270/0x270 [ 2211.064125] ? rcu_read_lock_any_held+0x69/0x90 [ 2211.064696] ? vfs_write+0x34f/0xa50 [ 2211.065123] ? fput_many+0x2f/0x1a0 [ 2211.065536] ? ksys_write+0x1a5/0x250 [ 2211.065989] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 2211.066594] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2211.067182] do_syscall_64+0x33/0x40 [ 2211.067608] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2211.068204] RIP: 0033:0x466609 [ 2211.068574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2211.070703] RSP: 002b:00007f18e68a4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2211.071574] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2211.072408] RDX: 0000000000000000 RSI: 00000000000076d3 RDI: 0000000000000003 [ 2211.073241] RBP: 00007f18e68a41d0 R08: 0000000000000000 R09: 0000000000000000 [ 2211.074085] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2211.074977] R13: 00007ffd03f4893f R14: 00007f18e68a4300 R15: 0000000000022000 [ 2211.100517] FAULT_INJECTION: forcing a failure. [ 2211.100517] name failslab, interval 1, probability 0, space 0, times 0 [ 2211.102085] CPU: 0 PID: 13889 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2211.103020] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2211.104409] Call Trace: [ 2211.104728] dump_stack+0x107/0x163 [ 2211.105149] should_fail.cold+0x5/0xa [ 2211.105592] ? create_object.isra.0+0x3a/0xa10 [ 2211.106129] should_failslab+0x5/0x10 [ 2211.106570] kmem_cache_alloc+0x5b/0x350 [ 2211.107040] ? lock_downgrade+0x6d0/0x6d0 [ 2211.107528] create_object.isra.0+0x3a/0xa10 [ 2211.108042] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2211.108655] kmem_cache_alloc+0x15b/0x350 [ 2211.109131] ? rcu_read_lock_any_held+0x69/0x90 [ 2211.109692] getname_flags.part.0+0x50/0x4e0 [ 2211.110207] getname_flags+0x9a/0xe0 [ 2211.110643] __x64_sys_execveat+0xd0/0x130 [ 2211.111142] do_syscall_64+0x33/0x40 [ 2211.111569] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2211.112173] RIP: 0033:0x466609 [ 2211.112547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2211.114696] RSP: 002b:00007fda96221188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2211.115566] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 0000000000466609 [ 2211.116409] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2211.117266] RBP: 00007fda962211d0 R08: 0000000000000000 R09: 0000000000000000 [ 2211.118097] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2211.118939] R13: 00007ffcd66bd11f R14: 00007fda96221300 R15: 0000000000022000 06:08:08 executing program 4 (fault-call:7 fault-nth:2): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:08:08 executing program 5 (fault-call:6 fault-nth:2): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:08:08 executing program 2 (fault-call:4 fault-nth:3): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:08:08 executing program 7: syz_io_uring_submit(0x0, 0x0, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_FALLOCATE, 0x4) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r0+60000000}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd, 0x0, 0x0}, 0xa16) io_uring_enter(0xffffffffffffffff, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:08:08 executing program 1 (fault-call:9 fault-nth:2): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2211.303562] FAULT_INJECTION: forcing a failure. [ 2211.303562] name failslab, interval 1, probability 0, space 0, times 0 [ 2211.305203] CPU: 1 PID: 13894 Comm: syz-executor.5 Not tainted 5.10.60 #1 [ 2211.306172] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2211.307775] Call Trace: [ 2211.308187] dump_stack+0x107/0x163 [ 2211.308715] should_fail.cold+0x5/0xa [ 2211.309263] ? create_object.isra.0+0x3a/0xa10 [ 2211.309909] should_failslab+0x5/0x10 [ 2211.310445] kmem_cache_alloc+0x5b/0x350 [ 2211.311018] ? mark_held_locks+0x9e/0xe0 [ 2211.311607] create_object.isra.0+0x3a/0xa10 [ 2211.312277] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2211.313000] kmem_cache_alloc_bulk+0x168/0x340 [ 2211.313709] io_submit_sqes+0x12e8/0x2730 [ 2211.314377] ? __mutex_lock+0x459/0x12e0 [ 2211.315015] ? io_queue_sqe+0x1010/0x1010 [ 2211.315664] ? __do_sys_io_uring_enter+0x14ab/0x1e90 [ 2211.316673] ? __fget_files+0x251/0x410 [ 2211.317556] __do_sys_io_uring_enter+0x14b7/0x1e90 [ 2211.318623] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2211.319666] ? io_sq_thread+0x1660/0x1660 [ 2211.320567] ? wait_for_completion+0x270/0x270 [ 2211.321553] ? rcu_read_lock_any_held+0x69/0x90 [ 2211.322554] ? vfs_write+0x34f/0xa50 [ 2211.323365] ? fput_many+0x2f/0x1a0 [ 2211.324178] ? ksys_write+0x1a5/0x250 [ 2211.325018] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 2211.326154] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2211.327273] do_syscall_64+0x33/0x40 [ 2211.328080] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2211.329200] RIP: 0033:0x466609 [ 2211.329900] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2211.333889] RSP: 002b:00007f7cbd897188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2211.335538] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2211.337112] RDX: 0000000000000000 RSI: 00000000000076d3 RDI: 0000000000000003 [ 2211.338672] RBP: 00007f7cbd8971d0 R08: 0000000000000000 R09: 0000000000000000 [ 2211.340240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2211.341788] R13: 00007ffd52d3967f R14: 00007f7cbd897300 R15: 0000000000022000 [ 2211.357786] FAULT_INJECTION: forcing a failure. [ 2211.357786] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2211.359134] CPU: 0 PID: 13902 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2211.359866] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2211.361245] Call Trace: [ 2211.361536] dump_stack+0x107/0x163 [ 2211.361930] should_fail.cold+0x5/0xa [ 2211.362351] strncpy_from_user+0x34/0x420 [ 2211.362801] getname_flags.part.0+0x95/0x4e0 [ 2211.363304] getname_flags+0x9a/0xe0 [ 2211.363703] __x64_sys_execveat+0xd0/0x130 [ 2211.364194] do_syscall_64+0x33/0x40 [ 2211.364593] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2211.364775] FAULT_INJECTION: forcing a failure. [ 2211.364775] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2211.365168] RIP: 0033:0x466609 [ 2211.365180] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2211.365185] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2211.365195] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2211.365201] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2211.365206] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2211.365212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2211.365226] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 [ 2211.375155] CPU: 1 PID: 13906 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2211.376681] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2211.379128] Call Trace: [ 2211.379706] dump_stack+0x107/0x163 [ 2211.380510] should_fail.cold+0x5/0xa [ 2211.381340] strncpy_from_user+0x34/0x420 [ 2211.382247] getname_flags.part.0+0x95/0x4e0 [ 2211.383204] getname_flags+0x9a/0xe0 [ 2211.384011] __x64_sys_execveat+0xd0/0x130 [ 2211.384935] do_syscall_64+0x33/0x40 [ 2211.385742] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2211.386850] RIP: 0033:0x466609 [ 2211.387549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2211.391546] RSP: 002b:00007f8f4e8d1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2211.393201] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 0000000000466609 [ 2211.394740] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2211.396312] RBP: 00007f8f4e8d11d0 R08: 0000000000000000 R09: 0000000000000000 [ 2211.397862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2211.399413] R13: 00007ffc26035cdf R14: 00007f8f4e8d1300 R15: 0000000000022000 06:08:08 executing program 5 (fault-call:6 fault-nth:3): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:08:08 executing program 7: r0 = syz_io_uring_setup(0x0, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:08:08 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2211.560583] FAULT_INJECTION: forcing a failure. [ 2211.560583] name failslab, interval 1, probability 0, space 0, times 0 [ 2211.561983] CPU: 0 PID: 13915 Comm: syz-executor.5 Not tainted 5.10.60 #1 [ 2211.562746] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2211.564011] Call Trace: [ 2211.564348] dump_stack+0x107/0x163 [ 2211.564755] should_fail.cold+0x5/0xa [ 2211.565188] ? create_object.isra.0+0x3a/0xa10 [ 2211.565692] should_failslab+0x5/0x10 [ 2211.566126] kmem_cache_alloc+0x5b/0x350 [ 2211.566573] ? mark_held_locks+0x9e/0xe0 [ 2211.567042] create_object.isra.0+0x3a/0xa10 [ 2211.567529] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2211.568099] kmem_cache_alloc_bulk+0x168/0x340 [ 2211.568610] io_submit_sqes+0x12e8/0x2730 [ 2211.569086] ? __mutex_lock+0x459/0x12e0 [ 2211.569539] ? io_queue_sqe+0x1010/0x1010 [ 2211.569990] ? __do_sys_io_uring_enter+0x14ab/0x1e90 [ 2211.570559] ? __fget_files+0x251/0x410 [ 2211.571036] __do_sys_io_uring_enter+0x14b7/0x1e90 [ 2211.571608] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2211.572179] ? io_sq_thread+0x1660/0x1660 [ 2211.572661] ? wait_for_completion+0x270/0x270 [ 2211.573199] ? rcu_read_lock_any_held+0x69/0x90 [ 2211.573730] ? vfs_write+0x34f/0xa50 [ 2211.574165] ? fput_many+0x2f/0x1a0 [ 2211.574565] ? ksys_write+0x1a5/0x250 [ 2211.575007] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 2211.575623] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2211.576241] do_syscall_64+0x33/0x40 [ 2211.576671] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2211.577232] RIP: 0033:0x466609 [ 2211.577599] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2211.579628] RSP: 002b:00007f7cbd897188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2211.580484] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2211.581273] RDX: 0000000000000000 RSI: 00000000000076d3 RDI: 0000000000000003 [ 2211.582065] RBP: 00007f7cbd8971d0 R08: 0000000000000000 R09: 0000000000000000 [ 2211.582847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2211.583625] R13: 00007ffd52d3967f R14: 00007f7cbd897300 R15: 0000000000022000 [ 2227.274659] kmemleak: 41 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:08:32 executing program 4 (fault-call:7 fault-nth:3): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:08:32 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:08:32 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:08:32 executing program 5 (fault-call:6 fault-nth:4): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:08:32 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x2, 0x2) 06:08:32 executing program 7: r0 = syz_io_uring_setup(0x0, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:08:32 executing program 1 (fault-call:9 fault-nth:3): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:08:32 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 2235.564868] FAULT_INJECTION: forcing a failure. [ 2235.564868] name failslab, interval 1, probability 0, space 0, times 0 [ 2235.566131] CPU: 0 PID: 13941 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2235.566876] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2235.568362] Call Trace: [ 2235.568732] dump_stack+0x107/0x163 [ 2235.569210] should_fail.cold+0x5/0xa [ 2235.569712] ? alloc_bprm+0x51/0x890 [ 2235.570202] should_failslab+0x5/0x10 [ 2235.570706] kmem_cache_alloc_trace+0x55/0x350 [ 2235.571301] ? __check_object_size+0x319/0x440 [ 2235.571899] alloc_bprm+0x51/0x890 [ 2235.572366] ? strncpy_from_user+0xa5/0x420 [ 2235.572955] do_execveat_common.isra.0+0x217/0x670 [ 2235.573601] __x64_sys_execveat+0xe7/0x130 [ 2235.574158] do_syscall_64+0x33/0x40 [ 2235.574648] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2235.575307] RIP: 0033:0x466609 [ 2235.575725] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2235.577345] FAULT_INJECTION: forcing a failure. [ 2235.577345] name failslab, interval 1, probability 0, space 0, times 0 [ 2235.578103] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2235.578118] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2235.578132] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2235.583293] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2235.584008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2235.584933] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 [ 2235.585883] CPU: 1 PID: 13938 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2235.587357] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2235.589768] Call Trace: [ 2235.590337] dump_stack+0x107/0x163 [ 2235.591289] should_fail.cold+0x5/0xa [ 2235.592184] ? alloc_bprm+0x51/0x890 [ 2235.593051] should_failslab+0x5/0x10 [ 2235.594033] kmem_cache_alloc_trace+0x55/0x350 [ 2235.595048] ? __check_object_size+0x319/0x440 [ 2235.596233] alloc_bprm+0x51/0x890 [ 2235.597034] ? strncpy_from_user+0xa5/0x420 [ 2235.598158] do_execveat_common.isra.0+0x217/0x670 [ 2235.599265] __x64_sys_execveat+0xe7/0x130 [ 2235.600366] do_syscall_64+0x33/0x40 [ 2235.601233] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2235.602556] RIP: 0033:0x466609 [ 2235.603271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2235.608029] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2235.609773] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2235.611618] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2235.613485] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2235.615343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2235.617217] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 06:08:32 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x3, 0x0, 0x0, 0x0, 0x0) 06:08:32 executing program 1 (fault-call:9 fault-nth:4): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2235.650555] FAULT_INJECTION: forcing a failure. [ 2235.650555] name failslab, interval 1, probability 0, space 0, times 0 [ 2235.651762] CPU: 0 PID: 13948 Comm: syz-executor.5 Not tainted 5.10.60 #1 [ 2235.652632] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2235.653896] Call Trace: [ 2235.654268] dump_stack+0x107/0x163 [ 2235.654780] should_fail.cold+0x5/0xa [ 2235.655312] ? create_object.isra.0+0x3a/0xa10 [ 2235.655945] should_failslab+0x5/0x10 [ 2235.656471] kmem_cache_alloc+0x5b/0x350 [ 2235.657054] ? mark_held_locks+0x9e/0xe0 [ 2235.657700] create_object.isra.0+0x3a/0xa10 [ 2235.658141] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2235.658653] kmem_cache_alloc_bulk+0x168/0x340 [ 2235.659130] io_submit_sqes+0x12e8/0x2730 [ 2235.659554] ? __mutex_lock+0x459/0x12e0 [ 2235.659961] ? io_queue_sqe+0x1010/0x1010 06:08:32 executing program 4 (fault-call:7 fault-nth:4): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2235.660374] ? __do_sys_io_uring_enter+0x14ab/0x1e90 [ 2235.661015] ? __fget_files+0x251/0x410 [ 2235.661420] __do_sys_io_uring_enter+0x14b7/0x1e90 [ 2235.661917] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2235.662395] ? io_sq_thread+0x1660/0x1660 [ 2235.662805] ? wait_for_completion+0x270/0x270 [ 2235.663263] ? rcu_read_lock_any_held+0x69/0x90 [ 2235.663722] ? vfs_write+0x34f/0xa50 [ 2235.664094] ? fput_many+0x2f/0x1a0 [ 2235.664456] ? ksys_write+0x1a5/0x250 [ 2235.664861] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 2235.665377] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2235.665890] do_syscall_64+0x33/0x40 [ 2235.666259] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2235.666791] RIP: 0033:0x466609 [ 2235.667116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2235.668955] RSP: 002b:00007f7cbd897188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2235.669720] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2235.670507] RDX: 0000000000000000 RSI: 00000000000076d3 RDI: 0000000000000003 [ 2235.671335] RBP: 00007f7cbd8971d0 R08: 0000000000000000 R09: 0000000000000000 [ 2235.672075] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2235.672941] R13: 00007ffd52d3967f R14: 00007f7cbd897300 R15: 0000000000022000 06:08:32 executing program 7: r0 = syz_io_uring_setup(0x0, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:08:32 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:08:32 executing program 5 (fault-call:6 fault-nth:5): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 2235.856253] FAULT_INJECTION: forcing a failure. [ 2235.856253] name failslab, interval 1, probability 0, space 0, times 0 [ 2235.857884] CPU: 1 PID: 13962 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2235.858826] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2235.860423] Call Trace: [ 2235.860889] dump_stack+0x107/0x163 [ 2235.861419] should_fail.cold+0x5/0xa [ 2235.861921] ? create_object.isra.0+0x3a/0xa10 [ 2235.862573] should_failslab+0x5/0x10 [ 2235.863124] kmem_cache_alloc+0x5b/0x350 [ 2235.863764] create_object.isra.0+0x3a/0xa10 [ 2235.864380] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2235.865073] kmem_cache_alloc_trace+0x153/0x350 [ 2235.865684] alloc_bprm+0x51/0x890 [ 2235.866141] ? strncpy_from_user+0xa5/0x420 [ 2235.866712] do_execveat_common.isra.0+0x217/0x670 [ 2235.867357] __x64_sys_execveat+0xe7/0x130 [ 2235.867915] do_syscall_64+0x33/0x40 [ 2235.868408] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2235.869080] RIP: 0033:0x466609 [ 2235.869501] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2235.871879] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2235.872883] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2235.873806] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2235.874727] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2235.875655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2235.876589] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 [ 2235.883740] FAULT_INJECTION: forcing a failure. [ 2235.883740] name failslab, interval 1, probability 0, space 0, times 0 [ 2235.885385] CPU: 1 PID: 13966 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2235.886261] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2235.887713] Call Trace: [ 2235.888055] dump_stack+0x107/0x163 [ 2235.888568] should_fail.cold+0x5/0xa [ 2235.889078] ? create_object.isra.0+0x3a/0xa10 [ 2235.889679] should_failslab+0x5/0x10 [ 2235.890189] kmem_cache_alloc+0x5b/0x350 [ 2235.890721] create_object.isra.0+0x3a/0xa10 [ 2235.891159] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2235.891667] kmem_cache_alloc_trace+0x153/0x350 [ 2235.892144] alloc_bprm+0x51/0x890 [ 2235.892499] ? strncpy_from_user+0xa5/0x420 [ 2235.892966] do_execveat_common.isra.0+0x217/0x670 [ 2235.893465] __x64_sys_execveat+0xe7/0x130 [ 2235.893993] do_syscall_64+0x33/0x40 [ 2235.894365] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2235.894992] RIP: 0033:0x466609 [ 2235.895415] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2235.897656] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2235.898603] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2235.899392] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2235.900172] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2235.900940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2235.901705] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 06:08:33 executing program 4 (fault-call:7 fault-nth:5): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:08:33 executing program 1 (fault-call:9 fault-nth:5): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2236.129588] FAULT_INJECTION: forcing a failure. [ 2236.129588] name failslab, interval 1, probability 0, space 0, times 0 [ 2236.130921] CPU: 1 PID: 14088 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2236.131683] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2236.133088] Call Trace: [ 2236.133432] dump_stack+0x107/0x163 [ 2236.133860] should_fail.cold+0x5/0xa [ 2236.134297] should_failslab+0x5/0x10 [ 2236.135302] __kmalloc_track_caller+0x79/0x3b0 [ 2236.136578] ? kasprintf+0xbb/0xf0 [ 2236.137487] ? __lockdep_reset_lock+0x180/0x180 [ 2236.138749] kvasprintf+0xb5/0x150 [ 2236.139612] ? bust_spinlocks+0xe0/0xe0 [ 2236.140604] ? kmem_cache_alloc_trace+0x153/0x350 [ 2236.141790] kasprintf+0xbb/0xf0 [ 2236.142611] ? kvasprintf_const+0x190/0x190 [ 2236.143692] alloc_bprm+0x10b/0x890 [ 2236.144594] ? strncpy_from_user+0xa5/0x420 [ 2236.145636] do_execveat_common.isra.0+0x217/0x670 [ 2236.146725] __x64_sys_execveat+0xe7/0x130 [ 2236.147656] do_syscall_64+0x33/0x40 [ 2236.148476] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2236.149671] RIP: 0033:0x466609 [ 2236.150415] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2236.154679] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2236.156521] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2236.158085] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2236.159680] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2236.161319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2236.162885] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 [ 2236.180625] FAULT_INJECTION: forcing a failure. [ 2236.180625] name failslab, interval 1, probability 0, space 0, times 0 [ 2236.183161] CPU: 0 PID: 14094 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2236.184683] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2236.187101] Call Trace: [ 2236.187630] dump_stack+0x107/0x163 [ 2236.188388] should_fail.cold+0x5/0xa [ 2236.189203] should_failslab+0x5/0x10 [ 2236.189981] __kmalloc_track_caller+0x79/0x3b0 [ 2236.190896] ? kasprintf+0xbb/0xf0 [ 2236.191625] ? __lockdep_reset_lock+0x180/0x180 [ 2236.192567] kvasprintf+0xb5/0x150 [ 2236.193286] ? bust_spinlocks+0xe0/0xe0 [ 2236.194095] ? kmem_cache_alloc_trace+0x153/0x350 [ 2236.195067] kasprintf+0xbb/0xf0 [ 2236.195755] ? kvasprintf_const+0x190/0x190 [ 2236.196656] alloc_bprm+0x10b/0x890 [ 2236.197385] ? strncpy_from_user+0xa5/0x420 [ 2236.198257] do_execveat_common.isra.0+0x217/0x670 [ 2236.199256] __x64_sys_execveat+0xe7/0x130 [ 2236.200110] do_syscall_64+0x33/0x40 [ 2236.200863] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2236.201894] RIP: 0033:0x466609 [ 2236.202540] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2236.206243] RSP: 002b:00007fda96221188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2236.207772] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 0000000000466609 [ 2236.209224] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2236.210643] RBP: 00007fda962211d0 R08: 0000000000000000 R09: 0000000000000000 [ 2236.212069] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2236.213502] R13: 00007ffcd66bd11f R14: 00007fda96221300 R15: 0000000000022000 [ 2252.150552] kmemleak: 18 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:08:58 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:08:58 executing program 7: r0 = syz_io_uring_setup(0x20, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:08:58 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:08:58 executing program 4 (fault-call:7 fault-nth:6): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:08:58 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:08:58 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b2f, 0x2) 06:08:58 executing program 1 (fault-call:9 fault-nth:6): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:08:58 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 2261.473151] FAULT_INJECTION: forcing a failure. [ 2261.473151] name failslab, interval 1, probability 0, space 0, times 0 [ 2261.475275] CPU: 0 PID: 14115 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2261.476494] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2261.478384] Call Trace: [ 2261.478830] dump_stack+0x107/0x163 [ 2261.479448] should_fail.cold+0x5/0xa [ 2261.480086] ? create_object.isra.0+0x3a/0xa10 [ 2261.480850] should_failslab+0x5/0x10 [ 2261.481505] kmem_cache_alloc+0x5b/0x350 [ 2261.482176] ? vsnprintf+0x4ba/0x1600 [ 2261.482804] create_object.isra.0+0x3a/0xa10 [ 2261.483545] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2261.484378] __kmalloc_track_caller+0x179/0x3b0 [ 2261.485163] ? kasprintf+0xbb/0xf0 [ 2261.485755] kvasprintf+0xb5/0x150 [ 2261.486326] ? bust_spinlocks+0xe0/0xe0 [ 2261.486983] ? kmem_cache_alloc_trace+0x153/0x350 [ 2261.487792] kasprintf+0xbb/0xf0 [ 2261.488339] ? kvasprintf_const+0x190/0x190 [ 2261.489070] alloc_bprm+0x10b/0x890 [ 2261.489664] ? strncpy_from_user+0xa5/0x420 [ 2261.490361] do_execveat_common.isra.0+0x217/0x670 [ 2261.491162] __x64_sys_execveat+0xe7/0x130 [ 2261.491854] do_syscall_64+0x33/0x40 [ 2261.492463] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2261.493315] RIP: 0033:0x466609 [ 2261.493853] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2261.496861] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2261.498137] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2261.499330] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2261.500533] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2261.501758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2261.502945] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 06:08:58 executing program 7: r0 = syz_io_uring_setup(0x20, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:08:58 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2261.534465] FAULT_INJECTION: forcing a failure. [ 2261.534465] name failslab, interval 1, probability 0, space 0, times 0 [ 2261.536319] CPU: 1 PID: 14114 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2261.537307] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2261.538959] Call Trace: [ 2261.539352] dump_stack+0x107/0x163 [ 2261.539869] should_fail.cold+0x5/0xa [ 2261.540427] ? create_object.isra.0+0x3a/0xa10 [ 2261.541064] should_failslab+0x5/0x10 [ 2261.541583] kmem_cache_alloc+0x5b/0x350 [ 2261.542182] ? vsnprintf+0x4ba/0x1600 [ 2261.542738] create_object.isra.0+0x3a/0xa10 [ 2261.543357] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2261.544060] __kmalloc_track_caller+0x179/0x3b0 [ 2261.544712] ? kasprintf+0xbb/0xf0 [ 2261.545241] kvasprintf+0xb5/0x150 [ 2261.545731] ? bust_spinlocks+0xe0/0xe0 [ 2261.546322] ? kmem_cache_alloc_trace+0x153/0x350 [ 2261.547030] kasprintf+0xbb/0xf0 [ 2261.547518] ? kvasprintf_const+0x190/0x190 [ 2261.548159] alloc_bprm+0x10b/0x890 [ 2261.548675] ? strncpy_from_user+0xa5/0x420 [ 2261.549306] do_execveat_common.isra.0+0x217/0x670 [ 2261.549991] __x64_sys_execveat+0xe7/0x130 [ 2261.550607] do_syscall_64+0x33/0x40 [ 2261.551131] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2261.551858] RIP: 0033:0x466609 [ 2261.552296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2261.554844] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2261.555963] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2261.556957] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2261.557969] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2261.558986] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2261.560000] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 06:08:58 executing program 5: syz_io_uring_submit(0x0, 0x0, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_FALLOCATE, 0x4) r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_msfilter(r0, 0x0, 0x29, 0x0, 0x18) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x3, 0x0, @fd=r0, 0x10001, 0x0, 0x5, 0x3}, 0x5) syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd, 0x0, 0x0}, 0xa16) r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @mcast1}, &(0x7f00000000c0)=0x1c) ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000180)) io_uring_enter(0xffffffffffffffff, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:08:58 executing program 4 (fault-call:7 fault-nth:7): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:08:58 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x8, 0x0, 0x0, 0x0) 06:08:58 executing program 1 (fault-call:9 fault-nth:7): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:08:58 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2261.778718] FAULT_INJECTION: forcing a failure. [ 2261.778718] name failslab, interval 1, probability 0, space 0, times 0 [ 2261.780652] CPU: 0 PID: 14143 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2261.781810] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2261.783739] Call Trace: [ 2261.784201] dump_stack+0x107/0x163 [ 2261.784928] should_fail.cold+0x5/0xa [ 2261.785676] ? mm_alloc+0x19/0xc0 [ 2261.786263] should_failslab+0x5/0x10 [ 2261.786913] kmem_cache_alloc+0x5b/0x350 [ 2261.787616] mm_alloc+0x19/0xc0 [ 2261.788171] alloc_bprm+0x19a/0x890 [ 2261.788795] ? strncpy_from_user+0xa5/0x420 [ 2261.789572] do_execveat_common.isra.0+0x217/0x670 [ 2261.790431] __x64_sys_execveat+0xe7/0x130 [ 2261.791125] do_syscall_64+0x33/0x40 [ 2261.791761] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2261.792614] RIP: 0033:0x466609 [ 2261.793168] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2261.796200] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2261.797525] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2261.798701] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2261.799890] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2261.801088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2261.802286] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 [ 2261.887362] FAULT_INJECTION: forcing a failure. [ 2261.887362] name failslab, interval 1, probability 0, space 0, times 0 [ 2261.889169] CPU: 1 PID: 14153 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2261.890144] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2261.891734] Call Trace: [ 2261.892128] dump_stack+0x107/0x163 [ 2261.892644] should_fail.cold+0x5/0xa [ 2261.893173] ? mm_alloc+0x19/0xc0 [ 2261.893561] should_failslab+0x5/0x10 [ 2261.893991] kmem_cache_alloc+0x5b/0x350 [ 2261.894465] mm_alloc+0x19/0xc0 [ 2261.894847] alloc_bprm+0x19a/0x890 [ 2261.895279] ? strncpy_from_user+0xa5/0x420 [ 2261.895789] do_execveat_common.isra.0+0x217/0x670 [ 2261.896369] __x64_sys_execveat+0xe7/0x130 [ 2261.896859] do_syscall_64+0x33/0x40 [ 2261.897306] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2261.897900] RIP: 0033:0x466609 [ 2261.898360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2261.901334] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2261.902681] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2261.903890] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2261.904937] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2261.906012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2261.907155] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 [ 2275.976379] kmemleak: 15 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:09:20 executing program 7: r0 = syz_io_uring_setup(0x20, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:09:20 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:09:20 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b30, 0x2) 06:09:20 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x2000, 0x0, 0x0, 0x0) 06:09:20 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:09:20 executing program 4 (fault-call:7 fault-nth:8): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:09:20 executing program 1 (fault-call:9 fault-nth:8): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:09:20 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2283.739912] FAULT_INJECTION: forcing a failure. [ 2283.739912] name failslab, interval 1, probability 0, space 0, times 0 [ 2283.741508] CPU: 0 PID: 14186 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2283.742427] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2283.743934] Call Trace: [ 2283.744293] dump_stack+0x107/0x163 [ 2283.744783] should_fail.cold+0x5/0xa [ 2283.745325] ? mm_alloc+0x19/0xc0 [ 2283.745807] should_failslab+0x5/0x10 [ 2283.746313] kmem_cache_alloc+0x5b/0x350 [ 2283.746892] mm_alloc+0x19/0xc0 [ 2283.747328] alloc_bprm+0x19a/0x890 [ 2283.747822] ? strncpy_from_user+0xa5/0x420 [ 2283.748394] do_execveat_common.isra.0+0x217/0x670 [ 2283.749068] __x64_sys_execveat+0xe7/0x130 [ 2283.749649] do_syscall_64+0x33/0x40 [ 2283.750148] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2283.750833] RIP: 0033:0x466609 [ 2283.751267] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2283.753757] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2283.754789] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2283.755774] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2283.756737] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2283.757703] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2283.758641] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 06:09:20 executing program 0: syz_io_uring_submit(0x0, 0x0, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_FALLOCATE, 0x4) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r0+60000000}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd, 0x0, 0x0}, 0xa16) io_uring_enter(0xffffffffffffffff, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2283.780749] FAULT_INJECTION: forcing a failure. [ 2283.780749] name failslab, interval 1, probability 0, space 0, times 0 [ 2283.783331] CPU: 1 PID: 14192 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2283.784948] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2283.787569] Call Trace: [ 2283.788143] dump_stack+0x107/0x163 [ 2283.789046] should_fail.cold+0x5/0xa [ 2283.789932] ? create_object.isra.0+0x3a/0xa10 [ 2283.791027] should_failslab+0x5/0x10 [ 2283.791872] kmem_cache_alloc+0x5b/0x350 [ 2283.792801] create_object.isra.0+0x3a/0xa10 [ 2283.793866] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2283.795020] kmem_cache_alloc+0x15b/0x350 [ 2283.795947] mm_alloc+0x19/0xc0 [ 2283.796761] alloc_bprm+0x19a/0x890 [ 2283.797549] ? strncpy_from_user+0xa5/0x420 [ 2283.798556] do_execveat_common.isra.0+0x217/0x670 [ 2283.799723] __x64_sys_execveat+0xe7/0x130 [ 2283.800695] do_syscall_64+0x33/0x40 [ 2283.801561] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2283.802643] RIP: 0033:0x466609 [ 2283.803461] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2283.807595] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2283.809426] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2283.811039] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2283.812682] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2283.813923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2283.814931] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 06:09:21 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0xffffffffffffffff, r3, 0x0) syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000200)='\x00', 0x3, 0x1, &(0x7f0000000340)=[{&(0x7f0000000240)="161b762529e46cce1f28cc3b4d340b6fac86c3e6344204a36f641fca0d404c291fc5f677a002054f2fd495f7db5bd34c94e8401deedb0821ee01606e496ff447ea1bf66cb9f070101531cdb5ae454a0e26838115a12ff1778c99e345eda3cd0477ed5456ed12564ae23af1885334bd05dd8df63ebc0a597d63a6007b5acb662641c70ee8f3e3f605fedd27993f327853132e2116378efb7d2e191939484a4d0c312a168d1699550f9e94ba3ecf28f441b4570d1fb9a49bfa1be0a1109f23c3b4", 0xc0, 0x1}], 0x130052, &(0x7f0000000380)={[{@dots}, {@nodots}, {@fat=@dos1xfloppy}, {@fat=@tz_utc}, {@dots}, {@nodots}, {@dots}, {@fat=@flush}, {@dots}, {@dots}], [{@fsmagic={'fsmagic', 0x3d, 0x100000000}}, {@euid_gt={'euid>', r3}}, {@euid_lt}, {@fowner_eq={'fowner', 0x3d, 0xffffffffffffffff}}, {@fowner_gt={'fowner>', 0xee01}}]}) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:09:21 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x80ffff, 0x0, 0x0, 0x0) 06:09:21 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(0x0, r1, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(0x0, r1, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r2+60000000}}, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:09:21 executing program 4 (fault-call:7 fault-nth:9): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:09:21 executing program 1 (fault-call:9 fault-nth:9): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:09:21 executing program 0: syz_io_uring_submit(0x0, 0x0, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_FALLOCATE, 0x4) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r0+60000000}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd, 0x0, 0x0}, 0xa16) io_uring_enter(0xffffffffffffffff, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2284.095058] FAULT_INJECTION: forcing a failure. [ 2284.095058] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 2284.097729] CPU: 0 PID: 14223 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2284.099226] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2284.101714] Call Trace: [ 2284.102298] dump_stack+0x107/0x163 [ 2284.103100] should_fail.cold+0x5/0xa [ 2284.103937] __alloc_pages_nodemask+0x17f/0x670 [ 2284.104969] ? __alloc_pages_slowpath.constprop.0+0x2090/0x2090 [ 2284.106318] alloc_pages_current+0x187/0x280 [ 2284.107285] __get_free_pages+0xc/0xa0 [ 2284.108128] pgd_alloc+0x84/0x4f0 [ 2284.108884] ? pgd_page_get_mm+0x40/0x40 [ 2284.109769] ? lockdep_init_map_waits+0x26a/0x700 [ 2284.110820] ? lockdep_init_map_waits+0x26a/0x700 [ 2284.111880] mm_init+0x633/0xa30 [ 2284.112630] mm_alloc+0x99/0xc0 [ 2284.113366] alloc_bprm+0x19a/0x890 [ 2284.114162] ? strncpy_from_user+0xa5/0x420 [ 2284.115108] do_execveat_common.isra.0+0x217/0x670 [ 2284.116190] __x64_sys_execveat+0xe7/0x130 [ 2284.117118] do_syscall_64+0x33/0x40 [ 2284.117940] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2284.119058] RIP: 0033:0x466609 [ 2284.119762] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2284.123786] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2284.125467] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2284.127022] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2284.128579] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2284.130136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2284.131688] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 [ 2284.227684] FAULT_INJECTION: forcing a failure. [ 2284.227684] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2284.229465] CPU: 0 PID: 14296 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2284.230440] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2284.232082] Call Trace: [ 2284.232469] dump_stack+0x107/0x163 [ 2284.232999] should_fail.cold+0x5/0xa [ 2284.233545] __alloc_pages_nodemask+0x17f/0x670 [ 2284.234053] ? __alloc_pages_slowpath.constprop.0+0x2090/0x2090 [ 2284.234748] alloc_pages_current+0x187/0x280 [ 2284.235229] __get_free_pages+0xc/0xa0 [ 2284.235657] pgd_alloc+0x84/0x4f0 [ 2284.236047] ? pgd_page_get_mm+0x40/0x40 [ 2284.236503] ? lockdep_init_map_waits+0x26a/0x700 [ 2284.237025] ? lockdep_init_map_waits+0x26a/0x700 [ 2284.237565] mm_init+0x633/0xa30 [ 2284.237940] mm_alloc+0x99/0xc0 [ 2284.238306] alloc_bprm+0x19a/0x890 [ 2284.238708] ? strncpy_from_user+0xa5/0x420 [ 2284.239192] do_execveat_common.isra.0+0x217/0x670 [ 2284.239737] __x64_sys_execveat+0xe7/0x130 [ 2284.240210] do_syscall_64+0x33/0x40 [ 2284.240619] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2284.241194] RIP: 0033:0x466609 [ 2284.241564] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2284.243605] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2284.244455] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2284.245253] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2284.246071] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2284.246868] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2284.247659] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 [ 2297.199618] kmemleak: 14 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:09:41 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) io_uring_enter(r0, 0x2cf0, 0xf3bb, 0x0, &(0x7f0000000000)={[0x400]}, 0x8) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$sock_SIOCDELDLCI(r3, 0x8981, &(0x7f0000000240)={'veth1_vlan\x00', 0x5}) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:09:41 executing program 4 (fault-call:7 fault-nth:10): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:09:41 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:09:41 executing program 1 (fault-call:9 fault-nth:10): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:09:41 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(0x0, r1, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(0x0, r1, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r2+60000000}}, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:09:41 executing program 0: syz_io_uring_submit(0x0, 0x0, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_FALLOCATE, 0x4) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r0+60000000}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd, 0x0, 0x0}, 0xa16) io_uring_enter(0xffffffffffffffff, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:09:41 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b31, 0x2) 06:09:41 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x8000000, 0x0, 0x0, 0x0) [ 2304.807174] FAULT_INJECTION: forcing a failure. [ 2304.807174] name failslab, interval 1, probability 0, space 0, times 0 [ 2304.808693] CPU: 0 PID: 14355 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2304.809540] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2304.810830] Call Trace: [ 2304.811140] dump_stack+0x107/0x163 [ 2304.811564] should_fail.cold+0x5/0xa [ 2304.811994] ? vm_area_alloc+0x1c/0x110 [ 2304.812442] should_failslab+0x5/0x10 [ 2304.812870] kmem_cache_alloc+0x5b/0x350 [ 2304.813332] vm_area_alloc+0x1c/0x110 [ 2304.813771] alloc_bprm+0x306/0x890 [ 2304.814179] ? strncpy_from_user+0xa5/0x420 [ 2304.814664] do_execveat_common.isra.0+0x217/0x670 [ 2304.815218] __x64_sys_execveat+0xe7/0x130 [ 2304.815685] do_syscall_64+0x33/0x40 [ 2304.816114] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2304.816696] RIP: 0033:0x466609 [ 2304.817058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2304.819122] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2304.819979] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2304.820775] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2304.821574] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2304.822400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2304.823228] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 06:09:42 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2304.830747] FAULT_INJECTION: forcing a failure. [ 2304.830747] name failslab, interval 1, probability 0, space 0, times 0 [ 2304.832492] CPU: 1 PID: 14356 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2304.833508] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2304.835191] Call Trace: [ 2304.835603] dump_stack+0x107/0x163 [ 2304.836152] should_fail.cold+0x5/0xa [ 2304.836733] ? vm_area_alloc+0x1c/0x110 [ 2304.837343] should_failslab+0x5/0x10 [ 2304.837925] kmem_cache_alloc+0x5b/0x350 [ 2304.838518] vm_area_alloc+0x1c/0x110 [ 2304.839102] alloc_bprm+0x306/0x890 [ 2304.839583] ? strncpy_from_user+0xa5/0x420 [ 2304.840186] do_execveat_common.isra.0+0x217/0x670 [ 2304.840852] __x64_sys_execveat+0xe7/0x130 [ 2304.841435] do_syscall_64+0x33/0x40 [ 2304.841934] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2304.842634] RIP: 0033:0x466609 [ 2304.843065] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2304.845569] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2304.846614] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2304.847605] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2304.848565] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2304.849535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2304.850510] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 06:09:42 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(0x0, r1, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(0x0, r1, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r2+60000000}}, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:09:42 executing program 0: r0 = syz_io_uring_setup(0x0, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:09:42 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x20000000, 0x0, 0x0, 0x0) 06:09:42 executing program 4 (fault-call:7 fault-nth:11): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:09:42 executing program 5: r0 = syz_io_uring_setup(0x240b, &(0x7f0000000080)={0x0, 0x0, 0x20}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) io_uring_setup(0x2158, &(0x7f0000000200)={0x0, 0xf244, 0x8, 0x0, 0x2f3, 0x0, r0}) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1000008, 0x110, r0, 0x0) r4 = open(&(0x7f00000002c0)='./file0\x00', 0xc4181, 0x0) syz_io_uring_submit(r3, 0x0, &(0x7f0000000340)=@IORING_OP_READ_FIXED={0x4, 0x1, 0x2004, @fd=r4, 0x9, 0x10000, 0x1000, 0x10, 0x1, {0x2}}, 0x5) io_uring_enter(r0, 0x1c28, 0x0, 0x0, 0x0, 0x0) pivot_root(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='./file0\x00') 06:09:42 executing program 1 (fault-call:9 fault-nth:11): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:09:42 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2305.045463] FAULT_INJECTION: forcing a failure. [ 2305.045463] name failslab, interval 1, probability 0, space 0, times 0 [ 2305.046931] CPU: 0 PID: 14393 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2305.047802] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2305.049054] Call Trace: [ 2305.049350] dump_stack+0x107/0x163 [ 2305.049772] should_fail.cold+0x5/0xa [ 2305.050198] ? create_object.isra.0+0x3a/0xa10 [ 2305.050701] should_failslab+0x5/0x10 [ 2305.051121] kmem_cache_alloc+0x5b/0x350 [ 2305.051577] create_object.isra.0+0x3a/0xa10 [ 2305.052061] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2305.052629] kmem_cache_alloc+0x15b/0x350 [ 2305.053079] vm_area_alloc+0x1c/0x110 [ 2305.053511] alloc_bprm+0x306/0x890 [ 2305.053932] ? strncpy_from_user+0xa5/0x420 [ 2305.054405] do_execveat_common.isra.0+0x217/0x670 [ 2305.054957] __x64_sys_execveat+0xe7/0x130 [ 2305.055427] do_syscall_64+0x33/0x40 [ 2305.055844] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2305.056416] RIP: 0033:0x466609 [ 2305.056779] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2305.058826] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2305.059635] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2305.060444] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2305.061226] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2305.062016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2305.062802] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 [ 2305.082279] FAULT_INJECTION: forcing a failure. [ 2305.082279] name failslab, interval 1, probability 0, space 0, times 0 [ 2305.083795] CPU: 0 PID: 14392 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2305.084622] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2305.085884] Call Trace: [ 2305.086182] dump_stack+0x107/0x163 [ 2305.086594] should_fail.cold+0x5/0xa [ 2305.087024] ? create_object.isra.0+0x3a/0xa10 [ 2305.087533] should_failslab+0x5/0x10 [ 2305.087949] kmem_cache_alloc+0x5b/0x350 [ 2305.088381] create_object.isra.0+0x3a/0xa10 [ 2305.088870] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2305.089433] kmem_cache_alloc+0x15b/0x350 [ 2305.089910] vm_area_alloc+0x1c/0x110 [ 2305.090328] alloc_bprm+0x306/0x890 [ 2305.090727] ? strncpy_from_user+0xa5/0x420 [ 2305.091231] do_execveat_common.isra.0+0x217/0x670 [ 2305.091792] __x64_sys_execveat+0xe7/0x130 [ 2305.092264] do_syscall_64+0x33/0x40 [ 2305.092686] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2305.093250] RIP: 0033:0x466609 [ 2305.093620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2305.095691] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2305.096583] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2305.097376] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2305.098168] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2305.098957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2305.099738] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 [ 2317.782807] kmemleak: 6 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:10:03 executing program 0: r0 = syz_io_uring_setup(0x0, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:10:03 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0xf5ffffff, 0x0, 0x0, 0x0) 06:10:03 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b32, 0x2) 06:10:03 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:10:03 executing program 1 (fault-call:9 fault-nth:12): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:10:03 executing program 4 (fault-call:7 fault-nth:12): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:10:03 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) syz_io_uring_setup(0x1001, &(0x7f0000000080)={0x0, 0x2fe1, 0x18}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x18}, 0x0) syz_io_uring_setup(0x1001, &(0x7f0000000080)={0x0, 0x2fe1, 0x18}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r5, r6, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x18}, 0x0) syz_io_uring_submit(r3, r6, &(0x7f0000000200)=@IORING_OP_TIMEOUT={0xb, 0x3, 0x0, 0x0, 0x6, &(0x7f0000000000)={0x0, 0x989680}}, 0x6) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:10:03 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, 0x0, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r2+60000000}}, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2326.463808] FAULT_INJECTION: forcing a failure. [ 2326.463808] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2326.465190] CPU: 0 PID: 14528 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2326.465969] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2326.467271] Call Trace: [ 2326.467580] dump_stack+0x107/0x163 [ 2326.468009] should_fail.cold+0x5/0xa [ 2326.468443] __alloc_pages_nodemask+0x17f/0x670 [ 2326.468975] ? __lockdep_reset_lock+0x180/0x180 [ 2326.469501] ? __alloc_pages_slowpath.constprop.0+0x2090/0x2090 [ 2326.470200] ? fault_dirty_shared_page+0x3e0/0x3e0 [ 2326.470764] ? count_memcg_event_mm.part.0+0x110/0x2a0 [ 2326.471372] alloc_pages_current+0x187/0x280 [ 2326.471880] get_zeroed_page+0x14/0xa0 [ 2326.472322] __pud_alloc+0x33/0x270 [ 2326.472736] handle_mm_fault+0x19df/0x3570 [ 2326.473220] ? perf_trace_lock+0xb6/0x470 [ 2326.473683] ? hlock_class+0x120/0x120 [ 2326.474148] ? __pmd_alloc+0x5e0/0x5e0 [ 2326.474609] __get_user_pages+0x61d/0x1400 [ 2326.475101] ? follow_page_mask+0x1820/0x1820 [ 2326.475614] ? __lockdep_reset_lock+0x180/0x180 [ 2326.476145] ? avc_has_perm_noaudit+0x1f8/0x3a0 [ 2326.476682] ? find_held_lock+0x2c/0x110 [ 2326.477144] __get_user_pages_remote+0x1d1/0x860 [ 2326.477695] get_user_pages_remote+0x63/0x90 [ 2326.478202] get_arg_page+0xba/0x200 [ 2326.478625] ? acct_arg_size+0xe0/0xe0 [ 2326.479065] ? insert_vm_struct+0x1f7/0x340 [ 2326.479556] copy_string_kernel+0x1b0/0x440 [ 2326.480047] do_execveat_common.isra.0+0x405/0x670 [ 2326.480611] __x64_sys_execveat+0xe7/0x130 [ 2326.481086] do_syscall_64+0x33/0x40 [ 2326.481503] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2326.482097] RIP: 0033:0x466609 [ 2326.482474] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2326.484535] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2326.485393] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2326.486203] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2326.487008] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2326.487811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2326.488630] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 [ 2326.508314] FAULT_INJECTION: forcing a failure. [ 2326.508314] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2326.515254] CPU: 1 PID: 14533 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2326.516784] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2326.519366] Call Trace: [ 2326.520025] dump_stack+0x107/0x163 [ 2326.520817] should_fail.cold+0x5/0xa [ 2326.521650] __alloc_pages_nodemask+0x17f/0x670 [ 2326.522666] ? __lockdep_reset_lock+0x180/0x180 [ 2326.523688] ? __alloc_pages_slowpath.constprop.0+0x2090/0x2090 [ 2326.525060] ? fault_dirty_shared_page+0x3e0/0x3e0 [ 2326.526259] ? count_memcg_event_mm.part.0+0x110/0x2a0 [ 2326.527395] alloc_pages_current+0x187/0x280 [ 2326.528437] get_zeroed_page+0x14/0xa0 [ 2326.529385] __pud_alloc+0x33/0x270 [ 2326.530364] handle_mm_fault+0x19df/0x3570 [ 2326.531375] ? perf_trace_lock+0xb6/0x470 [ 2326.532393] ? hlock_class+0x120/0x120 [ 2326.533382] ? perf_trace_lock+0xb6/0x470 [ 2326.534394] ? __pmd_alloc+0x5e0/0x5e0 [ 2326.535384] __get_user_pages+0x61d/0x1400 [ 2326.536404] ? follow_page_mask+0x1820/0x1820 [ 2326.537605] ? __lockdep_reset_lock+0x180/0x180 [ 2326.538739] ? avc_has_perm_noaudit+0x1f8/0x3a0 [ 2326.539873] ? find_held_lock+0x2c/0x110 [ 2326.540870] __get_user_pages_remote+0x1d1/0x860 [ 2326.542113] get_user_pages_remote+0x63/0x90 [ 2326.543070] get_arg_page+0xba/0x200 [ 2326.543885] ? acct_arg_size+0xe0/0xe0 [ 2326.544838] ? copy_string_kernel+0x175/0x440 [ 2326.545818] copy_string_kernel+0x1b0/0x440 [ 2326.546828] do_execveat_common.isra.0+0x405/0x670 [ 2326.547999] __x64_sys_execveat+0xe7/0x130 [ 2326.548921] do_syscall_64+0x33/0x40 [ 2326.549728] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2326.550844] RIP: 0033:0x466609 [ 2326.551549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2326.555524] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2326.557180] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2326.558731] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2326.560273] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2326.561812] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2326.563367] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 06:10:03 executing program 4 (fault-call:7 fault-nth:13): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2326.665170] FAULT_INJECTION: forcing a failure. [ 2326.665170] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2326.667804] CPU: 0 PID: 14602 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2326.669259] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2326.671670] Call Trace: [ 2326.672241] dump_stack+0x107/0x163 [ 2326.673010] should_fail.cold+0x5/0xa [ 2326.673831] __alloc_pages_nodemask+0x17f/0x670 [ 2326.674856] ? __alloc_pages_slowpath.constprop.0+0x2090/0x2090 [ 2326.676155] ? lock_downgrade+0x6d0/0x6d0 [ 2326.677037] ? do_raw_spin_lock+0x129/0x270 [ 2326.677973] alloc_pages_current+0x187/0x280 [ 2326.678946] __pmd_alloc+0x3b/0x5e0 [ 2326.679728] handle_mm_fault+0x1a30/0x3570 [ 2326.680637] ? perf_trace_lock+0xb6/0x470 [ 2326.681510] ? hlock_class+0x120/0x120 [ 2326.682374] ? __pmd_alloc+0x5e0/0x5e0 [ 2326.683208] __get_user_pages+0x61d/0x1400 [ 2326.684116] ? follow_page_mask+0x1820/0x1820 [ 2326.685039] ? __lockdep_reset_lock+0x180/0x180 [ 2326.686064] ? avc_has_perm_noaudit+0x1f8/0x3a0 [ 2326.687081] ? find_held_lock+0x2c/0x110 [ 2326.687963] __get_user_pages_remote+0x1d1/0x860 [ 2326.688981] get_user_pages_remote+0x63/0x90 [ 2326.689904] get_arg_page+0xba/0x200 [ 2326.690732] ? acct_arg_size+0xe0/0xe0 [ 2326.691550] ? insert_vm_struct+0x1f7/0x340 [ 2326.692469] copy_string_kernel+0x1b0/0x440 [ 2326.693413] do_execveat_common.isra.0+0x405/0x670 [ 2326.694516] __x64_sys_execveat+0xe7/0x130 [ 2326.695460] do_syscall_64+0x33/0x40 [ 2326.696469] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2326.697864] RIP: 0033:0x466609 [ 2326.698610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2326.702624] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2326.704221] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2326.705731] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2326.707287] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2326.708819] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2326.710357] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 06:10:03 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0xffff8000, 0x0, 0x0, 0x0) 06:10:03 executing program 0: r0 = syz_io_uring_setup(0x0, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:10:04 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2339.882572] kmemleak: 34 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:10:26 executing program 0: r0 = syz_io_uring_setup(0x20, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:10:26 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:10:26 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0xfffffff5, 0x0, 0x0, 0x0) 06:10:26 executing program 4 (fault-call:7 fault-nth:14): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:10:26 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, 0x0, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r2+60000000}}, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:10:26 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) write$binfmt_elf64(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="7f454c460901033335eb0000000000000200060004000000d5020000000000004000130000000000a40200000000000000020000045738000200018007000e0105000000faffffff0000000001000000ff00000000000000ffff00000000000005000000000000008d000000000000009e0100000000000052f900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800"/1137], 0x47a) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:10:26 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b33, 0x2) 06:10:26 executing program 1 (fault-call:9 fault-nth:13): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2349.216829] FAULT_INJECTION: forcing a failure. [ 2349.216829] name failslab, interval 1, probability 0, space 0, times 0 [ 2349.220778] CPU: 1 PID: 14702 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2349.222400] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2349.225154] Call Trace: [ 2349.225864] dump_stack+0x107/0x163 [ 2349.226888] should_fail.cold+0x5/0xa [ 2349.227769] ? __pmd_alloc+0x98/0x5e0 [ 2349.228667] should_failslab+0x5/0x10 [ 2349.229588] kmem_cache_alloc+0x5b/0x350 [ 2349.230690] __pmd_alloc+0x98/0x5e0 [ 2349.231505] handle_mm_fault+0x1a30/0x3570 [ 2349.232442] ? perf_trace_lock+0xb6/0x470 [ 2349.233453] ? hlock_class+0x120/0x120 [ 2349.234590] ? __pmd_alloc+0x5e0/0x5e0 [ 2349.236019] __get_user_pages+0x61d/0x1400 [ 2349.237186] ? follow_page_mask+0x1820/0x1820 [ 2349.238279] ? __lockdep_reset_lock+0x180/0x180 [ 2349.239492] ? avc_has_perm_noaudit+0x1f8/0x3a0 [ 2349.240733] ? find_held_lock+0x2c/0x110 [ 2349.241714] __get_user_pages_remote+0x1d1/0x860 [ 2349.243004] get_user_pages_remote+0x63/0x90 [ 2349.244006] get_arg_page+0xba/0x200 [ 2349.244865] ? acct_arg_size+0xe0/0xe0 [ 2349.245812] ? insert_vm_struct+0x1f7/0x340 [ 2349.246905] copy_string_kernel+0x1b0/0x440 [ 2349.247936] do_execveat_common.isra.0+0x405/0x670 [ 2349.249132] __x64_sys_execveat+0xe7/0x130 [ 2349.250121] do_syscall_64+0x33/0x40 [ 2349.251059] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2349.252353] RIP: 0033:0x466609 [ 2349.253128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2349.257775] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2349.259730] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2349.261507] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2349.263361] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2349.265066] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2349.266852] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 [ 2349.292137] FAULT_INJECTION: forcing a failure. [ 2349.292137] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2349.294923] CPU: 1 PID: 14714 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2349.296438] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2349.299148] Call Trace: [ 2349.299781] dump_stack+0x107/0x163 [ 2349.300574] should_fail.cold+0x5/0xa [ 2349.301404] __alloc_pages_nodemask+0x17f/0x670 [ 2349.302435] ? __alloc_pages_slowpath.constprop.0+0x2090/0x2090 [ 2349.304046] ? lock_downgrade+0x6d0/0x6d0 [ 2349.305162] ? do_raw_spin_lock+0x129/0x270 [ 2349.306391] alloc_pages_current+0x187/0x280 [ 2349.307467] __pmd_alloc+0x3b/0x5e0 [ 2349.308275] handle_mm_fault+0x1a30/0x3570 [ 2349.309270] ? perf_trace_lock+0xb6/0x470 [ 2349.310270] ? hlock_class+0x120/0x120 [ 2349.311127] ? __pmd_alloc+0x5e0/0x5e0 [ 2349.311991] __get_user_pages+0x61d/0x1400 [ 2349.312920] ? follow_page_mask+0x1820/0x1820 [ 2349.313885] ? __lockdep_reset_lock+0x180/0x180 [ 2349.314940] ? avc_has_perm_noaudit+0x1f8/0x3a0 [ 2349.315971] ? find_held_lock+0x2c/0x110 [ 2349.316876] __get_user_pages_remote+0x1d1/0x860 [ 2349.317942] get_user_pages_remote+0x63/0x90 [ 2349.318931] get_arg_page+0xba/0x200 [ 2349.319749] ? acct_arg_size+0xe0/0xe0 [ 2349.320621] ? insert_vm_struct+0x1f7/0x340 [ 2349.321567] copy_string_kernel+0x1b0/0x440 [ 2349.322557] do_execveat_common.isra.0+0x405/0x670 [ 2349.323637] __x64_sys_execveat+0xe7/0x130 [ 2349.324648] do_syscall_64+0x33/0x40 [ 2349.325687] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2349.327114] RIP: 0033:0x466609 [ 2349.328017] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2349.332319] RSP: 002b:00007fda96221188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2349.333972] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 0000000000466609 [ 2349.335541] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2349.337109] RBP: 00007fda962211d0 R08: 0000000000000000 R09: 0000000000000000 [ 2349.338665] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2349.340229] R13: 00007ffcd66bd11f R14: 00007fda96221300 R15: 0000000000022000 06:10:26 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:10:26 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, 0x0, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r2+60000000}}, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:10:26 executing program 4 (fault-call:7 fault-nth:15): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:10:26 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0xffffffff, 0x0, 0x0, 0x0) 06:10:26 executing program 1 (fault-call:9 fault-nth:14): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:10:26 executing program 0: r0 = syz_io_uring_setup(0x20, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:10:26 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) r3 = perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='attr/keycreate\x00') r5 = dup3(r4, r3, 0x0) io_uring_enter(r4, 0x3ad0, 0x4102, 0x0, &(0x7f0000000000)={[0x7fffffff]}, 0x8) io_submit(0x0, 0x1, &(0x7f00000008c0)=[&(0x7f0000000200)={0x0, 0x0, 0x5, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000140)="ee", 0x1, 0x800000}]) r6 = openat$incfs(r5, &(0x7f0000000340)='.pending_reads\x00', 0x101000, 0x3e) r7 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_msfilter(r7, 0x0, 0x29, 0x0, 0x18) r8 = perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r9 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='attr/keycreate\x00') dup3(r9, r8, 0x0) r10 = fcntl$dupfd(r3, 0x406, r3) io_submit(0x0, 0x5, &(0x7f00000016c0)=[&(0x7f0000000380)={0x0, 0x0, 0x0, 0x5, 0x1, r0, &(0x7f0000000200)="590bfea18311c6b4d475ade498538d6bb0886d816c3ae02d46a537926ca19d3aebdf171cbd560667226a5289a57d6098a67e00a096fd33a5d17683998307d537d13e2abb9be5bb35c9e4fda914e3851937b0513122d2b3a091c23321885b5da66903576b8f2b77a0ab08112374ccc6974b00350cdc91c3b8078cccddfabcced4df4b0bd0b6d0e582eb3b4109d81155dc542f8127c05fde3f910c37df53f2b0f023a3381084a7de652f3e916559fefba80845f05d8361807c26573d31be25af98b15c74c2484c7dbc1fe960d922c661e407947ed7aee6b17582c74b8b6e", 0xdd, 0x4, 0x0, 0x0, r6}, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0xa9, r4, &(0x7f0000000580)="d000c14ebcabbd5ff3e8e8048d7196fb56050c93f4d8df71551ba8675f3255add3ba7b6a49738298f0309e829fc81b022af4cd2720e19232d39a6e28145077b55603db85fc4a8ff1f2e652048d31f0d1dc3ccc8558b1bcc78c56c88278bc99955e031d9bbdc538bb14d8bf1dbf07bf7da23a030f08e90dd8571968524a9d0ef0a730f8fa7db43dfcdf5f7a49c966bc55a2433384fec2f295980ed604ca55dcecdde3ce95ee47c4acbaf350a757bcb3c58441cbd79091231c05b5f4735f85e59d96283b1c78605c1eec6ab70642e3ecc8026bfb7c11e0e181f8245166a16e8354306466a222893509dcd8f435f97539960241bcda68d8a9ec4579dee8dc705fd952828f34dca4b7f625676cb0d2c94cd4db136e52b8583b7d316e94f0fa9f236632793259f8973c8c4fbd58e887ec7654a3a665572482f4ffb4282cc529069c34e08300ccc8a3f259e6a70f1b0dada40520068c48066885701f388c8a96fad28e0cc81be4a21608c22fafc01b0b1d39f92d04811e3c53c26b61e64e43b6420f94b573782ecaa3cec90d20fd66fb5e80940adfe04a2ca086f09d7121ae6b51c21afc0b478aef8eee6a364417e8273f22a28428e303a1cbd88764c2801d8452788199648dd6a74662089ff1f0357c37963b7aeb57bd4439bf3a5d7d76eee696d69db9260f348d9588bfe62862e2cbfb6d7efc38a95700a5ebb585022f3267b89ae92eb39e309db12527a964623fc1ff37c0be59170d0c8a8b686ba72eb73b402a6786bff5831cc8c393d3757c058578ce0d669cbfae32a9dd223582bac5eb32b96b3c108d8021bd6a919a17db864ab13b75d0b356af95646e5f2948e654193bb27405e25548f4c4c87958073d19fb2cf52994185c10bd82875dddd716204e60ca0cb4a96ecb91beebb39cff68ee0cd1453a89839a990f5dd6a2647b4912b67313d797e664dc95bc9178d7f075afdf5c239f57c8919f3cac567ac0ffc68fa5c1d480a5a1c4a0c8d986ed5f24df3f2443d01abc9d7396c0b51fb92108443ad28a283e6b73e5d57281359f99d8c63f55a3eb78e1ecaa0ef67f2b20cebd2c2c38a8e74a61cace979ec451a6a9d5a987ee1a7d1f2bfa8a2fc1c1ce2adc9dd7c1c5a79ccee8fa768f6e68a977d222ae719b28092dd2823b0664fd49bbb724dc1d7409ccfe71cc3ee13867b2b9fa29b8b33a25c9bcadf8eaf659caaaaf0a7900b7f6a98b8df85fe733544c5a93c795f9b81d66108e8774340ea02f41f9e7edf838b91f9327a2c67254a7f90ed61b36c09e0dc4b56eb31a01924d85be9fdcc9c592f4a80626bd8950633c02b7bc49739757bf5b7934de232f6b451a2cb0b1637a0ca9b2ea2f6772ad33b5446e852a811ad1acdfbb028427bf00f48b45e7d3ae68958233d8858e35cb3e3a8f7e2cda1f6e4099531e331d4cbe1276f972d310bb86319017bde7842877999ce4e96164e5a6546b5a4a6b7245ce7062774bb66829f22ed9669c1784b8d1327523c96d1cccd254f95be317b940b7bac92ea307f44911950771c5c253e2b6c89becbc30e31907a718e187c9371a243f87231d37bb2a5b206cd40ff76f4b2988a87ef153146db8c2b62e6a49e7106cf3bedfb5c63bf64c35f848cd974d7df850d763c3156f63f27eb1882cf9c36275a4fd841c4459d5fbacd0c72ff27f409a2250b81758b7b74f10432f1ed7d91439e5c7ab62e0052fc7b19272cf7f17346b232f0e9485b8ef7d75389fdb7e48c4836ab63da24c5c40a1693177ec6fabf2f251bfdf3fe2e73b9c7467c86d620828cedb9b1031e2a8243225b3ad2ab61a812953ce07724ac3866a658eb3b714b016c8b345f25faa602a754c1540daf00d37e6964ae964abda48691771a98158b4f84e91e795ddeb756007a5df229a4e8a9f162a3cfecd3ddfbb896638f3eaa7affdf0ad48c70d8bed10463f4f002ce89406b1c303d8cac60d65b2493aeaf43af2fa7aea4976a9cef0ec2e7d6a53fc53435ea0db5c675688e8ea67e85d02769f1989835d4e201e7b3a4b8067877d869dc60244ad0bb03e176d128935d19a83dceb6936f4ecfa6821d2b76f46bacebd1736c1478d32223f2975ffe7e517a30157f34b430c5371077b72b1283694ccc67e45ba182a64c414bd821ddfae2de7e69f89ac8540d67e7f1babadce901c6eee2bec588c0bde52cd7a563f7bf2802de208d949ed6e6efab824ae3e92141778e31e875d497ef7b478892c7bfb222bd0435e17cd37da2190d1375942ddeb4b4a2f0f8e7f36882065c1b80be4a0a0f8fd55b79b49b18c24afd2def865ed197ef5db6ecf26978c91322971709464b29a9a6b9f2e6277143a4f8f33efff938bb0d60178f2c32cf00e13e4c59ac34028d94d6bb693fb196909006e4bd1fa7f6f5923c4ca82d0521f4a0b50029441f399490f47beb7ea42cbd128e7f941c932f50ae092f22814f2de72de4d7c8f8a7a26742518a527a3b5056ce8e87a1fc234e02de43a4fd5ec9c1a6f178677de652fd9bec1c58ae0bb5f16af80086e937dc9b0755dd965e024ced6f8edd736d3fabe11c03b45c840253e54b64032d3aa1ef00e6450acf93d456d1c7c028071132bb3cbb3f3f72be20ac8ffbb9a00d4cacde42d9a1840ef510a1ef7ba6072b973f5b645b3b9ac38385c5bd198514869dc3d09544e22b47039c49c7f9396fa966463cb7bcd350a8c8498dadd7ff1dd8a9ce6e079f3748a78d614f9c1fd9ffa697b58160535312fb57041541485ebff5a26a2681f4a749cf655a9255668d73d4e065a61b76344ca74c7727d9be657963e12db81439975f7dcc569ae45a49ceff55ef4136ddffe1a84eda3ff3c551cac3e68bd08e47a71785b03c77e116dc370d16587aa91e2a48454d85849eb3a8e92c0c25fccb757455e8c8d24696ac6ed9776801cb39a4af93ac4cf1718bbd0600fa9ee434179e07d527c8987b37176f66aa8d2920408b166a8a0458051c18d847ef2223b6148977a713de5fb352cc4d05783f2a97c121480b8ca9bd74af575397c1d664286d3b4a2e49890c467392465cc9fa9572f8a81302b8db926320b7a4cbaa8d4f677e3f4b05491eace16d291f77a090598080b4a36d3a2450eee1b51ced753ac5944614f6441bd35a7c9757a47a40a3ec643611da02c373f07354a053ab535b4f474dfad3eb2999a5fff0fcd10c907d2768d1bdd0515263f3c7ee99433cfdef4f27fc344e1770d471a930d4f39e14702a9e6e232e5280c561d308811dc0e41cbe4f604b4a76e06242b7893f68b912702b5f915c69e031677cff03a93aee7d940b312bd7bdcec63d9c2f68b9a1edc9e34696ab59ef9227a1f3e8d20595f718a6a067332edecb57d8ce19ac1d813fb5c57521520095d0552f84411e5accd3eea01bb59f270eee698ef6aad42e24d6f50182553460ffa6a24becf191e79563877be996694da2d2968d22743af0efabdced388c12ad6ecdb379cb2ced26c92cc44d7eac5a2248b2625ac6405a87bc3874b49639ef81afc9c791a907862c7c2b08048481b9183d11066fbdb86c9e0ffd1199880704115b7ca3732753d7e00aa9a65edb2f0808f687eeb3a38fd7b888f9c4a370bf7b5f47396e84f9c2e19f94e9308ea6ac93057cedb7db57c73995f4f2b159c2c9c59487f1b3679a1c65feb8dc9a30283f9938bbe7bc980251594d782a346cd5320f2bc9660d906d8fe4ba7475d455c3d4de427165426419d50fbe3c930d611159756d671408ed6d5cdd4506bd4bebc24096c6568e9937761afd8d34444be07b455a3ebaab3b5af07267ea2f2f65e93599e34c46176f4ac72419014e4ff0b09c2a218fb83cd6ee824e9d0348cede00a35d058a44829c133d1df93a2c316beee53fcda23dc55c1fcf7597be1f8e1ee8dd037539aff952d3e81c99dc8946259d878d29cc1af5fca8d2ee701169ba8a50f106364f26a49b4064847cf767ab49ffdf6be3bb7630bc3fa28534f4a5fe349a37c6d47193630cc8f1811a8609d59d2ce2dcbe6d183051a85ebc679d31485df0a100c4998fb18b69578b0946fb4949b1a909fd798a1e4ba05fe0ea9c7a66198394d1664d334a4a7f49ae64d85898f5fef422080ca4f22ab43722562d8f20bfbbb081a4cfd447864b94e69c45fe192d673b63acf0a697e6062679c4387ba1d84721972d180d70d8c77a593c19c7f912bc7fd0f3d2de7db95333a929aef856e69117cf48f04b0005a5082e6c1e42fe944321f56dab6aa9b210645b78b61e0ae177948456dc80974442ca9393cc85149f914e117464d052454fd57a043f3010b21f33e0cadcaeb1732f2d0def5fcd46a7c2dd13a3a50cea1e567d41ab36242bf8b8ac398e2c6dd88b828ffd0cf13d2aa2cac42748744b6af4a5c087bd86b111ea21aeabf4fb8e2e901f60cb5a779a42d1e5f7a52210063334a2bd3f7b03f091a824e0b112f3f168c1ef30279963863f099a331020bd76a1cf34322b3e09c189179cab873774ea6cdd828b70b85b10307a828576262cb197af10680ad5451298594596d49c58e8632ff8678fb73c62b01ebd7920b2f67e0b1146576f13a09f9c5ed6815e23654820d1d33833675641f5b807fa9d2ca01443ed62f1d57362cb8eda5693b8bbc429f3d1283b61d8ad0a59fb5cccfeb31177cbf244c5328dc2fbfafdc52b316dca8c4fad1c63ee7b527f20c14e39556073098590056dba11282e9b474b2fe2adf827a90d5b74668bd777801aede879dbcbe1b9f85af817bb2c8f4c138fde3950f87d9e3eecc26a5436cce6bf61aed8681fe17ad762fde0dcb43214a3d2ec2df458b4a17399373a26d2bf3a918780d46c8924bda86464652c4f61bad941510781c410836ac0c55cb137ef6ea60a7969f44fa54c153c4ee30df9936e212b934a0fa5ee4d0106ab6141c09e6c59f24f844e166724037fd9521c21927c33a38eef7de640b88a5ae4cc376c49859b5308895ac86772d519059e60e68701b178899f5d00f79a9f82599e2b718bf8e615ca30b9625c100a07a1ff9a544ee2a11ce3fa06c08250937cadf15c45bc0ea76da61f043c383592d0b58d8d73a965c1d91d8255bb831f2aa833c9d85416b2ee69408d8e08a1d9c961a6ed2c99e26907bf624f466c53360cc2ee8be440311eed519152ae315ab2ee0466d6a994578ef5e35279a516c16499f470dd4099fad9d770f69fd30132d307f0eae2704b0eb7e33db11f00ca61a03028617166596a14859d68a98bdd2f15393b4872e36259c98054a66e55827e455b85f7996a984c754428c0c56a15d912ffce361675426236814ab352884f8f390333a772b5a260ac1676b3bf9cf4881ffcbc7612c608f5612236da3ffe352544f55089cde97116f18436eeafcc1e9896baf78d3ed33e19d53e8cea569991d58c087187592bfd046d901a4d96e084cba396eadbb1a1ebe21ae528bbd9844c6d0a18db141ce3df69616dcc664a326a0f70822c8db73ca3d2f1197221fc41b80c7301f4d38f8a26f3edb5d4ae2560be28558ac2057c5ed03b2ee40882ff1d2a70f7df41e2e22918c518dd3f48b2fcbe9c617a07be81f56f253214f7639497faaa403e7c5766c9f7cb29a5dba79cdaf28469fb38401c9de5a57d9463d6c991f97b5df20ba5acb9a049093b3f2d1e7e46fd45a84966c45d9cbcf0583056c51e2eb75cac26f85cf9347cf3be021f1febacfd37ad77a8d3b2276d39ed777e4573bd77f2d0b219375aa577ab6bab90de8f93814a71344397c77cef482d2780fe55ba5b99ad6668df0f61aa63d78e11387d00c5d90be1c3a38ace7938112ef9bb8d214d45fe8", 0x1000, 0x7, 0x0, 0x3, r5}, &(0x7f0000000440)={0x0, 0x0, 0x0, 0xa, 0x0, r7, &(0x7f0000000400)="d7494d321e5b2a49c1d82d8ec1279794ae2ce634e9e8266be4100751a17e89d4717d46a95fa7a720127148", 0x2b, 0x8, 0x0, 0x3, r9}, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x1, 0xfd, r4, &(0x7f0000001580)="9b8467a98127e73f02b3ef326fe0d14dc125055010e65e6ffe744538217383048cec6800bdf31f60b3d584e8c6b38ab1e0cde19221cb7f6e0c4f6cc8c24adac6831ad90865d8612d15f39facc69be6b096b67272618521f9c9aa6b4f11aa6eed69650bcf14ab996688f742a741c4c45260d9f86c36d15f0e369cc8cc061bf3ca91a3dfe19967f276bb9ad386cc0c79dd2cdf3ddddb9f39b391a1b06c61444182dd3cce349b613e1a26b48db417405463ee005fbb52a71f1ea3ec1caa8cb982b18ee985919b6694e39dd31b128c01f8ab2956c9b6e573e828cde9a18e8e55d4297aa0e1afdc1b523d34838370a70c624328250e7ec5e45d6aec4e", 0xfa, 0x2, 0x0, 0x1, r10}, &(0x7f0000001680)={0x0, 0x0, 0x0, 0x8, 0x8, r5, &(0x7f00000004c0)="f9f5322421836a766b28fa35e34dcb188cb9bd0798b0e5449e095bcf078d8b735bec1cfc13a0cfd1a526e2727033daaac71a7e7811f66f31299e08ef20b13f86cbea80efbccc33b60b3aa11a95cfd48a7d24fea7f1c255d7194655955f598c47c08ece8d8cfac62609bda60e4052fc61329e4d0e9912d9", 0x77, 0x8001, 0x0, 0x9a38fb94019b1fbf, r5}]) [ 2349.612299] FAULT_INJECTION: forcing a failure. [ 2349.612299] name failslab, interval 1, probability 0, space 0, times 0 [ 2349.615011] CPU: 1 PID: 14845 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2349.616488] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2349.618970] Call Trace: [ 2349.619538] dump_stack+0x107/0x163 [ 2349.620332] should_fail.cold+0x5/0xa [ 2349.621170] ? create_object.isra.0+0x3a/0xa10 [ 2349.622161] should_failslab+0x5/0x10 [ 2349.623008] kmem_cache_alloc+0x5b/0x350 [ 2349.623902] create_object.isra.0+0x3a/0xa10 [ 2349.624858] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2349.625967] kmem_cache_alloc+0x15b/0x350 [ 2349.626879] __pmd_alloc+0x98/0x5e0 [ 2349.627683] handle_mm_fault+0x1a30/0x3570 [ 2349.628608] ? perf_trace_lock+0xb6/0x470 [ 2349.629501] ? hlock_class+0x120/0x120 [ 2349.630364] ? perf_trace_lock+0xb6/0x470 [ 2349.631265] ? __pmd_alloc+0x5e0/0x5e0 [ 2349.632140] __get_user_pages+0x61d/0x1400 [ 2349.633074] ? follow_page_mask+0x1820/0x1820 [ 2349.634047] ? __lockdep_reset_lock+0x180/0x180 [ 2349.635064] ? avc_has_perm_noaudit+0x1f8/0x3a0 [ 2349.636083] ? find_held_lock+0x2c/0x110 [ 2349.636971] __get_user_pages_remote+0x1d1/0x860 [ 2349.638010] get_user_pages_remote+0x63/0x90 [ 2349.638975] get_arg_page+0xba/0x200 [ 2349.639781] ? acct_arg_size+0xe0/0xe0 [ 2349.640631] ? insert_vm_struct+0x1f7/0x340 [ 2349.641585] copy_string_kernel+0x1b0/0x440 [ 2349.642620] do_execveat_common.isra.0+0x405/0x670 [ 2349.643732] __x64_sys_execveat+0xe7/0x130 [ 2349.644687] do_syscall_64+0x33/0x40 [ 2349.645493] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2349.646617] RIP: 0033:0x466609 [ 2349.647316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2349.651330] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2349.652982] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2349.654676] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2349.656240] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2349.657809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2349.659401] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 [ 2349.695605] FAULT_INJECTION: forcing a failure. [ 2349.695605] name failslab, interval 1, probability 0, space 0, times 0 [ 2349.698185] CPU: 1 PID: 14862 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2349.699694] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2349.702153] Call Trace: [ 2349.702759] dump_stack+0x107/0x163 [ 2349.703563] should_fail.cold+0x5/0xa [ 2349.704395] ? __pmd_alloc+0x98/0x5e0 [ 2349.705222] should_failslab+0x5/0x10 [ 2349.706050] kmem_cache_alloc+0x5b/0x350 [ 2349.706954] __pmd_alloc+0x98/0x5e0 [ 2349.707746] handle_mm_fault+0x1a30/0x3570 [ 2349.708661] ? perf_trace_lock+0xb6/0x470 [ 2349.709548] ? hlock_class+0x120/0x120 [ 2349.710397] ? __pmd_alloc+0x5e0/0x5e0 [ 2349.711272] __get_user_pages+0x61d/0x1400 [ 2349.712218] ? follow_page_mask+0x1820/0x1820 [ 2349.713293] ? __lockdep_reset_lock+0x180/0x180 [ 2349.714817] ? avc_has_perm_noaudit+0x1f8/0x3a0 [ 2349.716381] ? find_held_lock+0x2c/0x110 [ 2349.717433] __get_user_pages_remote+0x1d1/0x860 [ 2349.718733] get_user_pages_remote+0x63/0x90 [ 2349.719896] get_arg_page+0xba/0x200 [ 2349.720797] ? acct_arg_size+0xe0/0xe0 [ 2349.721865] ? insert_vm_struct+0x1f7/0x340 [ 2349.722994] copy_string_kernel+0x1b0/0x440 [ 2349.724034] do_execveat_common.isra.0+0x405/0x670 [ 2349.725256] __x64_sys_execveat+0xe7/0x130 [ 2349.726270] do_syscall_64+0x33/0x40 [ 2349.727183] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2349.728398] RIP: 0033:0x466609 [ 2349.729199] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2349.733256] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2349.734969] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2349.736525] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2349.738403] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2349.740245] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2349.742170] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 06:10:26 executing program 0: r0 = syz_io_uring_setup(0x20, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:10:26 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b34, 0x2) 06:10:26 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:10:26 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:10:26 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x8, 0x0, 0x0) 06:10:27 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(0x0, r1, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(0x0, r1, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r2+60000000}}, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2362.236633] kmemleak: 62 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:10:47 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b35, 0x2) 06:10:47 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:10:47 executing program 4 (fault-call:7 fault-nth:16): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:10:47 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:10:47 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(0x0, r1, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(0x0, r1, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r2+60000000}}, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:10:47 executing program 1 (fault-call:9 fault-nth:15): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:10:47 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x2000, 0x0, 0x0) 06:10:47 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) r3 = syz_mount_image$nfs4(&(0x7f0000000000), &(0x7f0000000200)='./file0\x00', 0x29ce07ad, 0x8, &(0x7f0000000800)=[{&(0x7f0000000240)="248ea7dbc81a77e875b9cda6fdc7a1eb306081116ce11a698c129d735a7f3376ea636bbf5021125b18c0d1e47d15db1ce8ee3bf08c212f17b31fbb508ee9d4bb34604bd3e6c20cef8500b89d90107150bc36ff8c952d1012188dd3efc4dbe86bef4755611b328adf9158032d8085709a6a550cd063995773dd5db64cee59e24431562fee19d57e203efb1022a1633fd1c0a2743a5e0eb52f8760020cc45a7c7435a5fbd97661dfc798972c5791d8", 0xae, 0x4}, {&(0x7f0000000340)="e6a17f1254d24b14aa7fc36f", 0xc, 0x7}, {&(0x7f0000000380)="5d1817a68fdf8c887e731ec92b657f82fcef4944e93ee72c9d98c6021255745672ade6663ef43a3730894b6777cf745ac9970b7d42829031401a95394714333c0ab657069da6a6ad8c615cdb762a58920f2a4782be3e1c04da30c03d641300390c782e48ff1301e405d4e9fd5bb7", 0x6e, 0x6}, {&(0x7f0000000400)="7f0e87453fb8f1d5000957e59cc14adee3befd35d541fbb001154924088329449c73b578e2457e52798b7aff67fa90d6591b529f2bf4c1a1ab08a59848956fc51ed65ab150dd6bd306c22300c865a1881f8a2881cb72779fe13df519332e354425ceb53ce89daa1eacdacebb401d0aa5", 0x70, 0x6}, {&(0x7f0000000580)="e004ec532384b4296a31a838667022553540c14b462cd34b5d0a1ab0ed0d06fed5f755ce39479907625b124293b814395efa3a0a0020eef036ac93bf46e4ee5b626be1bc16017c74f238bb6040ed3059a7c9cbd68d68e51a17555bd7ce82ff255fbca8a1e761348b2437bbb3c0857817c2929e5098acd1c1a4987bdad2700c4451ab4e1157a6af088e6cb3e8508bb2517f40c5b32ef06251f9c49249dfa1ab2deb5e791dfd7fd823ae0992e38cdcb0091528e98b02f1af80f0e588a315faf3b25f6ce2188c9dda551009", 0xca, 0x8}, {&(0x7f0000000680)="b4072066692d1285a03abf48ec406a8d021e7643bb19f38a5ddabf88cd9f583aacd1c3f6d2d0be46b6758bec3c7432d82ebef35b8f2fe2e68de02f07689f1cfd6be47eac27b235afdacc138e724085ee8cb49ea9fd79c1a4404f4b071cfb1fd4531793c94a6a3a6aa22dd2e508f37347132ac16b022db34bb220c96441bd64bc41337a5342580e4c59f905a123b33c404949de2b5fb3f9c59618cbd4dd37463ba72b06baff07c36bb0bf3926de4fa37d42149a3fe1f1ba008cc4197399731f99c601c1bf3d0ceefdc9a3e4719bf22920f49b8f4a3a6ea5d38af6d26474daf3411e9a84", 0xe3, 0x9}, {&(0x7f0000000480)="1e45e9b827346ebaf9b549746dbe0cea63d3d53758c55fa6ef90bbe5d96912eed6da9f0847fc99aa000d424d9e91932780ff01de156a965a04130405f7d7495b0f94cac850594ff5f5cc7afb155ab96bed6d32bac6ac64a9be5a5620063b01df805bfc2941c705117cc74196785385357d636bde148cb1afb4670e9e02e02e68d01779949b01124931c7f880af60395869bb82b3111f22e2e502880dd2288b723307640c9e69a99557ff076cc240f4915f76c378e87c01", 0xb7, 0xffffffff}, {&(0x7f0000000780)="05d8dbdc0d3d9075654d53066a1f7ef253f23b17ad9eb74c14ba2dd22766944b0bfd61f4d58b7b8218c23cb2ff26b829e4d2a2f499f3ecca28f72f5585fa2e61c555649a39afea", 0x47, 0x2d}], 0x20, &(0x7f00000008c0)={[{'-\':'}, {'}}:'}, {'&-^.#@'}, {'\x00'}, {':'}, {}, {'.}#'}, {}], [{@dont_measure}, {@obj_type={'obj_type', 0x3d, '\x00'}}, {@seclabel}]}) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r5 = syz_open_dev$vcsu(&(0x7f0000000900), 0x10000, 0x10040) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, r6) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_CLOSE={0x13, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r4}}, 0x2000000) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:10:47 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:10:47 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2370.522319] FAULT_INJECTION: forcing a failure. [ 2370.522319] name failslab, interval 1, probability 0, space 0, times 0 [ 2370.524790] CPU: 0 PID: 14932 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2370.526336] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2370.528722] Call Trace: [ 2370.529284] dump_stack+0x107/0x163 06:10:47 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x80ffff, 0x0, 0x0) [ 2370.530052] should_fail.cold+0x5/0xa [ 2370.530976] ? create_object.isra.0+0x3a/0xa10 [ 2370.531938] should_failslab+0x5/0x10 [ 2370.532737] kmem_cache_alloc+0x5b/0x350 [ 2370.533601] create_object.isra.0+0x3a/0xa10 [ 2370.534534] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2370.535659] kmem_cache_alloc+0x15b/0x350 06:10:47 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(0x0, r1, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(0x0, r1, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r2+60000000}}, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2370.536562] __pmd_alloc+0x98/0x5e0 [ 2370.537390] handle_mm_fault+0x1a30/0x3570 [ 2370.538287] ? perf_trace_lock+0xb6/0x470 [ 2370.539161] ? hlock_class+0x120/0x120 [ 2370.539975] ? __pmd_alloc+0x5e0/0x5e0 [ 2370.540823] __get_user_pages+0x61d/0x1400 [ 2370.541746] ? follow_page_mask+0x1820/0x1820 [ 2370.542732] ? __lockdep_reset_lock+0x180/0x180 [ 2370.543709] ? avc_has_perm_noaudit+0x1f8/0x3a0 [ 2370.544694] ? find_held_lock+0x2c/0x110 [ 2370.545547] __get_user_pages_remote+0x1d1/0x860 [ 2370.546549] get_user_pages_remote+0x63/0x90 [ 2370.547485] get_arg_page+0xba/0x200 [ 2370.548266] ? acct_arg_size+0xe0/0xe0 [ 2370.549088] ? insert_vm_struct+0x1f7/0x340 [ 2370.549993] copy_string_kernel+0x1b0/0x440 [ 2370.550909] do_execveat_common.isra.0+0x405/0x670 [ 2370.551936] __x64_sys_execveat+0xe7/0x130 [ 2370.552818] do_syscall_64+0x33/0x40 [ 2370.553595] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2370.554658] RIP: 0033:0x466609 [ 2370.555343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2370.559155] RSP: 002b:00007fda96221188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2370.560730] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 0000000000466609 [ 2370.562264] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2370.563753] RBP: 00007fda962211d0 R08: 0000000000000000 R09: 0000000000000000 [ 2370.565224] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2370.566700] R13: 00007ffcd66bd11f R14: 00007fda96221300 R15: 0000000000022000 [ 2370.583805] FAULT_INJECTION: forcing a failure. [ 2370.583805] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2370.586507] CPU: 0 PID: 14920 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2370.587917] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2370.590202] Call Trace: [ 2370.590753] dump_stack+0x107/0x163 [ 2370.591497] should_fail.cold+0x5/0xa [ 2370.592294] __alloc_pages_nodemask+0x17f/0x670 [ 2370.593239] ? __alloc_pages_slowpath.constprop.0+0x2090/0x2090 [ 2370.594455] ? __pmd_alloc+0x2e6/0x5e0 [ 2370.595264] ? lock_downgrade+0x6d0/0x6d0 [ 2370.596110] ? do_raw_spin_lock+0x129/0x270 [ 2370.596986] alloc_pages_current+0x187/0x280 [ 2370.597868] pte_alloc_one+0x16/0x190 [ 2370.598642] __pte_alloc+0x1d/0x320 [ 2370.599383] handle_mm_fault+0x290c/0x3570 [ 2370.600262] ? perf_trace_lock+0xb6/0x470 [ 2370.601117] ? hlock_class+0x120/0x120 [ 2370.602019] ? __pmd_alloc+0x5e0/0x5e0 [ 2370.602971] __get_user_pages+0x61d/0x1400 [ 2370.603966] ? follow_page_mask+0x1820/0x1820 [ 2370.605020] ? __lockdep_reset_lock+0x180/0x180 [ 2370.606089] ? avc_has_perm_noaudit+0x1f8/0x3a0 [ 2370.607176] ? find_held_lock+0x2c/0x110 [ 2370.608113] __get_user_pages_remote+0x1d1/0x860 [ 2370.609215] get_user_pages_remote+0x63/0x90 [ 2370.610230] get_arg_page+0xba/0x200 [ 2370.611110] ? acct_arg_size+0xe0/0xe0 [ 2370.612010] ? insert_vm_struct+0x1f7/0x340 [ 2370.613009] copy_string_kernel+0x1b0/0x440 [ 2370.614005] do_execveat_common.isra.0+0x405/0x670 [ 2370.615142] __x64_sys_execveat+0xe7/0x130 [ 2370.616110] do_syscall_64+0x33/0x40 [ 2370.616957] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2370.618125] RIP: 0033:0x466609 [ 2370.618869] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2370.623065] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2370.624795] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2370.626408] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2370.628024] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2370.629628] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2370.631255] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 06:10:47 executing program 1 (fault-call:9 fault-nth:16): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:10:47 executing program 4 (fault-call:7 fault-nth:17): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:10:47 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) r3 = open(&(0x7f0000000000)='./file0\x00', 0x240000, 0xa9) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKINFO_SET(r3, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x2c, r4, 0x800, 0x70bd2c, 0x25dfdbff, {}, [@ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0xdd}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5}, @ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0x7f}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x4040801) [ 2370.899805] FAULT_INJECTION: forcing a failure. [ 2370.899805] name failslab, interval 1, probability 0, space 0, times 0 [ 2370.902365] CPU: 0 PID: 14990 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2370.903895] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2370.906337] Call Trace: [ 2370.906921] dump_stack+0x107/0x163 [ 2370.907706] should_fail.cold+0x5/0xa [ 2370.908525] ? ptlock_alloc+0x1d/0x70 [ 2370.909345] should_failslab+0x5/0x10 [ 2370.910156] kmem_cache_alloc+0x5b/0x350 [ 2370.911055] ptlock_alloc+0x1d/0x70 [ 2370.911839] pte_alloc_one+0x68/0x190 [ 2370.912656] __pte_alloc+0x1d/0x320 [ 2370.913444] handle_mm_fault+0x290c/0x3570 [ 2370.914354] ? perf_trace_lock+0xb6/0x470 [ 2370.915246] ? hlock_class+0x120/0x120 [ 2370.916077] ? __pmd_alloc+0x5e0/0x5e0 [ 2370.916937] __get_user_pages+0x61d/0x1400 [ 2370.917865] ? follow_page_mask+0x1820/0x1820 [ 2370.918837] ? __lockdep_reset_lock+0x180/0x180 [ 2370.919835] ? avc_has_perm_noaudit+0x1f8/0x3a0 [ 2370.920841] ? find_held_lock+0x2c/0x110 [ 2370.921722] __get_user_pages_remote+0x1d1/0x860 [ 2370.922758] get_user_pages_remote+0x63/0x90 [ 2370.923712] get_arg_page+0xba/0x200 [ 2370.924510] ? acct_arg_size+0xe0/0xe0 [ 2370.925354] ? insert_vm_struct+0x1f7/0x340 [ 2370.926336] copy_string_kernel+0x1b0/0x440 [ 2370.927300] do_execveat_common.isra.0+0x405/0x670 [ 2370.928359] __x64_sys_execveat+0xe7/0x130 [ 2370.929272] do_syscall_64+0x33/0x40 [ 2370.929425] FAULT_INJECTION: forcing a failure. [ 2370.929425] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2370.930061] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2370.930075] RIP: 0033:0x466609 [ 2370.930098] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2370.937006] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2370.938644] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2370.940192] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2370.941719] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2370.943251] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2370.944777] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 [ 2370.946339] CPU: 1 PID: 15017 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2370.947158] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2370.948394] Call Trace: [ 2370.948696] dump_stack+0x107/0x163 [ 2370.949088] should_fail.cold+0x5/0xa [ 2370.949524] __alloc_pages_nodemask+0x17f/0x670 [ 2370.950021] ? __alloc_pages_slowpath.constprop.0+0x2090/0x2090 [ 2370.950682] ? __pmd_alloc+0x2e6/0x5e0 [ 2370.951113] ? lock_downgrade+0x6d0/0x6d0 [ 2370.951566] ? do_raw_spin_lock+0x129/0x270 [ 2370.952030] alloc_pages_current+0x187/0x280 [ 2370.952505] pte_alloc_one+0x16/0x190 [ 2370.952910] __pte_alloc+0x1d/0x320 [ 2370.953298] handle_mm_fault+0x290c/0x3570 [ 2370.953758] ? perf_trace_lock+0xb6/0x470 [ 2370.954202] ? hlock_class+0x120/0x120 [ 2370.954633] ? __pmd_alloc+0x5e0/0x5e0 [ 2370.955076] __get_user_pages+0x61d/0x1400 [ 2370.955540] ? follow_page_mask+0x1820/0x1820 [ 2370.956015] ? __lockdep_reset_lock+0x180/0x180 [ 2370.956514] ? avc_has_perm_noaudit+0x1f8/0x3a0 [ 2370.957045] ? find_held_lock+0x2c/0x110 [ 2370.957509] __get_user_pages_remote+0x1d1/0x860 [ 2370.958046] get_user_pages_remote+0x63/0x90 [ 2370.958571] get_arg_page+0xba/0x200 [ 2370.959003] ? acct_arg_size+0xe0/0xe0 [ 2370.959461] ? insert_vm_struct+0x1f7/0x340 [ 2370.959939] copy_string_kernel+0x1b0/0x440 [ 2370.960452] do_execveat_common.isra.0+0x405/0x670 [ 2370.961015] __x64_sys_execveat+0xe7/0x130 [ 2370.961514] do_syscall_64+0x33/0x40 [ 2370.961934] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2370.962539] RIP: 0033:0x466609 [ 2370.962908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2370.964969] RSP: 002b:00007fda96221188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2370.965821] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 0000000000466609 [ 2370.966634] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2370.967463] RBP: 00007fda962211d0 R08: 0000000000000000 R09: 0000000000000000 [ 2370.968254] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2370.969056] R13: 00007ffcd66bd11f R14: 00007fda96221300 R15: 0000000000022000 [ 2384.969149] kmemleak: 10 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:11:11 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b36, 0x2) 06:11:11 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:11:11 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:11:11 executing program 1 (fault-call:9 fault-nth:17): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:11:11 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x8000000, 0x0, 0x0) 06:11:11 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, 0x0, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r2+60000000}}, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:11:11 executing program 4 (fault-call:7 fault-nth:18): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:11:11 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 2394.001191] FAULT_INJECTION: forcing a failure. [ 2394.001191] name failslab, interval 1, probability 0, space 0, times 0 [ 2394.002451] CPU: 1 PID: 15092 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2394.003222] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2394.004583] Call Trace: [ 2394.004875] dump_stack+0x107/0x163 [ 2394.005271] should_fail.cold+0x5/0xa [ 2394.005742] ? create_object.isra.0+0x3a/0xa10 [ 2394.006239] should_failslab+0x5/0x10 [ 2394.006649] kmem_cache_alloc+0x5b/0x350 [ 2394.007109] ? __alloc_pages_slowpath.constprop.0+0x2090/0x2090 [ 2394.007789] create_object.isra.0+0x3a/0xa10 [ 2394.008285] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2394.008902] kmem_cache_alloc+0x15b/0x350 [ 2394.009424] ptlock_alloc+0x1d/0x70 [ 2394.009887] pte_alloc_one+0x68/0x190 [ 2394.010303] __pte_alloc+0x1d/0x320 [ 2394.010703] handle_mm_fault+0x290c/0x3570 [ 2394.011177] ? perf_trace_lock+0xb6/0x470 [ 2394.011632] ? hlock_class+0x120/0x120 [ 2394.012058] ? __pmd_alloc+0x5e0/0x5e0 [ 2394.012490] __get_user_pages+0x61d/0x1400 [ 2394.012945] ? follow_page_mask+0x1820/0x1820 [ 2394.013432] ? __lockdep_reset_lock+0x180/0x180 [ 2394.013923] ? avc_has_perm_noaudit+0x1f8/0x3a0 [ 2394.014433] ? find_held_lock+0x2c/0x110 [ 2394.014892] __get_user_pages_remote+0x1d1/0x860 [ 2394.015438] get_user_pages_remote+0x63/0x90 [ 2394.015940] get_arg_page+0xba/0x200 [ 2394.016348] ? acct_arg_size+0xe0/0xe0 [ 2394.016792] ? insert_vm_struct+0x1f7/0x340 [ 2394.017259] copy_string_kernel+0x1b0/0x440 [ 2394.017756] do_execveat_common.isra.0+0x405/0x670 [ 2394.018292] __x64_sys_execveat+0xe7/0x130 [ 2394.018877] do_syscall_64+0x33/0x40 [ 2394.019306] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2394.020010] RIP: 0033:0x466609 [ 2394.020377] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2394.022418] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2394.023239] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2394.024008] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2394.024776] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2394.025542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2394.026302] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 06:11:11 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, 0x0, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r2+60000000}}, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2394.057930] FAULT_INJECTION: forcing a failure. [ 2394.057930] name failslab, interval 1, probability 0, space 0, times 0 [ 2394.060675] CPU: 0 PID: 15105 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2394.062122] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2394.064533] Call Trace: [ 2394.065100] dump_stack+0x107/0x163 [ 2394.065888] should_fail.cold+0x5/0xa [ 2394.066687] ? ptlock_alloc+0x1d/0x70 06:11:11 executing program 4 (fault-call:7 fault-nth:19): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2394.067522] should_failslab+0x5/0x10 [ 2394.068449] kmem_cache_alloc+0x5b/0x350 [ 2394.069311] ptlock_alloc+0x1d/0x70 [ 2394.070091] pte_alloc_one+0x68/0x190 [ 2394.070893] __pte_alloc+0x1d/0x320 [ 2394.071689] handle_mm_fault+0x290c/0x3570 [ 2394.072600] ? perf_trace_lock+0xb6/0x470 [ 2394.073486] ? hlock_class+0x120/0x120 [ 2394.074329] ? __pmd_alloc+0x5e0/0x5e0 [ 2394.075203] __get_user_pages+0x61d/0x1400 [ 2394.076120] ? follow_page_mask+0x1820/0x1820 [ 2394.077081] ? __lockdep_reset_lock+0x180/0x180 [ 2394.078075] ? avc_has_perm_noaudit+0x1f8/0x3a0 [ 2394.079112] ? find_held_lock+0x2c/0x110 [ 2394.080002] __get_user_pages_remote+0x1d1/0x860 [ 2394.081037] get_user_pages_remote+0x63/0x90 [ 2394.081990] get_arg_page+0xba/0x200 [ 2394.082795] ? acct_arg_size+0xe0/0xe0 [ 2394.083650] ? insert_vm_struct+0x1f7/0x340 [ 2394.084579] copy_string_kernel+0x1b0/0x440 [ 2394.085522] do_execveat_common.isra.0+0x405/0x670 [ 2394.086588] __x64_sys_execveat+0xe7/0x130 [ 2394.087506] do_syscall_64+0x33/0x40 [ 2394.088303] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2394.089400] RIP: 0033:0x466609 [ 2394.090094] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2394.093992] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2394.095633] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2394.097156] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2394.098686] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2394.100229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2394.101756] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 06:11:11 executing program 1 (fault-call:9 fault-nth:18): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:11:11 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:11:11 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:11:11 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) utimes(&(0x7f0000000000)='./file0\x00', &(0x7f0000000200)={{0x0, 0xea60}, {0x0, 0x2710}}) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:11:11 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x20000000, 0x0, 0x0) 06:11:11 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, 0x0, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r2+60000000}}, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2394.265662] FAULT_INJECTION: forcing a failure. [ 2394.265662] name failslab, interval 1, probability 0, space 0, times 0 [ 2394.267078] CPU: 1 PID: 15130 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2394.267855] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2394.269076] Call Trace: [ 2394.269392] dump_stack+0x107/0x163 [ 2394.269786] should_fail.cold+0x5/0xa [ 2394.270199] ? __anon_vma_prepare+0x62/0x4f0 [ 2394.270686] should_failslab+0x5/0x10 [ 2394.271116] kmem_cache_alloc+0x5b/0x350 [ 2394.271568] __anon_vma_prepare+0x62/0x4f0 [ 2394.272020] ? __pte_alloc+0x194/0x320 [ 2394.272451] handle_mm_fault+0x2be1/0x3570 [ 2394.272916] ? perf_trace_lock+0xb6/0x470 [ 2394.273359] ? hlock_class+0x120/0x120 [ 2394.273782] ? __pmd_alloc+0x5e0/0x5e0 [ 2394.274217] __get_user_pages+0x61d/0x1400 [ 2394.274690] ? follow_page_mask+0x1820/0x1820 [ 2394.275178] ? __lockdep_reset_lock+0x180/0x180 [ 2394.275685] ? avc_has_perm_noaudit+0x1f8/0x3a0 [ 2394.276198] ? find_held_lock+0x2c/0x110 [ 2394.276645] __get_user_pages_remote+0x1d1/0x860 [ 2394.277160] get_user_pages_remote+0x63/0x90 [ 2394.277645] get_arg_page+0xba/0x200 [ 2394.278046] ? acct_arg_size+0xe0/0xe0 [ 2394.278470] ? insert_vm_struct+0x1f7/0x340 [ 2394.278930] copy_string_kernel+0x1b0/0x440 [ 2394.279414] do_execveat_common.isra.0+0x405/0x670 [ 2394.279945] __x64_sys_execveat+0xe7/0x130 [ 2394.280408] do_syscall_64+0x33/0x40 [ 2394.280806] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2394.281370] RIP: 0033:0x466609 [ 2394.281723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2394.283721] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2394.284557] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2394.285322] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2394.286198] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2394.286991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2394.287761] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 [ 2394.318545] FAULT_INJECTION: forcing a failure. [ 2394.318545] name failslab, interval 1, probability 0, space 0, times 0 [ 2394.319866] CPU: 1 PID: 15146 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2394.320617] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2394.321853] Call Trace: [ 2394.322145] dump_stack+0x107/0x163 [ 2394.322613] should_fail.cold+0x5/0xa [ 2394.323073] ? create_object.isra.0+0x3a/0xa10 [ 2394.323582] should_failslab+0x5/0x10 [ 2394.323987] kmem_cache_alloc+0x5b/0x350 [ 2394.324431] ? __alloc_pages_slowpath.constprop.0+0x2090/0x2090 [ 2394.325073] create_object.isra.0+0x3a/0xa10 [ 2394.325557] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2394.326105] kmem_cache_alloc+0x15b/0x350 [ 2394.326563] ptlock_alloc+0x1d/0x70 [ 2394.326954] pte_alloc_one+0x68/0x190 [ 2394.327381] __pte_alloc+0x1d/0x320 [ 2394.327781] handle_mm_fault+0x290c/0x3570 [ 2394.328232] ? perf_trace_lock+0xb6/0x470 [ 2394.328680] ? hlock_class+0x120/0x120 [ 2394.329099] ? __pmd_alloc+0x5e0/0x5e0 [ 2394.329545] __get_user_pages+0x61d/0x1400 [ 2394.330010] ? follow_page_mask+0x1820/0x1820 [ 2394.330490] ? __lockdep_reset_lock+0x180/0x180 [ 2394.330990] ? avc_has_perm_noaudit+0x1f8/0x3a0 [ 2394.331522] ? find_held_lock+0x2c/0x110 [ 2394.331965] __get_user_pages_remote+0x1d1/0x860 [ 2394.332489] get_user_pages_remote+0x63/0x90 [ 2394.332974] get_arg_page+0xba/0x200 [ 2394.333387] ? acct_arg_size+0xe0/0xe0 [ 2394.333810] ? insert_vm_struct+0x1f7/0x340 [ 2394.334273] copy_string_kernel+0x1b0/0x440 [ 2394.334759] do_execveat_common.isra.0+0x405/0x670 [ 2394.335302] __x64_sys_execveat+0xe7/0x130 [ 2394.335757] do_syscall_64+0x33/0x40 [ 2394.336151] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2394.336722] RIP: 0033:0x466609 [ 2394.337065] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2394.339036] RSP: 002b:00007fda96221188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2394.339873] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 0000000000466609 [ 2394.340653] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2394.341423] RBP: 00007fda962211d0 R08: 0000000000000000 R09: 0000000000000000 [ 2394.342192] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2394.342961] R13: 00007ffcd66bd11f R14: 00007fda96221300 R15: 0000000000022000 [ 2407.241038] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:11:33 executing program 1 (fault-call:9 fault-nth:19): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:11:33 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b37, 0x2) 06:11:33 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:11:33 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:11:33 executing program 4 (fault-call:7 fault-nth:20): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:11:33 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:11:33 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0xf5ffffff, 0x0, 0x0) 06:11:33 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'batadv_slave_0\x00'}) syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) r5 = syz_io_uring_setup(0x1, &(0x7f0000000080), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140)) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r6}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_OPENAT={0x12, 0x2, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000240)='./file0\x00', 0x9a, 0x1, 0x12345, {0x0, r6}}, 0x7971dee6) syz_io_uring_setup(0x1001, &(0x7f0000000080)={0x0, 0x2fe1, 0x1, 0x0, 0x1fa}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000140)=0x0) openat$incfs(0xffffffffffffff9c, &(0x7f0000000200)='.log\x00', 0x40300, 0x2) syz_io_uring_submit(r7, r8, &(0x7f00000001c0)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x7, 0x4004, @fd_index=0xa, 0x4, 0x0, 0x0, 0x4, 0x1}, 0x0) syz_mount_image$iso9660(&(0x7f0000000340), &(0x7f0000000380)='./file0\x00', 0x8, 0x2, &(0x7f00000003c0)=[{&(0x7f00000004c0)="fe5a392f492f95966e5c38a8a4df4aaba0f749a56a90fe507a9e534317a86dc9321148bbcddfd9983a0dd0410ec70bcdbc2aabfa360fc25efa73a275fef5a9c1e095dbf914554ff4d76f5b441c603cb686f4ce9f9d7c119e3d83e8cc4d293f23fa", 0x61, 0x5}, {&(0x7f0000000580)="91b9507bef73ab9efd689995af81e44fa1cb958694242196b13b1ad740c9476e7e3b8a092ab33b8536e0c3be3938539a28987fc4e443d855a77d1b6cb08edba56b2c84ba6d85fa62955d03766e49", 0x4e, 0xff}], 0x210800, &(0x7f0000000600)={[{@session={'session', 0x3d, 0x5c}}, {@utf8}, {@cruft}, {}, {@cruft}, {}], [{@measure}, {@smackfsdef}, {@fsmagic={'fsmagic', 0x3d, 0x5}}]}) syz_io_uring_submit(r1, r8, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x3, 0x0, 0x14e, 0x2, &(0x7f0000000400)="f98278058cf816e4b5fcb0fc480b8bdf438ef2554661063ceea038a8a8555ae7a9a17493f00c3bb70dfac8a7eff66c8a861f0919ef110aa247961dd27b3c334fd45c2f47dcc87e064b629b77b8f8cd315b48a8b431e52c8ac28f8f482c010930e8c2a728122d23bf440a6954204fccaede61ab676f93b80dac1c68cdbd8066d7b36717c59f01172dd927461d0cb4cd4dc8d9b9cdf8f9010000d6640f53522c5be1999ac1127edf6cfb1442e7d6afc2f1a25a401457cc", 0x7, 0x0, 0x1, {0x3}}, 0x2) [ 2415.922862] FAULT_INJECTION: forcing a failure. [ 2415.922862] name failslab, interval 1, probability 0, space 0, times 0 [ 2415.924479] CPU: 1 PID: 15278 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2415.925385] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2415.926873] Call Trace: [ 2415.927231] dump_stack+0x107/0x163 [ 2415.927723] should_fail.cold+0x5/0xa [ 2415.928238] ? __anon_vma_prepare+0x62/0x4f0 [ 2415.928826] should_failslab+0x5/0x10 [ 2415.929334] kmem_cache_alloc+0x5b/0x350 [ 2415.929878] __anon_vma_prepare+0x62/0x4f0 [ 2415.930443] ? __pte_alloc+0x194/0x320 [ 2415.930971] handle_mm_fault+0x2be1/0x3570 [ 2415.931549] ? perf_trace_lock+0xb6/0x470 [ 2415.932078] ? hlock_class+0x120/0x120 [ 2415.932578] ? __pmd_alloc+0x5e0/0x5e0 [ 2415.933110] __get_user_pages+0x61d/0x1400 [ 2415.933670] ? follow_page_mask+0x1820/0x1820 [ 2415.934243] ? __lockdep_reset_lock+0x180/0x180 [ 2415.934849] ? avc_has_perm_noaudit+0x1f8/0x3a0 [ 2415.935458] ? find_held_lock+0x2c/0x110 [ 2415.935993] __get_user_pages_remote+0x1d1/0x860 [ 2415.936615] get_user_pages_remote+0x63/0x90 [ 2415.937186] get_arg_page+0xba/0x200 [ 2415.937671] ? acct_arg_size+0xe0/0xe0 [ 2415.938178] ? insert_vm_struct+0x1f7/0x340 [ 2415.938735] copy_string_kernel+0x1b0/0x440 [ 2415.939313] do_execveat_common.isra.0+0x405/0x670 [ 2415.939969] __x64_sys_execveat+0xe7/0x130 [ 2415.940527] do_syscall_64+0x33/0x40 [ 2415.941006] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2415.941666] RIP: 0033:0x466609 [ 2415.942086] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2415.944559] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2415.945578] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2415.946533] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2415.947496] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2415.948458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2415.949404] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 06:11:33 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2416.010775] FAULT_INJECTION: forcing a failure. [ 2416.010775] name failslab, interval 1, probability 0, space 0, times 0 [ 2416.013218] CPU: 0 PID: 15293 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2416.014689] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2416.017112] Call Trace: [ 2416.017666] dump_stack+0x107/0x163 [ 2416.018453] should_fail.cold+0x5/0xa 06:11:33 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2416.019280] ? create_object.isra.0+0x3a/0xa10 [ 2416.020526] should_failslab+0x5/0x10 [ 2416.021369] kmem_cache_alloc+0x5b/0x350 [ 2416.022271] create_object.isra.0+0x3a/0xa10 [ 2416.023232] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2416.024360] kmem_cache_alloc+0x15b/0x350 [ 2416.025279] __anon_vma_prepare+0x62/0x4f0 [ 2416.026194] ? __pte_alloc+0x194/0x320 [ 2416.027048] handle_mm_fault+0x2be1/0x3570 [ 2416.027953] ? perf_trace_lock+0xb6/0x470 [ 2416.028839] ? hlock_class+0x120/0x120 [ 2416.029655] ? __pmd_alloc+0x5e0/0x5e0 [ 2416.030537] __get_user_pages+0x61d/0x1400 [ 2416.031465] ? follow_page_mask+0x1820/0x1820 [ 2416.032429] ? __lockdep_reset_lock+0x180/0x180 [ 2416.033427] ? avc_has_perm_noaudit+0x1f8/0x3a0 [ 2416.034433] ? find_held_lock+0x2c/0x110 [ 2416.035318] __get_user_pages_remote+0x1d1/0x860 [ 2416.036378] get_user_pages_remote+0x63/0x90 [ 2416.037352] get_arg_page+0xba/0x200 [ 2416.038163] ? acct_arg_size+0xe0/0xe0 [ 2416.039007] ? insert_vm_struct+0x1f7/0x340 [ 2416.039957] copy_string_kernel+0x1b0/0x440 [ 2416.040895] do_execveat_common.isra.0+0x405/0x670 [ 2416.041955] __x64_sys_execveat+0xe7/0x130 [ 2416.042871] do_syscall_64+0x33/0x40 [ 2416.043715] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2416.044799] RIP: 0033:0x466609 [ 2416.045504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2416.049441] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2416.051101] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2416.052674] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2416.054222] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2416.055737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2416.057272] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 06:11:33 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0xffff8000, 0x0, 0x0) 06:11:33 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:11:33 executing program 1 (fault-call:9 fault-nth:20): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:11:33 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002ac0)=[{{&(0x7f0000000200)=@nl=@unspec, 0x80, &(0x7f0000000000)=[{&(0x7f0000000340)=""/147, 0x93}], 0x1, &(0x7f0000000400)=""/145, 0x91}, 0x5}, {{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000280)=""/85, 0x55}, {&(0x7f00000004c0)=""/28, 0x1c}, {&(0x7f0000000580)=""/220, 0xdc}, {&(0x7f0000000680)=""/202, 0xca}], 0x4, &(0x7f0000000780)=""/18, 0x12}, 0x7}, {{&(0x7f00000007c0)=@alg, 0x80, &(0x7f00000029c0)=[{&(0x7f0000000840)=""/4096, 0x1000}, {&(0x7f0000001840)=""/52, 0x34}, {&(0x7f0000001880)=""/64, 0x40}, {&(0x7f00000018c0)=""/202, 0xca}, {&(0x7f00000019c0)=""/4096, 0x1000}], 0x5, &(0x7f0000002a80)=""/62, 0x3e}, 0xfffff353}], 0x3, 0x0, &(0x7f0000002b80)={0x77359400}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:11:33 executing program 4 (fault-call:7 fault-nth:21): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:11:33 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2416.304612] FAULT_INJECTION: forcing a failure. [ 2416.304612] name failslab, interval 1, probability 0, space 0, times 0 [ 2416.307217] CPU: 1 PID: 15340 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2416.309016] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2416.311940] Call Trace: [ 2416.312515] dump_stack+0x107/0x163 [ 2416.313467] should_fail.cold+0x5/0xa [ 2416.314429] ? create_object.isra.0+0x3a/0xa10 [ 2416.315636] should_failslab+0x5/0x10 [ 2416.316560] kmem_cache_alloc+0x5b/0x350 [ 2416.317485] create_object.isra.0+0x3a/0xa10 [ 2416.318430] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2416.319613] kmem_cache_alloc+0x15b/0x350 [ 2416.320534] __anon_vma_prepare+0x62/0x4f0 [ 2416.321621] ? __pte_alloc+0x194/0x320 [ 2416.322473] handle_mm_fault+0x2be1/0x3570 [ 2416.323466] ? perf_trace_lock+0xb6/0x470 [ 2416.324342] ? hlock_class+0x120/0x120 [ 2416.325163] ? __pmd_alloc+0x5e0/0x5e0 [ 2416.326017] __get_user_pages+0x61d/0x1400 [ 2416.326928] ? follow_page_mask+0x1820/0x1820 [ 2416.327911] ? __lockdep_reset_lock+0x180/0x180 [ 2416.329118] ? avc_has_perm_noaudit+0x1f8/0x3a0 [ 2416.330153] ? find_held_lock+0x2c/0x110 [ 2416.331087] __get_user_pages_remote+0x1d1/0x860 [ 2416.332328] get_user_pages_remote+0x63/0x90 [ 2416.333269] get_arg_page+0xba/0x200 [ 2416.334057] ? acct_arg_size+0xe0/0xe0 [ 2416.334910] ? insert_vm_struct+0x1f7/0x340 [ 2416.335940] copy_string_kernel+0x1b0/0x440 [ 2416.336999] do_execveat_common.isra.0+0x405/0x670 [ 2416.338242] __x64_sys_execveat+0xe7/0x130 [ 2416.339147] do_syscall_64+0x33/0x40 [ 2416.339980] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2416.341090] RIP: 0033:0x466609 [ 2416.341789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2416.346144] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2416.348104] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2416.349702] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2416.351299] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2416.352832] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2416.354350] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 06:11:33 executing program 1 (fault-call:9 fault-nth:21): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2416.561134] FAULT_INJECTION: forcing a failure. [ 2416.561134] name failslab, interval 1, probability 0, space 0, times 0 [ 2416.563751] CPU: 1 PID: 15460 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2416.565352] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2416.567928] Call Trace: [ 2416.568500] dump_stack+0x107/0x163 [ 2416.569277] should_fail.cold+0x5/0xa [ 2416.570187] ? __anon_vma_prepare+0x281/0x4f0 [ 2416.571155] should_failslab+0x5/0x10 [ 2416.572057] kmem_cache_alloc+0x5b/0x350 [ 2416.573063] __anon_vma_prepare+0x281/0x4f0 [ 2416.574160] ? __pte_alloc+0x194/0x320 [ 2416.574990] handle_mm_fault+0x2be1/0x3570 [ 2416.575901] ? perf_trace_lock+0xb6/0x470 [ 2416.576777] ? hlock_class+0x120/0x120 [ 2416.577741] ? __pmd_alloc+0x5e0/0x5e0 [ 2416.578610] __get_user_pages+0x61d/0x1400 [ 2416.579734] ? follow_page_mask+0x1820/0x1820 [ 2416.580743] ? __lockdep_reset_lock+0x180/0x180 [ 2416.581776] ? avc_has_perm_noaudit+0x1f8/0x3a0 [ 2416.582826] ? find_held_lock+0x2c/0x110 [ 2416.583725] __get_user_pages_remote+0x1d1/0x860 [ 2416.584743] get_user_pages_remote+0x63/0x90 [ 2416.585685] get_arg_page+0xba/0x200 [ 2416.586480] ? acct_arg_size+0xe0/0xe0 [ 2416.587315] ? insert_vm_struct+0x1f7/0x340 [ 2416.588255] copy_string_kernel+0x1b0/0x440 [ 2416.589178] do_execveat_common.isra.0+0x405/0x670 [ 2416.590228] __x64_sys_execveat+0xe7/0x130 [ 2416.591126] do_syscall_64+0x33/0x40 [ 2416.591948] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2416.593075] RIP: 0033:0x466609 [ 2416.593775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2416.597822] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2416.599579] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2416.601107] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2416.602699] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2416.604265] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2416.605788] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 [ 2416.626478] FAULT_INJECTION: forcing a failure. [ 2416.626478] name failslab, interval 1, probability 0, space 0, times 0 [ 2416.628689] CPU: 0 PID: 15464 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2416.630005] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2416.632304] Call Trace: [ 2416.632812] dump_stack+0x107/0x163 [ 2416.633508] should_fail.cold+0x5/0xa [ 2416.634245] ? __anon_vma_prepare+0x281/0x4f0 [ 2416.635108] should_failslab+0x5/0x10 [ 2416.635862] kmem_cache_alloc+0x5b/0x350 [ 2416.636638] __anon_vma_prepare+0x281/0x4f0 [ 2416.637457] ? __pte_alloc+0x194/0x320 [ 2416.638208] handle_mm_fault+0x2be1/0x3570 [ 2416.639017] ? perf_trace_lock+0xb6/0x470 [ 2416.639815] ? hlock_class+0x120/0x120 [ 2416.640562] ? __pmd_alloc+0x5e0/0x5e0 [ 2416.641336] __get_user_pages+0x61d/0x1400 [ 2416.642155] ? follow_page_mask+0x1820/0x1820 [ 2416.643017] ? __lockdep_reset_lock+0x180/0x180 [ 2416.643933] ? avc_has_perm_noaudit+0x1f8/0x3a0 [ 2416.644833] ? find_held_lock+0x2c/0x110 [ 2416.645612] __get_user_pages_remote+0x1d1/0x860 [ 2416.646525] get_user_pages_remote+0x63/0x90 [ 2416.647358] get_arg_page+0xba/0x200 [ 2416.648077] ? acct_arg_size+0xe0/0xe0 [ 2416.648820] ? insert_vm_struct+0x1f7/0x340 [ 2416.649633] copy_string_kernel+0x1b0/0x440 [ 2416.650447] do_execveat_common.isra.0+0x405/0x670 [ 2416.651352] __x64_sys_execveat+0xe7/0x130 [ 2416.652177] do_syscall_64+0x33/0x40 [ 2416.652875] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2416.653833] RIP: 0033:0x466609 [ 2416.654427] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2416.657850] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2416.659244] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2416.660595] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2416.661920] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2416.663264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2416.664618] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 [ 2429.741987] kmemleak: 21 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:11:56 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0xfffffff5, 0x0, 0x0) 06:11:56 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b3a, 0x2) 06:11:56 executing program 4 (fault-call:7 fault-nth:22): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:11:56 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:11:56 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000500)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index=0x4, 0x20, 0x0, 0x3, 0x0, 0x1}, 0xffff) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000000)=0x388c, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r3, 0x6, 0x2, &(0x7f0000000040)=0x81, 0x4) bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000400)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x2a, 0x0, "4c774fc207b2764cc639d766f1a8bf75fa858b606ad21530ecaf8b152bc099032178945d2ed02d555131e75488a37329ea68553a3c06f898b0415d06e9edb87c74d7bb428a4657b3929ce7c15f973a5f"}, 0xd8) connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendmsg$inet6(r3, &(0x7f0000001b00)={0x0, 0x0, &(0x7f0000001880)=[{&(0x7f0000000600)="1faa95adceba8300eb24247ed4d5e2cb0be4466a69b9845b80", 0x19}, {&(0x7f0000000640)="6ac4db8851f25d2282d3b05e33024ae2967454bc314f53cdf5fae543bad7135d256610c76ff0d3d57916adc05dff78a0183db8784c112365a54662fb37e74fc44265548de1ddf06a633edc96a9ef9fdab368bbb8ba4ccb8bda9e036d017b766b617cd138693110cc672e4279f7a691cdf6db9e41ec97bd7d349713e1c123999c90823daacae4bc7af46dab6c170b27ce62c3624d4b9c4fc8a7b4e2bf6f6115b906f0a8c574bfe8fcbbc2bbeb76d27fdac46eb972677d2401fbb8b58489822dd7447a34b3ab51793286b52059df8295849f4c70158a71d7b2d49bfca7b435969c4c166cc41fe304a4060fc37000cd8e3a24fc9293f2b53bcdcc06ac99b3285103cb640f68a67462127f4a59bb610c6af22f11b1d5e701795f364ea1b7f229dcbd7f0ab5f9a926aaa3adb9a14a08514046f2cc5fc7c3e84c481ac404250c22b9caa390950ffc70f2b759645713f1dcdcc8657e8d793bb2d8fd847a4d0180995f6ef39a2d09675decd0e9e0b6be28e5b47daa5d5b8253f56daadf8975a93c0ae5158818040bfae06fbc927cf647fd16cb1a765f623b002cbe73a2e7bf09caad12dbfea39cc1f201841832ca02a1aceac1f79b8b37c5300f7f94ba3111518874dc958e644f6a288ef0e50c898495f6de4ac6e3e3c5daead482abe982d10b4590a183327eb81087f132120d793f6d31d19553a65f5a64f9e03de2bd145ee5af59344fca6400bf330f79eca31458933268c1f60f0fe9f18b75f4ea226844f9a7d6a0d640e3d06e7cd6c25d3414b09e56f1d7ffcd1cde1307f312ed3b25673df10e8de0be91e67e7259961a039dc5f04930a08da0865ba0f442da5b71ddc0d82e6f51478d4106de6c98d55ad135d88104ca7cf5e347565f58ba2ae1cacf2471963b43dae4ba25ca7326cae6c18d4ad2a9b4abfd534090501c1e461402f5772d2f4ddb0e7fcaed4319f09622b17e7e68f96a88c543ba5c570ebd8c5eb63637041c235622736dc4a1f641dbe6c2fdaa08f81a42d2712da53b01e60b257c1f6b45b98f7adb48218d8fbfa74f761994eee9166d5f044794cb03acd7b9d9c6f038aece468a9b444f24ce23e1ddf8a578ffd4b82f34f9be83d6683c581174a45898e116603f067044c3954305a87aa043c1247c3c5b3f22b1f95be0548897f830bb64d3ed8d23153ae1fef60c9819fcff95670a8049b2dd5024d834ad266220b03778199b346cf1afef021557545aa5ca9821e4996180583f17ede0e5f80ca972edcbabe087fb0098410085035ed89a6c192cc2d68235a64382e8b3bf6ee5abc6b256f4627e4f8ee8508cc00ed59f795a0869090b15418c0c4429f5f1ee1b9cff7fff0258d97b5f71c3c3b4fa8e763e6cf560e9d1a1007fcef0179664ecba7038a6e713dd30caea7539a01c70a29da17267685c84a9f13aab5c8dbb7e1bf15ed89db99628495ea7e456be0431f0eca4c991e5998f3e26277b1455dea375982ab6ca884895c5c25d0dedfff72c3d1dfe29ee8fc0602623e9351fae69c5b091fd714e07b41dc08dbddac2814d12669610389dec3668403482709edadf34ef552d5ae545c03fd01316de1058e7ae9ac97778436ae1da91437cdba17b78094177c2e9c440f8846fa26429ad94c3a3422c205a1044bc82e05518deab49f398f099fd01a90b3a50b741c78dc2f44249d9728370b6fc8795ef1ed5e98944cf9b69467c393237d85a52a38293ebb0c2cb4cbf51748083c97e4dbcc3b6d11c7ddedc584663dd8b9b2cab85baa499633d614bad47ba0a4f9bbedb830b7bc555be6285a593199f96b6389229bc28ee757e52a0cd70dc4197231eee8d18033b657b9190a622dccdad08efb1b194eb1c0b97b98a3895d5bfc2a38a6736f00349eee50252ba3d696ea71e3b3b6f4577c5de56b93cc926eb5b65741322072289de6f5907ec2d8649e76c33c0038484a73fc2bbbd2d94ce2d2e9d75f5388e96ed474cb0f9223e22105a59ca21e002883f70e4802184e1ba830d407d54c392545d858ee84c3a3b5ddbbee3314aa5f58ff9dda2558bb1ed999369b48b83039591ec65f7a268acfa22bae9cf98bb01e1cec4ec9e9b23f50e10155b17d13adbaae29a81cb96bad7f5313e402b64517a4e5505b6571fdbb776c45f8fa0621e6252c83c8d4c22ac46f773fa11ffb11a0e696c5b0886649301fe009b82a9a1cc791f360051e4676c6d3cccf0db43effc9a4dfedbc6ef5f0908cf13173cb67ea9ef31808402b3708374fa703bbcd29fd35552ab29a3655e88a0f32ca4d2ca2bc72c761aa204805c71ab9aa2c4a5f18ebe72c9eb7847e3a149f391f6172e80fb71e72bff98fd1d663155574b98b677323ab8969c83ec3e79ee162167109f1bbaf145ca37a8eedaaa30b38153098ac15e3de1816d16dfd2a14fe24b74fbc8f54c727f28662ed3bcd645e1df477e", 0x6ba}], 0x2}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'lo\x00', 0x0}) sendmsg$nl_generic(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYBLOB="2c0000001a00210c000000000000000002000000180000800c000000060000000000000008000300", @ANYRES64=r6], 0x2c}}, 0x0) ioctl$sock_inet6_SIOCADDRT(r3, 0x890b, &(0x7f0000000200)={@ipv4={'\x00', '\xff\xff', @private=0xa010102}, @ipv4={'\x00', '\xff\xff', @empty}, @private1, 0x0, 0x8000, 0x1, 0x100, 0x0, 0x2010004, r6}) 06:11:56 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:11:56 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:11:56 executing program 1 (fault-call:9 fault-nth:22): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2438.951317] FAULT_INJECTION: forcing a failure. [ 2438.951317] name failslab, interval 1, probability 0, space 0, times 0 [ 2438.952963] CPU: 0 PID: 15488 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2438.953911] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2438.955500] Call Trace: [ 2438.955872] dump_stack+0x107/0x163 [ 2438.956393] should_fail.cold+0x5/0xa [ 2438.956931] ? create_object.isra.0+0x3a/0xa10 [ 2438.957754] should_failslab+0x5/0x10 [ 2438.958289] kmem_cache_alloc+0x5b/0x350 [ 2438.958859] create_object.isra.0+0x3a/0xa10 [ 2438.959492] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2438.960222] kmem_cache_alloc+0x15b/0x350 [ 2438.960802] __anon_vma_prepare+0x281/0x4f0 [ 2438.961410] ? __pte_alloc+0x194/0x320 [ 2438.961952] handle_mm_fault+0x2be1/0x3570 [ 2438.962547] ? perf_trace_lock+0xb6/0x470 [ 2438.963134] ? hlock_class+0x120/0x120 [ 2438.963692] ? __pmd_alloc+0x5e0/0x5e0 [ 2438.964256] __get_user_pages+0x61d/0x1400 [ 2438.964879] ? follow_page_mask+0x1820/0x1820 [ 2438.965508] ? __lockdep_reset_lock+0x180/0x180 [ 2438.966152] ? avc_has_perm_noaudit+0x1f8/0x3a0 [ 2438.966823] ? find_held_lock+0x2c/0x110 [ 2438.967408] __get_user_pages_remote+0x1d1/0x860 [ 2438.968094] get_user_pages_remote+0x63/0x90 [ 2438.968713] get_arg_page+0xba/0x200 [ 2438.969236] ? acct_arg_size+0xe0/0xe0 [ 2438.969809] ? insert_vm_struct+0x1f7/0x340 [ 2438.970423] copy_string_kernel+0x1b0/0x440 [ 2438.971051] do_execveat_common.isra.0+0x405/0x670 [ 2438.971754] __x64_sys_execveat+0xe7/0x130 [ 2438.972369] do_syscall_64+0x33/0x40 [ 2438.972898] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2438.973622] RIP: 0033:0x466609 [ 2438.974077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2438.976314] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2438.977180] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2438.977996] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2438.978816] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2438.979627] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2438.980456] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 06:11:56 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:11:56 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2438.984707] FAULT_INJECTION: forcing a failure. [ 2438.984707] name failslab, interval 1, probability 0, space 0, times 0 [ 2438.985971] CPU: 0 PID: 15500 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2438.986735] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2438.988014] Call Trace: [ 2438.988304] dump_stack+0x107/0x163 [ 2438.988707] should_fail.cold+0x5/0xa [ 2438.989134] ? create_object.isra.0+0x3a/0xa10 [ 2438.989641] should_failslab+0x5/0x10 [ 2438.990068] kmem_cache_alloc+0x5b/0x350 [ 2438.990527] create_object.isra.0+0x3a/0xa10 [ 2438.991151] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2438.991720] kmem_cache_alloc+0x15b/0x350 [ 2438.992192] __anon_vma_prepare+0x281/0x4f0 [ 2438.992671] ? __pte_alloc+0x194/0x320 [ 2438.993123] handle_mm_fault+0x2be1/0x3570 [ 2438.993592] ? perf_trace_lock+0xb6/0x470 [ 2438.994052] ? hlock_class+0x120/0x120 [ 2438.994484] ? __pmd_alloc+0x5e0/0x5e0 [ 2438.994926] __get_user_pages+0x61d/0x1400 [ 2438.995401] ? follow_page_mask+0x1820/0x1820 [ 2438.995914] ? __lockdep_reset_lock+0x180/0x180 [ 2438.996434] ? avc_has_perm_noaudit+0x1f8/0x3a0 [ 2438.996958] ? find_held_lock+0x2c/0x110 [ 2438.997409] __get_user_pages_remote+0x1d1/0x860 [ 2438.997946] get_user_pages_remote+0x63/0x90 [ 2438.998433] get_arg_page+0xba/0x200 [ 2438.998857] ? acct_arg_size+0xe0/0xe0 [ 2438.999300] ? insert_vm_struct+0x1f7/0x340 [ 2438.999800] copy_string_kernel+0x1b0/0x440 [ 2439.000291] do_execveat_common.isra.0+0x405/0x670 [ 2439.000835] __x64_sys_execveat+0xe7/0x130 [ 2439.001309] do_syscall_64+0x33/0x40 [ 2439.001727] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2439.002295] RIP: 0033:0x466609 [ 2439.002657] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2439.004717] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2439.005558] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2439.006346] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2439.007137] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2439.007950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2439.008746] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 06:11:56 executing program 1 (fault-call:9 fault-nth:23): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:11:56 executing program 4 (fault-call:7 fault-nth:23): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:11:56 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd_index=0x7, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r3}}, 0xa3) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f0000000200)={0x2, 0x4e24, @loopback}, 0x10) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:11:56 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:11:56 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x225c17d03, 0x0, 0x0) 06:11:56 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b3b, 0x2) [ 2439.282431] FAULT_INJECTION: forcing a failure. [ 2439.282431] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2439.285531] CPU: 1 PID: 15520 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2439.287003] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2439.289469] Call Trace: [ 2439.290039] dump_stack+0x107/0x163 [ 2439.290968] should_fail.cold+0x5/0xa [ 2439.291891] __alloc_pages_nodemask+0x17f/0x670 [ 2439.293015] ? __alloc_pages_slowpath.constprop.0+0x2090/0x2090 [ 2439.294448] ? up_write+0x191/0x550 [ 2439.295285] ? rwlock_bug.part.0+0x90/0x90 [ 2439.296306] ? rcu_read_lock_sched_held+0x3a/0x70 [ 2439.297486] ? anon_vma_interval_tree_insert+0x277/0x450 [ 2439.298795] alloc_pages_vma+0xbb/0x410 [ 2439.299755] handle_mm_fault+0x1506/0x3570 [ 2439.300771] ? perf_trace_lock+0xb6/0x470 [ 2439.301817] ? hlock_class+0x120/0x120 [ 2439.302659] ? __pmd_alloc+0x5e0/0x5e0 [ 2439.303657] __get_user_pages+0x61d/0x1400 [ 2439.304636] ? follow_page_mask+0x1820/0x1820 [ 2439.305603] ? __lockdep_reset_lock+0x180/0x180 [ 2439.306607] ? avc_has_perm_noaudit+0x1f8/0x3a0 [ 2439.307608] ? find_held_lock+0x2c/0x110 [ 2439.308516] __get_user_pages_remote+0x1d1/0x860 [ 2439.309702] get_user_pages_remote+0x63/0x90 [ 2439.310647] get_arg_page+0xba/0x200 [ 2439.311503] ? acct_arg_size+0xe0/0xe0 [ 2439.312450] ? insert_vm_struct+0x1f7/0x340 [ 2439.313447] copy_string_kernel+0x1b0/0x440 [ 2439.314507] do_execveat_common.isra.0+0x405/0x670 [ 2439.315699] __x64_sys_execveat+0xe7/0x130 [ 2439.316680] do_syscall_64+0x33/0x40 [ 2439.317591] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2439.318791] RIP: 0033:0x466609 [ 2439.319594] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2439.323931] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2439.325693] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2439.327408] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2439.329124] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2439.330776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2439.332540] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 06:11:56 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000000600)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) io_uring_enter(r0, 0x330, 0x49b, 0x2, &(0x7f00000005c0)={[0xcb1a]}, 0x8) r3 = socket$inet_udplite(0x2, 0x2, 0x88) lsetxattr$trusted_overlay_upper(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000500), &(0x7f00000006c0)=ANY=[@ANYBLOB="00fb3104031483b6f9733e4a035889de01dfde04ff0445a8fa79c113413fda9d259b7719369559585e18ae9b19917202e493562a28276dacecf64a1695615b895cf6c26c17bcb2f66b1e82d9ba90a1b76b80f13ce2bff1259f113cd498a658af80da8ff22909b719a6e3e6f2535f0b83d647ce161d85a13a27aa132b29421f9482250e6405511df3d0ba03c10458994d58e80ba95a9e460aa5f6253ec7a29df9c6daec4fb7a789b1a3f6e5af8d4b65abd8d54085f56d9e67cceee9f342960bfa3f752f94c3ad3c54b5a24018965b76bbe4d5c2f01e609ede85d2668aa78c56bd11a11a989aa9eef0a2ad77c2b44caeadb033fb735bbba5a5f227edc4b9f896040e0307bf2a0b"], 0x31, 0x2) setsockopt$inet_msfilter(r3, 0x0, 0x29, 0x0, 0x18) syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r3, 0x0, &(0x7f0000000380)={&(0x7f0000000200)=@nl=@kern={0x10, 0x0, 0x0, 0x100}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000000)="537a7b37916730b5dd24f8055c845c6e7decbb61f55e15ba64bb72325e90e3d9", 0x20}, {&(0x7f0000000280)="0b9e6e2419a754feebbb8ee4736d8d961be46e55e62bda837de348f2ed0dfbadc227a0789177acb5ba1def8076743b00479b0d2372fe3c7097611fe150d2b7555d07347ea822174fa7f7b05afd222ffb02567a8d4dbca7192fdf86de942fbe6687", 0x61}], 0x2}, 0x0, 0x80}, 0x7) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) setxattr$trusted_overlay_origin(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440), &(0x7f0000000480), 0x2, 0x1) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:11:56 executing program 1 (fault-call:9 fault-nth:24): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:11:56 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2439.431317] FAULT_INJECTION: forcing a failure. [ 2439.431317] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2439.433979] CPU: 1 PID: 15573 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2439.435469] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2439.437890] Call Trace: [ 2439.438466] dump_stack+0x107/0x163 [ 2439.439248] should_fail.cold+0x5/0xa [ 2439.440079] __alloc_pages_nodemask+0x17f/0x670 [ 2439.441073] ? __alloc_pages_slowpath.constprop.0+0x2090/0x2090 [ 2439.442347] ? up_write+0x191/0x550 [ 2439.443143] ? rwlock_bug.part.0+0x90/0x90 [ 2439.444066] ? rcu_read_lock_sched_held+0x3a/0x70 [ 2439.445089] ? anon_vma_interval_tree_insert+0x277/0x450 [ 2439.446249] alloc_pages_vma+0xbb/0x410 [ 2439.447239] handle_mm_fault+0x1506/0x3570 [ 2439.448171] ? perf_trace_lock+0xb6/0x470 [ 2439.449056] ? hlock_class+0x120/0x120 [ 2439.449897] ? __pmd_alloc+0x5e0/0x5e0 [ 2439.450753] __get_user_pages+0x61d/0x1400 [ 2439.451677] ? follow_page_mask+0x1820/0x1820 [ 2439.452649] ? __lockdep_reset_lock+0x180/0x180 [ 2439.453655] ? avc_has_perm_noaudit+0x1f8/0x3a0 [ 2439.454652] ? find_held_lock+0x2c/0x110 [ 2439.455527] __get_user_pages_remote+0x1d1/0x860 [ 2439.456570] get_user_pages_remote+0x63/0x90 [ 2439.457512] get_arg_page+0xba/0x200 [ 2439.458326] ? acct_arg_size+0xe0/0xe0 [ 2439.459159] ? insert_vm_struct+0x1f7/0x340 [ 2439.460104] copy_string_kernel+0x1b0/0x440 [ 2439.461031] do_execveat_common.isra.0+0x405/0x670 [ 2439.462098] __x64_sys_execveat+0xe7/0x130 [ 2439.463000] do_syscall_64+0x33/0x40 [ 2439.463820] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2439.464928] RIP: 0033:0x466609 [ 2439.465613] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2439.469562] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2439.471181] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2439.472705] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2439.474220] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2439.475747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2439.477291] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 06:11:56 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2439.593401] FAULT_INJECTION: forcing a failure. [ 2439.593401] name failslab, interval 1, probability 0, space 0, times 0 [ 2439.594997] CPU: 0 PID: 15659 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2439.595728] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2439.597078] Call Trace: [ 2439.597377] dump_stack+0x107/0x163 [ 2439.597782] should_fail.cold+0x5/0xa [ 2439.598216] should_failslab+0x5/0x10 [ 2439.598638] __kmalloc_track_caller+0x79/0x3b0 [ 2439.599151] ? io_prep_async_work+0x82d/0xb00 [ 2439.599647] ? io_grab_identity+0x84c/0xdc0 [ 2439.600135] kmemdup+0x23/0x50 [ 2439.600489] io_prep_async_work+0x82d/0xb00 [ 2439.600955] io_queue_async_work+0x23/0x3c0 [ 2439.601435] __io_queue_sqe+0x9a2/0xd70 [ 2439.601864] ? io_issue_sqe+0x4520/0x4520 [ 2439.602316] ? task_work_run+0xbc/0x1a0 [ 2439.602734] ? lock_downgrade+0x6d0/0x6d0 [ 2439.603191] ? __io_sq_thread_acquire_mm+0xa2/0x310 [ 2439.603746] __io_req_task_submit+0x1a6/0x1e0 [ 2439.604262] io_req_task_submit+0x3e/0x2b0 [ 2439.604730] task_work_run+0xe2/0x1a0 [ 2439.605148] io_uring_cancel_task_requests+0xbb0/0x1260 [ 2439.605748] ? io_ring_exit_work+0x920/0x920 [ 2439.606239] ? xa_find+0x1cf/0x330 [ 2439.606639] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 2439.607222] ? wait_woken+0x250/0x250 [ 2439.607647] ? __percpu_counter_sum+0x132/0x1a0 [ 2439.608179] __io_uring_files_cancel+0x110/0x1b0 [ 2439.608701] ? __io_uring_free+0x1d0/0x1d0 [ 2439.609168] __io_uring_task_cancel+0x174/0x250 [ 2439.609691] ? __io_uring_files_cancel+0x1b0/0x1b0 [ 2439.610235] ? __get_user_pages_remote+0xc2/0x860 [ 2439.610760] ? wait_woken+0x250/0x250 [ 2439.611186] ? rcu_read_lock_sched_held+0x3a/0x70 [ 2439.611715] ? trace_rss_stat+0x174/0x210 [ 2439.612204] bprm_execve+0x114/0x1b00 [ 2439.612625] ? get_arg_page+0x153/0x200 [ 2439.613058] ? acct_arg_size+0xe0/0xe0 [ 2439.613494] ? open_exec+0x70/0x70 [ 2439.613888] ? memcpy+0x39/0x60 [ 2439.614259] ? copy_strings.isra.0+0x492/0x690 [ 2439.614765] ? copy_string_kernel+0x3ad/0x440 [ 2439.615276] do_execveat_common.isra.0+0x524/0x670 [ 2439.615837] __x64_sys_execveat+0xe7/0x130 [ 2439.616315] do_syscall_64+0x33/0x40 [ 2439.616727] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2439.617286] RIP: 0033:0x466609 [ 2439.617649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2439.619698] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2439.620555] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2439.621344] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2439.622142] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2439.622934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2439.623726] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 [ 2452.248265] kmemleak: 15 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:12:17 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:12:17 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b3c, 0x2) 06:12:17 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) clock_gettime(0x0, &(0x7f0000000200)={0x0, 0x0}) utimes(&(0x7f0000000000)='./file0\x00', &(0x7f0000000240)={{}, {r3, r4/1000+10000}}) syz_io_uring_setup(0x1001, &(0x7f0000000080)={0x0, 0x2fe1, 0x18}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r5, r6, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x18}, 0x0) syz_io_uring_setup(0x19fa, &(0x7f0000000280)={0x0, 0xad00, 0x8, 0x0, 0x362, 0x0, r0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000340), &(0x7f0000000380)=0x0) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(r5, r7, &(0x7f00000003c0)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x2, 0x2007, @fd=r0, 0x1, 0x0, 0x0, 0x2, 0x1, {0x5a, r8}}, 0x100) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:12:17 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x20876256919, 0x0, 0x0) 06:12:17 executing program 4 (fault-call:7 fault-nth:24): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:12:17 executing program 1 (fault-call:9 fault-nth:25): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:12:17 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:12:17 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2460.608786] FAULT_INJECTION: forcing a failure. [ 2460.608786] name failslab, interval 1, probability 0, space 0, times 0 [ 2460.610229] CPU: 0 PID: 15693 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2460.611113] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2460.612455] Call Trace: [ 2460.612772] dump_stack+0x107/0x163 [ 2460.613206] should_fail.cold+0x5/0xa [ 2460.613658] ? create_object.isra.0+0x3a/0xa10 [ 2460.614187] should_failslab+0x5/0x10 [ 2460.614633] kmem_cache_alloc+0x5b/0x350 [ 2460.615115] create_object.isra.0+0x3a/0xa10 [ 2460.615706] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2460.616505] __kmalloc_track_caller+0x179/0x3b0 [ 2460.617224] ? io_prep_async_work+0x82d/0xb00 [ 2460.617916] kmemdup+0x23/0x50 [ 2460.618299] io_prep_async_work+0x82d/0xb00 [ 2460.618822] io_queue_async_work+0x23/0x3c0 [ 2460.619290] __io_queue_sqe+0x9a2/0xd70 [ 2460.619778] ? io_issue_sqe+0x4520/0x4520 [ 2460.620238] ? task_work_run+0xbc/0x1a0 [ 2460.620707] ? lock_downgrade+0x6d0/0x6d0 [ 2460.621163] ? __io_sq_thread_acquire_mm+0xa2/0x310 [ 2460.621731] __io_req_task_submit+0x1a6/0x1e0 [ 2460.622210] io_req_task_submit+0x3e/0x2b0 [ 2460.622708] task_work_run+0xe2/0x1a0 [ 2460.623127] io_uring_cancel_task_requests+0xbb0/0x1260 [ 2460.623711] ? io_ring_exit_work+0x920/0x920 [ 2460.624208] ? xa_find+0x1cf/0x330 [ 2460.624593] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 2460.625161] ? wait_woken+0x250/0x250 [ 2460.625582] ? __percpu_counter_sum+0x132/0x1a0 [ 2460.626079] __io_uring_files_cancel+0x110/0x1b0 [ 2460.626590] ? __io_uring_free+0x1d0/0x1d0 [ 2460.627053] __io_uring_task_cancel+0x174/0x250 [ 2460.627558] ? __io_uring_files_cancel+0x1b0/0x1b0 [ 2460.628087] ? __get_user_pages_remote+0xc2/0x860 [ 2460.628618] ? wait_woken+0x250/0x250 [ 2460.629044] ? rcu_read_lock_sched_held+0x3a/0x70 [ 2460.629558] ? trace_rss_stat+0x174/0x210 [ 2460.630008] bprm_execve+0x114/0x1b00 [ 2460.630417] ? get_arg_page+0x153/0x200 [ 2460.630841] ? acct_arg_size+0xe0/0xe0 [ 2460.631267] ? open_exec+0x70/0x70 [ 2460.631646] ? memcpy+0x39/0x60 [ 2460.631999] ? copy_strings.isra.0+0x492/0x690 [ 2460.632492] ? copy_string_kernel+0x3ad/0x440 [ 2460.632981] do_execveat_common.isra.0+0x524/0x670 [ 2460.633517] __x64_sys_execveat+0xe7/0x130 [ 2460.633982] do_syscall_64+0x33/0x40 [ 2460.634388] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2460.634945] RIP: 0033:0x466609 [ 2460.635298] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2460.637307] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 06:12:17 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x80ffff00000000, 0x0, 0x0) [ 2460.638157] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2460.639115] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2460.639944] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 06:12:17 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2460.640776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2460.641604] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 [ 2460.676863] FAULT_INJECTION: forcing a failure. [ 2460.676863] name failslab, interval 1, probability 0, space 0, times 0 [ 2460.678538] CPU: 1 PID: 15706 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2460.679529] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2460.681139] Call Trace: [ 2460.681523] dump_stack+0x107/0x163 [ 2460.682049] should_fail.cold+0x5/0xa [ 2460.682592] ? dup_fd+0x89/0xc50 [ 2460.683084] should_failslab+0x5/0x10 [ 2460.683625] kmem_cache_alloc+0x5b/0x350 [ 2460.684227] ? io_wake_function+0x2e0/0x2e0 [ 2460.684839] dup_fd+0x89/0xc50 [ 2460.685304] ? __io_uring_task_cancel+0x1d1/0x250 [ 2460.686002] unshare_files+0x16c/0x260 [ 2460.686563] ? __ia32_sys_unshare+0x40/0x40 [ 2460.687196] ? rcu_read_lock_sched_held+0x3a/0x70 [ 2460.687891] ? trace_rss_stat+0x174/0x210 [ 2460.688509] bprm_execve+0x123/0x1b00 [ 2460.689048] ? get_arg_page+0x153/0x200 [ 2460.689617] ? acct_arg_size+0xe0/0xe0 [ 2460.690178] ? open_exec+0x70/0x70 [ 2460.690686] ? memcpy+0x39/0x60 [ 2460.691152] ? copy_strings.isra.0+0x492/0x690 [ 2460.691797] ? copy_string_kernel+0x3ad/0x440 [ 2460.692454] do_execveat_common.isra.0+0x524/0x670 [ 2460.693169] __x64_sys_execveat+0xe7/0x130 [ 2460.693774] do_syscall_64+0x33/0x40 [ 2460.694302] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2460.695034] RIP: 0033:0x466609 [ 2460.695492] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2460.698140] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2460.699217] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2460.700253] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2460.701258] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2460.702268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2460.703287] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 06:12:17 executing program 1 (fault-call:9 fault-nth:26): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:12:17 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:12:17 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2460.865664] FAULT_INJECTION: forcing a failure. [ 2460.865664] name failslab, interval 1, probability 0, space 0, times 0 [ 2460.867218] CPU: 0 PID: 15735 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2460.868015] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2460.869334] Call Trace: [ 2460.869647] dump_stack+0x107/0x163 [ 2460.870066] should_fail.cold+0x5/0xa [ 2460.870529] should_failslab+0x5/0x10 [ 2460.870939] __kmalloc_track_caller+0x79/0x3b0 [ 2460.871463] ? io_prep_async_work+0x82d/0xb00 [ 2460.871971] ? io_grab_identity+0x84c/0xdc0 [ 2460.872482] kmemdup+0x23/0x50 [ 2460.872855] io_prep_async_work+0x82d/0xb00 [ 2460.873336] io_queue_async_work+0x23/0x3c0 [ 2460.873839] __io_queue_sqe+0x9a2/0xd70 [ 2460.874303] ? io_issue_sqe+0x4520/0x4520 [ 2460.874771] ? task_work_run+0xbc/0x1a0 [ 2460.875234] ? lock_downgrade+0x6d0/0x6d0 [ 2460.875706] ? __io_sq_thread_acquire_mm+0xa2/0x310 [ 2460.876288] __io_req_task_submit+0x1a6/0x1e0 [ 2460.876820] io_req_task_submit+0x3e/0x2b0 [ 2460.877306] task_work_run+0xe2/0x1a0 [ 2460.877750] io_uring_cancel_task_requests+0xbb0/0x1260 [ 2460.878368] ? io_ring_exit_work+0x920/0x920 [ 2460.878894] ? xa_find+0x1cf/0x330 [ 2460.879308] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 2460.879916] ? wait_woken+0x250/0x250 [ 2460.880367] ? __percpu_counter_sum+0x132/0x1a0 [ 2460.880883] __io_uring_files_cancel+0x110/0x1b0 [ 2460.881426] ? __io_uring_free+0x1d0/0x1d0 [ 2460.881910] __io_uring_task_cancel+0x174/0x250 [ 2460.882448] ? __io_uring_files_cancel+0x1b0/0x1b0 [ 2460.882988] ? __get_user_pages_remote+0xc2/0x860 [ 2460.883555] ? wait_woken+0x250/0x250 [ 2460.883971] ? rcu_read_lock_sched_held+0x3a/0x70 [ 2460.884541] ? trace_rss_stat+0x174/0x210 [ 2460.885006] bprm_execve+0x114/0x1b00 [ 2460.885443] ? get_arg_page+0x153/0x200 [ 2460.885883] ? acct_arg_size+0xe0/0xe0 [ 2460.886328] ? open_exec+0x70/0x70 [ 2460.886734] ? memcpy+0x39/0x60 [ 2460.887112] ? copy_strings.isra.0+0x492/0x690 [ 2460.887623] ? copy_string_kernel+0x3ad/0x440 [ 2460.888151] do_execveat_common.isra.0+0x524/0x670 [ 2460.888723] __x64_sys_execveat+0xe7/0x130 [ 2460.889206] do_syscall_64+0x33/0x40 [ 2460.889633] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2460.890224] RIP: 0033:0x466609 [ 2460.890600] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2460.892641] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2460.893533] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2460.894441] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2460.895277] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2460.896140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2460.896979] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 [ 2475.664004] kmemleak: 24 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:12:40 executing program 4 (fault-call:7 fault-nth:25): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:12:40 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:12:40 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:12:40 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x37dc12502000000, 0x0, 0x0) 06:12:40 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b3d, 0x2) 06:12:40 executing program 1 (fault-call:9 fault-nth:27): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:12:40 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:12:40 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'lo\x00', 0x0}) sendmsg$nl_generic(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYBLOB="2c0000001a00210c000000000000000002000000180000800c000000060000000000000008000300", @ANYRES64=r5], 0x2c}}, 0x0) getresuid(&(0x7f0000000000), &(0x7f0000000200)=0x0, &(0x7f0000000240)) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in=@private=0xa010101, 0x4e20, 0x0, 0x4e21, 0x200, 0x2, 0x0, 0x20, 0x62, r5, r6}, {0x3ff, 0x800, 0xffff, 0x100000001, 0xdf7, 0x6, 0x10001}, {0x2, 0x0, 0x9, 0xfffffffffffffbff}, 0xd6, 0x0, 0x1, 0x0, 0x1, 0x3}, {{@in6=@remote, 0x4d3, 0x3c}, 0x2, @in6=@mcast2, 0x3500, 0x0, 0x3, 0x3f, 0x4, 0xa640, 0x1}}, 0xe8) r7 = accept$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) ioctl$sock_SIOCINQ(r7, 0x541b, &(0x7f0000000480)) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 2483.399214] FAULT_INJECTION: forcing a failure. [ 2483.399214] name failslab, interval 1, probability 0, space 0, times 0 [ 2483.401909] CPU: 1 PID: 15861 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2483.403329] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2483.405714] Call Trace: [ 2483.406222] dump_stack+0x107/0x163 [ 2483.406901] should_fail.cold+0x5/0xa [ 2483.407635] ? create_object.isra.0+0x3a/0xa10 [ 2483.408526] should_failslab+0x5/0x10 [ 2483.409370] kmem_cache_alloc+0x5b/0x350 [ 2483.410253] create_object.isra.0+0x3a/0xa10 [ 2483.411164] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2483.412103] __kmalloc_track_caller+0x179/0x3b0 [ 2483.413012] ? io_prep_async_work+0x82d/0xb00 [ 2483.413737] kmemdup+0x23/0x50 [ 2483.414204] io_prep_async_work+0x82d/0xb00 [ 2483.415022] io_queue_async_work+0x23/0x3c0 [ 2483.415624] __io_queue_sqe+0x9a2/0xd70 [ 2483.416327] ? io_issue_sqe+0x4520/0x4520 [ 2483.416955] ? task_work_run+0xbc/0x1a0 [ 2483.417671] ? lock_downgrade+0x6d0/0x6d0 [ 2483.418407] ? __io_sq_thread_acquire_mm+0xa2/0x310 [ 2483.419171] __io_req_task_submit+0x1a6/0x1e0 [ 2483.419848] io_req_task_submit+0x3e/0x2b0 [ 2483.420611] task_work_run+0xe2/0x1a0 [ 2483.421334] io_uring_cancel_task_requests+0xbb0/0x1260 [ 2483.422061] ? io_ring_exit_work+0x920/0x920 [ 2483.422810] ? xa_find+0x1cf/0x330 [ 2483.423321] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 2483.424181] ? wait_woken+0x250/0x250 [ 2483.424827] ? __percpu_counter_sum+0x132/0x1a0 [ 2483.425650] __io_uring_files_cancel+0x110/0x1b0 [ 2483.426322] ? __io_uring_free+0x1d0/0x1d0 [ 2483.426911] __io_uring_task_cancel+0x174/0x250 [ 2483.427624] ? __io_uring_files_cancel+0x1b0/0x1b0 [ 2483.428345] ? __get_user_pages_remote+0xc2/0x860 [ 2483.429076] ? wait_woken+0x250/0x250 [ 2483.429686] ? rcu_read_lock_sched_held+0x3a/0x70 [ 2483.430492] ? trace_rss_stat+0x174/0x210 [ 2483.431213] bprm_execve+0x114/0x1b00 [ 2483.431744] ? get_arg_page+0x153/0x200 [ 2483.432285] ? acct_arg_size+0xe0/0xe0 [ 2483.432877] ? open_exec+0x70/0x70 [ 2483.433482] ? memcpy+0x39/0x60 [ 2483.433955] ? copy_strings.isra.0+0x492/0x690 [ 2483.434736] ? copy_string_kernel+0x3ad/0x440 [ 2483.435475] do_execveat_common.isra.0+0x524/0x670 [ 2483.436353] __x64_sys_execveat+0xe7/0x130 [ 2483.436956] do_syscall_64+0x33/0x40 [ 2483.437515] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2483.438377] RIP: 0033:0x466609 [ 2483.438860] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2483.441858] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2483.442985] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2483.444150] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2483.445328] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2483.446555] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2483.447629] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 [ 2483.471710] FAULT_INJECTION: forcing a failure. [ 2483.471710] name failslab, interval 1, probability 0, space 0, times 0 [ 2483.473388] CPU: 1 PID: 15876 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2483.474497] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2483.476340] Call Trace: [ 2483.476729] dump_stack+0x107/0x163 [ 2483.477245] should_fail.cold+0x5/0xa [ 2483.477770] ? create_object.isra.0+0x3a/0xa10 [ 2483.478402] should_failslab+0x5/0x10 [ 2483.478933] kmem_cache_alloc+0x5b/0x350 [ 2483.479500] create_object.isra.0+0x3a/0xa10 [ 2483.480119] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2483.480824] kmem_cache_alloc+0x15b/0x350 [ 2483.481409] dup_fd+0x89/0xc50 [ 2483.481861] unshare_files+0x16c/0x260 [ 2483.482400] ? __ia32_sys_unshare+0x40/0x40 [ 2483.483016] ? rcu_read_lock_sched_held+0x3a/0x70 [ 2483.483672] ? trace_rss_stat+0x174/0x210 [ 2483.484249] bprm_execve+0x123/0x1b00 [ 2483.484782] ? get_arg_page+0x153/0x200 [ 2483.485332] ? acct_arg_size+0xe0/0xe0 [ 2483.485905] ? open_exec+0x70/0x70 [ 2483.486398] ? memcpy+0x39/0x60 [ 2483.486872] ? copy_strings.isra.0+0x492/0x690 [ 2483.487499] ? copy_string_kernel+0x3ad/0x440 [ 2483.488131] do_execveat_common.isra.0+0x524/0x670 [ 2483.488848] __x64_sys_execveat+0xe7/0x130 [ 2483.489457] do_syscall_64+0x33/0x40 [ 2483.489977] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2483.490727] RIP: 0033:0x466609 [ 2483.491178] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2483.493843] RSP: 002b:00007f8f4e8d1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2483.494900] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 0000000000466609 [ 2483.495926] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2483.496970] RBP: 00007f8f4e8d11d0 R08: 0000000000000000 R09: 0000000000000000 [ 2483.498032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2483.499094] R13: 00007ffc26035cdf R14: 00007f8f4e8d1300 R15: 0000000000022000 06:12:40 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:12:40 executing program 4 (fault-call:7 fault-nth:26): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:12:40 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:12:40 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:12:40 executing program 1 (fault-call:9 fault-nth:28): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:12:40 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x800000000000000, 0x0, 0x0) 06:12:40 executing program 5: ioctl$MON_IOCT_RING_SIZE(0xffffffffffffffff, 0x9204, 0xed5c7) r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) recvfrom(0xffffffffffffffff, &(0x7f0000000000)=""/44, 0x2c, 0x121, &(0x7f0000000200)=@tipc=@name={0x1e, 0x2, 0x1, {{0x41}, 0x2}}, 0x80) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 2483.799870] FAULT_INJECTION: forcing a failure. [ 2483.799870] name failslab, interval 1, probability 0, space 0, times 0 [ 2483.802328] CPU: 0 PID: 16005 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2483.803762] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2483.806138] Call Trace: [ 2483.806689] dump_stack+0x107/0x163 [ 2483.807456] should_fail.cold+0x5/0xa [ 2483.808263] ? dup_fd+0x89/0xc50 [ 2483.808996] should_failslab+0x5/0x10 [ 2483.809787] kmem_cache_alloc+0x5b/0x350 [ 2483.810630] ? io_wake_function+0x2e0/0x2e0 [ 2483.811528] dup_fd+0x89/0xc50 [ 2483.812215] ? __io_uring_task_cancel+0x1d1/0x250 [ 2483.813228] unshare_files+0x16c/0x260 [ 2483.814035] ? __ia32_sys_unshare+0x40/0x40 [ 2483.814923] ? rcu_read_lock_sched_held+0x3a/0x70 [ 2483.815912] ? trace_rss_stat+0x174/0x210 [ 2483.816799] bprm_execve+0x123/0x1b00 [ 2483.817588] ? get_arg_page+0x153/0x200 [ 2483.818412] ? acct_arg_size+0xe0/0xe0 [ 2483.819221] ? open_exec+0x70/0x70 [ 2483.819945] ? memcpy+0x39/0x60 [ 2483.820670] ? copy_strings.isra.0+0x492/0x690 [ 2483.821622] ? copy_string_kernel+0x3ad/0x440 [ 2483.822566] do_execveat_common.isra.0+0x524/0x670 [ 2483.823584] __x64_sys_execveat+0xe7/0x130 [ 2483.824474] do_syscall_64+0x33/0x40 [ 2483.825237] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2483.826291] RIP: 0033:0x466609 [ 2483.826947] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2483.830750] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2483.832313] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2483.833789] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2483.835384] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2483.837102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2483.838767] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 06:12:41 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b40, 0x2) [ 2483.874259] FAULT_INJECTION: forcing a failure. [ 2483.874259] name failslab, interval 1, probability 0, space 0, times 0 [ 2483.875624] CPU: 1 PID: 16004 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2483.876416] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2483.877748] Call Trace: [ 2483.878051] dump_stack+0x107/0x163 [ 2483.878488] should_fail.cold+0x5/0xa [ 2483.878948] ? alloc_fdtable+0x7e/0x280 [ 2483.879410] should_failslab+0x5/0x10 [ 2483.879866] kmem_cache_alloc_trace+0x55/0x350 [ 2483.880409] ? rwlock_bug.part.0+0x90/0x90 [ 2483.880931] alloc_fdtable+0x7e/0x280 [ 2483.881339] dup_fd+0x71a/0xc50 [ 2483.881731] unshare_files+0x16c/0x260 [ 2483.882174] ? __ia32_sys_unshare+0x40/0x40 [ 2483.882677] ? rcu_read_lock_sched_held+0x3a/0x70 [ 2483.883226] ? trace_rss_stat+0x174/0x210 [ 2483.883702] bprm_execve+0x123/0x1b00 [ 2483.884102] ? get_arg_page+0x153/0x200 [ 2483.884544] ? acct_arg_size+0xe0/0xe0 [ 2483.884960] ? open_exec+0x70/0x70 [ 2483.885335] ? memcpy+0x39/0x60 [ 2483.885684] ? copy_strings.isra.0+0x492/0x690 [ 2483.886217] ? copy_string_kernel+0x3ad/0x440 [ 2483.886697] do_execveat_common.isra.0+0x524/0x670 [ 2483.887260] __x64_sys_execveat+0xe7/0x130 [ 2483.887779] do_syscall_64+0x33/0x40 [ 2483.888218] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2483.888867] RIP: 0033:0x466609 [ 2483.889257] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2483.891534] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2483.892476] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2483.893353] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2483.894219] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2483.895047] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2483.895902] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 [ 2496.637219] kmemleak: 46 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:13:00 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b41, 0x2) 06:13:00 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:13:00 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:13:00 executing program 4 (fault-call:7 fault-nth:27): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:13:00 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:13:00 executing program 1 (fault-call:9 fault-nth:29): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:13:00 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x1969257608020000, 0x0, 0x0) 06:13:00 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) r3 = perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='attr/keycreate\x00') dup3(r4, r3, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x77359400}}, 0xfffffffc) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) r5 = syz_open_pts(0xffffffffffffffff, 0x204000) pwrite64(r5, &(0x7f0000000000)="56880030a8599dbe685b4ced292deb30e94f114992d1809f2151afaad99dcd562a2a", 0x22, 0x2) [ 2503.638483] FAULT_INJECTION: forcing a failure. [ 2503.638483] name failslab, interval 1, probability 0, space 0, times 0 [ 2503.640528] CPU: 1 PID: 16051 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2503.641741] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2503.643854] Call Trace: [ 2503.644396] dump_stack+0x107/0x163 [ 2503.645013] should_fail.cold+0x5/0xa [ 2503.645672] ? dup_fd+0x89/0xc50 [ 2503.646296] should_failslab+0x5/0x10 [ 2503.646954] kmem_cache_alloc+0x5b/0x350 [ 2503.647631] ? io_wake_function+0x2e0/0x2e0 [ 2503.648340] dup_fd+0x89/0xc50 [ 2503.648995] ? __io_uring_task_cancel+0x1d1/0x250 [ 2503.649795] unshare_files+0x16c/0x260 [ 2503.650422] ? __ia32_sys_unshare+0x40/0x40 [ 2503.651206] ? rcu_read_lock_sched_held+0x3a/0x70 [ 2503.652016] ? trace_rss_stat+0x174/0x210 [ 2503.652656] bprm_execve+0x123/0x1b00 [ 2503.653404] ? get_arg_page+0x153/0x200 [ 2503.654030] ? acct_arg_size+0xe0/0xe0 [ 2503.654698] ? open_exec+0x70/0x70 [ 2503.655320] ? memcpy+0x39/0x60 [ 2503.655922] ? copy_strings.isra.0+0x492/0x690 [ 2503.656681] ? copy_string_kernel+0x3ad/0x440 [ 2503.657358] do_execveat_common.isra.0+0x524/0x670 [ 2503.658096] __x64_sys_execveat+0xe7/0x130 [ 2503.658895] do_syscall_64+0x33/0x40 [ 2503.659489] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2503.660345] RIP: 0033:0x466609 [ 2503.660921] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2503.663821] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2503.665182] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2503.666325] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2503.667592] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2503.668731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2503.670024] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 06:13:00 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2503.706490] FAULT_INJECTION: forcing a failure. [ 2503.706490] name failslab, interval 1, probability 0, space 0, times 0 [ 2503.708475] CPU: 1 PID: 16070 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2503.709623] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2503.711504] Call Trace: [ 2503.711903] dump_stack+0x107/0x163 [ 2503.712436] should_fail.cold+0x5/0xa [ 2503.713104] ? create_object.isra.0+0x3a/0xa10 [ 2503.713781] should_failslab+0x5/0x10 [ 2503.714342] kmem_cache_alloc+0x5b/0x350 [ 2503.714947] create_object.isra.0+0x3a/0xa10 [ 2503.715596] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2503.716353] kmem_cache_alloc_trace+0x153/0x350 [ 2503.717053] ? rwlock_bug.part.0+0x90/0x90 [ 2503.717680] alloc_fdtable+0x7e/0x280 [ 2503.718236] dup_fd+0x71a/0xc50 [ 2503.718731] unshare_files+0x16c/0x260 [ 2503.719311] ? __ia32_sys_unshare+0x40/0x40 [ 2503.719945] ? rcu_read_lock_sched_held+0x3a/0x70 [ 2503.720657] ? trace_rss_stat+0x174/0x210 [ 2503.721407] bprm_execve+0x123/0x1b00 [ 2503.722043] ? get_arg_page+0x153/0x200 [ 2503.722753] ? acct_arg_size+0xe0/0xe0 [ 2503.723331] ? open_exec+0x70/0x70 [ 2503.723851] ? memcpy+0x39/0x60 [ 2503.724435] ? copy_strings.isra.0+0x492/0x690 [ 2503.725255] ? copy_string_kernel+0x3ad/0x440 [ 2503.725977] do_execveat_common.isra.0+0x524/0x670 [ 2503.726710] __x64_sys_execveat+0xe7/0x130 [ 2503.727341] do_syscall_64+0x33/0x40 [ 2503.727896] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2503.728643] RIP: 0033:0x466609 [ 2503.729143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2503.731861] RSP: 002b:00007f8f4e8d1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2503.733004] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 0000000000466609 [ 2503.734052] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2503.735097] RBP: 00007f8f4e8d11d0 R08: 0000000000000000 R09: 0000000000000000 [ 2503.736145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2503.737209] R13: 00007ffc26035cdf R14: 00007f8f4e8d1300 R15: 0000000000022000 06:13:00 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:13:01 executing program 1 (fault-call:9 fault-nth:30): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2504.077471] FAULT_INJECTION: forcing a failure. [ 2504.077471] name failslab, interval 1, probability 0, space 0, times 0 [ 2504.078800] CPU: 1 PID: 16095 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2504.079578] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2504.080799] Call Trace: [ 2504.081107] dump_stack+0x107/0x163 [ 2504.081520] should_fail.cold+0x5/0xa [ 2504.081949] ? alloc_fdtable+0x7e/0x280 [ 2504.082401] should_failslab+0x5/0x10 [ 2504.082819] kmem_cache_alloc_trace+0x55/0x350 [ 2504.083328] ? rwlock_bug.part.0+0x90/0x90 [ 2504.083809] alloc_fdtable+0x7e/0x280 [ 2504.084236] dup_fd+0x71a/0xc50 [ 2504.084610] unshare_files+0x16c/0x260 [ 2504.085056] ? __ia32_sys_unshare+0x40/0x40 [ 2504.085533] ? rcu_read_lock_sched_held+0x3a/0x70 [ 2504.086080] ? trace_rss_stat+0x174/0x210 [ 2504.086550] bprm_execve+0x123/0x1b00 [ 2504.086982] ? get_arg_page+0x153/0x200 [ 2504.087435] ? acct_arg_size+0xe0/0xe0 [ 2504.087874] ? open_exec+0x70/0x70 [ 2504.088284] ? memcpy+0x39/0x60 [ 2504.088652] ? copy_strings.isra.0+0x492/0x690 [ 2504.089160] ? copy_string_kernel+0x3ad/0x440 [ 2504.089666] do_execveat_common.isra.0+0x524/0x670 [ 2504.090192] __x64_sys_execveat+0xe7/0x130 [ 2504.090664] do_syscall_64+0x33/0x40 [ 2504.091060] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2504.091632] RIP: 0033:0x466609 [ 2504.091979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2504.094073] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2504.094924] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2504.095712] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2504.096517] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2504.097352] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2504.098144] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 [ 2517.030842] kmemleak: 13 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:13:22 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_setup(0x1001, &(0x7f0000000080)={0x0, 0x2fe1, 0x18}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x18}, 0x0) syz_io_uring_setup(0x1001, &(0x7f0000000080)={0x0, 0x2fe1, 0x18}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r5, r6, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x18}, 0x0) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r3, r6, &(0x7f0000000200)=@IORING_OP_TIMEOUT={0xb, 0x2, 0x0, 0x0, 0x5, &(0x7f0000000000)={0x77359400}, 0x1, 0x1, 0x1, {0x0, r7}}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:13:22 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, 0x0, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:13:22 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:13:22 executing program 1 (fault-call:9 fault-nth:31): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:13:22 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b44, 0x2) 06:13:22 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:13:22 executing program 4 (fault-call:7 fault-nth:28): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:13:22 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x2000000000000000, 0x0, 0x0) 06:13:22 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, 0x0, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2525.350133] FAULT_INJECTION: forcing a failure. [ 2525.350133] name failslab, interval 1, probability 0, space 0, times 0 [ 2525.351719] CPU: 0 PID: 16114 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2525.352527] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2525.353820] Call Trace: [ 2525.354127] dump_stack+0x107/0x163 [ 2525.354540] should_fail.cold+0x5/0xa [ 2525.354970] ? create_object.isra.0+0x3a/0xa10 [ 2525.355483] should_failslab+0x5/0x10 [ 2525.355916] kmem_cache_alloc+0x5b/0x350 [ 2525.356370] create_object.isra.0+0x3a/0xa10 [ 2525.356877] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2525.357480] kmem_cache_alloc_trace+0x153/0x350 [ 2525.358011] ? rwlock_bug.part.0+0x90/0x90 [ 2525.358481] alloc_fdtable+0x7e/0x280 [ 2525.358892] dup_fd+0x71a/0xc50 [ 2525.359273] unshare_files+0x16c/0x260 [ 2525.359717] ? __ia32_sys_unshare+0x40/0x40 [ 2525.360338] ? rcu_read_lock_sched_held+0x3a/0x70 [ 2525.361061] ? trace_rss_stat+0x174/0x210 [ 2525.361702] bprm_execve+0x123/0x1b00 [ 2525.362259] ? get_arg_page+0x153/0x200 [ 2525.362858] ? acct_arg_size+0xe0/0xe0 [ 2525.363373] ? open_exec+0x70/0x70 [ 2525.363782] ? memcpy+0x39/0x60 [ 2525.364158] ? copy_strings.isra.0+0x492/0x690 [ 2525.364650] ? copy_string_kernel+0x3ad/0x440 [ 2525.365178] do_execveat_common.isra.0+0x524/0x670 [ 2525.365723] __x64_sys_execveat+0xe7/0x130 [ 2525.366206] do_syscall_64+0x33/0x40 [ 2525.366635] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2525.367225] RIP: 0033:0x466609 [ 2525.367601] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2525.369702] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2525.370568] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2525.371365] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2525.372170] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2525.372982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2525.373806] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 [ 2525.390094] FAULT_INJECTION: forcing a failure. [ 2525.390094] name failslab, interval 1, probability 0, space 0, times 0 [ 2525.392627] CPU: 1 PID: 16117 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2525.394138] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2525.396609] Call Trace: [ 2525.397197] dump_stack+0x107/0x163 [ 2525.398011] should_fail.cold+0x5/0xa [ 2525.398855] ? kvmalloc_node+0x61/0xf0 [ 2525.399714] should_failslab+0x5/0x10 [ 2525.400555] __kmalloc_node+0x76/0x4a0 [ 2525.401459] kvmalloc_node+0x61/0xf0 06:13:22 executing program 1 (fault-call:9 fault-nth:32): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2525.402272] alloc_fdtable+0xcd/0x280 [ 2525.403243] dup_fd+0x71a/0xc50 [ 2525.404070] unshare_files+0x16c/0x260 [ 2525.404932] ? __ia32_sys_unshare+0x40/0x40 [ 2525.405911] ? rcu_read_lock_sched_held+0x3a/0x70 [ 2525.406962] ? trace_rss_stat+0x174/0x210 [ 2525.407876] bprm_execve+0x123/0x1b00 [ 2525.408714] ? get_arg_page+0x153/0x200 06:13:22 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2525.409620] ? acct_arg_size+0xe0/0xe0 [ 2525.410585] ? open_exec+0x70/0x70 [ 2525.411355] ? memcpy+0x39/0x60 [ 2525.412085] ? copy_strings.isra.0+0x492/0x690 [ 2525.413086] ? copy_string_kernel+0x3ad/0x440 [ 2525.414109] do_execveat_common.isra.0+0x524/0x670 [ 2525.415276] __x64_sys_execveat+0xe7/0x130 [ 2525.416216] do_syscall_64+0x33/0x40 [ 2525.417036] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2525.418195] RIP: 0033:0x466609 [ 2525.418914] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2525.422964] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2525.424635] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2525.426218] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2525.427787] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2525.429366] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2525.430952] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 06:13:22 executing program 4 (fault-call:7 fault-nth:29): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:13:22 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0xf5ffffff00000000, 0x0, 0x0) 06:13:22 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_setup(0x1001, &(0x7f0000000080)={0x0, 0x2fe1, 0x18}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x18}, 0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x4, 0x0, @fd=r0, 0x8000, &(0x7f0000000000)=[{&(0x7f0000000200)=""/188, 0xbc}], 0x1, 0x4, 0x1, {0x0, r5}}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) r6 = openat$null(0xffffffffffffff9c, &(0x7f0000000340), 0x8000, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r6, 0x800c6613, &(0x7f0000000380)=@v2={0x2, @aes256, 0x8, '\x00', @d}) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 2525.654459] FAULT_INJECTION: forcing a failure. [ 2525.654459] name failslab, interval 1, probability 0, space 0, times 0 [ 2525.655832] CPU: 0 PID: 16150 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2525.656710] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2525.657964] Call Trace: [ 2525.658255] dump_stack+0x107/0x163 [ 2525.658653] should_fail.cold+0x5/0xa [ 2525.659067] ? create_object.isra.0+0x3a/0xa10 [ 2525.659578] should_failslab+0x5/0x10 [ 2525.659988] kmem_cache_alloc+0x5b/0x350 [ 2525.660425] create_object.isra.0+0x3a/0xa10 [ 2525.660926] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2525.661484] __kmalloc_node+0x1b0/0x4a0 [ 2525.661941] kvmalloc_node+0x61/0xf0 [ 2525.662343] alloc_fdtable+0xcd/0x280 [ 2525.662780] dup_fd+0x71a/0xc50 [ 2525.663141] unshare_files+0x16c/0x260 [ 2525.663583] ? __ia32_sys_unshare+0x40/0x40 [ 2525.664067] ? rcu_read_lock_sched_held+0x3a/0x70 [ 2525.664607] ? trace_rss_stat+0x174/0x210 [ 2525.665063] bprm_execve+0x123/0x1b00 [ 2525.665507] ? get_arg_page+0x153/0x200 [ 2525.665956] ? acct_arg_size+0xe0/0xe0 [ 2525.666392] ? open_exec+0x70/0x70 [ 2525.666799] ? memcpy+0x39/0x60 [ 2525.667239] ? copy_strings.isra.0+0x492/0x690 [ 2525.667892] ? copy_string_kernel+0x3ad/0x440 [ 2525.668510] do_execveat_common.isra.0+0x524/0x670 [ 2525.669212] __x64_sys_execveat+0xe7/0x130 [ 2525.669789] do_syscall_64+0x33/0x40 [ 2525.670299] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2525.670983] RIP: 0033:0x466609 [ 2525.671438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2525.673910] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2525.674983] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2525.676016] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2525.676914] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2525.677779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2525.678571] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 [ 2525.698466] FAULT_INJECTION: forcing a failure. [ 2525.698466] name failslab, interval 1, probability 0, space 0, times 0 [ 2525.699855] CPU: 0 PID: 16161 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2525.700629] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2525.701887] Call Trace: [ 2525.702231] dump_stack+0x107/0x163 [ 2525.702719] should_fail.cold+0x5/0xa [ 2525.703156] ? kvmalloc_node+0x61/0xf0 [ 2525.703585] should_failslab+0x5/0x10 [ 2525.704007] __kmalloc_node+0x76/0x4a0 [ 2525.704425] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2525.704992] kvmalloc_node+0x61/0xf0 [ 2525.705411] alloc_fdtable+0x138/0x280 [ 2525.705859] dup_fd+0x71a/0xc50 [ 2525.706227] unshare_files+0x16c/0x260 [ 2525.706692] ? __ia32_sys_unshare+0x40/0x40 [ 2525.707157] ? rcu_read_lock_sched_held+0x3a/0x70 [ 2525.707708] ? trace_rss_stat+0x174/0x210 [ 2525.708154] bprm_execve+0x123/0x1b00 [ 2525.708582] ? get_arg_page+0x153/0x200 [ 2525.709011] ? acct_arg_size+0xe0/0xe0 [ 2525.709469] ? open_exec+0x70/0x70 [ 2525.709855] ? memcpy+0x39/0x60 [ 2525.710220] ? copy_strings.isra.0+0x492/0x690 [ 2525.710740] ? copy_string_kernel+0x3ad/0x440 [ 2525.711228] do_execveat_common.isra.0+0x524/0x670 [ 2525.711789] __x64_sys_execveat+0xe7/0x130 [ 2525.712260] do_syscall_64+0x33/0x40 [ 2525.712687] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2525.713256] RIP: 0033:0x466609 [ 2525.713636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2525.715628] RSP: 002b:00007fda96221188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2525.716481] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 0000000000466609 [ 2525.717289] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2525.718092] RBP: 00007fda962211d0 R08: 0000000000000000 R09: 0000000000000000 [ 2525.718894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2525.719693] R13: 00007ffcd66bd11f R14: 00007fda96221300 R15: 0000000000022000 06:13:22 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, 0x0, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:13:22 executing program 4 (fault-call:7 fault-nth:30): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:13:22 executing program 1 (fault-call:9 fault-nth:33): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:13:23 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2525.977609] FAULT_INJECTION: forcing a failure. [ 2525.977609] name failslab, interval 1, probability 0, space 0, times 0 [ 2525.978917] CPU: 0 PID: 16191 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2525.979688] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2525.980920] Call Trace: [ 2525.981245] dump_stack+0x107/0x163 [ 2525.981667] should_fail.cold+0x5/0xa [ 2525.982107] ? kvmalloc_node+0x61/0xf0 [ 2525.982555] should_failslab+0x5/0x10 [ 2525.982987] __kmalloc_node+0x76/0x4a0 [ 2525.983421] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2525.984000] kvmalloc_node+0x61/0xf0 [ 2525.984398] alloc_fdtable+0x138/0x280 [ 2525.984841] dup_fd+0x71a/0xc50 [ 2525.985227] unshare_files+0x16c/0x260 [ 2525.985663] ? __ia32_sys_unshare+0x40/0x40 [ 2525.986147] ? rcu_read_lock_sched_held+0x3a/0x70 [ 2525.986693] ? trace_rss_stat+0x174/0x210 [ 2525.987165] bprm_execve+0x123/0x1b00 [ 2525.987602] ? get_arg_page+0x153/0x200 [ 2525.988043] ? acct_arg_size+0xe0/0xe0 [ 2525.988478] ? open_exec+0x70/0x70 [ 2525.988861] ? memcpy+0x39/0x60 [ 2525.989250] ? copy_strings.isra.0+0x492/0x690 [ 2525.989769] ? copy_string_kernel+0x3ad/0x440 [ 2525.990271] do_execveat_common.isra.0+0x524/0x670 [ 2525.990807] __x64_sys_execveat+0xe7/0x130 [ 2525.991279] do_syscall_64+0x33/0x40 [ 2525.991687] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2525.992266] RIP: 0033:0x466609 [ 2525.992631] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2525.994822] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2525.995687] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2525.996473] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2525.997309] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2525.998147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2525.998956] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 [ 2526.027434] FAULT_INJECTION: forcing a failure. [ 2526.027434] name failslab, interval 1, probability 0, space 0, times 0 [ 2526.029803] CPU: 1 PID: 16194 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2526.031119] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2526.033347] Call Trace: [ 2526.033860] dump_stack+0x107/0x163 [ 2526.034578] should_fail.cold+0x5/0xa [ 2526.035320] ? kvmalloc_node+0x61/0xf0 [ 2526.036079] should_failslab+0x5/0x10 [ 2526.036807] __kmalloc_node+0x76/0x4a0 [ 2526.037587] kvmalloc_node+0x61/0xf0 [ 2526.038299] alloc_fdtable+0xcd/0x280 [ 2526.039035] dup_fd+0x71a/0xc50 [ 2526.039682] unshare_files+0x16c/0x260 [ 2526.040433] ? __ia32_sys_unshare+0x40/0x40 [ 2526.041284] ? rcu_read_lock_sched_held+0x3a/0x70 [ 2526.042209] ? trace_rss_stat+0x174/0x210 [ 2526.043005] bprm_execve+0x123/0x1b00 [ 2526.043729] ? get_arg_page+0x153/0x200 [ 2526.044487] ? acct_arg_size+0xe0/0xe0 [ 2526.045277] ? open_exec+0x70/0x70 [ 2526.045961] ? memcpy+0x39/0x60 [ 2526.046593] ? copy_strings.isra.0+0x492/0x690 [ 2526.047467] ? copy_string_kernel+0x3ad/0x440 [ 2526.048340] do_execveat_common.isra.0+0x524/0x670 [ 2526.049308] __x64_sys_execveat+0xe7/0x130 [ 2526.050127] do_syscall_64+0x33/0x40 [ 2526.050837] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2526.051824] RIP: 0033:0x466609 [ 2526.052450] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2526.055997] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2526.057469] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2526.058833] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2526.060203] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2526.061600] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2526.062973] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 [ 2538.568776] kmemleak: 12 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:13:43 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:13:43 executing program 1 (fault-call:9 fault-nth:34): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:13:43 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b45, 0x2) 06:13:43 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, 0x0, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:13:43 executing program 4 (fault-call:7 fault-nth:31): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:13:43 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0xffffffffffffffff, 0x0, 0x0) 06:13:43 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:13:43 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000180), &(0x7f0000002a40)=0x0) r4 = syz_io_uring_setup(0x1, &(0x7f0000000080), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140)) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) r6 = syz_io_uring_setup(0x1001, &(0x7f0000000080)={0x0, 0x2fe1, 0x18}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r7, r8, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x18}, 0x0) r9 = openat$zero(0xffffffffffffff9c, &(0x7f0000000280), 0xc0000, 0x0) r10 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0) syz_io_uring_submit(r7, r3, &(0x7f0000000040)=@IORING_OP_FALLOCATE={0x11, 0x4, 0x0, @fd=r9, 0x9, 0x0, 0x4, 0x0, 0x0, {0x0, r10}}, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000140)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x1, 0x2007, @fd_index=0x1, 0x8, 0x0, 0x0, 0x4, 0x0, {0x2, r5}}, 0xa16) setxattr$trusted_overlay_origin(&(0x7f00000002c0)='./file1\x00', &(0x7f0000000340), &(0x7f0000000380), 0x2, 0x1) io_uring_enter(0xffffffffffffffff, 0x713a, 0x6218, 0x0, &(0x7f00000003c0)={[0x3f]}, 0x8) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 2546.009756] FAULT_INJECTION: forcing a failure. [ 2546.009756] name failslab, interval 1, probability 0, space 0, times 0 [ 2546.011828] CPU: 0 PID: 16211 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2546.012956] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2546.014551] Call Trace: [ 2546.014927] dump_stack+0x107/0x163 [ 2546.015448] should_fail.cold+0x5/0xa [ 2546.015991] ? create_object.isra.0+0x3a/0xa10 [ 2546.016635] should_failslab+0x5/0x10 [ 2546.017170] kmem_cache_alloc+0x5b/0x350 [ 2546.017749] create_object.isra.0+0x3a/0xa10 [ 2546.018358] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2546.019071] __kmalloc_node+0x1b0/0x4a0 [ 2546.019635] kvmalloc_node+0x61/0xf0 [ 2546.020153] alloc_fdtable+0x138/0x280 [ 2546.020690] dup_fd+0x71a/0xc50 [ 2546.021165] unshare_files+0x16c/0x260 [ 2546.021732] ? __ia32_sys_unshare+0x40/0x40 [ 2546.022331] ? rcu_read_lock_sched_held+0x3a/0x70 [ 2546.022997] ? trace_rss_stat+0x174/0x210 [ 2546.023574] bprm_execve+0x123/0x1b00 [ 2546.024100] ? get_arg_page+0x153/0x200 [ 2546.024662] ? acct_arg_size+0xe0/0xe0 [ 2546.025199] ? open_exec+0x70/0x70 [ 2546.025713] ? memcpy+0x39/0x60 [ 2546.026167] ? copy_strings.isra.0+0x492/0x690 [ 2546.026796] ? copy_string_kernel+0x3ad/0x440 [ 2546.027422] do_execveat_common.isra.0+0x524/0x670 [ 2546.028112] __x64_sys_execveat+0xe7/0x130 [ 2546.028712] do_syscall_64+0x33/0x40 [ 2546.029239] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2546.029962] RIP: 0033:0x466609 [ 2546.030415] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2546.032960] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2546.034029] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2546.035019] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2546.036012] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2546.037014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2546.038025] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 [ 2546.045778] FAULT_INJECTION: forcing a failure. [ 2546.045778] name failslab, interval 1, probability 0, space 0, times 0 [ 2546.047465] CPU: 0 PID: 16208 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2546.048456] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2546.050133] Call Trace: [ 2546.050502] dump_stack+0x107/0x163 [ 2546.051015] should_fail.cold+0x5/0xa [ 2546.051544] ? kvmalloc_node+0x61/0xf0 [ 2546.052090] should_failslab+0x5/0x10 [ 2546.052612] __kmalloc_node+0x76/0x4a0 [ 2546.053170] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2546.053889] kvmalloc_node+0x61/0xf0 [ 2546.054405] alloc_fdtable+0x138/0x280 [ 2546.054975] dup_fd+0x71a/0xc50 [ 2546.055447] unshare_files+0x16c/0x260 [ 2546.055990] ? __ia32_sys_unshare+0x40/0x40 [ 2546.056587] ? rcu_read_lock_sched_held+0x3a/0x70 [ 2546.057279] ? trace_rss_stat+0x174/0x210 [ 2546.057870] bprm_execve+0x123/0x1b00 [ 2546.058396] ? get_arg_page+0x153/0x200 [ 2546.058968] ? acct_arg_size+0xe0/0xe0 [ 2546.059502] ? open_exec+0x70/0x70 [ 2546.060019] ? memcpy+0x39/0x60 [ 2546.060490] ? copy_strings.isra.0+0x492/0x690 [ 2546.061121] ? copy_string_kernel+0x3ad/0x440 [ 2546.061770] do_execveat_common.isra.0+0x524/0x670 [ 2546.062482] __x64_sys_execveat+0xe7/0x130 [ 2546.063087] do_syscall_64+0x33/0x40 [ 2546.063617] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2546.064353] RIP: 0033:0x466609 [ 2546.064814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2546.067475] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2546.068565] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2546.069600] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2546.070610] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2546.071637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2546.072658] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 06:13:43 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:13:43 executing program 4 (fault-call:7 fault-nth:32): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:13:43 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x8) 06:13:43 executing program 1 (fault-call:9 fault-nth:35): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:13:43 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, 0x0, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:13:43 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0x81, 0x4) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000400)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x2a, 0x0, "4c774fc207b2764cc639d766f1a8bf75fa858b606ad21530ecaf8b152bc099032178945d2ed02d555131e75488a37329ea68553a3c06f898b0415d06e9edb87c74d7bb428a4657b3929ce7c15f973a5f"}, 0xd8) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendmsg$inet6(r0, &(0x7f0000001b00)={0x0, 0x0, &(0x7f0000001880)=[{&(0x7f0000000600)="1faa95adceba8300eb24247ed4d5e2cb0be4466a69b9845b80", 0x19}, {&(0x7f0000000640)="6ac4db8851f25d2282d3b05e33024ae2967454bc314f53cdf5fae543bad7135d256610c76ff0d3d57916adc05dff78a0183db8784c112365a54662fb37e74fc44265548de1ddf06a633edc96a9ef9fdab368bbb8ba4ccb8bda9e036d017b766b617cd138693110cc672e4279f7a691cdf6db9e41ec97bd7d349713e1c123999c90823daacae4bc7af46dab6c170b27ce62c3624d4b9c4fc8a7b4e2bf6f6115b906f0a8c574bfe8fcbbc2bbeb76d27fdac46eb972677d2401fbb8b58489822dd7447a34b3ab51793286b52059df8295849f4c70158a71d7b2d49bfca7b435969c4c166cc41fe304a4060fc37000cd8e3a24fc9293f2b53bcdcc06ac99b3285103cb640f68a67462127f4a59bb610c6af22f11b1d5e701795f364ea1b7f229dcbd7f0ab5f9a926aaa3adb9a14a08514046f2cc5fc7c3e84c481ac404250c22b9caa390950ffc70f2b759645713f1dcdcc8657e8d793bb2d8fd847a4d0180995f6ef39a2d09675decd0e9e0b6be28e5b47daa5d5b8253f56daadf8975a93c0ae5158818040bfae06fbc927cf647fd16cb1a765f623b002cbe73a2e7bf09caad12dbfea39cc1f201841832ca02a1aceac1f79b8b37c5300f7f94ba3111518874dc958e644f6a288ef0e50c898495f6de4ac6e3e3c5daead482abe982d10b4590a183327eb81087f132120d793f6d31d19553a65f5a64f9e03de2bd145ee5af59344fca6400bf330f79eca31458933268c1f60f0fe9f18b75f4ea226844f9a7d6a0d640e3d06e7cd6c25d3414b09e56f1d7ffcd1cde1307f312ed3b25673df10e8de0be91e67e7259961a039dc5f04930a08da0865ba0f442da5b71ddc0d82e6f51478d4106de6c98d55ad135d88104ca7cf5e347565f58ba2ae1cacf2471963b43dae4ba25ca7326cae6c18d4ad2a9b4abfd534090501c1e461402f5772d2f4ddb0e7fcaed4319f09622b17e7e68f96a88c543ba5c570ebd8c5eb63637041c235622736dc4a1f641dbe6c2fdaa08f81a42d2712da53b01e60b257c1f6b45b98f7adb48218d8fbfa74f761994eee9166d5f044794cb03acd7b9d9c6f038aece468a9b444f24ce23e1ddf8a578ffd4b82f34f9be83d6683c581174a45898e116603f067044c3954305a87aa043c1247c3c5b3f22b1f95be0548897f830bb64d3ed8d23153ae1fef60c9819fcff95670a8049b2dd5024d834ad266220b03778199b346cf1afef021557545aa5ca9821e4996180583f17ede0e5f80ca972edcbabe087fb0098410085035ed89a6c192cc2d68235a64382e8b3bf6ee5abc6b256f4627e4f8ee8508cc00ed59f795a0869090b15418c0c4429f5f1ee1b9cff7fff0258d97b5f71c3c3b4fa8e763e6cf560e9d1a1007fcef0179664ecba7038a6e713dd30caea7539a01c70a29da17267685c84a9f13aab5c8dbb7e1bf15ed89db99628495ea7e456be0431f0eca4c991e5998f3e26277b1455dea375982ab6ca884895c5c25d0dedfff72c3d1dfe29ee8fc0602623e9351fae69c5b091fd714e07b41dc08dbddac2814d12669610389dec3668403482709edadf34ef552d5ae545c03fd01316de1058e7ae9ac97778436ae1da91437cdba17b78094177c2e9c440f8846fa26429ad94c3a3422c205a1044bc82e05518deab49f398f099fd01a90b3a50b741c78dc2f44249d9728370b6fc8795ef1ed5e98944cf9b69467c393237d85a52a38293ebb0c2cb4cbf51748083c97e4dbcc3b6d11c7ddedc584663dd8b9b2cab85baa499633d614bad47ba0a4f9bbedb830b7bc555be6285a593199f96b6389229bc28ee757e52a0cd70dc4197231eee8d18033b657b9190a622dccdad08efb1b194eb1c0b97b98a3895d5bfc2a38a6736f00349eee50252ba3d696ea71e3b3b6f4577c5de56b93cc926eb5b65741322072289de6f5907ec2d8649e76c33c0038484a73fc2bbbd2d94ce2d2e9d75f5388e96ed474cb0f9223e22105a59ca21e002883f70e4802184e1ba830d407d54c392545d858ee84c3a3b5ddbbee3314aa5f58ff9dda2558bb1ed999369b48b83039591ec65f7a268acfa22bae9cf98bb01e1cec4ec9e9b23f50e10155b17d13adbaae29a81cb96bad7f5313e402b64517a4e5505b6571fdbb776c45f8fa0621e6252c83c8d4c22ac46f773fa11ffb11a0e696c5b0886649301fe009b82a9a1cc791f360051e4676c6d3cccf0db43effc9a4dfedbc6ef5f0908cf13173cb67ea9ef31808402b3708374fa703bbcd29fd35552ab29a3655e88a0f32ca4d2ca2bc72c761aa204805c71ab9aa2c4a5f18ebe72c9eb7847e3a149f391f6172e80fb71e72bff98fd1d663155574b98b677323ab8969c83ec3e79ee162167109f1bbaf145ca37a8eedaaa30b38153098ac15e3de1816d16dfd2a14fe24b74fbc8f54c727f28662ed3bcd645e1df477e", 0x6ba}], 0x2}, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x1b, &(0x7f0000000340)=0x81, 0x4) bind$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000400)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x2a, 0x0, "4c774fc207b2764cc639d766f1a8bf75fa858b606ad21530ecaf8b152bc099032178945d2ed02d555131e75488a37329ea68553a3c06f898b0415d06e9edb87c74d7bb428a4657b3929ce7c15f973a5f"}, 0xd8) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendmsg$inet6(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, &(0x7f0000001880)=[{&(0x7f0000000600)="1faa95adceba8300eb24247ed4d5e2cb0be4466a69b9845b80", 0x19}, {&(0x7f0000000640)="6ac4db8851f25d2282d3b05e33024ae2967454bc314f53cdf5fae543bad7135d256610c76ff0d3d57916adc05dff78a0183db8784c112365a54662fb37e74fc44265548de1ddf06a633edc96a9ef9fdab368bbb8ba4ccb8bda9e036d017b766b617cd138693110cc672e4279f7a691cdf6db9e41ec97bd7d349713e1c123999c90823daacae4bc7af46dab6c170b27ce62c3624d4b9c4fc8a7b4e2bf6f6115b906f0a8c574bfe8fcbbc2bbeb76d27fdac46eb972677d2401fbb8b58489822dd7447a34b3ab51793286b52059df8295849f4c70158a71d7b2d49bfca7b435969c4c166cc41fe304a4060fc37000cd8e3a24fc9293f2b53bcdcc06ac99b3285103cb640f68a67462127f4a59bb610c6af22f11b1d5e701795f364ea1b7f229dcbd7f0ab5f9a926aaa3adb9a14a08514046f2cc5fc7c3e84c481ac404250c22b9caa390950ffc70f2b759645713f1dcdcc8657e8d793bb2d8fd847a4d0180995f6ef39a2d09675decd0e9e0b6be28e5b47daa5d5b8253f56daadf8975a93c0ae5158818040bfae06fbc927cf647fd16cb1a765f623b002cbe73a2e7bf09caad12dbfea39cc1f201841832ca02a1aceac1f79b8b37c5300f7f94ba3111518874dc958e644f6a288ef0e50c898495f6de4ac6e3e3c5daead482abe982d10b4590a183327eb81087f132120d793f6d31d19553a65f5a64f9e03de2bd145ee5af59344fca6400bf330f79eca31458933268c1f60f0fe9f18b75f4ea226844f9a7d6a0d640e3d06e7cd6c25d3414b09e56f1d7ffcd1cde1307f312ed3b25673df10e8de0be91e67e7259961a039dc5f04930a08da0865ba0f442da5b71ddc0d82e6f51478d4106de6c98d55ad135d88104ca7cf5e347565f58ba2ae1cacf2471963b43dae4ba25ca7326cae6c18d4ad2a9b4abfd534090501c1e461402f5772d2f4ddb0e7fcaed4319f09622b17e7e68f96a88c543ba5c570ebd8c5eb63637041c235622736dc4a1f641dbe6c2fdaa08f81a42d2712da53b01e60b257c1f6b45b98f7adb48218d8fbfa74f761994eee9166d5f044794cb03acd7b9d9c6f038aece468a9b444f24ce23e1ddf8a578ffd4b82f34f9be83d6683c581174a45898e116603f067044c3954305a87aa043c1247c3c5b3f22b1f95be0548897f830bb64d3ed8d23153ae1fef60c9819fcff95670a8049b2dd5024d834ad266220b03778199b346cf1afef021557545aa5ca9821e4996180583f17ede0e5f80ca972edcbabe087fb0098410085035ed89a6c192cc2d68235a64382e8b3bf6ee5abc6b256f4627e4f8ee8508cc00ed59f795a0869090b15418c0c4429f5f1ee1b9cff7fff0258d97b5f71c3c3b4fa8e763e6cf560e9d1a1007fcef0179664ecba7038a6e713dd30caea7539a01c70a29da17267685c84a9f13aab5c8dbb7e1bf15ed89db99628495ea7e456be0431f0eca4c991e5998f3e26277b1455dea375982ab6ca884895c5c25d0dedfff72c3d1dfe29ee8fc0602623e9351fae69c5b091fd714e07b41dc08dbddac2814d12669610389dec3668403482709edadf34ef552d5ae545c03fd01316de1058e7ae9ac97778436ae1da91437cdba17b78094177c2e9c440f8846fa26429ad94c3a3422c205a1044bc82e05518deab49f398f099fd01a90b3a50b741c78dc2f44249d9728370b6fc8795ef1ed5e98944cf9b69467c393237d85a52a38293ebb0c2cb4cbf51748083c97e4dbcc3b6d11c7ddedc584663dd8b9b2cab85baa499633d614bad47ba0a4f9bbedb830b7bc555be6285a593199f96b6389229bc28ee757e52a0cd70dc4197231eee8d18033b657b9190a622dccdad08efb1b194eb1c0b97b98a3895d5bfc2a38a6736f00349eee50252ba3d696ea71e3b3b6f4577c5de56b93cc926eb5b65741322072289de6f5907ec2d8649e76c33c0038484a73fc2bbbd2d94ce2d2e9d75f5388e96ed474cb0f9223e22105a59ca21e002883f70e4802184e1ba830d407d54c392545d858ee84c3a3b5ddbbee3314aa5f58ff9dda2558bb1ed999369b48b83039591ec65f7a268acfa22bae9cf98bb01e1cec4ec9e9b23f50e10155b17d13adbaae29a81cb96bad7f5313e402b64517a4e5505b6571fdbb776c45f8fa0621e6252c83c8d4c22ac46f773fa11ffb11a0e696c5b0886649301fe009b82a9a1cc791f360051e4676c6d3cccf0db43effc9a4dfedbc6ef5f0908cf13173cb67ea9ef31808402b3708374fa703bbcd29fd35552ab29a3655e88a0f32ca4d2ca2bc72c761aa204805c71ab9aa2c4a5f18ebe72c9eb7847e3a149f391f6172e80fb71e72bff98fd1d663155574b98b677323ab8969c83ec3e79ee162167109f1bbaf145ca37a8eedaaa30b38153098ac15e3de1816d16dfd2a14fe24b74fbc8f54c727f28662ed3bcd645e1df477e", 0x6ba}], 0x2}, 0x0) setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, &(0x7f0000000280)="43bc23a9efd605d55c7dd3dae1a452d0", 0x10) getsockopt$inet6_tcp_buf(r0, 0x6, 0x1f, &(0x7f0000000200)=""/93, &(0x7f0000000000)=0x5d) r1 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r1}, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r1, 0x0, 0x0}, 0xa16) io_uring_enter(r1, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 2546.335660] FAULT_INJECTION: forcing a failure. [ 2546.335660] name failslab, interval 1, probability 0, space 0, times 0 [ 2546.337220] CPU: 0 PID: 16356 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2546.338003] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2546.339256] Call Trace: [ 2546.339610] dump_stack+0x107/0x163 [ 2546.340092] should_fail.cold+0x5/0xa [ 2546.340526] ? prepare_creds+0x29/0x670 [ 2546.340971] should_failslab+0x5/0x10 [ 2546.341400] kmem_cache_alloc+0x5b/0x350 [ 2546.341871] prepare_creds+0x29/0x670 [ 2546.342295] prepare_exec_creds+0xd/0x250 [ 2546.342755] bprm_execve+0x1e3/0x1b00 [ 2546.343181] ? get_arg_page+0x153/0x200 [ 2546.343623] ? acct_arg_size+0xe0/0xe0 [ 2546.344057] ? open_exec+0x70/0x70 [ 2546.344444] ? memcpy+0x39/0x60 [ 2546.344811] ? copy_strings.isra.0+0x492/0x690 [ 2546.345324] ? copy_string_kernel+0x3ad/0x440 [ 2546.345823] do_execveat_common.isra.0+0x524/0x670 [ 2546.346375] __x64_sys_execveat+0xe7/0x130 [ 2546.346851] do_syscall_64+0x33/0x40 [ 2546.347265] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2546.347834] RIP: 0033:0x466609 [ 2546.348191] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2546.350255] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2546.351107] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2546.351896] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2546.352691] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2546.353491] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2546.354306] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 [ 2546.369934] FAULT_INJECTION: forcing a failure. [ 2546.369934] name failslab, interval 1, probability 0, space 0, times 0 [ 2546.371971] CPU: 1 PID: 16365 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2546.373037] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2546.375405] Call Trace: [ 2546.375987] dump_stack+0x107/0x163 [ 2546.376774] should_fail.cold+0x5/0xa [ 2546.377607] ? create_object.isra.0+0x3a/0xa10 [ 2546.378582] should_failslab+0x5/0x10 [ 2546.379409] kmem_cache_alloc+0x5b/0x350 [ 2546.380291] create_object.isra.0+0x3a/0xa10 [ 2546.381231] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2546.382348] __kmalloc_node+0x1b0/0x4a0 [ 2546.383222] kvmalloc_node+0x61/0xf0 [ 2546.384031] alloc_fdtable+0x138/0x280 [ 2546.384870] dup_fd+0x71a/0xc50 [ 2546.385602] unshare_files+0x16c/0x260 [ 2546.386437] ? __ia32_sys_unshare+0x40/0x40 [ 2546.387376] ? rcu_read_lock_sched_held+0x3a/0x70 [ 2546.388417] ? trace_rss_stat+0x174/0x210 [ 2546.389313] bprm_execve+0x123/0x1b00 [ 2546.390158] ? get_arg_page+0x153/0x200 [ 2546.391021] ? acct_arg_size+0xe0/0xe0 [ 2546.391865] ? open_exec+0x70/0x70 [ 2546.392626] ? memcpy+0x39/0x60 [ 2546.393367] ? copy_strings.isra.0+0x492/0x690 [ 2546.394373] ? copy_string_kernel+0x3ad/0x440 [ 2546.395355] do_execveat_common.isra.0+0x524/0x670 [ 2546.396427] __x64_sys_execveat+0xe7/0x130 [ 2546.397353] do_syscall_64+0x33/0x40 [ 2546.398198] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2546.399305] RIP: 0033:0x466609 [ 2546.400008] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2546.404043] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2546.405738] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2546.407295] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2546.408861] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2546.410441] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2546.412023] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 06:13:43 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:13:43 executing program 4 (fault-call:7 fault-nth:33): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:13:43 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, 0x0, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:13:43 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x2000) [ 2546.637052] FAULT_INJECTION: forcing a failure. [ 2546.637052] name failslab, interval 1, probability 0, space 0, times 0 [ 2546.638305] CPU: 0 PID: 16390 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2546.639030] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2546.640221] Call Trace: [ 2546.640511] dump_stack+0x107/0x163 [ 2546.640903] should_fail.cold+0x5/0xa [ 2546.641313] ? create_object.isra.0+0x3a/0xa10 [ 2546.641806] should_failslab+0x5/0x10 [ 2546.642212] kmem_cache_alloc+0x5b/0x350 [ 2546.642646] create_object.isra.0+0x3a/0xa10 [ 2546.643122] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2546.643655] kmem_cache_alloc+0x15b/0x350 [ 2546.644099] prepare_creds+0x29/0x670 [ 2546.644511] prepare_exec_creds+0xd/0x250 [ 2546.644961] bprm_execve+0x1e3/0x1b00 [ 2546.645363] ? get_arg_page+0x153/0x200 [ 2546.645798] ? acct_arg_size+0xe0/0xe0 [ 2546.646213] ? open_exec+0x70/0x70 [ 2546.646595] ? memcpy+0x39/0x60 [ 2546.646941] ? copy_strings.isra.0+0x492/0x690 [ 2546.647428] ? copy_string_kernel+0x3ad/0x440 [ 2546.647918] do_execveat_common.isra.0+0x524/0x670 [ 2546.648443] __x64_sys_execveat+0xe7/0x130 [ 2546.648900] do_syscall_64+0x33/0x40 [ 2546.649292] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2546.649843] RIP: 0033:0x466609 [ 2546.650189] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2546.652143] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2546.652937] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2546.653715] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2546.654472] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2546.655227] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2546.655979] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 [ 2560.886191] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:14:06 executing program 1 (fault-call:9 fault-nth:36): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:14:06 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, 0x0, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:14:06 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x80ffff) 06:14:06 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, 0x0, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:14:06 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:14:06 executing program 4 (fault-call:7 fault-nth:34): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:14:06 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) r3 = perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='attr/keycreate\x00') write$P9_RLOPEN(r4, &(0x7f0000000200)={0x18, 0xd, 0x1, {{0x0, 0x0, 0x5}, 0x6}}, 0x18) r5 = dup3(r4, r3, 0x0) io_uring_enter(r4, 0x58c7, 0xcbd9, 0x0, &(0x7f0000000000)={[0x10000]}, 0x8) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) r6 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x93, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = creat(&(0x7f0000000000)='./file0\x00', 0x0) unlink(&(0x7f0000000040)='./file0\x00') syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) tkill(0x0, 0x12) getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000007e00)={0x0, 0x0}, &(0x7f0000007e40)=0xc) r9 = getegid() setresgid(r9, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000007f40)=[{&(0x7f0000000280)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f0000000600)=[{&(0x7f0000000340)="5d9e3536a45aa78aad610c7403819f3901d2fde7909636f97d11fdd5d3ebcc967ae96483d76f1d75edd72eebc7dfeb859ca03c", 0x33}, {&(0x7f0000000380)="5212f56b080e4c396d2b52c1181670bf45ebf613e28648d09dbc93213ca658", 0x1f}, {&(0x7f00000003c0)="590194843eabb763a0c0f0b6075e2c834f39cf8041cc4494bb6d19b4f06fd1ccca497d71a866b29b107f40ff1da46e02f0f7583d3d005bf1c36df392e9b3835ffe33744ccb0ae95cd8b89eb40fd5d270435ac466", 0x54}, {&(0x7f0000000440)="52df77f05df9267bbaa25e376265f3f615aee3376c345d410643b11bb24fb7798ba1d27ef2040891d5a0395fd01567326bca8c123cd283e00a9452a469de9e62b38297f188159730c6", 0x49}, {&(0x7f00000004c0)="51673e9c93eb512d81dfcfc4ccdf27fb2110d4d0357fc1", 0x17}, {&(0x7f0000000580)="1fe8e141b4a7281c0830fbbafb6175007600ce90ebdece3eb96e78cac9d13a4d7c031b3986367a2eedee9990c9473145ada2d260bc4858ee30e085823e3aaf2a40b91887ce4211b72d6cb14ef385aa", 0x4f}], 0x6, &(0x7f0000000940)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xee01, 0xee01}}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee01}}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x34, 0x1, 0x1, [r6, r4, 0xffffffffffffffff, 0xffffffffffffffff, r3, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r4]}}], 0xb0, 0x4}, {&(0x7f0000000a00)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000000d80)=[{&(0x7f0000000a80)="03bd279399a8d998db07b8e8d8b9cfb8093d4d083f0c5585d75e22eab6accd1a6cc223ee2ce1b733f2473bec0f7f8d8a0dcb062a3439d91960db839e713ca63fae87adee301e5799d20a04b54afd1720f4b99193d2b11de4cae33d85fa376d03c01d37b1cabc2e2d54f3545a57d676e5ded768834144a5c580d5e3048ad5f77b642ead3cf1b47baa4e0b916d1749ed7ddf5b4b6ae369979f03fe55efda278deb514289a42e1bd1ec4eceeea35acd3646a2238833d7f5f1fa118538558f9fb641", 0xc0}, {&(0x7f0000000b40)="94cd5ba13a9657acca8c07bb2426875221955c3a9f70c2d4973c4993dc0fcd2ded9442fff4e6dff577982b4e9d3fb28f1beee167f824b8790002397357f543de9e92dc8cb5bb2639618b3971b3cd32d998bd39754fdecd19a285db8f8ebca6e68071df1dc6d5d9e287af8b4513318ae23cf7e562e15e03f421e76ab9264f0dc1da8bb58780d1c1c4c7a88ea9588cee75017070be79ec0d75e553a12bb07c4c5210d2b9a396138c29d59ee03e70c5639e50a1d82acc11c1c2fe2a685384709a3caa8c52c785a2c0929e0c3e7c4a629ead0669895178eb3d35d85d0758341dfc33dd223941dc9e81e64c156d6a1661398f", 0xf0}, {&(0x7f0000000c40)}, {&(0x7f0000000c80)="53bde8873817077d835ed06628f78553492ddafe77455162c46a717de6c71d4a5125277becaf6b6c54ba5a71e6e9cd5eb88e75d04e1d6a4b0730807faa2ecfcad7b66393f38dd99b05c50e03849609e3a95e3d3d2fbf8af73bc3acd1dc4cb87dedb93b6b18a3180d5febf74e8069788c91de9fdbe5668564b0f88a5c8cd9792d251ad27460fd19a1080fdc33c26d7979a4515328fcb54df807db63e9e1803d4d4a9236ce7a4fac16b3810eaa4a099981a5f54d9e235a34eec954911c283e7bf43677e0816cfaab32e952cb31590b1d134daed27db7f3615077c470e366", 0xdd}], 0x4, &(0x7f0000000f40)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xee01, 0xee00}}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, r6, r3, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r3, r5]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xffffffffffffffff, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xffffffffffffffff}}}, @rights={{0x1c, 0x1, 0x1, [r3, 0xffffffffffffffff, r7]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, r6]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff}}}, @cred={{0x1c}}], 0x110, 0x840}, {&(0x7f0000001080)=@file={0x1, './file1\x00'}, 0x6e, &(0x7f00000015c0)=[{&(0x7f0000001100)="a0323649a6eb5943f4d249733b15593b71f63a101c55f14d08b9f28c1137e0e6298522509704268fa136b88071e3ea73cbc66e35a82c8451df013ca89e0ff564ae19ba8880885d2a5c5ea8f4041f52f98d767e65e046521be089da2a9a57958e9562b2c2054ca3", 0x67}, {&(0x7f0000001180)="8641c39ec064b416563c2be9dc9a60a5c34209933b878f2c899a564b8afefb1fbd93c5af3d3fb2e794dcf1b4b1f6930ceebebfe0f976a7d382edda1b522f76f930440236a241082707859d47253be2e9ae0e73dcfaa7779c8a6320086980ac2a62b28043da5526f0d5b89736bfb311d256537c71f5ca79a10dd3773d0cca99", 0x7f}, {&(0x7f0000001200)="49f85933af9089a4eb36e80b86838be14948a1ba2d44a8dd391a37255b48ba004446ee18603839b4f83502a080267e4c768dab832b9cf44b34adbe7b2e339727da32b36d7d1e316e0e9253e6290c0068e96cea34476ceeefe4d8c81e8068fbe6f4b79236c92088f8a1af856f836fdb906765f65f643595e65d9f6eddbe79032b662de98873d78b42f0e29ccd18cf691e4353d12ee6945052b5aac90fe72f08dc59f471bf779f8a419f7001465f48f3daac6e56ca8a2a982945121946bd33753b7d143b78971dba248d71e8f67aa4353c551b228f4661ebd1990722f7e969b42a65564a4dd8c29c2482b186d469fc8655636a2081ce0aff004c314263e2c9", 0xfe}, {&(0x7f0000001300)="be30fdc64dd2e3cf61cbf72fff0ea7c81e83cb853cae6a0da45acd774101aeef43cd2b07806fb1f857d17ff891677be4d5ab0a3a4fd6caa9edbb", 0x3a}, {&(0x7f0000001340)="1df9b122fb49a183cfbcc1e29eb2c9399da53361c4015e265634fd2accc4f80550eae17e754bef4cc006d866ef11e97a5d2016511e3368006a2fe4fbf27942cde216a5c0a068559e46b13b4eec7696b00514624614130e9528224716723e04d04fdb022ec79df455c9f87f39fba91123d8a7ec4f5920d831270ac9fd9b5ea5083df8f9ff68e4400890796f982ef9cf975d109312a3d0db49e0bf7130ec0f7600e5f9db1580d6a69c9e17bb76a2839dacabbebea1ddd97a615cf3700cb082f327904b04a0aad36963e7f0b5fd27d670d087896d3335d8d0493badfe219141f1604410de6a608bf38dc14cb132e03cb7254f758be9eb44", 0xf6}, {&(0x7f0000001440)="90b962d77daa5a43e8bfbe2ad2fb10086e0068a0cd7b324a9a6aa6ec75eaaf5747f9cead379b7337e69d8c957491e7ca426be535534783e799338338a38f982afa21108c4a59a37aa266046a7f6ba2b46265e79b72a0c01a59a35044cc044aea7b5ffaca1aaa2ed8df4616b391323f0436b49bfc9b4b05383847ec620e09e244aed047587c110c09cc5e7e852240612ac9b94f6d1fcd8098a45df05ecc1ad5efed18de76ec72d2c2c43e7c9b16a8668bd0a10efe04dedf1f294dac44676af6ef53c2848589b2a58905b32f60557804a3fc64715310cae7013dba5b6b34fd018c2d03ce", 0xe3}, {&(0x7f0000001540)="e50c049ea9abccf58b", 0x9}, {&(0x7f0000001580)="e6180be6279d992c00faa6eddf5e5b53d429c9a56b50b5cbd536c30665b6", 0x1e}], 0x8, &(0x7f0000001ac0)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff, 0xee01}}}, @rights={{0x14, 0x1, 0x1, [r5]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff}}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, r0]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff}}}], 0x90, 0x1040}, {&(0x7f0000001b80)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f0000001d00)=[{&(0x7f0000001c00)="5290a9acd088d2e6144c02", 0xb}, {&(0x7f0000001c40)="2158144a38bc34ef6e8dbe2e96ac8a4d75550c4f3986a00f6df9ffcff91807dffa3c2240ab3d8d7afbc631c8137c67f5a017417a8716d54adff80bf68e0ccb2078afadd7a0438bf719d1f657c776512a0e56a9aeb12562582673f2c22a680b7cb548fdb2a95bc4eac652c71a3c541ecf2eb78e7374fcfe6a91483907b63d7bbaf96a65ab4ca8728c040ac7026ad3e4bfbebfc94477d1078f0385296f3adf1faade1da2e40ab5d7b06ec6f0ee0caab457257267148595a61b0079", 0xba}, {&(0x7f0000002a80)="078b2e7098d680a9fa82cbdfe797d4a7798835239eef61c7ea85c50a2ea10ab2e57211922488fd1d91d70ef6f6601e687007093a8ea9ca5cfe54dce6250620fe3b75572e3cbfe4c2e9b0073c6ee3b098070e66020ebb22541b01e3c0b5e53a3fa2b656acf4da2f909ab169c8bc661f9d79b0ac3dea9aee5a802c7b93da3c1e3be63f2c331cb35822eda1a6ecedf70fd46e2bf56e25f314429732deb99e577f096cff57dd3eb7fe27b5c85ebd97c6028d1169493611b331b0aae8f2ee9596ac242160226dd7635b69ff6bc689786045edddda14e7f9650c982b07cee0d83490a8d6239a8a94f58c4bdd876dd143bc6aea6b90c6fdbe5d9ac104c72b50b2927385526a38b0c0161ad74227ccc4c53fe86bf0228b3390f1f231e94d5bb2a59b4569f1ac5e13234d2f84c633a817fcbe26e57404d188a4342dcc60fe345d1787d788262bd284d9288f193104003ae3d19a74460e81993954d19c4b5db269becdd85134f7291dc0460d7d1e041ff8800e2731afcfd77429a6c9523c2cc02e7484160c4d10ee113b434e59bb0857b7982e49bcb3cd643786ac5c04f375748c003af9e502294d4e826f2cd07786a16b77ccee2c94ba74acea8df085c8c43558bd67bf1a95f1648559515e6e3e25e4b81f5ea9288c17013aaf51ea713e4a4abf946eee51b9fe52c394d0054f2422219fd62ffb06f90032f13443a6b2ad35ade0c306e7d2f5e7450ffb7106f685ef8d7e17cccec7a32198f03f348a17d5adb814fdccf525e6ab1bf6993c3d9aa37651657aa705184eb06a1ddc68c5008c55372d406cf805051fe2ef2a883ee3a4116dfa4e0593823c7e5044eceeae24bf4d0579461719a200747f196fbafdcc1f163d9901927551d96a1ac70c210df802e40f4d9a8ac10ca4c061fcfc27c35a294a22b68e93ed8713564a7cba059f4cae97ee7dbdb92d84310bfba1f66a6f46b5fbb2e270b0d301f3692c5c09a5c347d25a465751b20c91e3eb666987191e8b36318df2bedc0439ca412e4f2047acdf9bb9b8bef43e998f67b84b1ded0873d813e43738b6a4435d7dae6c77b6a8129d8202dcbff65639680651de70a8336b5c7b0cf345a7c593f93c3e1e57c22c21b1df78dd2314c3f0f028c58f6f549a9d8a829c37317443bad3fffa92155ba5d568a27157299a0a4fdc3ce83bff1369b3a288f9267aeaaa576396cb1ca14cc54942aad0611f8dc18ae5ec742f115a06c5f04c8c11cbb92e820ac48ca8100a61ebe7197ac9e23446fc66fe377d3e143ca6d42cabfb0c0bc07035107548063029f424595da83a3e661b14b2e5da24a54a1fd151afd2d24e582d7493b2a435f5c806baa4676470b0480207f91c86eca21723e24cf252c76578e4bb60ba5f900f506c5ab7f7600277d5e85149b9526a926fa167e8f37050ed3dfa4d5cccf0d1ca4a0c674e87713873b0894686cbfcefe6e2798923236e538ce583cd227bfdc8fe98b83321b164b0ac67df28eaa0c477a9219b5fd6c330fd81bdeb7c0729003fc03e0bdcd4cd5bcb9f639473d251be26e561f5f98bc3112e59961149dd6ed96f42ba1b61d835dae981d27d4d4bdbdb171253bccf31384e78ec5c892d0784656e45e51d9a9e05a00f98ae5368b5e082424c47fc8f5d6be043893a5f4a17685559a6da3d322963d93b7904c67554f364738e6e0d9835c758f640d1e85892032ac612546edf1e562818e968fa2ee812cc14eff29526d0e1006603259adb7213e3930daf0f25c65b3fec512785887cc1b65cb7d3ab95a4daaeee95655cfba794350d6f32bb50ffd6702d0a1ac22c59586de73b3990c162006ae2e846b27dafb2270695aa2a4ce46a7ac006997666b988e484e21d24ef65aea3238cb0a0aa6918f0e5bf550136188f81243b1b4d52355347ed4734171fc10b051270e3c012213fc875cff8fe77fc6782088492fe189abcdf82a2ad17976ecb7b82af14cbb98c69339d4433059b470e5b623cdc4cb1f397f4b909e36fa036d53615525282526347f5dee821b09e01b5947a4ed9179b33526769c35a7dc52c50dec3e5d0685c417195b138d8b0b76996e6e5b7cab7d5ccc21584cdd744bb6b2f22e1476c72bfba9122d676dadaaea09ac435adff8c9913ef51f8cfb3833bd1c1684badc25d96fdc4c7e686abf705f34c14ec55b1790fe182b8db578f030dffd2a8bf86378f56dffe8d62af42f43529c7711a2beb4eab99359ec91db88c763e3731e039ea54d6211919f3d54f78dbe7c5b01af87502ea63bc82825461bde92a89e06e623568a91e25241238549c65a6334479c3fa2947dd1e2faf584882229b6bbb0fed076021939785de1b5be03848d27c27e98f3db55a50e0dcbfe093dc5e780cdc20275954dbf4d6b5f815bf446d92a1d579e7c555a4226edb3fdd1b3b6112e3ee116022f40a0dc2aa23dfbc55fb07395f95631db3381c89a705f4a8e2efb80fd24241f8bf5a32305b6aeb72e3c00c3fba909ad5279f3dd36f1e736a371980de4d700c4aa3016849f8d30ce6ad9eaafce14f7338b18a6237565493442ccc4c4354be3d090c130b49cb2fc66e226428eb922780667868ab137d554468c416292e7440c6c6c0bf7dc9ac792cde53d27d248308be73d098d775d0c680e51cb695b3467f5571aa7e99c9f2b510b1bdc09ab6ea892562c2028b0c604cc916ff6511152dbf7577d8fa0425c45a8294668d162cc2a8636e1aaa771c67fb3f4b46e7ebf609d88a39a7ce4a35a031c017ac6be09c47f86d7a8fa823e21dea0f34815073a411b839fae7946d973dd33e5518a3e41b68811078bdb0ea9065583a762a217689e974611ca91c6bbacedb0a8ff0f14b1b4baf8ef3ec564eeb3a3ed98ba9b8f621910c13ed396f951bbc91ce126bedaefb2c2788a87ef669d20c5350d213fd7c6ee2b2b7cf79231f13702e054aaec2b331fb1f7512d6ce289017a37481d951860a32ff9a4021098b8289582ff3095fdb5fdb73cd5fdab011769860fd67af143bc9d1466554719560befb7cbd86d869ca8108f7f965522d37752182b91db08f69593d22187b41c08feebca340fe3fc6d62c40180e21110e98ce427ce6f9d29dbff765adfd3a8f33c36af1b7731b320b9706ee7edb749d6351cd8a01efaa41354b4eff7d601799b4cc351a728675dbb494ec670be281d706c31def865560f0835ff4086fe2310b5435c8abc13873befd9d9e7278b11677fafd477aae6ee6ee68fd283b7309e3cee12c03e44ffe1df93c59cc9b79d168925bde705a99ac0a747dd09d0c8d497db28cb814f5eb10a6cd1a37dc0446d06b0896adc61864d7e73a66d185743c18346c08ff84fa03155741e691409bcdd4c2e05eddfaa0fdc2670d893d28d0e7be716143f90a49a547aa0659111c19457e17ded3cdb6128ec1e95224ac1f40460005785e7702a5e7f0db81d97bfb81bd8890e4ecd30d43010c051569f54b6d07decfe18ed745476f5a39cb50c143ff2420ced266a99431729c90d1c7bfde8544ef85f2372d44839ab2ac6adbec35d825df231924c12d82e38885daeccac1acdd83ba7bdc2b8777711abced07af219c6cdefcdc83719dc3ea0c7e5aaaf4a676fcb258e5c1309d793ac61a51ce054420a8ed988bf2c34aeef3837f6d6ce16b85d473b9fdfff21b4498efc4ad5999381e1c06062e9d1c1e6c30613bc744a320506562798873517ca123f4c7d986811d35022f058abbf439c2d48fbf103808224daeba0e327579998b6f0f2d54bc846a50588f3c67ca15065d9a775aa882c8f4cfd015f83bfee73de518d970ac0556a73fb559d7d4a1ef8ea51969ca2d08e3adfb1bfea99a6f6e5d6573f51564f0c8d0be3a66b97ff2056fa645d6094e07199389647992643225a410eef874fa9c49c8d57ea942b329ac4fc63cb8633cd3352957f1a020e3a9137ed1c2e1c74cb1180ad9bafe94c814aa6e045e6aed5aadfe15ce9aa66d2f9fed635537053f8af2b0e224527050bc368fba9f69e5074f9c1c05c281bf864d5827ddbc74685e340158487667564bbfc01de2a29af9df480d4da1a8004e115b6465c7dfa5a3203964e21599017cda7486bbcb2b1009e22fd6aebd903ee6fee6b7bfd888c1f188fb6904a39c1e174d6910e6d433377a83ab255991f799d642c820df0af26e404574df5fcc3a9f3c1d8ee8c4ffa2bc0014d67e8bcae457eac6dfd425ea91bb71abb0be487e7acfddde0777690f5a27da029ea21999b77dabc7fc79fc4f15edf0dd63602432d8087b586531e93733d2d84a99a7bb890fd68421a12a2c5136b617393cb7cfb7e7df81840cb7b65780ddc7f73041fc8611b88adf239f59f2dd5e98363e1cf0fd39ef6878d4d8331ed5f1c7d70749d0352714d76387e97b125451154fe33bd1f52aa1a4d9ab0f86aac145fa434bfec30426f921d127ea489453bc56e7e6f72eea0e86fd2a94cd0229b2ec24feca2d0a59124c5a619ba4233406f12a5bb0341bcf657dd772f0a902adcb0c415ff5dcd489780fd8144c5c2c2a6d22fc27dc445d77aefda004dfe43f4b3b54a9078a1700af329d19c490e06466229784d99a589bc0cd135d7581d30de8be217a81e3b8e1952d35de0f538111f47f6a542fbe230c69f247b9139211805ae98d47985f2b54f303ee00b6564c6fcf500d428550f04ffa3f68ad59c390b9d16ba08145422065cad2e5891bf37b151bca75f32ce7f912bbc078710ad2280f0038b468e73e58af7a62b281cdabf97d440dcd66c2735012a6b4d0578a8d3338414f0cb55223186529e6cac28882be8d576ca30c46f564099cbf258eeae5d2594cf3beaab194e50dfd84b4f42dca82305760b82baef07a0f2fab839c16982b5fc39debf87af7cd39dd50250424ca1887bf21346b75614d254bf0ce5a97d46a3ecec5660244352ae60678fd0ffc6845ac1ef0df74e26c6d2d9ab0ae778d4a4bab8f762c7ab3af49162cffb412432c41ab96aab0a976ebe85b7db4448347203955452cf9ed005417b50403c8898234711c72c829d2bc78bef88f92400b8f9f1b4c128c50211903dbba3352292e8d2de97a4a8cdc4b31038b9ee09ab0c390935d8b7043a47791ce0192c9396c3f6d83cf7725ed2891cc47628b8882dd0ae7fe9531b116e518ff692fda217d38f2f8b5b9856ff86646f10af2cf4c08674fcf4039160d35349a3d88f2ea1a544a05b18a3fc536ab8bf5e9cd85e246eced2dc806fea10548288f32f7c1b0364483e62400133eb314b33bdbb6c9c3647ff5ffb03351c248041b78b67324524c45129f82821dfe928b1c4de93c6314f48c7528a4c96a6e5e0b14de3f0f77c640e70b1013326e80b181a1872be8cb187caad62603ed2fee77a3eb0f9e53bf71d48c8c59d0a44c64c2672921ca44b18f6302a3cc696673bd58c772315dd3796e2a2dac059c6f04816faa1029bc729f9c8847af9eb0603bd1386c075d2feae421cc1678c01712a5510ada98d436b5da6a8511f27fd27f042a61b234c0f1f79b558f76829461346e6481be596a69f0b82919892a91b5896e8af01079ab881170bca2319283434a5554e083286082369aaeab93c654d7d99a3ffdea137233417dff45f96dbad9c28343aed3afea03830a6865079c0e745839558dc0c9065ef41bf3a92f417d826fc1a92feb11626d1a7cc01271d3fc8554db6af25136cde2ce496099a981a2f227f9c1cf1736c2cfba1fa772c38421a83f91311e9d791c7ff822a868a1aefbf01c74ee10ab0e6071ec790b62a2e7242e3ae21b29296a6e56f42bb80760129f35ae1392ad373b549dca01141fd9a4394fe7", 0x1000}, {&(0x7f0000001e00)="9b24c4d90588cb9c3c5af3cbf10cd27be9157e49174662d51199bfe05167ea7e03c798284e6adf6d4e9b74b3439c77f38b85f039b0f02be8cf8211347c8081f0d2e0726e45abeb7c43b8b8bf9e04b917cc5cabaf14b0505753f42317a0d6c59785fbba2e83c964e717d234d8a751bf2d257cdfb995cc0681230455b96ef4355a94ebaf54325d2be59ef995c32ddda94df407bb1051c468fb117e10bdbb85cfde63854eeb600597155c768487c51a12157d471f9a68b1904c86d74aa9f1c8ff0af8a669ba906b56ebf5aaa821bc7d4546d2d855d349bc86285da15e2f42dfbcf32c23c5d4953fc550744269a64b3975a6467654aab9081f45", 0xf8}, {&(0x7f0000001f00)="699f1c719dc2157b63149141fb2ae9b86bbe68cc1599234faca41d047572625de0fbe0837567f8b4d208891aee626a69642db52a52a82492dddaddcee1111a04db2701f43e65bce2c4b21e1a5894d41e8038fdf02b01fc9ce40ee133332be26918fa703d251f2a8c9693357c67cf130c35bdf2e09f2f59317009ee4f75d997a5b4dcd1b27161e66dd755eb5c7d04b7658928d275f3b3ff559f0c5c77b41030af1e31b8cdb9c69f90cd810e66998e95c25b1310655207", 0xb6}, {&(0x7f0000001fc0)="850eb02adcb04e5e210517fd29f07b601867f68aba41b00c2c3477d2b9e2a9ecc4f8d05d87031e005a110a0510d83749ee3c65b569db23cdf0eb0ea7058e91df505651372371c8be82b52bc7dc135922f41aa2c9c6207bde6260ec88d485e43582bb04057f4b92f7fdf086698fb6a248cf4d86a6246e537954e9f02f83c86aa14b14ebbcd6", 0x85}], 0x6, &(0x7f0000002500)=[@cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff}}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, r5, 0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r5]}}], 0xc8, 0x4000000}, {&(0x7f0000002600)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002880)=[{&(0x7f0000002680)="0cf0a5317956146a5e31eb3daadff2e04be6cc253a4b2d338acd4e8f63ecb2e4648684772ae933e343e8d1d9fb02aeb9cc155f703ab946b0", 0x38}, {&(0x7f00000026c0)="7c31f2881ab80279bc0f485771719a336430474f40cdded4edc8257c4b1797be74ecff1e65c675f029675536386a6f3d6dab5bdc04033f236899efdae05d70de6ae19619d14c79186c7ea5dbe92a52a185a93d9578930176642e87d8d9b11929e900c597300f6851b65ccde58b6638171b859defa46d12c323d53d27131282c2810c5f5fdd06b476bb99abc539f431ef39eade5d87380e280190fb6e561419f9af7a54f15ebb5dea9a42323792ecfe66ae44386eb663316d0d1354f34ec9c518dbc41607107c7b1ba559f0a27ad601ba09debbb1e8bb53d0e87d54baca0048", 0xdf}, {&(0x7f00000027c0)="a9589b68c095659d757932699f5d782e3eaac9bc51793e93e9e0634be6d763bc12cb8aa2737508386ac630353974d0801e44324ab256f21c705f6c85893301b7eb2140bc0ed4f00e5ebee75bd4577b8e3ebd22fd09faf93bc228d25ec2229b98727efd3b81aff3f1a19daab41d58ae1981516caf1d3b8a0905f66d9d7b670a4fe3ebb408902eb1e9dea54e49d366a2905e1729571819f3f8e6c5fce08d28c5844eef3ad6274b33faf5896f4c3771db81cd3b1586b89ba7ec23b170dc626027", 0xbf}], 0x3, &(0x7f0000003b80)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff, 0xffffffffffffffff}}}, @rights={{0x34, 0x1, 0x1, [r0, 0xffffffffffffffff, 0xffffffffffffffff, r4, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [r0, r0, r3, r7]}}, @rights={{0x14, 0x1, 0x1, [r4]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r6, 0xffffffffffffffff, 0xffffffffffffffff, r0]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xee01}}}, @cred={{0x1c}}], 0x118, 0x10}, {&(0x7f0000003cc0)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f0000004f80)=[{&(0x7f0000003d40)="66209491f34493213df7c693490d386009edf4e2f0a2a540c4be4d349aa439b56fbd9406f4cad35af59cad75a791bd30acf82ca940f8e0835c7d1b2717ed127b4e0495a9458e965e5990fd8cf16781b74fea48a1dd43d56263fc15cc3fb12a00008ee0113884daab24ee682ba37e637db3d12f1f9142ead949de476981ed4e875be4707c997df93fe55b30c6", 0x8c}, {&(0x7f0000003e00)="5aba05ea9d7b86b64123a1aaaa41bb850e8ab2e4e809b94d0d9126e0e9f91ee73ae96372f36809a6123381691e1d5c6b8db5153e943196c97ae7162c7e21fb3796588efbd91b45afe1a2213c22938c03ff477b40277aae4b944a610480b9099d9ba6c798a7ab609664f345a110ca11a4d8f0dcb4174aec0d2d8d01c3cf1933cb0b4bfb18ef252e387da6b4162ccd2f227d3c98597c71956f306c885e35ec87366dd8982e1264875b6d1acb1c85da7fb55f1bb1c7b2d0f4ae4edf358f5f3f09aecd4a57f89d5604fb569b750bd25e753a7588e5d8d08cbb2bcf5c151dc373dad5b0a00341435fe66952e306f708c50d0115a398298b6c7676bc667aa0d84f5f2a09b8e41a8b0573edf79f1593fef55e8e840cb27c7a3f4cbbfdcd1eca9ccbfba50b706ebf31f4b2197e50085aa2ff8cf7faa9ef3f94702aceab5074bba8eb019fee2bdd18f8603a9e98031cc44bbf850db9a81aefe640a38402b0761c46a9e21f7a0263f2ca06e6d54604f587d72bbf53abeea7ce17ff624f48716fff48c670ed8b4f0420b72df1dfc04c103291080d8a3d3f6161aa50f01edfb535cdfb1c79ed4c7367c589607ac29136923a452b95792cf48543b8986e2d00ce9577b0199c451768454bf4f625c7f1302962dddb989514eddfe8ece1e925384e620855df97d543627cc7c87332fcf08ea949b867ad90456d350a360e32415fef907c9e99823eae0dd04169844cf9d33a82a1b7c661da780e4e8e60199cd147889da285657716dd6f55545abd14ae1ef9e2ea094ef5fca699507ff7b6cf5e3e6db833fd206309aacbd80fd1d75a03178a98dd3c953988fad29b59b175597a83f433e2e9c739dfc8be92b86a6df7e4a7a45b215e022ef0a92de64cfb8354f4666de4df81f513fa3c0f609a3620a57582cadb8d1da431fda3a18d98514ef76cc7d7788f538d3fa4e2cb3a3a7df000d1c001f15761871f7835c7b38e4038ab0f0cf23a12f44fc83120f48c2dee182fd221456fa642c2be7535f31d5d96e1035355f2f4f97b10a7a4e11005ce0d1a1a67ccec648ed584011412dbbbf9395de2626879eddf363f9d1a68de9c476ebd6a9f5b2b0c15561d4fe15a60d482115e329bd809c9e1e1c1752e25d006ebe46415f26dbc947001fa9fec9ec34725e016e9e40a3317a65ee423a59da9db94dfde2022414565c0f90b2278ad43f5647b474d176a912a702d9bc04341dfed265e24635119998731d84855bdeb7b3b0df7b728f4b2c56ef7ed5aa83a6117ec1841ae9dd3446ec787df0eed0da32c4ff50b60ee51c5f68583791e44202880b986f88cec906fe39cc34fd99bf94cfdbb217b20750282371e380143a69a7a98b97d95270ef1130179113eb4a3741fc7c2a42d516777449045b76cb2b04ac53913d58b88c1c49f66258601899be4e34272b01ffe38fa1c01ba5faa4e714e8779a14559b4207499fab4330bccb9ca0fee2154e0ddeb6a6ef1a2bd2ff363664a9fabc979372523cb026ba6bd7a56891c05b8f2cdce8a4d40cfc4e94f98d0e34f1b8b10981312da73b47dcf0d0b756913d3b412a212207f11d2c1035a7b49d0867e845ee9c7412151ec33e2378e763851906d4e40faf6aad9b63c0c974f5e332d41cf95cb0c6547ee94b07845e2574ed4b197e3ce100cdc40fda2c5a7421898d97c3b20cd666405db5ed4c119b2a73ef2c3d96bfc52067084a2c6858b88b863b7dfb5258e72051ca6de597d3a303450c761e5b501e91b755ef8e1fb0751aedf848062f9c4d3c6ea421f1e635c9eaf53eb52d2652382f4889b17f57813412e7eb01d7cefa11fcff9fc0e591be7cac7a6153a08e27e05c42c66d30da882d3fdd9bf9c1b0f6d0faf0cb0de97e47fee69985968fd42ab7d8a7a16c0fce7b6641e389a22d3c60de735563aa45e9a6d51ade3be0b14c46e7b767b536094b40fab26de47af1b23d00cb17caa1de81821a95da3305b0196bd1b631a2a1ace14a3acbd9c09587c51b255ed63676e273d07373cfcf77466b0acb4f1707b063a0e5d6988f5f8b04676c2ee324e21a5be9bd0cabbc5dbcee0b6681a7dce9605ce015cd9f6e81ee0ea38905fa41f090cd49ecde146a4dff3ecadddb667b8e215d546d7e26a9567b37a26649fbc60e4267fc009f45f510cd3766e5ab2248ce0c7a39781a0bed8d3a5d9cbf11012636b38db4452ae3a7a7b6b3ef810162152311a465a5f8d64423fcfb89d098cf6d72ee0e54c5c26481da181404961d587f49df69604972f382ed26d3d88ca6c412ae03b46fd705249027b0cd3f2c445e15257f50408e9dfa0345c60516e798ef00f7607939f80c97635cc6904fb00bb76206d4dda180b8510a843dc247acde23f2f1d95c08b8efa36d9a1c14b49203da32d332c5777d5d81a8c188285ffc4be8e6425f9d64819d3d29bc8acc2e888e26e4421e2a91817199a4144602dc97ea93ccebac9e7068fd31247798b2e2b32860a7ed645196bee2c1573e5af88b8b942fe564c928e1b292e313f47fe974837707bfd5d86eb2702218c38cd47f443d4beb8ffeab589bd4a28dfb19cad10d51ef780970632bd66cc0a12f25a3190cd6b1633c8308a97808a94dd2ca42585ba87250155d00fdcec9d0a06cc9d047b041c28c0c913bb59f3a346832381a5d3610bbff4dd42d6b4593f9ed0f920f7fc7512943fdd60b111ebd3b186b66f6542cf733dbb57e283b016737ea335d1e878720bb0c826ff05325a06741e6a10401ed0f7585c56ef197c77f0ad32d0fc758858305593ded291c7c5c982bbd9972d47f47b3a3ae1c4baade5f43fb11a4be3cf92f53a5e186209facbc275bdcb9d45f6ebe5e1c366e889de8ab34d6f1b9ff5dde18020ea71ecfd8220a32b280ce84c5f356cabb3795d87a1eb85b12329ef8d745a376abf9da31c22bcf1bee76707aefd5c5e518d4e05b9b6e6964011fe9286e5a035c2178aa3dad08b4812aff1e547de6d83d2ce16dd06d16f63f52945e01e4be95a4485e67b4fcfe5e1fc5b12a01472d5b740b4a091b753da94621f56c85a71c5711d2260151d1a06077a194c645ef00d8c33e771f8a60b707937f3c68528034c5c6a15e938c8cf0c3cbc9b44b71131da4892a4651c960ac98a3ea3f0d74ec8e93c39833d923617edc93aafaddccf684d9e12a7ead3d69ab0a469b7183ae99bc1826b49b0e958592daf6b747d834fded04e6c5bcc663c210650d31d00a7c1bfc4cd2410e1fca8146c85e92610ddea3efd1e244d1e9e437458f9beb7418f6d4c23f3fa0fd97333d0babe584debd6b276fd3ca5aee07f4d3539d68c002bc835777b069a1f4818edc046b9a9888b89c1b118264040eed0bd46bfb75d8695a16eff98b082291ba96c22fa9e943471437867835ad642e36c6777d2066d352959945746946f409f551a749e037413bb04d9308fbdf2b42892d384e7111a6c747df52c5b24bffb17fc90279604576498eb0be38a725ebfe5f814b46d174288394933164d02085cb8217689ad100d622496abafd3a83117c513468f568c9a33d0a5d9457ae2ddf0089ce4c26d622b1f277d7db80ffe3ec22c33996ecdab52a04666fcc1e98016935ad19897287a6e3d2d40c692b71d2a7b00fa791f051ab7b9238566436f53b10220af65083ddab4974f6ed762c75e2edcd4932019c5fa707299cfa6446c379bbe10ea7a18f7af93579d70be205d5dca0107d1f778739328c5288066a2323811b22cec53dee9eae0696ee200a36b4364fc86a34a57a7acc1bd24ffb8d29eed1973e5ff8f246991eed53dd756f0b69721be46590c000bdf1572a642e9796551d47d5803635fccfac10c52bb5b63af2df3d6d91ecdff8a8c2e9c44b637f43dcff8443b35c8f9956a7354284dbc08cd8eb7a8ee6f75501d0f2f642b7e077021f1ca912de22e4d97d1a6e6982f95e6d1adc94ee8aea7553ba556f2a54f80c915791327faf503a6aa894696585798d6097c247cb0f0db6221661d5f147b09afcef1a0670d361166e93fca6596f3edb3e181fa9cd6f74a16ada792ccd1380a98e532a7dec62ced4ec8306eeef6e8ae7693d89267244d0b8069cacc93ff5f3083ee826dabfdb0e664fd5cba38a313bf63c156862f507060abd7a7a221f9dc2e249766523e6fba74051600faad94d676b60f449cfaf23334c9faf591199d734fd2f650b769d7331952b9b467a0fb67f301a0a692c34d15492217298157adc1bbf31432570f7f4541c89d1ec1a0e0bc1dba4e1312dbb1a3ad9a0003a09caebda5029d3ccf56fe08e314549223eb6805af962d13a6f3240167165fb13e1a638e5bf00a91a9e14a79d53e5a9309eeddb0330b3c7339f91f0ea971beed1180e08b6de6d812d9dd9e267a89732fc942f6c02bdd57ff09657b54c568f383739a0b6f386896bf710338bbb9b878d9c6b9494ff1199723f5d412609abaf91ad1b554f2aa98f6a96bed39bde433fad808fad3c5f1e7a018fd6ea576d0eb7eb516ddbe09562eb67359a6dfb5789e858b3ff190d03ef582c54326d28fd339ff8772937d3a1be2edab02ace46c4c2c788d4d2e895c93ac2fc152bf3aceab8ce5e17a8f216209263ab258bfafa0f4330df893ef39ad642737792edeb2ca9de8745fdce59f998fbca76886f7db40c7162beed8dd7405ae5b9abefa15af0a09eff36904c92d527e15e80290fff68860341120bd90d6bff10a1efd6782ff18785fca892f4ea515a570db34b8752fe7083fdb31423acd9c943a7490bbc74c13769798a394f5c0fd314cce22913648a9a15d3a99690cc9a0560a155f0e5ab1e010f55dcecb6b09ca180692ab4aefc91607454340b12a0cecc9b4141b261bdd1520069a18381d76dc75bfd940800aa4b7ddb92b481aacd1acbd38afb10f2f9d29cb26451858112a9a6923282aa40a53bfdd9b6a6e75697c2bb1aeba801327faf0ecb5f744204d8db9df822e9d6c4f702032a8e89f1a1da3e0c5cb7dc0e1a82f104bcbdbb01a8dcc68d2fc8e89b79d9827d0b4e86f0d70bc154f9e004363792a1009c20cbd087651c3d7a5ac5227d148c85dc3a35b0a003021541fbb7bc6de1540ab785e92776a5191b2063d760ce7c841e0167e8c29100bc2cff484ed0f6918dc8209427ccef0f8739f317643e6b9d03027cb2abc8efdfa70945f607516b637b0bf000f78b4cd9a2491609bbf4059d3861f6b8867bca91c3cd6557acca56afe7387c53355c091b67ad3a2c6eef8c441589f9335645a2edda1b9cdbfe2a6fb5e6a20d03d9fe3251b091453f721b448ea57e243ff0cd1a2601bb300461dffb66aee7ad7b63b23ca5b27c3a758266e4ce5de24e78eff3ef4137fa17f9a2b0b12c6400cb15dfe7dd827f90e7c3ed667c15ea7afd1561aa2aa5d0a5d54c1d1b08a2d6c61cf3b5b038aabd7f73d4903f047e6773d824f5aeb91d2e56f0766fe11629ff35542a51eeb2b623a478ed1133a757e0974b870f282b118b6b9ea7f6b54bfb1652955765a71c8a99a7f775c0be5ebaae0f2aef81b5a42f5a6ce3af0715896c4da1f1b342e85bb4f79857d61f1740d3e98e4d121cc098a8c8b2fb05e024240714ce6eaf4b8b661bec1acb1893341d45207b263f775908e2e4ab5473281b645d8b8ef3736c9591b2c0eee88f05019efa500c85a6aa6abacc672132ab3057b6629fb4d3f12ca78da6c792246ac910dc8cc7133be18676630b725dcd7c37e424c6205e4be00c61cb4d1883e7ac01a36b0c9a4fa38f978ab4e84e431be2e4e0605eb2acef4e9ae2ccc44c72e867f65db044a0b08cb3eb0c57fb55c86b2bd5d2bea37d32c35c670a7794b", 0x1000}, {&(0x7f0000004e00)="a4d24e8283d19c3de2bf3b8e0b2806c54eb2bc6985cad44f698a7f4e19eab247743709ece6821912c484ca2ddef83980bbbf8410fbb4a2fe6b0092ab05cd4b7b8c1842a15e219dc3763e2fb6dca39840f828cf894ee911436399375b1c3f916c266bea0a81526364761dc8c1248db5319e989c5ab0d410f5dfc6658802cd7c2b8b193b8676ff831af4c5c6548bc06d4efd0607519f6400d7d31e7345d0", 0x9d}, {&(0x7f0000004ec0)="e9f45e4eed4866d5a7ce73941642ce9d1251fb0c3c54376613d8f91caa8ac7a2c6bc4384a401991a235bf4fa568b56fe5d6716941aea7537d8dd9ec758983829dfe397f15ccd6ecd01ba508ce8f8c875a47e1c46f2c4e3be07627a21a67803ded92ca910c95cbbbb340564baf8ed3101c8b0e415c28f83fa3c5f9862881aa5449cb5741b11349b2a6a0b34dc58773f741925c137594852556ec70e7505d6358384ab076b873836f1585791659075d4", 0xaf}], 0x4, 0x0, 0x0, 0x80}, {&(0x7f0000004fc0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000006280)=[{&(0x7f0000005040)="92c2a28135e54a5011d52911d77b2b9c70aba7d9bfe7e6715ba405123c8384473aa283081139095b2fd0076d9ce4af0061961bb848798016cd113ecf3f711445e9843622a4dca9ffd1000831b1", 0x4d}, {&(0x7f00000050c0)="9ad3335a8d5d303156c3f357d054254d13efb82fdba46727675fd2fa247c021b3c9439d0e47d7720084413464f7656bb94e345dfdd838964396bc3eb2e5a49c1ecaa0d80977995bd060b3f7406b147e8b82582fb266d9231468250c75d1b780c16ae1abb8151ba35433768f11cfe61aeb9bcc87d72e8ad1d47b9d8d393a2ba5f45df2985d996d779a487febfdaf5290b43611390063347c4d18b89f3e0af963f3eb36efd6200d1dd17f7127983c720feb332f246021df075baf6e9801c119d231766110b0bb433643bc41c9d48e16712", 0xd0}, {&(0x7f00000051c0)="6c5d8a15c4699524c0d2c1937ffcdda1ef09a3e50f287a4c9485df850e22fe5991f6782f5cb9665237f70ffb622ffac799bbdb37c63e636c2e9d9b36b722fd38a978561f54bf0cf492f06daed52224e498f5412d69f5e38b5d136003781ac0ae2d95aad102e17693114d56c7f62095ba18fe51c95abc0c1aacdf8da93609537fb44f0b0eab00d4a852c602bd833def8c96d4208a3dbc0e251784a09f1c0db0c83e16764c11c19935c55932937c992ef4a05a11af06b67fe2b8b62b94172c", 0xbe}, {&(0x7f0000005280)="402a23c0726cfca23df63b1bd0261f1bf38154ee3cd56a621f8ac05f9bfa6ea203c6bac9ca48f8db2a68dce38d362c2ea69a7f788f5f3b8536902caf58b3917c1740918cdc7b3836c20a18c15a70df2d346c001b9a9f18a86cd92c1ab833cffa469a087584fd2bc53300c01bc286403bf3600a2080ebcfa66a955c8d25d17cfc7f062c499b687444aac838a663cad7f8915ec77bf8c41e301574b5e978a52df6d2fe9c5c3afd512842c260640e3679f7a716c19f141f46d282619bb17b56b75ef5a8519b5ac43dccd7155d430a3dae0d127f3d646ef42c78a6eb4fd173f51e683a3b47f19d8e084a9386bbdcb04781acbb8d975555d4df843cafee285fde0ed224e375e871796b1113ffec80c1393445a4d5e72acbb1e1035385dff3415221458886b39b718d9dc87d9796d70eb6b5f0f4bdfcfe01333a15da8b1696a056b39f1754b7c7326832cf28f1ef728f82396b13eeb93513da3a132beb165c226d00e5617b30d2a62492f85802196bce263131fa17781f6c9677af8d53fe744db4cd4258e3d6c417696cecb708b874f436dd87b0b26a670eb805bd2511da563022363582a72331101d84f0f1a9f4b1c61994369ab70ec5d68692d607c7d0826268c76f6fd6727a0566573de17ec4caac43f0733a2d6e90fec6f3da680ecc804143e6266332d3fc7062861ce555c171f5578d14aa68a53dd529eb1baa97ffd69d5e7416578d9078cbe8e62cda03a60ebe19f70d23ee3e31f48c254b9ebc36f6d341ee8350b381e7ff7403a70511091ce3cee9f56512c36fa996a421691db4a387d6f4cc6641cebd9736f893486e07afc594f60eb0c65a6d461520e9fabc091c263cad799636af2ba2107c78096607e6824189f467b6696da81186b1821862b4653dc934f7b5e143686572a1186a368cab79e373ddd85b652352efa27ce4b7112886b2f4c7423f46e347eec7c73ed335c60f4f6aa182c2bed028c6f0ca1ec4ade49513dbd1a32c92c2024cc5d7c8e39209a3a3bbd079f7f366d50dc1d33e0be99c283f6f79667709f8730a9da3a0b42f4a183b78852badccc08f939c919a3e3917224e5f1347c4df3a26522ddd0bfb0e0c16551b2d182ca59812bb688e76b521647677edb5758998f63259fd60fc004133814f01028d18efdb2becaa9354e27c1201362331ad0461fdb1e138a824fa64ea0983b05afe96249276bb35433696668ed3661bf126afcce7b22634e9e63cca565b81524e7d617adc8313d0fde9594839a387117a1a51dafb45da044918f0706b1b2dbef2f4b3e276a37b4c2d2e00d6e25f19fac8949f8ecd562117946c56469361f2c5e3817753211d5a19b3dd9af5a3c7f5b1e5d15469e263211ef3e48a92d415c60ef349c298293ab2d918d53d3047d6e6fc9fa63d0e5dd2c1c4c98bb300207ab0f022e4ce85c2fe3030af7ef6e451804dbe1fa85dbee945808545864c0553ac58e816210c9b66cdfd5af5ae8d5e76d486c5f29f93320bef4f9de75341616455e9b11a2405875fea0dc10b2c7c41841aa8b334d68a89526248d2ff54c6d8d49f16e18bd6ebd98ae9cd8cd0a7fb97c35f20db3deb77620d78a39639e945548086e18a093057a4580cfdc5f020dc100c45ded206cf6560eee02a19e107053c162299ed243e89fb71a0674321fdbc774760e894ffc1b24a196f36c3ba34dec56ad96dc9c12202e6a3ee401cd39d897c8240db88fc92ad19649d966380bac41d362cbb5c674f3ffd7a6814a4375699efcf9e4abec3d58d2bfe9bdbca434f62e9a92a49c3d4fb0c61614c743ea8819cdc87d36f7832612bb1ccb1c6f76f82b3bdf3a1ebef41e1672de7af364ba30a33319a67872a8b43b3cf9eb292d423d84196021a90563eea93f90718b122dcf33cde8aa4c46218922efefb6a88b162bf5cc65ac0922ddee1a24b18e6feda6d3e8eddfb22ff292850b626ffdd17aa97ccb608ad197b4df46a900f74c8e1320cee0baacaf77396ff92c84ed6b20a5ec1f16110925b46e1601ebf418bdb8abe6ec483173e4d46ca9b289f86ac53d810671b61a780cb10429396e544c1d5a479fa519b6d99d1f45fef70eee999ca2229020f67dfd704932a065e0d8a9c786d944cd903fdc1be3e3676b92a3a42546d5ebd27c7040bfd5c3cb377b803ce79e809f944254548c32412587489dab8826308abffc7303e799952f9aab54cce27ca79d50a775685e952d1c0964a499108ce292f2e9c074761757b734edbdd09518caaaa6009886de8172ffd7cf8f0cbc8dd7bae8ff35d583a95e647e618f0fc2b9a382f59a3ae47a87eb1d63ca08c90996b4460ba43e18a540b164a34eb1cf3fd370c59252b2ddd33de6dec879c9cffc466c8854e4f70ffb4a98ebb051a2739e474168b3e33e52a3b0e7bb8eaa712a4d4ae8a12349d57b7542fd2a186022a7079dfa8b763b32507a0a64e2e0af9f2bc646bdd633fa61bf37a5bfd8f471447f6968f1349df207324b6d799fa6cbefc6ac7914f9b52161a1f5aac627400b49cdaaa978e5b7a9f0e64f3925cfd65c1d173053ca33ed809901eb58ce5345b5b2cc8f89f36a6347b4a71190296e5a6c319e9658a4a349927ae824045ba20ff93c4b2a6ad057fc81e6ca591203950017ad978e51bd0f90d49b3b2b7acec2a09dd593c400786fc4b6c7b30c7b2c8487297e4a1c2230abbe217974f3297bf923d6a873bc6e40f4e94ebdd48127e9659fe048acf85d15ae59abc2d476d8a1d577f80a4b5b0e742bbc12cda14c317c220e9041591c295d6d5e7048da6bc68ed5d5a35c0f8a2ae1bc8a0129879b77d572257ad0208872476756e6b613f82ee9ab8bf196dbb9e9678cc6eea711366115b8f5896ebfa01f55104abefb3cf6b9737b7b9ad4ad7f585ff141e6a55686525478b148761efb3baffaabd2220d9743625f3e3a983a7187f37f5da45a26213157c562344f4f6eb22a1460d14534e044308f4f231609157f9d7243796e86dc076bc744b3ad5191f046a2c46cc296a02cdd3b00905485361ef15141f529176d7c90461b3e395dc9f49b285c37baaf5c91aac72fdbe660b6c3cf91433399c80a1035855dc87fb900af0143deb9c323fbe8df2e534db0edb5b307cbaef2229165f9d889950704c6d932b96d1af1e8514aaaa5ea838d901402cfac43079954b36246d3f29fde7c65964e70fd60b829cec85cdc88c0e74a0ff3f947e9ca09b49941df0da22555b193221661bc71cdee925bdf4cc61aa7fd0d06e17808f379019eedde650225fcc511e85809833b17622aa9737c7ce8d3ff7dbce5c72635ee229c180c3642fecd666e712f6e2769bf5381dbe11a5c46b6a3b8b86ff6c8167813909259e3d74b2ef9b2823a7942a3b52b6431923ebbc28e71480b1ae5fe4cc55311cfc5fcb3972da784d8f052ded1db0714703bcfd5fbce0ac8d7bd6efe7010decc3f75f00533617a8cb96b770933be2bbdcc65c2457e8a139a13d0f70dc5b5742c460f8def35f0e54f4f72c2a8904a2d4e0c24bc79176aaac8d741927e13d2a4f4dc772f2d0401d7bc36436b6a74711e57ecde4ff7d9384238c3e7336a3c1e9cbae6a1b26c691984426d0997a1858cde3b61f3a485aa3f911c9196322ddf3f6f3ad3c7f15b565bf11926545ed6894c537d557ca43aa5720c4f4cda14839464af0d927ee5a1f7b90477e0045d1e0cfbf21abaf1b7b23495991047e8bc251610c099f2e19a1fd5b57653c80d70317701a50a5a15d56f622fcc691ae22bcb39591ba1b6860afff438ad6c73ab1591c06ec2fa6522252aee2f58291ccc6fa0732c013845d801321a4b1d698b01d1cfdfb545cf1060053f38497a900c56edca82a244f7c5382d06f92beba58a5a83cb6a985c1449233a8e7f8a861b5e30c404adb9618abaac7ac7b750c874cd7279feb5de820186874e5f08fa729e8005d4be9e0e3928781253adb048e152d7c53b1213ff429893c5c015ba19f74a0564c54693a82e44253a7d398cbef66a4f5af35d2fc790b9d579b284e8f66003e8d2a7567fee0fb5c4396f441921e7928dcdc7754bce23675a6f07b68941c8f86127ee1717b18543f9c8a3dd07f628cb36b9a52df304a32c793fb7b4b7d2b27d35401663ba88a082e8bf17fb5c3741a4c1147566e29b73b51532f2f3d3f3b66a523ad14b7ff30adaf69b7523e8449dd9488af3d95fd6bded19502447e8ce03c5c971c9e847f355e828f437505e220c0cca75a9918fbe06768a03f3ff957a63e6c06058c080cdba1bea45d6c1bc271f5f1ba11fa5efa4cde1c68a827695b22990323c60ea0f94aab187868c71b073773c09f71f087cb9cc059e3a57d237d3d30533cec2f0d7981b889811a506069f6946bcc80d5580b0f62a78d1b394a43777ddabe1c9173fd4bc6d2104a6b696c0a2a657543d2bd79e35ec941421487c6b5aab89c127f393d8791a191cdb60c01d8435f208c97393e5fce737ae4e4e0c9902ca5178e7846d524f86e46a9b0e00b8fbd8d18416afb01df5f60f9cf9cd7d58769e8ee5a809cb819916340ad4eabcd86b966eaf48de37621db5dcbe5da9c98164e5b204b009fa2070a0cea37ff9fd5f11dbd349b330f9ecfdaffe0e53a9802a9b16eef640d2ea9b5fcd0c94f3f83832e6e791d5f2193f53c81f4e1f60c4f114402c2b8b5182c1e0ed13b9c7cc9cc1a32ba492040c40af5563bb118cb5b4bb3b137382f7b191aab1a1914dcb4150fe23896d5fb79a3d9923bc64bbc2a024808cbab77770ccab1ee24bb0d6e3a96ae56cac454015d08ee5b1d642e46f53afa1095f22ac2c02cb3a10b6adfee7b1e1816dbe2270b4d34bf2e6611cdfe922858ab757999ac74f5d1bb23a1221b4e7dafcf2f3421554c6074bfe0c24f0a6ff83f470bcd4ab88ea868dbfd3ba2f7ed112ef54fb045c466ae3c7fef8f3853bb15e2c85c0dcbe5cb6509fbca6078e708b559ff24c9baf6732a31e9d4ce9e0765827dcbfdc471bf9ad7db99a7fe66f15f9bfd0c1df5c3b645d237e6e5074f00f88c7ebeead39126321721c3a3ecebab33359198eed98b71f64a1698fddf673ee1fa55ac578f5265bfc4434053d8cbf58ed13d6c737ddf93c89414fb1282b9541bad6cb621a49dda8881b0b534fa6aa92946c4bafebd6688716bc5fecd4023b596a3f2d0f0cde71b10fe01390635dc960e1142328456929bb347f75062644e856c9f9b56462f1e143b5bad41e7ef93e84ef2924e3fe0451a82cd01e11eca2f3e5498c0274d0af23ee7c05dc085b3d29975d8644a7170428e8b4b214c39c77ce50b75d7e3a0084c5844a0ecc4119020050ac817bb0bbc2d587c05a468ca3edb5ccce87fea2bcae0486eb90055e2431547b8468d0c888addb22996d9baf907f7368e3670857505e41d37e28b51774848fd4fa359057750bd86b4158e429f00b7d086d0cea8e74afad67295ec1da209ca9e3e80d046c915c3ed99ce62131a53b9b13026d4e61ee26c44a0f73dcaf7e34b08939f319a249ac1fdfc1b77ec3729db61b5795709bdc1751ba19e8ad3cf08dd9f7e62bd248b3aee27df1bf35875b84ea8f25ac4f36abd850db5cef212697740029a7c81d3ed1c2a97b815ede90732acbeea97fb5dfab75752e433bc259c2b3869d503ee8beca10c5047d61b7a25b4fac8d470e9fa3c9c3303ba3eed2db719b6f804248bb3c5c8139a8c03ce53d5df8fb22d63748c34a469a14e4ec1c70aed5a29da7cb8af1e4d202da8e378e017314d843ff78d99d9d3436b5b9271d7f69cfee447bd2cc035bbc94acc74627ae0b09c0313326bb612433589ecbe1159a317e7bf86e0", 0x1000}], 0x4, &(0x7f00000063c0)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r7]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee01}}}], 0x60, 0x5}, {&(0x7f0000006440)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000007680)=[{&(0x7f00000064c0)="0cf6d6466ecd944d639fa276f56744c9d8905bb7b0db3481ea2221118a3653bf35f3e130d186af29e2abdab1ce3c8079ebcf634face7d38c2205902697b2febe40b405c43f6c46e489ccd5a206897f68dffda593fd92b6ddfafa665f30437a8793cbd837b979026a3a", 0x69}, {&(0x7f0000006540)="948c18e8fac381573b51578dba10dfb967655d654898fe56c1c1eff63abbe2866a216657c667ebe5235b526611754977843b1be3cc92eef8055b5382289d5800c49a9eb56143862512a67ca308d478e2bef6a1667b645341f5d4d9a14359c7035524a01b6659ccfd70e2ae2b886645c9618bdc5b5c743621028313f021ef0c5d6a4aa7cd7afa5f8a2c910737f6c7206c56dfa255c1b2add0706bc8b191e7f582e60f392a3ad859e07a9c6e1fd439d007fc33674e8dd1e6a784b8afd125307bb3981f697255390a04e1b76bc14b1202b7d29160ff7daa089a279ea61e2f294a8fb48857982d22978722cf10304ddc38bf132a26e210e2cffd1c8fc58df4529584fccbc0a5cc4014a41a3f531be37774eab711e3f936b8862b170abed7d6b1410469767a26c384d54da87e576b690b760c39e43b1c50751fb46fea4302138a9f6ff2a936c4a3fb5b0645032a642095bca1ee11a9297733b677e6097c67df3a77623955905a0d25ad54a62cb0157d3a9629a152aeaf4ef352c01126d9a32aea6bc56f72fca7640854114cf91cf998ab6336c7da4a67cf5b2f9a8daef0a3016819806b5fa53884c31d7b88c498ec7beeed2e0cfebce0b7e99b162786035bba0fd52d8e894be089e1e26718c5ea367e1b3a44a090f264fc9d522e6d1eea148f9f67867de79f0864c2f104edd6fb201bde2b6fb30cf1638f03690555b71d73d0ef532e2657f3ff736c9a7fd85011afb0156420bb508af599ae70e52bca6835c6bd294326378bcfc899073213eb97e1dc67d8d8b66834badbc94915b9ee63e0373eae7d95b84d1b1af5091d4725c73efc7ae9cfb26d30ca8f7b331480486e658fef0c512d07f9a4edf98af1c83e973677bef3dfc897bad8f20c7b6f159623ead15fc0004b07a9741739d9751b648dea197462ef018a56c93953005a6ca07b4497f0ab28d0668facaa558041410952f877794ad8760dc5209cd70413506166db4542f24352ad1a223a84e60bf9d6b18cc2ffd936b96ae5a755bf03e5ea2cb60b258b78a58e485d6c5e5b287fbf7555e0dbb00bbe66203d61bb11936270b5888c071060117fed372c3ce8e3e3a2c3d7f1ada1f64f628da681d059131f38882137df2bc9fc4024c2df2fa3b2529d978bb448c975fcd48737087ad0342fd1b909c60a27f68d610e0161dd72516ce4ca1fb1bd70fdc1a8bc9b5efee9f225ac0cb2bc9191ffe59b7312fc0aa4204e54d36351dd04dac3631100305c7324a2fc86166de7b8c35d5542bd7e5dc85923ee6d018cf6476bfae58724fae936ee485f5e66a174b8e35598374ef9c49559465d97049bd9549299397a9007df61cc674bbe703132efdc842d0767d3454a2caa400076e316dc6c9396005c68168c44f832d27adc772ec548a8b5124ab0aad150de06254eb689c1407fd9af2dc78df6b52eaf185748f530761d0b58c124d98d1b2608a2037bf53f6c103ccdef15d8fe0b6aa61f920082cf85d9ad6e3062b3c02ce422bea0521a70698c3288bf7c82d2207088ab1b53af50f2e374909bcb6cd52206cdd924a53597aa99527290654678a623023defa1109e24199bbc0eca9869cb76bdbb63d2f5b1ba352569abab7b8a4b18bd08290f074700fbeee1c8ca64a6378d9367f2d4c09179c58afd9948a6dd1211524e38caa5c501b233a23ef0f253356d279d621b5d8896c2c902de75f7aada8eccfd948be6a5bfa1321e7d006a5295a5e2f4e8f026cea41ce8e05adfc1b9414063eb4843d7dcb89b407573a2ef015f5cbfbc9351d91dc6d2fe7e4c9db0043ef05a4bbd3f61b192a70f855a8347ce38bf80a890d193cda783e22cf49928ecdd7c8de4e8466d3991192a5e0773fce3f7e21c32e291d9b988f0bf54c3f06598ab589b2ee42ccbbfffb1e99ee61ba4019296c66987cb5e6db61221d54bad5ece45d88e5ae13505471797d17eae79492a1a69fbf3eb91986001b2c01d8c67deb7a15498f49b8f9bf1f2dff805984f5dcd27e3a47150f384031b8833f75c99fe9478f1965a721acb4df288c7ecda0b9912c2dc31030ba9c8676ebe4d91a028e318ff4220e32ef41a43230ad5c60c839545feadf11eda9965a909d1a1627bf1250c4f1cbb50dca0b38423e7da673d2238e4a8af42f0e190afd1c23fbf3a5eaa903761bec260314c352fb6fd21f843e1f7f762d5f5f52411d1fbea0c371665bb50ae1af62fb2da7fad18faaeeab6723ec5d32ddef371fbc4b300cf9276927494b7f416c95cf9a9105622623e0209056dc1b677b27de9e46ded0c3fd860176574115a3041af1db27cfbd58bc26be2f9243b79f54e7b92d5d77472585365c09487775495c0888df46e601d39ae20f1803f270a9cc4133947b5ff047e2468b7821a217d3eb08ebfc4004377e78f18cfc2c86e219a45cabaffa8b175e645fa575120843f36c51a20a41c48ed80097a5b5c3991af8fbdfd84b623a6d57949738171870de15ebbb61b2ee1e066a5f7b26a2cdf975c99e383ae249c322d4aade473afe4004bf6fafd7bbb8755b184f5e2fe2a51fdc5a5895b257c8fd4cbf17fff006e3a8bd1852ed38a810ab7919c1d2ab517cf0ee554fdeb18a2014d5235e38f449533f8071490c93bb5d2a16b9c1007ea3464951750d686ef4b832d1cf461bd4ea6b67100a6d1fd3a28461f7fb34f5dba9aac424a19b0ea3fee4549a2586eee607b221119f6833264d94210068c82b16c34916a6f36b1f36b1fce27e90df803e4e1e6d8d36238f2f8651275ffb568c24fd3271cb3130419158a236efa8a0865647c2196b4f9299facef05efc80db8c4a8d09a4a9ea831b805b23c7d499f412706c33af1330328b29913511598b4714f0bd0ce5535c4022d060fb2e4fcefd8ee0e032b74104e303df5c9f0ea24b51199bf7f48f7c22827fd082483eec46fd18683270d6afd08c66d8a1997d2f8d6c7450c830380897f774dad23e7b4c0623e7fa5a63cdc5e01104dc8b9568571390f4acd67cd18a0b65681abcb64a364ab5b4a6694c59bf7d61337b73c80b2e41a1659002f9dadd3d69cc6224cfa42098ceb66c276ea5b5d404963c5be9b5e44514324609e41f63ef7eaf42e298c43e09902152600eb86813993ab9c7b75f0892710010851a39c4f85e021d766521eb5d7167f27c3e4824cf5c222cb9286f8f9bcf5ea5f88b89b8c0275bc74836477471b7279583048efdf5f31bead731259b6f7c032a746eb448ef71761fa4f125593bc1c29d226f24c93e553c1f207532acb8c07a7b1d7724c0e5519eb3d9e7a65d169af68ebdf03872d874248a1256c706fcde92de3bcb9bdf9bb064a23adc06c4b414948b69490e5de4535937b8e034d5ab715a8ac853e99764185bf7165eb84cf1f1e82f9b167190f9bb3d13c32211527598d5a75b7918b41803238b346104ca4631a16c73bba6f3302a926482d038bde26b6a07d9284d0b05a2c6106c60cee9327e088b99497480acfc125a900caf7dff0a0ec498a9603d757bf82f61fa992e5eae55ea8bec3a34220821b4a1e85d2d20435d119d4062f9bfde0021011db295167ab5566819ad1910f35d995b7936a04cacddfadea9ab82591529cdd7c9bfb67affba4138d1ebea7c6ea0fc60cc4110bfb7e6bfcfa43a65f97ff694c15754db4d4f16b24d26d264638f4c5da428d4372892d5839852aa2305e4048fadea2b510b0f5f0f01daeecc0216d9f5d74c35820bd91551985e9c5aae1723ca22d73003c32a624acd7f94ee7a67f7b88614f0f3ae0b9dd0241a929413698bcf5bf20e584f9e0108183218f9307edbc524a1908226ba9279acbbc44eeaa4f56492fe2c4ee1ca65c47b96ee2d2c0a7f41a5c4c7d27a371aeef87ad38ff60506cf10ea42ea33b3a07800f268dd9ea8e77be77d18dadfb44e58e466b9779dee7a56844608f5ebd6af84704306370e460a5c0ac70207b958b0cf4a878d9c97c03630222fa730306dff4e099701cf1b93def18536d242377b103f5b72a6e4388e8c276192b7ae9227aa62ee17c909b22b9cbfbd20e6e0aaabe50f4dc6df929bcf569493fbad55fe502868982740a02621deebc0d3859add0e29d36db623de4d88267ee70c956153de6637c0bd17dabfda36443f5573f8c44da57fb1e2408a40091bc1902c72079ea49a4bd05c9d6b1847f3ae162308fb36e26c3cd3b401b4a9951106a12b7654a6bb360bb2ab09b89243dcae54d7c3c7b03c552e18652e424577f195a05e11b9d46266b5f56a0bcd3b2328c9f1324cb883096b0be129a670d0b2342becfc375f1c8120b2149b69e9922052fd26bd03eb6155ee78accd5e0be9c45666ccd9a04485c1d44a08bf182a98aa1ad64cd19da64a4f3297f769c4773b13b330ec1e6520e08d659c2b95a6c8ec6a432e0fbecfd7e1ef3947b3410178d7b24cadcd7fc60d5b5ff25d28faeff095f958a21ddaabe9f2cc4b070233a9a9c54fffa6a57089f08a874f62a55990a03cfe84974b382d55294a8e35dbfb13115aa67ef7ab9420c137eb0ff2a69456b4199c56cffa7453aaaa6438229e7a8fa35f1cd7a1884184040a85e17e17c27013db738af852d6bd822dbc1cce5a5f05b7cfb60dff8594db96f2228712adbd5398ba3d3077ba9151bfc562328ac0980e2f36b6f284cbff8a9c569411833e0a12d6ffbc7758dd8d8e5e19aefacd7dd8da449e9784e5eb42fbe5b5c71a6a1f8afa7a1669160c3b84bc2a7ba0a0dcb4dc3f0e3f9f693bb08fcbc169eab7438a50475310229faaae04e944e53ed65a02e50d34b766b0c77408b4abbe9173b99ab9880fbee21e5774df877f561c1f4cd4b68777b0cc398ad1b50adc57f21a449e1402c53d944174ed77c2c17b9ac6aad54c3dd92eb915e62a02d6cf7cd3ad7c5d94f4d53cf7563c288274db6d2cfa4db97636f2736020eabba7ca41fac2dcc049ef2aa5c52e0898750ddc511234694f343b90cd9bf1f27204f848115093f3dd8b6229c581f60a3d55098dafe4979248f4fe3793a1d60ec0a43ca8e0545fae02e76df326672a6518a7d4fac17ec2c0f5374fcebc6c10c3188443d225195faabd7887816c887b45e9cdbf1abc220af532df4ddd3ff217feb65a4d4e808cd256a636c0996a3168695a6dfd484edac4f6a86d20d11815544e7ca6e56405c615f0fae56cdeaf550a53e77477e41601ad1a1086e8c561d41558db2115140d312a66280bece12011dba2765c7f6b452b8a8a01ae528b4dd8f0d52d8342a8b34ee136e2308c152a3361e715a4e9dac8aeb62b50cd5f0ddc97899523bbee8fd02b6f7a2348a976ccebdc123eb55781cd1e45d9ef03f398eff5b4d4ae190f0e66d851a70ea8c4ebddbc10894daa224d615beec9cfc89e73746c00fda5d185cac59ae48a38dd5ba241200896094507d743548c824c8d670152433edbed5a2be905575040e8b7b7539a3ff70915ff41c5ffe1261df51c8e3f5122967acb7ea9560ceea91d92e022d6977d229fb957ac0d03e2cf6d273e44efd02123ed3559e8899ed2ec4834b28ff7c0d49cbd2bfa25337da4c0e36ec3bfa16d36e9f04f3a706da9ed1c1729ab7162dbcaea11945fdd4f9fadd1f72af43aeb10bf8b0752f61830c53fe2ce1451e5b5ab6078ab83227c879de2253b39c74db0dc80f4296b1e5995995a227fc61a456ecccea5d10a03336de5fc4aac4ed9d01127991556e3f3c033d9cf288a67f306b8c6843739c225dbd07a019f0c7c5ae6ae0a86d206b34080e1ca45096b2754cd73b06bc23d2638465137f2853243bf044e25b150f351a11f59d216214cdc2bb81cc6804bd750fb368cfb39b", 0x1000}, {&(0x7f0000007540)="44874ff9c32690e0e37532683d4f3a9673643c1573cd3cfd50c493a9480e2128117c6886d7bf333e5f09c516390c24485316b470a863c950a54b9f861a3d17f74713c63d197b5416fdc5a5ccd5f7e5be65", 0x51}, {&(0x7f00000075c0)="88cc3ce0e453c8fa4d24ee66788b154f3c9907bd19e6dcc61f4883deb9da51c8928e575503e671b9a368b3b35230ddaffbef5426886825db3d310109695fd15e6e4dbade3026f97466432f6bedfb732d21781022f17409f105262a83bbaf033033b8bb3536f156f64492a38ca8e4491c76954cd14de8f1f5b38714d087000d17c7de7ab9d2b499070606a2876629a0b3a00f5e904c8268c977cb87aed2", 0x9d}], 0x4, &(0x7f0000007e80)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r4, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, r0, 0xffffffffffffffff, r7, r3, r7]}}, @rights={{0x30, 0x1, 0x1, [r5, 0xffffffffffffffff, 0xffffffffffffffff, r7, r7, r4, r7, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, r8, r9}}}], 0xa0, 0x20000084}], 0x8, 0x4001) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:14:06 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b46, 0x2) [ 2569.145554] FAULT_INJECTION: forcing a failure. 06:14:06 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2569.145554] name failslab, interval 1, probability 0, space 0, times 0 [ 2569.148711] CPU: 0 PID: 16429 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2569.150370] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2569.152887] Call Trace: [ 2569.153494] dump_stack+0x107/0x163 [ 2569.154331] should_fail.cold+0x5/0xa [ 2569.155189] ? prepare_creds+0x29/0x670 [ 2569.156094] should_failslab+0x5/0x10 [ 2569.156956] kmem_cache_alloc+0x5b/0x350 [ 2569.157872] prepare_creds+0x29/0x670 [ 2569.158730] prepare_exec_creds+0xd/0x250 [ 2569.159659] bprm_execve+0x1e3/0x1b00 [ 2569.160508] ? get_arg_page+0x153/0x200 [ 2569.161411] ? acct_arg_size+0xe0/0xe0 [ 2569.162315] ? open_exec+0x70/0x70 [ 2569.163163] ? memcpy+0x39/0x60 [ 2569.164054] ? copy_strings.isra.0+0x492/0x690 [ 2569.165065] ? copy_string_kernel+0x3ad/0x440 [ 2569.166096] do_execveat_common.isra.0+0x524/0x670 [ 2569.167178] __x64_sys_execveat+0xe7/0x130 [ 2569.168125] do_syscall_64+0x33/0x40 [ 2569.168949] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2569.170113] RIP: 0033:0x466609 [ 2569.170809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2569.174885] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2569.176548] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2569.178136] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2569.179676] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2569.181221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2569.182803] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 06:14:06 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x8000000) [ 2569.193743] FAULT_INJECTION: forcing a failure. [ 2569.193743] name failslab, interval 1, probability 0, space 0, times 0 [ 2569.196610] CPU: 1 PID: 16430 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2569.198408] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2569.201319] Call Trace: [ 2569.202028] dump_stack+0x107/0x163 [ 2569.202879] should_fail.cold+0x5/0xa [ 2569.203852] ? create_object.isra.0+0x3a/0xa10 [ 2569.204941] should_failslab+0x5/0x10 [ 2569.205832] kmem_cache_alloc+0x5b/0x350 [ 2569.206795] create_object.isra.0+0x3a/0xa10 [ 2569.207818] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2569.209005] __kmalloc_node+0x1b0/0x4a0 [ 2569.209974] kvmalloc_node+0x61/0xf0 [ 2569.210781] alloc_fdtable+0xcd/0x280 [ 2569.211584] dup_fd+0x71a/0xc50 [ 2569.212283] unshare_files+0x16c/0x260 [ 2569.213085] ? __ia32_sys_unshare+0x40/0x40 [ 2569.213992] ? rcu_read_lock_sched_held+0x3a/0x70 [ 2569.214995] ? trace_rss_stat+0x174/0x210 [ 2569.215844] bprm_execve+0x123/0x1b00 [ 2569.216626] ? get_arg_page+0x153/0x200 [ 2569.217449] ? acct_arg_size+0xe0/0xe0 [ 2569.218274] ? open_exec+0x70/0x70 [ 2569.219023] ? memcpy+0x39/0x60 [ 2569.219699] ? copy_strings.isra.0+0x492/0x690 [ 2569.220635] ? copy_string_kernel+0x3ad/0x440 [ 2569.221574] do_execveat_common.isra.0+0x524/0x670 [ 2569.222610] __x64_sys_execveat+0xe7/0x130 [ 2569.223496] do_syscall_64+0x33/0x40 [ 2569.224285] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2569.225367] RIP: 0033:0x466609 [ 2569.226067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2569.230017] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2569.231572] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2569.233041] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2569.234527] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2569.235997] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2569.237451] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 06:14:06 executing program 4 (fault-call:7 fault-nth:35): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:14:06 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, 0x0, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:14:06 executing program 1 (fault-call:9 fault-nth:37): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:14:06 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) r3 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) r6 = syz_io_uring_setup(0x1, &(0x7f0000000080), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140)) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r7}}, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000340)=@IORING_OP_CLOSE={0x13, 0x3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r7}}, 0x1) ioctl$ifreq_SIOCGIFINDEX_wireguard(r3, 0x8933, &(0x7f0000000000)={'wg0\x00'}) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) r8 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000200)='devices.allow\x00', 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r8, 0x3, 0x0}, 0xa16) r9 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r9, 0x107, 0x8, &(0x7f0000000040)=0x1000000, 0x4) recvmmsg(r9, &(0x7f0000001a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) r10 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r10, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1c) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 2569.531218] FAULT_INJECTION: forcing a failure. [ 2569.531218] name failslab, interval 1, probability 0, space 0, times 0 [ 2569.532796] CPU: 1 PID: 16465 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2569.533722] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2569.536304] Call Trace: [ 2569.536940] dump_stack+0x107/0x163 [ 2569.537846] should_fail.cold+0x5/0xa [ 2569.538790] ? create_object.isra.0+0x3a/0xa10 [ 2569.539874] should_failslab+0x5/0x10 [ 2569.540785] kmem_cache_alloc+0x5b/0x350 [ 2569.541789] create_object.isra.0+0x3a/0xa10 [ 2569.542874] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2569.544187] kmem_cache_alloc+0x15b/0x350 [ 2569.545202] prepare_creds+0x29/0x670 [ 2569.546133] prepare_exec_creds+0xd/0x250 [ 2569.547117] bprm_execve+0x1e3/0x1b00 [ 2569.547908] ? get_arg_page+0x153/0x200 [ 2569.548768] ? acct_arg_size+0xe0/0xe0 [ 2569.549620] ? open_exec+0x70/0x70 [ 2569.550378] ? memcpy+0x39/0x60 [ 2569.551102] ? copy_strings.isra.0+0x492/0x690 [ 2569.552069] ? copy_string_kernel+0x3ad/0x440 [ 2569.553028] do_execveat_common.isra.0+0x524/0x670 [ 2569.554145] __x64_sys_execveat+0xe7/0x130 [ 2569.555069] do_syscall_64+0x33/0x40 [ 2569.555863] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2569.556944] RIP: 0033:0x466609 [ 2569.557661] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2569.561564] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2569.563213] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2569.564749] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2569.566305] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2569.567831] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2569.569488] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 06:14:06 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0) io_uring_enter(0xffffffffffffffff, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2569.667215] FAULT_INJECTION: forcing a failure. [ 2569.667215] name failslab, interval 1, probability 0, space 0, times 0 [ 2569.669839] CPU: 0 PID: 16470 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2569.671256] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2569.673509] Call Trace: [ 2569.674070] dump_stack+0x107/0x163 [ 2569.674891] should_fail.cold+0x5/0xa [ 2569.675791] ? create_object.isra.0+0x3a/0xa10 [ 2569.677050] should_failslab+0x5/0x10 [ 2569.677946] kmem_cache_alloc+0x5b/0x350 [ 2569.678896] create_object.isra.0+0x3a/0xa10 [ 2569.679915] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2569.681095] kmem_cache_alloc+0x15b/0x350 [ 2569.682072] prepare_creds+0x29/0x670 [ 2569.682850] prepare_exec_creds+0xd/0x250 [ 2569.683681] bprm_execve+0x1e3/0x1b00 [ 2569.684435] ? get_arg_page+0x153/0x200 [ 2569.685244] ? acct_arg_size+0xe0/0xe0 [ 2569.686038] ? open_exec+0x70/0x70 [ 2569.686748] ? memcpy+0x39/0x60 [ 2569.687406] ? copy_strings.isra.0+0x492/0x690 [ 2569.688321] ? copy_string_kernel+0x3ad/0x440 [ 2569.689241] do_execveat_common.isra.0+0x524/0x670 [ 2569.690515] __x64_sys_execveat+0xe7/0x130 [ 2569.691566] do_syscall_64+0x33/0x40 [ 2569.692511] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2569.693749] RIP: 0033:0x466609 [ 2569.694406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2569.698062] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2569.699718] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2569.701138] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2569.702577] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2569.703970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2569.705380] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 [ 2585.035706] kmemleak: 41 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:14:31 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x20000000) 06:14:31 executing program 4 (fault-call:7 fault-nth:36): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:14:31 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:14:31 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x6, 0x12, r0, 0x10000000) r4 = socket$unix(0x1, 0x5, 0x0) syz_io_uring_submit(0x0, r3, &(0x7f0000000000)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x1, 0x0, @fd=r4, 0x4, 0x0, 0x663b, 0x5}, 0x80000000) 06:14:31 executing program 1 (fault-call:9 fault-nth:38): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:14:31 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0) io_uring_enter(0xffffffffffffffff, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:14:31 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b47, 0x2) 06:14:31 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2594.876609] FAULT_INJECTION: forcing a failure. [ 2594.876609] name failslab, interval 1, probability 0, space 0, times 0 [ 2594.878868] CPU: 0 PID: 16626 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2594.880180] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2594.882366] Call Trace: [ 2594.882879] dump_stack+0x107/0x163 [ 2594.883581] should_fail.cold+0x5/0xa [ 2594.884323] ? security_file_alloc+0x34/0x170 [ 2594.885195] should_failslab+0x5/0x10 [ 2594.885917] kmem_cache_alloc+0x5b/0x350 [ 2594.886715] security_file_alloc+0x34/0x170 [ 2594.887546] __alloc_file+0xb6/0x310 [ 2594.888266] alloc_empty_file+0x6a/0x160 [ 2594.889057] path_openat+0xdf/0x2690 [ 2594.889783] ? stack_trace_consume_entry+0x160/0x160 [ 2594.890765] ? path_lookupat+0x780/0x780 [ 2594.891558] ? __lock_acquire+0x1616/0x5b60 [ 2594.892397] do_filp_open+0x192/0x3e0 [ 2594.893138] ? may_open_dev+0xf0/0xf0 [ 2594.893934] ? perf_trace_lock+0xb6/0x470 [ 2594.894940] ? perf_trace_lock+0xb6/0x470 [ 2594.895925] ? __lockdep_reset_lock+0x180/0x180 [ 2594.897042] ? find_held_lock+0x2c/0x110 [ 2594.898004] do_open_execat+0x10c/0x690 [ 2594.898782] ? __ia32_sys_uselib+0x40/0x40 [ 2594.899596] ? do_raw_spin_lock+0x129/0x270 [ 2594.900425] ? rwlock_bug.part.0+0x90/0x90 [ 2594.901255] bprm_execve+0x5b2/0x1b00 [ 2594.901980] ? get_arg_page+0x153/0x200 [ 2594.902770] ? open_exec+0x70/0x70 [ 2594.903450] ? memcpy+0x39/0x60 [ 2594.904090] ? copy_strings.isra.0+0x492/0x690 [ 2594.904955] ? copy_string_kernel+0x3ad/0x440 [ 2594.905898] do_execveat_common.isra.0+0x524/0x670 [ 2594.906865] __x64_sys_execveat+0xe7/0x130 [ 2594.907681] do_syscall_64+0x33/0x40 [ 2594.908397] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2594.909384] RIP: 0033:0x466609 [ 2594.910010] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2594.913600] RSP: 002b:00007fda96200188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2594.915081] RAX: ffffffffffffffda RBX: 000000000056c0f0 RCX: 0000000000466609 [ 2594.916434] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2594.917786] RBP: 00007fda962001d0 R08: 0000000000000000 R09: 0000000000000000 [ 2594.919240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2594.920627] R13: 00007ffcd66bd11f R14: 00007fda96200300 R15: 0000000000022000 [ 2594.936864] FAULT_INJECTION: forcing a failure. [ 2594.936864] name failslab, interval 1, probability 0, space 0, times 0 [ 2594.939122] CPU: 0 PID: 16628 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2594.940429] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2594.942611] Call Trace: [ 2594.943128] dump_stack+0x107/0x163 [ 2594.943821] should_fail.cold+0x5/0xa [ 2594.944554] ? __alloc_file+0x21/0x310 [ 2594.945315] should_failslab+0x5/0x10 [ 2594.946042] kmem_cache_alloc+0x5b/0x350 [ 2594.946828] ? mark_lock+0x108/0x3020 [ 2594.947559] __alloc_file+0x21/0x310 [ 2594.948276] alloc_empty_file+0x6a/0x160 [ 2594.949067] path_openat+0xdf/0x2690 [ 2594.949779] ? stack_trace_consume_entry+0x160/0x160 [ 2594.950753] ? path_lookupat+0x780/0x780 [ 2594.951541] ? __lock_acquire+0x1616/0x5b60 [ 2594.952376] do_filp_open+0x192/0x3e0 [ 2594.953119] ? may_open_dev+0xf0/0xf0 [ 2594.953854] ? perf_trace_lock+0xb6/0x470 [ 2594.954664] ? perf_trace_lock+0xb6/0x470 [ 2594.955468] ? __lockdep_reset_lock+0x180/0x180 [ 2594.956366] ? find_held_lock+0x2c/0x110 [ 2594.957160] do_open_execat+0x10c/0x690 [ 2594.957917] ? __ia32_sys_uselib+0x40/0x40 [ 2594.958734] ? do_raw_spin_lock+0x129/0x270 [ 2594.959562] ? rwlock_bug.part.0+0x90/0x90 [ 2594.960383] bprm_execve+0x5b2/0x1b00 [ 2594.961109] ? get_arg_page+0x153/0x200 [ 2594.961867] ? open_exec+0x70/0x70 [ 2594.962584] ? memcpy+0x39/0x60 [ 2594.963222] ? copy_strings.isra.0+0x492/0x690 [ 2594.964094] ? copy_string_kernel+0x3ad/0x440 [ 2594.964954] do_execveat_common.isra.0+0x524/0x670 [ 2594.965922] __x64_sys_execveat+0xe7/0x130 [ 2594.966771] do_syscall_64+0x33/0x40 [ 2594.967487] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2594.968465] RIP: 0033:0x466609 [ 2594.969086] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2594.972612] RSP: 002b:00007f8f4e88f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2594.974069] RAX: ffffffffffffffda RBX: 000000000056c1a8 RCX: 0000000000466609 [ 2594.975448] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2594.976804] RBP: 00007f8f4e88f1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2594.978164] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2594.979566] R13: 00007ffc26035cdf R14: 00007f8f4e88f300 R15: 0000000000022000 06:14:32 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:14:32 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0) io_uring_enter(0xffffffffffffffff, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:14:32 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b48, 0x2) 06:14:32 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0xf5ffffff) 06:14:32 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:14:32 executing program 4 (fault-call:7 fault-nth:37): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:14:32 executing program 1 (fault-call:9 fault-nth:39): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:14:32 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) r3 = socket$netlink(0x10, 0x3, 0x7) r4 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x8, 0x2010, r0, 0x10000000) syz_io_uring_submit(r1, r4, &(0x7f0000000280)=@IORING_OP_READ_FIXED={0x4, 0x5, 0x4000, @fd=r3, 0x2, 0xfff, 0x81, 0x12, 0x0, {0x3}}, 0x10000) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) setxattr$security_selinux(&(0x7f0000000000)='./file0\x00', &(0x7f0000000200), &(0x7f0000000240)='system_u:object_r:gpg_agent_exec_t:s0\x00', 0x26, 0x2) [ 2595.536654] FAULT_INJECTION: forcing a failure. [ 2595.536654] name failslab, interval 1, probability 0, space 0, times 0 [ 2595.538379] CPU: 0 PID: 16664 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2595.539362] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2595.540968] Call Trace: [ 2595.541358] dump_stack+0x107/0x163 [ 2595.541876] should_fail.cold+0x5/0xa [ 2595.542480] ? create_object.isra.0+0x3a/0xa10 [ 2595.543137] should_failslab+0x5/0x10 [ 2595.543672] kmem_cache_alloc+0x5b/0x350 [ 2595.544272] create_object.isra.0+0x3a/0xa10 [ 2595.544896] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2595.545603] kmem_cache_alloc+0x15b/0x350 [ 2595.546201] __alloc_file+0x21/0x310 [ 2595.546738] alloc_empty_file+0x6a/0x160 [ 2595.547306] path_openat+0xdf/0x2690 [ 2595.547840] ? stack_trace_consume_entry+0x160/0x160 [ 2595.548549] ? path_lookupat+0x780/0x780 [ 2595.549128] ? __lock_acquire+0x1616/0x5b60 [ 2595.549742] do_filp_open+0x192/0x3e0 [ 2595.550277] ? may_open_dev+0xf0/0xf0 [ 2595.550832] ? perf_trace_lock+0xb6/0x470 [ 2595.551430] ? perf_trace_lock+0xb6/0x470 [ 2595.552013] ? __lockdep_reset_lock+0x180/0x180 [ 2595.552670] ? find_held_lock+0x2c/0x110 [ 2595.553239] do_open_execat+0x10c/0x690 [ 2595.553796] ? __ia32_sys_uselib+0x40/0x40 [ 2595.554423] ? do_raw_spin_lock+0x129/0x270 [ 2595.555027] ? rwlock_bug.part.0+0x90/0x90 [ 2595.555630] bprm_execve+0x5b2/0x1b00 [ 2595.556159] ? get_arg_page+0x153/0x200 [ 2595.556722] ? open_exec+0x70/0x70 [ 2595.557218] ? memcpy+0x39/0x60 [ 2595.557676] ? copy_strings.isra.0+0x492/0x690 [ 2595.558321] ? copy_string_kernel+0x3ad/0x440 [ 2595.558971] do_execveat_common.isra.0+0x524/0x670 [ 2595.559656] __x64_sys_execveat+0xe7/0x130 [ 2595.560253] do_syscall_64+0x33/0x40 [ 2595.560769] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2595.561481] RIP: 0033:0x466609 [ 2595.561926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2595.564555] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2595.565789] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2595.566384] FAULT_INJECTION: forcing a failure. [ 2595.566384] name failslab, interval 1, probability 0, space 0, times 0 [ 2595.566791] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2595.566810] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2595.570898] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2595.571894] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 [ 2595.572918] CPU: 1 PID: 16665 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2595.574254] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2595.576454] Call Trace: 06:14:32 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2595.576982] dump_stack+0x107/0x163 [ 2595.577867] should_fail.cold+0x5/0xa [ 2595.578633] ? create_object.isra.0+0x3a/0xa10 [ 2595.579547] should_failslab+0x5/0x10 [ 2595.580294] kmem_cache_alloc+0x5b/0x350 [ 2595.581098] create_object.isra.0+0x3a/0xa10 [ 2595.581957] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2595.582966] __kmalloc+0x170/0x3e0 [ 2595.583670] security_prepare_creds+0x10a/0x180 [ 2595.584577] prepare_creds+0x45c/0x670 [ 2595.585338] prepare_exec_creds+0xd/0x250 [ 2595.586142] bprm_execve+0x1e3/0x1b00 [ 2595.586884] ? get_arg_page+0x153/0x200 [ 2595.587670] ? acct_arg_size+0xe0/0xe0 [ 2595.588431] ? open_exec+0x70/0x70 [ 2595.589120] ? memcpy+0x39/0x60 [ 2595.589758] ? copy_strings.isra.0+0x492/0x690 [ 2595.590658] ? copy_string_kernel+0x3ad/0x440 [ 2595.591536] do_execveat_common.isra.0+0x524/0x670 [ 2595.592498] __x64_sys_execveat+0xe7/0x130 [ 2595.593324] do_syscall_64+0x33/0x40 [ 2595.594047] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2595.595068] RIP: 0033:0x466609 [ 2595.595696] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2595.599274] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2595.600747] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2595.602132] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2595.603525] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2595.604911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2595.606313] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 06:14:32 executing program 4 (fault-call:7 fault-nth:38): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:14:32 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:14:32 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0xffff8000) 06:14:32 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:14:32 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) setxattr$security_selinux(&(0x7f0000000000)='./file0\x00', &(0x7f0000000200), &(0x7f0000000240)='system_u:object_r:udev_helper_exec_t:s0\x00', 0x28, 0x1) r3 = perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='attr/keycreate\x00') dup3(r4, r3, 0x0) openat(r4, &(0x7f00000003c0)='\x00', 0x101000, 0x10) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0xc10, &(0x7f0000000280)={0x0, 0x2046, 0x20, 0x1, 0x91}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000340), &(0x7f0000000400)) 06:14:32 executing program 1 (fault-call:9 fault-nth:40): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2595.813441] FAULT_INJECTION: forcing a failure. [ 2595.813441] name failslab, interval 1, probability 0, space 0, times 0 [ 2595.815479] CPU: 1 PID: 16699 Comm: syz-executor.4 Not tainted 5.10.60 #1 06:14:33 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2595.816526] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2595.818426] Call Trace: [ 2595.818831] dump_stack+0x107/0x163 [ 2595.819386] should_fail.cold+0x5/0xa [ 2595.819967] ? security_file_alloc+0x34/0x170 [ 2595.820652] should_failslab+0x5/0x10 [ 2595.821224] kmem_cache_alloc+0x5b/0x350 [ 2595.821847] security_file_alloc+0x34/0x170 [ 2595.822531] __alloc_file+0xb6/0x310 [ 2595.823101] alloc_empty_file+0x6a/0x160 [ 2595.823729] path_openat+0xdf/0x2690 [ 2595.824311] ? stack_trace_consume_entry+0x160/0x160 [ 2595.825088] ? path_lookupat+0x780/0x780 [ 2595.825710] ? __lock_acquire+0x1616/0x5b60 [ 2595.826378] do_filp_open+0x192/0x3e0 [ 2595.826974] ? may_open_dev+0xf0/0xf0 [ 2595.827565] ? perf_trace_lock+0xb6/0x470 [ 2595.828198] ? perf_trace_lock+0xb6/0x470 [ 2595.828834] ? __lockdep_reset_lock+0x180/0x180 [ 2595.829551] ? find_held_lock+0x2c/0x110 [ 2595.830175] do_open_execat+0x10c/0x690 [ 2595.830789] ? __ia32_sys_uselib+0x40/0x40 [ 2595.831432] ? do_raw_spin_lock+0x129/0x270 [ 2595.832083] ? rwlock_bug.part.0+0x90/0x90 [ 2595.832734] bprm_execve+0x5b2/0x1b00 [ 2595.833309] ? get_arg_page+0x153/0x200 [ 2595.833919] ? open_exec+0x70/0x70 [ 2595.834490] ? memcpy+0x39/0x60 [ 2595.834987] ? copy_strings.isra.0+0x492/0x690 [ 2595.835684] ? copy_string_kernel+0x3ad/0x440 [ 2595.836374] do_execveat_common.isra.0+0x524/0x670 [ 2595.837122] __x64_sys_execveat+0xe7/0x130 [ 2595.837769] do_syscall_64+0x33/0x40 [ 2595.838344] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2595.839116] RIP: 0033:0x466609 [ 2595.839602] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2595.842396] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2595.843538] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2595.844618] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2595.845694] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2595.846790] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2595.847872] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 [ 2595.944164] FAULT_INJECTION: forcing a failure. [ 2595.944164] name failslab, interval 1, probability 0, space 0, times 0 [ 2595.945520] CPU: 0 PID: 16777 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2595.946296] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2595.947571] Call Trace: [ 2595.947873] dump_stack+0x107/0x163 [ 2595.948287] should_fail.cold+0x5/0xa [ 2595.948715] ? __alloc_file+0x21/0x310 [ 2595.949151] should_failslab+0x5/0x10 [ 2595.949571] kmem_cache_alloc+0x5b/0x350 [ 2595.950018] ? mark_lock+0x108/0x3020 [ 2595.950458] __alloc_file+0x21/0x310 [ 2595.950874] alloc_empty_file+0x6a/0x160 [ 2595.951326] path_openat+0xdf/0x2690 [ 2595.951758] ? stack_trace_consume_entry+0x160/0x160 [ 2595.952324] ? path_lookupat+0x780/0x780 [ 2595.952778] ? __lock_acquire+0x1616/0x5b60 [ 2595.953268] do_filp_open+0x192/0x3e0 [ 2595.953706] ? may_open_dev+0xf0/0xf0 [ 2595.954148] ? perf_trace_lock+0xb6/0x470 [ 2595.954619] ? perf_trace_lock+0xb6/0x470 [ 2595.955093] ? __lockdep_reset_lock+0x180/0x180 [ 2595.955613] ? find_held_lock+0x2c/0x110 [ 2595.956078] do_open_execat+0x10c/0x690 [ 2595.956520] ? __ia32_sys_uselib+0x40/0x40 [ 2595.956992] ? do_raw_spin_lock+0x129/0x270 [ 2595.957471] ? rwlock_bug.part.0+0x90/0x90 [ 2595.957945] bprm_execve+0x5b2/0x1b00 [ 2595.958381] ? get_arg_page+0x153/0x200 [ 2595.958834] ? open_exec+0x70/0x70 [ 2595.959225] ? memcpy+0x39/0x60 [ 2595.959591] ? copy_strings.isra.0+0x492/0x690 [ 2595.960096] ? copy_string_kernel+0x3ad/0x440 [ 2595.960601] do_execveat_common.isra.0+0x524/0x670 [ 2595.961146] __x64_sys_execveat+0xe7/0x130 [ 2595.961620] do_syscall_64+0x33/0x40 [ 2595.962034] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2595.962612] RIP: 0033:0x466609 [ 2595.962972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2595.964984] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2595.965837] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2595.966648] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2595.967430] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2595.968209] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2595.969201] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 06:14:33 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:14:33 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2608.422964] kmemleak: 24 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:15:01 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b49, 0x2) 06:15:01 executing program 1 (fault-call:9 fault-nth:41): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:15:01 executing program 5: r0 = syz_io_uring_setup(0x1d, &(0x7f0000000200)={0x0, 0x0, 0x20, 0x3}, &(0x7f00000a0000)=nil, &(0x7f0000d78000/0x4000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) symlink(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='./file0\x00') 06:15:01 executing program 4 (fault-call:7 fault-nth:39): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:15:01 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) 06:15:01 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:15:01 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:15:01 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0xfffffff5) [ 2624.157030] FAULT_INJECTION: forcing a failure. [ 2624.157030] name failslab, interval 1, probability 0, space 0, times 0 [ 2624.159623] CPU: 1 PID: 16847 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2624.161101] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2624.164047] Call Trace: [ 2624.164627] dump_stack+0x107/0x163 [ 2624.165418] should_fail.cold+0x5/0xa [ 2624.166249] ? create_object.isra.0+0x3a/0xa10 [ 2624.167259] should_failslab+0x5/0x10 [ 2624.168080] kmem_cache_alloc+0x5b/0x350 [ 2624.168965] create_object.isra.0+0x3a/0xa10 [ 2624.169912] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2624.171058] __kmalloc+0x170/0x3e0 [ 2624.171952] security_prepare_creds+0x10a/0x180 [ 2624.173082] prepare_creds+0x45c/0x670 [ 2624.174071] prepare_exec_creds+0xd/0x250 [ 2624.174987] bprm_execve+0x1e3/0x1b00 [ 2624.175811] ? get_arg_page+0x153/0x200 [ 2624.176669] ? acct_arg_size+0xe0/0xe0 [ 2624.177514] ? open_exec+0x70/0x70 [ 2624.178279] ? memcpy+0x39/0x60 [ 2624.179000] ? copy_strings.isra.0+0x492/0x690 [ 2624.179987] ? copy_string_kernel+0x3ad/0x440 [ 2624.180973] do_execveat_common.isra.0+0x524/0x670 [ 2624.182044] __x64_sys_execveat+0xe7/0x130 [ 2624.183111] do_syscall_64+0x33/0x40 [ 2624.183925] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2624.185210] RIP: 0033:0x466609 [ 2624.185955] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2624.189944] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2624.191601] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2624.193156] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2624.194687] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2624.196251] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2624.197774] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 [ 2624.253834] FAULT_INJECTION: forcing a failure. [ 2624.253834] name failslab, interval 1, probability 0, space 0, times 0 [ 2624.256554] CPU: 1 PID: 16857 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2624.258045] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2624.260526] Call Trace: [ 2624.261265] dump_stack+0x107/0x163 [ 2624.262142] should_fail.cold+0x5/0xa [ 2624.263161] ? create_object.isra.0+0x3a/0xa10 [ 2624.264165] should_failslab+0x5/0x10 [ 2624.264998] kmem_cache_alloc+0x5b/0x350 [ 2624.265881] ? percpu_ref_put_many.constprop.0+0x4e/0x100 [ 2624.267107] create_object.isra.0+0x3a/0xa10 [ 2624.268174] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2624.269286] kmem_cache_alloc+0x15b/0x350 [ 2624.270203] security_file_alloc+0x34/0x170 [ 2624.271166] __alloc_file+0xb6/0x310 [ 2624.271981] alloc_empty_file+0x6a/0x160 [ 2624.272982] path_openat+0xdf/0x2690 [ 2624.273891] ? stack_trace_consume_entry+0x160/0x160 [ 2624.275121] ? path_lookupat+0x780/0x780 [ 2624.276113] ? __lock_acquire+0x1616/0x5b60 [ 2624.277058] do_filp_open+0x192/0x3e0 [ 2624.277887] ? may_open_dev+0xf0/0xf0 [ 2624.278734] ? perf_trace_lock+0xb6/0x470 [ 2624.279637] ? perf_trace_lock+0xb6/0x470 [ 2624.280546] ? __lockdep_reset_lock+0x180/0x180 [ 2624.281564] ? find_held_lock+0x2c/0x110 [ 2624.282453] do_open_execat+0x10c/0x690 [ 2624.283420] ? __ia32_sys_uselib+0x40/0x40 [ 2624.284379] ? do_raw_spin_lock+0x129/0x270 [ 2624.285516] ? rwlock_bug.part.0+0x90/0x90 [ 2624.286448] bprm_execve+0x5b2/0x1b00 [ 2624.287286] ? get_arg_page+0x153/0x200 [ 2624.288173] ? open_exec+0x70/0x70 [ 2624.289048] ? memcpy+0x39/0x60 [ 2624.289765] ? copy_strings.isra.0+0x492/0x690 [ 2624.290766] ? copy_string_kernel+0x3ad/0x440 [ 2624.291752] do_execveat_common.isra.0+0x524/0x670 [ 2624.292860] __x64_sys_execveat+0xe7/0x130 [ 2624.293797] do_syscall_64+0x33/0x40 [ 2624.294751] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2624.296057] RIP: 0033:0x466609 [ 2624.296761] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2624.300893] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2624.302557] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2624.304250] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2624.306069] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2624.307625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2624.309171] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 06:15:01 executing program 1 (fault-call:9 fault-nth:42): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:15:01 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:15:01 executing program 4 (fault-call:7 fault-nth:40): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:15:01 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:15:01 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x225c17d03) 06:15:01 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) [ 2624.563918] FAULT_INJECTION: forcing a failure. [ 2624.563918] name failslab, interval 1, probability 0, space 0, times 0 [ 2624.565421] CPU: 0 PID: 16879 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2624.566318] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2624.567611] Call Trace: [ 2624.567910] dump_stack+0x107/0x163 [ 2624.568332] should_fail.cold+0x5/0xa [ 2624.568757] ? __alloc_file+0x21/0x310 [ 2624.569204] should_failslab+0x5/0x10 [ 2624.569631] kmem_cache_alloc+0x5b/0x350 [ 2624.570097] ? mark_lock+0x108/0x3020 [ 2624.570531] __alloc_file+0x21/0x310 [ 2624.570962] alloc_empty_file+0x6a/0x160 [ 2624.571430] path_openat+0xdf/0x2690 [ 2624.571843] ? stack_trace_consume_entry+0x160/0x160 [ 2624.572421] ? path_lookupat+0x780/0x780 [ 2624.572873] ? __lock_acquire+0x1616/0x5b60 [ 2624.573365] do_filp_open+0x192/0x3e0 [ 2624.573781] ? may_open_dev+0xf0/0xf0 [ 2624.574231] ? perf_trace_lock+0xb6/0x470 [ 2624.574679] ? perf_trace_lock+0xb6/0x470 [ 2624.575166] ? __lockdep_reset_lock+0x180/0x180 [ 2624.575735] ? find_held_lock+0x2c/0x110 [ 2624.576295] do_open_execat+0x10c/0x690 [ 2624.576884] ? __ia32_sys_uselib+0x40/0x40 [ 2624.577528] ? do_raw_spin_lock+0x129/0x270 [ 2624.578159] ? rwlock_bug.part.0+0x90/0x90 [ 2624.578716] bprm_execve+0x5b2/0x1b00 [ 2624.579178] ? get_arg_page+0x153/0x200 [ 2624.579631] ? open_exec+0x70/0x70 [ 2624.580048] ? memcpy+0x39/0x60 [ 2624.580413] ? copy_strings.isra.0+0x492/0x690 [ 2624.580925] ? copy_string_kernel+0x3ad/0x440 [ 2624.581417] do_execveat_common.isra.0+0x524/0x670 [ 2624.581952] __x64_sys_execveat+0xe7/0x130 [ 2624.582425] do_syscall_64+0x33/0x40 [ 2624.582835] entry_SYSCALL_64_after_hwframe+0x44/0xa9 06:15:01 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) r3 = perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='attr/keycreate\x00') dup3(r4, r3, 0x0) r5 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0) mount$9p_fd(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0), 0x400, &(0x7f0000000340)=ANY=[@ANYBLOB='Tras=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r5, @ANYRES16, @ANYRESHEX=0x0, @ANYBLOB=',fscache,version=9p2000.u,privport,dfltuid=', @ANYRESHEX, @ANYBLOB="2c63616368653d6d6d61702c756e616d653d2c61756469742c736d61636b66736861743d5e27275b2c646f6e745f6d6561737572652c736d61636b66737472616e736d7574653d24c92c7065726d69745f646972656374696f2c736d61636b6673666c6f6f723d2c6673757569643d61306566333931392d396665302d326637652d623562322d34356630373237632c00"]) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2, 0x10, r0, 0x0) r7 = syz_open_dev$vcsu(&(0x7f0000000200), 0x1, 0x4500) io_uring_enter(r7, 0x5826, 0xa687, 0x1, &(0x7f0000000240)={[0xfffffffffffffffe]}, 0x8) syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) r10 = syz_io_uring_setup(0x1, &(0x7f0000000080), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140)) r11 = io_uring_register$IORING_REGISTER_PERSONALITY(r10, 0x9, 0x0, 0x0) syz_io_uring_submit(r8, r9, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r11}}, 0x0) syz_io_uring_submit(r6, r2, &(0x7f0000000000)=@IORING_OP_CLOSE={0x13, 0x4, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r11}}, 0x4) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 2624.583396] RIP: 0033:0x466609 [ 2624.583983] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2624.586062] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2624.586934] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2624.587739] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2624.588535] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2624.589344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2624.590165] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 06:15:01 executing program 1 (fault-call:9 fault-nth:43): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2624.674211] FAULT_INJECTION: forcing a failure. [ 2624.674211] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2624.675643] CPU: 0 PID: 16888 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2624.676418] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2624.677679] Call Trace: [ 2624.677978] dump_stack+0x107/0x163 [ 2624.678505] should_fail.cold+0x5/0xa [ 2624.679096] __alloc_pages_nodemask+0x17f/0x670 [ 2624.679780] ? __alloc_pages_slowpath.constprop.0+0x2090/0x2090 [ 2624.680624] ? trace_hardirqs_on+0x5b/0x180 [ 2624.681146] ? kmem_cache_free+0x99/0x2f0 [ 2624.681700] alloc_pages_current+0x187/0x280 [ 2624.682195] __get_free_pages+0xc/0xa0 [ 2624.682616] tlb_remove_table+0x3ca/0xcb0 [ 2624.683086] ___pte_free_tlb+0x86/0xb0 [ 2624.683509] free_pgd_range+0x736/0x1390 [ 2624.683960] free_pgtables+0x22a/0x2f0 [ 2624.684426] exit_mmap+0x28e/0x4e0 [ 2624.684826] ? do_munmap+0x40/0x40 [ 2624.685249] mmput+0xca/0x340 [ 2624.685603] free_bprm+0x65/0x2e0 [ 2624.686006] do_execveat_common.isra.0+0x534/0x670 [ 2624.686558] __x64_sys_execveat+0xe7/0x130 [ 2624.687058] do_syscall_64+0x33/0x40 [ 2624.687477] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2624.688070] RIP: 0033:0x466609 [ 2624.688437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2624.690542] RSP: 002b:00007f8f4e8f2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2624.691432] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2624.692249] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2624.693069] RBP: 00007f8f4e8f21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2624.693880] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2624.694684] R13: 00007ffc26035cdf R14: 00007f8f4e8f2300 R15: 0000000000022000 [ 2624.845975] FAULT_INJECTION: forcing a failure. [ 2624.845975] name failslab, interval 1, probability 0, space 0, times 0 [ 2624.847514] CPU: 0 PID: 16920 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2624.848348] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2624.849651] Call Trace: [ 2624.849954] dump_stack+0x107/0x163 [ 2624.850379] should_fail.cold+0x5/0xa [ 2624.850842] ? create_object.isra.0+0x3a/0xa10 [ 2624.851375] should_failslab+0x5/0x10 [ 2624.851816] kmem_cache_alloc+0x5b/0x350 [ 2624.852279] ? percpu_ref_put_many.constprop.0+0x4e/0x100 [ 2624.852905] create_object.isra.0+0x3a/0xa10 [ 2624.853417] ? __kasan_kmalloc.constprop.0+0xc2/0xd0 [ 2624.854011] kmem_cache_alloc+0x15b/0x350 [ 2624.854485] security_file_alloc+0x34/0x170 [ 2624.855001] __alloc_file+0xb6/0x310 [ 2624.855428] alloc_empty_file+0x6a/0x160 [ 2624.855892] path_openat+0xdf/0x2690 [ 2624.856341] ? stack_trace_consume_entry+0x160/0x160 [ 2624.856921] ? path_lookupat+0x780/0x780 [ 2624.857409] ? __lock_acquire+0x1616/0x5b60 [ 2624.857899] do_filp_open+0x192/0x3e0 [ 2624.858339] ? may_open_dev+0xf0/0xf0 [ 2624.858809] ? perf_trace_lock+0xb6/0x470 [ 2624.859285] ? perf_trace_lock+0xb6/0x470 [ 2624.859766] ? __lockdep_reset_lock+0x180/0x180 [ 2624.860301] ? find_held_lock+0x2c/0x110 [ 2624.860769] do_open_execat+0x10c/0x690 [ 2624.861233] ? __ia32_sys_uselib+0x40/0x40 [ 2624.861718] ? do_raw_spin_lock+0x129/0x270 [ 2624.862221] ? rwlock_bug.part.0+0x90/0x90 [ 2624.862718] bprm_execve+0x5b2/0x1b00 [ 2624.863179] ? get_arg_page+0x153/0x200 [ 2624.863634] ? open_exec+0x70/0x70 [ 2624.864060] ? memcpy+0x39/0x60 [ 2624.864434] ? copy_strings.isra.0+0x492/0x690 [ 2624.864961] ? copy_string_kernel+0x3ad/0x440 [ 2624.865483] do_execveat_common.isra.0+0x524/0x670 [ 2624.866057] __x64_sys_execveat+0xe7/0x130 [ 2624.866548] do_syscall_64+0x33/0x40 [ 2624.866983] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2624.867563] RIP: 0033:0x466609 [ 2624.867929] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2624.870024] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2624.870907] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2624.871711] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2624.872519] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2624.873342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2624.874175] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 [ 2636.816415] kmemleak: 17 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:15:22 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b4a, 0x2) 06:15:22 executing program 1 (fault-call:9 fault-nth:44): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:15:22 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x20876256919) 06:15:22 executing program 4 (fault-call:7 fault-nth:41): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:15:22 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:15:22 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:15:22 executing program 5: r0 = syz_io_uring_setup(0x754, &(0x7f0000000080)={0x0, 0x1126, 0x0, 0x3, 0x2}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000000000)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x1001, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) openat(r3, &(0x7f0000000240)='./file0\x00', 0x20000, 0x1c7) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:15:22 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) [ 2645.331784] FAULT_INJECTION: forcing a failure. [ 2645.331784] name failslab, interval 1, probability 0, space 0, times 0 [ 2645.334449] CPU: 1 PID: 16943 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2645.335946] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2645.338750] Call Trace: [ 2645.339354] dump_stack+0x107/0x163 [ 2645.340145] should_fail.cold+0x5/0xa [ 2645.340972] ? security_file_alloc+0x34/0x170 [ 2645.341942] should_failslab+0x5/0x10 [ 2645.342763] kmem_cache_alloc+0x5b/0x350 [ 2645.343657] security_file_alloc+0x34/0x170 [ 2645.344587] __alloc_file+0xb6/0x310 [ 2645.345401] alloc_empty_file+0x6a/0x160 [ 2645.346280] path_openat+0xdf/0x2690 [ 2645.347110] ? stack_trace_consume_entry+0x160/0x160 [ 2645.348206] ? path_lookupat+0x780/0x780 [ 2645.349098] ? __lock_acquire+0x1616/0x5b60 [ 2645.350038] do_filp_open+0x192/0x3e0 [ 2645.350862] ? may_open_dev+0xf0/0xf0 [ 2645.351727] ? perf_trace_lock+0xb6/0x470 [ 2645.352621] ? perf_trace_lock+0xb6/0x470 [ 2645.353523] ? __lockdep_reset_lock+0x180/0x180 [ 2645.354534] ? find_held_lock+0x2c/0x110 [ 2645.355426] do_open_execat+0x10c/0x690 [ 2645.356267] ? __ia32_sys_uselib+0x40/0x40 [ 2645.357175] ? do_raw_spin_lock+0x129/0x270 [ 2645.358104] ? rwlock_bug.part.0+0x90/0x90 [ 2645.359029] bprm_execve+0x5b2/0x1b00 [ 2645.359854] ? get_arg_page+0x153/0x200 [ 2645.360720] ? open_exec+0x70/0x70 [ 2645.361488] ? memcpy+0x39/0x60 [ 2645.362197] ? copy_strings.isra.0+0x492/0x690 [ 2645.363198] ? copy_string_kernel+0x3ad/0x440 [ 2645.364153] do_execveat_common.isra.0+0x524/0x670 [ 2645.365229] __x64_sys_execveat+0xe7/0x130 [ 2645.366149] do_syscall_64+0x33/0x40 [ 2645.366952] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2645.368062] RIP: 0033:0x466609 [ 2645.368759] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2645.372745] RSP: 002b:00007fda96242188 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 2645.374387] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 0000000000466609 [ 2645.375934] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff [ 2645.377471] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2645.379004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2645.380554] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 06:15:22 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2645.392617] FAULT_INJECTION: forcing a failure. [ 2645.392617] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2645.395226] CPU: 1 PID: 16995 Comm: syz-executor.4 Not tainted 5.10.60 #1 [ 2645.396806] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2645.399439] Call Trace: [ 2645.400014] dump_stack+0x107/0x163 [ 2645.400801] should_fail.cold+0x5/0xa [ 2645.401827] _copy_to_user+0x2e/0x180 [ 2645.402658] simple_read_from_buffer+0xcc/0x160 [ 2645.403680] proc_fail_nth_read+0x194/0x220 [ 2645.404612] ? proc_exe_link+0x1d0/0x1d0 [ 2645.405489] ? security_file_permission+0x178/0x550 [ 2645.406699] ? proc_exe_link+0x1d0/0x1d0 [ 2645.407769] vfs_read+0x226/0x580 [ 2645.408525] ksys_read+0x12d/0x250 [ 2645.409401] ? __ia32_sys_pwrite64+0x230/0x230 [ 2645.410436] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 2645.411788] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2645.412958] do_syscall_64+0x33/0x40 [ 2645.413859] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2645.414964] RIP: 0033:0x41935c [ 2645.415671] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 2645.420090] RSP: 002b:00007f8f4e8d1170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2645.421954] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 000000000041935c [ 2645.423499] RDX: 000000000000000f RSI: 00007f8f4e8d11e0 RDI: 0000000000000003 [ 2645.425153] RBP: 00007f8f4e8d11d0 R08: 0000000000000000 R09: 0000000000000000 [ 2645.426689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2645.428474] R13: 00007ffc26035cdf R14: 00007f8f4e8d1300 R15: 0000000000022000 06:15:22 executing program 1 (fault-call:9 fault-nth:45): r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:15:22 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000000, 0x50, r0, 0x8000000) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x3, 0x4007, @fd_index=0xa, 0x800, &(0x7f00000006c0)=[{&(0x7f0000000740)="9e78d3961a336deff93a063623cc1e1d313230f73daaf10a6f400a7c45f7580b27527f543ade82ae2b0c9836d5cd9b5650c744d5de99f79ab763e35119ba1b2ef2f48edca1b49c026ed8d61cc0d379e72ec90511ad7c7844c58c03798ebc9d4276310a7c5d31651110f7ebe9e5cb94780e003f47af859990c60c9e1155a509772c1042f0df", 0x85}, {&(0x7f0000000340)="2cd721611ce7256969791d88829e0914e34f3a91d465e314f0aea80cf2190e3e237516c67a76b9fe2ff764eefd5fcd85a719ab70aa5030d0850c7fd47aa04f9715401b6a3b50abd6e66ad5f46e67d9b44ee32efbaef8b1e21755ca15b5c07da6710dbbb08b2df178b5bd9697926f277c0ecc5bc468eddd8ee344e8a4a075619730afbf75e0573c910fa312d5d2289657f245ecf59e6b8c8f57822170a5e05c82c5d16093284b0a0549bbef3b4fd0dd60e049085e21b2ba9a502caa6ee60b0b77e3e11dc73318c8fd0dfd152b090650a1235a86ef7bbfa77847cc7351dfda8f39cc9e2903e53792109316c1e6364951af7e7751d2f6a5db", 0xf7}, {&(0x7f0000000440)="4b62aebb67fae9bde63b3276d3c903c25b842ab87eafbd7f96f7dc33a86d9c15027164623e5b00d91bf5631d5f707b92c9c81db4b7c24aa6a062283efccf0fffd981903408274aa607f349a00d318196500ad415105dbb6ebf31f104d8eb56a18f1ee59b57d0b02b896520ca433af9acbf300c3e9454ac8629de07277c63458cfabe6606d37aa7b301ec2d63ed7823490a3755540be43e96b58f557c588d432ce1b3089d656c9cb18c3da15d40a9b071ef6c08", 0xb3}, {&(0x7f0000000580)="90bcb6902b3e4214268e03e9acb03c6be9dd2788743d997db9d4e210e8afc3ecac61a415a3519d6675e0932f5f76f64adc2a91a9bb9adcd9aa78c4b0fcd0e4ff79d71b6efb3d43b963136afcc4b8f77dbb17ad27a092fc2cd0a58829fca5561f5dcd0efff54ea4c5bd929efd38c6baec87949b56ca551ad737a227b0eddca603e70452a9b20060d5a2850f26fa82c6c8ba368f862ebdb70acf4e4688072ac4ce33e8b85c9853", 0xa6}, {&(0x7f0000000640)="c4862fc9190c3c35dccfdc19176d4264732a12bdeeaf3b20ebbd5eca03df34e8a1b9b1491a7cb7c9c24ca455c026ab5ba97bf81d338b7b935324ac3d5d347384a31e", 0x42}], 0x5, 0x8, 0x1, {0x0, r4}}, 0x9) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x8c7d, 0x0, 0x0, 0x0) 06:15:22 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:15:22 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x80ffff00000000) 06:15:22 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b49, 0x2) 06:15:22 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2645.698477] FAULT_INJECTION: forcing a failure. [ 2645.698477] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2645.701009] CPU: 0 PID: 17073 Comm: syz-executor.1 Not tainted 5.10.60 #1 [ 2645.702436] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2645.704584] Call Trace: [ 2645.705095] dump_stack+0x107/0x163 [ 2645.705795] should_fail.cold+0x5/0xa [ 2645.706525] _copy_to_user+0x2e/0x180 [ 2645.707276] simple_read_from_buffer+0xcc/0x160 [ 2645.708172] proc_fail_nth_read+0x194/0x220 [ 2645.708999] ? proc_exe_link+0x1d0/0x1d0 [ 2645.709774] ? security_file_permission+0x178/0x550 [ 2645.710729] ? proc_exe_link+0x1d0/0x1d0 [ 2645.711535] vfs_read+0x226/0x580 [ 2645.712198] ksys_read+0x12d/0x250 [ 2645.712867] ? __ia32_sys_pwrite64+0x230/0x230 [ 2645.713746] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 2645.714745] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2645.715786] do_syscall_64+0x33/0x40 [ 2645.716497] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 2645.717477] RIP: 0033:0x41935c [ 2645.718091] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 2645.721604] RSP: 002b:00007fda96242170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2645.723037] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 000000000041935c [ 2645.724405] RDX: 000000000000000f RSI: 00007fda962421e0 RDI: 0000000000000004 [ 2645.725755] RBP: 00007fda962421d0 R08: 0000000000000000 R09: 0000000000000000 [ 2645.727028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2645.728213] R13: 00007ffcd66bd11f R14: 00007fda96242300 R15: 0000000000022000 06:15:22 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2660.038356] kmemleak: 30 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:15:44 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x2) 06:15:44 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:15:44 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:15:44 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r3, 0x6, 0x2, &(0x7f0000000040)=0x81, 0x4) bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000400)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x2a, 0x0, "4c774fc207b2764cc639d766f1a8bf75fa858b606ad21530ecaf8b152bc099032178945d2ed02d555131e75488a37329ea68553a3c06f898b0415d06e9edb87c74d7bb428a4657b3929ce7c15f973a5f"}, 0xd8) connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendmsg$inet6(r3, &(0x7f0000001b00)={0x0, 0x0, &(0x7f0000001880)=[{&(0x7f0000000600)="1faa95adceba8300eb24247ed4d5e2cb0be4466a69b9845b80", 0x19}, {&(0x7f0000000640)="6ac4db8851f25d2282d3b05e33024ae2967454bc314f53cdf5fae543bad7135d256610c76ff0d3d57916adc05dff78a0183db8784c112365a54662fb37e74fc44265548de1ddf06a633edc96a9ef9fdab368bbb8ba4ccb8bda9e036d017b766b617cd138693110cc672e4279f7a691cdf6db9e41ec97bd7d349713e1c123999c90823daacae4bc7af46dab6c170b27ce62c3624d4b9c4fc8a7b4e2bf6f6115b906f0a8c574bfe8fcbbc2bbeb76d27fdac46eb972677d2401fbb8b58489822dd7447a34b3ab51793286b52059df8295849f4c70158a71d7b2d49bfca7b435969c4c166cc41fe304a4060fc37000cd8e3a24fc9293f2b53bcdcc06ac99b3285103cb640f68a67462127f4a59bb610c6af22f11b1d5e701795f364ea1b7f229dcbd7f0ab5f9a926aaa3adb9a14a08514046f2cc5fc7c3e84c481ac404250c22b9caa390950ffc70f2b759645713f1dcdcc8657e8d793bb2d8fd847a4d0180995f6ef39a2d09675decd0e9e0b6be28e5b47daa5d5b8253f56daadf8975a93c0ae5158818040bfae06fbc927cf647fd16cb1a765f623b002cbe73a2e7bf09caad12dbfea39cc1f201841832ca02a1aceac1f79b8b37c5300f7f94ba3111518874dc958e644f6a288ef0e50c898495f6de4ac6e3e3c5daead482abe982d10b4590a183327eb81087f132120d793f6d31d19553a65f5a64f9e03de2bd145ee5af59344fca6400bf330f79eca31458933268c1f60f0fe9f18b75f4ea226844f9a7d6a0d640e3d06e7cd6c25d3414b09e56f1d7ffcd1cde1307f312ed3b25673df10e8de0be91e67e7259961a039dc5f04930a08da0865ba0f442da5b71ddc0d82e6f51478d4106de6c98d55ad135d88104ca7cf5e347565f58ba2ae1cacf2471963b43dae4ba25ca7326cae6c18d4ad2a9b4abfd534090501c1e461402f5772d2f4ddb0e7fcaed4319f09622b17e7e68f96a88c543ba5c570ebd8c5eb63637041c235622736dc4a1f641dbe6c2fdaa08f81a42d2712da53b01e60b257c1f6b45b98f7adb48218d8fbfa74f761994eee9166d5f044794cb03acd7b9d9c6f038aece468a9b444f24ce23e1ddf8a578ffd4b82f34f9be83d6683c581174a45898e116603f067044c3954305a87aa043c1247c3c5b3f22b1f95be0548897f830bb64d3ed8d23153ae1fef60c9819fcff95670a8049b2dd5024d834ad266220b03778199b346cf1afef021557545aa5ca9821e4996180583f17ede0e5f80ca972edcbabe087fb0098410085035ed89a6c192cc2d68235a64382e8b3bf6ee5abc6b256f4627e4f8ee8508cc00ed59f795a0869090b15418c0c4429f5f1ee1b9cff7fff0258d97b5f71c3c3b4fa8e763e6cf560e9d1a1007fcef0179664ecba7038a6e713dd30caea7539a01c70a29da17267685c84a9f13aab5c8dbb7e1bf15ed89db99628495ea7e456be0431f0eca4c991e5998f3e26277b1455dea375982ab6ca884895c5c25d0dedfff72c3d1dfe29ee8fc0602623e9351fae69c5b091fd714e07b41dc08dbddac2814d12669610389dec3668403482709edadf34ef552d5ae545c03fd01316de1058e7ae9ac97778436ae1da91437cdba17b78094177c2e9c440f8846fa26429ad94c3a3422c205a1044bc82e05518deab49f398f099fd01a90b3a50b741c78dc2f44249d9728370b6fc8795ef1ed5e98944cf9b69467c393237d85a52a38293ebb0c2cb4cbf51748083c97e4dbcc3b6d11c7ddedc584663dd8b9b2cab85baa499633d614bad47ba0a4f9bbedb830b7bc555be6285a593199f96b6389229bc28ee757e52a0cd70dc4197231eee8d18033b657b9190a622dccdad08efb1b194eb1c0b97b98a3895d5bfc2a38a6736f00349eee50252ba3d696ea71e3b3b6f4577c5de56b93cc926eb5b65741322072289de6f5907ec2d8649e76c33c0038484a73fc2bbbd2d94ce2d2e9d75f5388e96ed474cb0f9223e22105a59ca21e002883f70e4802184e1ba830d407d54c392545d858ee84c3a3b5ddbbee3314aa5f58ff9dda2558bb1ed999369b48b83039591ec65f7a268acfa22bae9cf98bb01e1cec4ec9e9b23f50e10155b17d13adbaae29a81cb96bad7f5313e402b64517a4e5505b6571fdbb776c45f8fa0621e6252c83c8d4c22ac46f773fa11ffb11a0e696c5b0886649301fe009b82a9a1cc791f360051e4676c6d3cccf0db43effc9a4dfedbc6ef5f0908cf13173cb67ea9ef31808402b3708374fa703bbcd29fd35552ab29a3655e88a0f32ca4d2ca2bc72c761aa204805c71ab9aa2c4a5f18ebe72c9eb7847e3a149f391f6172e80fb71e72bff98fd1d663155574b98b677323ab8969c83ec3e79ee162167109f1bbaf145ca37a8eedaaa30b38153098ac15e3de1816d16dfd2a14fe24b74fbc8f54c727f28662ed3bcd645e1df477e", 0x6ba}], 0x2}, 0x0) ioctl$sock_inet6_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000000)={@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}}) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:15:44 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x37dc12502000000) 06:15:44 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x2) 06:15:44 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b4b, 0x2) 06:15:44 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) 06:15:44 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) 06:15:44 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x800000000000000) 06:15:44 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x3) [ 2681.243350] kmemleak: 22 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:16:07 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x3) 06:16:07 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b47, 0x2) 06:16:07 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:16:07 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(0x0, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:16:07 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x1969257608020000) 06:16:07 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x4) 06:16:07 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b4c, 0x2) 06:16:07 executing program 5: r0 = syz_open_dev$vcsn(&(0x7f0000000240), 0x49, 0x84504) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f00000005c0)={&(0x7f0000000280), 0xc, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="44020100", @ANYRES16=0x0, @ANYBLOB="000429bd7000fedbdf250500000005000200fe000000080005000900000048000380040001003d0005009c887d502a08bdb28896d87a140c7e5495fe0edf00bbfcd6d73338764960365ef111d95af89db11245f1f6e274a97840c50543a16b7a3e45b600000008000500ccc600000800050003000000400001800800030003000000140002006e657470636930000000000000000000080003000300000008000300010000000800030003000000080003000300000018000180140002006970365f767469300000000000000000050002003f000000050002000800000060010380db000400db564dc3ad6c340fa21fa318209d10e9c65cb78fc5f9cfa9885db0bf1d8661d0d3d343f40d3628150ff548ba1024a56907233ccc95160c0c6b0b274653549011c3dca09c39f1fa7aaea44c2bee21b2ef47f23dd49caf79b84d9f37a559fbab6bc5e7caf32ac75f8b82df8e6ac339c3fd33f109df5aa67c43423031f7f3cca6713ff10e27876db0f568c63a952f0a3b34a29105fa7599cf45b95bdce179b0c89c63ed6dd87032f40d476425a65c39b1e08c3b9d6d0624cb97916405bd01ce9fe1cd7e93a026dc3cbb709d83244b3942270f811012a5f05a00740004002dcc55421d749534420803316ad224da7a0259c7fed43de746b04b6e754eb4ed02af57598f45ff4d5ced0ee217952399036c3a584f79b4e6dff1fed795a20f489563b63148f346c2f1107aa2e7e356aa21541fd29f8d2373285058bf7faaad763bba19ea262cc882488b233fb79ac5a6040001000800020004000000"], 0x244}, 0x1, 0x0, 0x0, 0x20000050}, 0x4041) r1 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r1}, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r1, 0x0, 0x0}, 0xa16) r4 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000009, 0x8010, 0xffffffffffffffff, 0x10000000) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f0000000200)=@IORING_OP_CONNECT={0x10, 0x5, 0x0, 0xffffffffffffffff, 0x80, &(0x7f0000000000)=@pppoe={0x18, 0x0, {0x0, @link_local, 'veth1_to_team\x00'}}, 0x0, 0x0, 0x1, {0x0, r5}}, 0x206) io_uring_enter(r1, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:16:07 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x2000000000000000) 06:16:07 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x4) 06:16:07 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(0x0, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:16:07 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(0x0, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:16:07 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x800000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000340)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x1, 0x3, &(0x7f0000000280)="858cf5bb5b183c380d6ffb484568e23cec86471f8c067d5e9e03a50aed60e95d6f7389d4674c4d559ed8a4d6f26c5739f06717976010b724542c596298ddcf3ccc99e3a488b0c60fcbfa729a7e8c957c18", 0x614c, 0x0, 0x1}, 0x8000) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000200)=@file={0x0, './file0\x00'}, 0x6e) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 2703.988143] kmemleak: 18 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:16:28 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x5) 06:16:28 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0xf5ffffff00000000) 06:16:28 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b4d, 0x2) 06:16:28 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(0x0, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:16:28 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(0x0, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:16:28 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(0x0, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:16:28 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:16:28 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x5) 06:16:29 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(0x0, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:16:29 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0xffffffffffffffff) 06:16:29 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:16:29 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x6) 06:16:29 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x4) 06:16:29 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) accept$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000200)=0x14) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:16:29 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x6) 06:16:29 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x3}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000000000)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 2725.362157] kmemleak: 13 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:16:50 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:16:50 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x4) 06:16:50 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x7) 06:16:50 executing program 5: r0 = perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='attr/keycreate\x00') r2 = dup3(r1, r0, 0x0) r3 = syz_io_uring_setup(0x20, &(0x7f0000000080)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, r1}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r3}, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) r8 = syz_io_uring_setup(0x1, &(0x7f0000000080), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140)) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r8, 0x9, 0x0, 0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r9}}, 0x0) connect(r2, &(0x7f0000000200)=@ieee802154={0x24, @short={0x2, 0xffff, 0xffff}}, 0x80) syz_io_uring_submit(r4, r5, &(0x7f0000000300)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd_index=0x6, 0x6, 0x0, 0x9, 0x0, 0x0, {0x0, r9}}, 0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0xa16) io_uring_enter(r3, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:16:50 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b4e, 0x2) 06:16:50 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x7) 06:16:50 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) r3 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000000)='.log\x00', 0x40a01, 0x5) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r3, 0xc0406618, &(0x7f0000000100)={@id={0x2, 0x0, @auto="568fa027133d0e38883ec7be6d901f83"}}) mknodat$loop(r3, &(0x7f0000000200)='./file0\x00', 0x800, 0x1) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000240)={0x1c, r4, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4, 0x5}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS]}, 0x10}, 0x1, 0x0, 0x0, 0x40}, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000140)={'lo\x00', 0x0}) sendmsg$nl_generic(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYBLOB="2c0000001a00210c000000000000000002000000180000800c000000060000000000000008000300", @ANYRES64=r7], 0x2c}}, 0x0) r8 = socket$netlink(0x10, 0x3, 0x0) r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000140)={'lo\x00', 0x0}) sendmsg$nl_generic(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYBLOB="2c0000001a00210c000000000000000002000000180000800c000000060000000000000008000300", @ANYRES64=r10], 0x2c}}, 0x0) accept4$packet(0xffffffffffffffff, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000380)=0x14, 0x800) sendmsg$ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000004c0)={&(0x7f00000003c0)={0xf4, r4, 0x800, 0x70bd2a, 0x25dfdbfb, {}, [@HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}]}, @HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xa3d95cba1636bcc4}]}]}, 0xf4}, 0x1, 0x0, 0x0, 0x5}, 0x4000) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:16:50 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:16:50 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:16:50 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:16:50 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(0x0, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:16:50 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0xc) 06:16:50 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x600040, 0x0) io_uring_enter(r3, 0x4597, 0x5af, 0x3, &(0x7f0000000200)={[0x7]}, 0x8) [ 2747.002628] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:17:11 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x3af2, &(0x7f0000000200)={0x0, 0x4eb3, 0x10, 0x1, 0xaa, 0x0, r0}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000100)=0x0) r4 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_msfilter(r4, 0x0, 0x29, 0x0, 0x18) syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) r7 = syz_io_uring_setup(0x1, &(0x7f0000000080), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140)) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r7, 0x9, 0x0, 0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r8}}, 0x0) syz_io_uring_submit(r1, r3, &(0x7f0000000280)=@IORING_OP_CLOSE={0x13, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r8}}, 0x1ff) 06:17:11 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:17:11 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0xc) 06:17:11 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) r3 = timerfd_create(0x9, 0x81000) r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x940, 0x16a) syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_SPLICE={0x1e, 0x1, 0x0, @fd=r3, 0xfffffffffffffff9, {0x0, r4}, 0x9f27, 0xf, 0x1, {0x0, 0x0, r0}}, 0x5) r5 = accept4$inet6(0xffffffffffffffff, &(0x7f00000002c0)={0xa, 0x0, 0x0, @ipv4={""/10, ""/2, @broadcast}}, &(0x7f0000000340)=0x1c, 0x80800) getpeername(r5, &(0x7f0000000380)=@caif, &(0x7f0000000400)=0x80) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bond_slave_1\x00'}) io_uring_enter(0xffffffffffffffff, 0x3c70, 0x49aa, 0x1, &(0x7f0000000280)={[0x3]}, 0x8) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:17:11 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x6) 06:17:11 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x10) 06:17:11 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b52, 0x2) 06:17:11 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:17:11 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0xc) 06:17:11 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:17:11 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:17:11 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x10) 06:17:11 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x12) 06:17:11 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_setup(0x1001, &(0x7f0000000080)={0x0, 0x2fe1, 0x18}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x18}, 0x0) syz_io_uring_setup(0x1001, &(0x7f0000000080)={0x0, 0x2fe1, 0x18}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r5, r6, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x18}, 0x0) syz_io_uring_setup(0x1001, &(0x7f0000000080)={0x0, 0x2fe1, 0x18}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r7, r8, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x18}, 0x0) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) io_uring_enter(r0, 0x4656, 0x64ff, 0x0, &(0x7f00000002c0), 0x8) syz_io_uring_submit(r5, r8, &(0x7f0000000280)=@IORING_OP_POLL_ADD={0x6, 0x4, 0x0, @fd=r0, 0x0, 0x0, 0x0, {0x44}, 0x1, {0x0, r9}}, 0x1ff) r10 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd_index=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r10}}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) r11 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r11}}, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f0000000340)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2080, 0x1, {0x2, r11}}, 0x8001) 06:17:11 executing program 3: r0 = syz_open_dev$vcsn(&(0x7f0000000240), 0x49, 0x84504) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f00000005c0)={&(0x7f0000000280), 0xc, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="44020100", @ANYRES16=0x0, @ANYBLOB="000429bd7000fedbdf250500000005000200fe000000080005000900000048000380040001003d0005009c887d502a08bdb28896d87a140c7e5495fe0edf00bbfcd6d73338764960365ef111d95af89db11245f1f6e274a97840c50543a16b7a3e45b600000008000500ccc600000800050003000000400001800800030003000000140002006e657470636930000000000000000000080003000300000008000300010000000800030003000000080003000300000018000180140002006970365f767469300000000000000000050002003f000000050002000800000060010380db000400db564dc3ad6c340fa21fa318209d10e9c65cb78fc5f9cfa9885db0bf1d8661d0d3d343f40d3628150ff548ba1024a56907233ccc95160c0c6b0b274653549011c3dca09c39f1fa7aaea44c2bee21b2ef47f23dd49caf79b84d9f37a559fbab6bc5e7caf32ac75f8b82df8e6ac339c3fd33f109df5aa67c43423031f7f3cca6713ff10e27876db0f568c63a952f0a3b34a29105fa7599cf45b95bdce179b0c89c63ed6dd87032f40d476425a65c39b1e08c3b9d6d0624cb97916405bd01ce9fe1cd7e93a026dc3cbb709d83244b3942270f811012a5f05a00740004002dcc55421d749534420803316ad224da7a0259c7fed43de746b04b6e754eb4ed02af57598f45ff4d5ced0ee217952399036c3a584f79b4e6dff1fed795a20f489563b63148f346c2f1107aa2e7e356aa21541fd29f8d2373285058bf7faaad763bba19ea262cc882488b233fb79ac5a6040001000800020004000000"], 0x244}, 0x1, 0x0, 0x0, 0x20000050}, 0x4041) r1 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r1}, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r1, 0x0, 0x0}, 0xa16) r4 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000009, 0x8010, 0xffffffffffffffff, 0x10000000) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f0000000200)=@IORING_OP_CONNECT={0x10, 0x5, 0x0, 0xffffffffffffffff, 0x80, &(0x7f0000000000)=@pppoe={0x18, 0x0, {0x0, @link_local, 'veth1_to_team\x00'}}, 0x0, 0x0, 0x1, {0x0, r5}}, 0x206) io_uring_enter(r1, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:17:11 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:17:12 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b60, 0x2) 06:17:12 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2769.160606] kmemleak: 12 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:17:36 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x12) 06:17:36 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:17:36 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b61, 0x2) 06:17:36 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:17:36 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000140)={'lo\x00', 0x0}) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYBLOB="2c0000001a00210c000000000000000002000000180000800c000000060000000000000008000300", @ANYRES64=r4], 0x2c}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(0xffffffffffffffff, 0x89f7, &(0x7f0000000440)={'ip6tnl0\x00', &(0x7f00000003c0)={'sit0\x00', r4, 0x2f, 0x3b, 0x3, 0x6, 0x4, @dev={0xfe, 0x80, '\x00', 0x28}, @private1, 0x8000, 0x7, 0x81}}) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) r5 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_msfilter(r5, 0x0, 0x29, 0x0, 0x18) fcntl$F_GET_RW_HINT(r5, 0x40b, &(0x7f0000000280)) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) r6 = socket$inet_icmp(0x2, 0x2, 0x1) getsockopt$IPT_SO_GET_REVISION_TARGET(r6, 0x0, 0x43, &(0x7f00000002c0)={'ah\x00'}, &(0x7f0000000340)=0x1e) syz_io_uring_setup(0x1001, &(0x7f0000000080)={0x0, 0x2fe1, 0x18}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r7, r8, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x18}, 0x0) r9 = perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r10 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='attr/keycreate\x00') dup3(r10, r9, 0x0) syz_io_uring_submit(r7, 0x0, &(0x7f0000000100)=@IORING_OP_OPENAT={0x12, 0x4, 0x0, r10, 0x0, &(0x7f0000000000)='./file0\x00', 0x64, 0x100, 0x23456}, 0xffff6ec0) 06:17:36 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x1}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCDEL6RD(0xffffffffffffffff, 0x89fa, &(0x7f0000000000)={'ip6gre0\x00', &(0x7f0000000200)={'syztnl1\x00', 0x0, 0x2f, 0x8, 0x7f, 0x6c9a5d0c, 0x1c, @private0={0xfc, 0x0, '\x00', 0x1}, @empty, 0x20, 0x7800, 0x8001, 0x4a771392}}) ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, &(0x7f0000000280)=r3) 06:17:36 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:17:36 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x18) 06:17:36 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:17:36 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b60, 0x2) 06:17:36 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:17:36 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_setup(0x1001, &(0x7f0000000080)={0x0, 0x2fe1, 0x18}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x18}, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) io_uring_enter(r0, 0x6469, 0x7ece, 0x2, &(0x7f0000000280)={[0x8]}, 0x8) setsockopt$inet_msfilter(r5, 0x0, 0x29, 0x0, 0x18) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x2000, @fd=r5, 0x305d9b8c, 0x0, 0x0, 0x19, 0x0, {0x0, r6}}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:17:36 executing program 2: r0 = syz_io_uring_setup(0x21, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x400100) syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) r5 = perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='attr/keycreate\x00') dup3(r6, r5, 0x0) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r6, 0x40505412, &(0x7f0000000200)={0x0, 0x8000, 0xfff, 0x0, 0x2}) r7 = syz_io_uring_setup(0x1, &(0x7f0000000080), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140)) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r7, 0x9, 0x0, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r8}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x1, {0x0, r8}}, 0x400400) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:17:36 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:17:36 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x18) 06:17:36 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x1e) 06:17:36 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:17:36 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b62, 0x2) 06:17:36 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:17:36 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:17:36 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_setup(0x1001, &(0x7f0000000080)={0x0, 0x2fe1, 0x18}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x18}, 0x0) syz_io_uring_setup(0x1001, &(0x7f0000000080)={0x0, 0xb470, 0x18}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r5, r6, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x18}, 0x0) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) r11 = syz_io_uring_setup(0x1, &(0x7f0000000080), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140)) r12 = io_uring_register$IORING_REGISTER_PERSONALITY(r11, 0x9, 0x0, 0x0) syz_io_uring_submit(r9, r10, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r12}}, 0x0) syz_io_uring_submit(r3, r6, &(0x7f0000000240)=@IORING_OP_TIMEOUT={0xb, 0x2, 0x0, 0x0, 0x8, &(0x7f0000000200)={r7, r8+10000000}, 0x1, 0x1, 0x0, {0x0, r12}}, 0x8) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) clock_gettime(0x0, &(0x7f0000000280)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x3, 0x0, 0x0, 0x0, &(0x7f0000000040)={r13, r14+10000000}, 0x1, 0x0, 0x1}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) r15 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r15, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000007c0)=ANY=[@ANYBLOB="0c0200002100080027bd7000fddbdf25fe800000000000000000000080000000004e23e200064e2400010a0080803c00"/65, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000200000028001a00fe800000000000000000000000000028ac1e010100000000000000000000000002003f3f840105000a010100000000000000000000000000000004d5330000000a000000fc0000000000000000000000000000000035000003023700070000000400000047000000ff010000000000000000000000000001000004d4ff00000002000000ff0100000000000000000000000000010035000004022300060000000900000061000000ac1414bb000000000000000000000000000004d4330000000a000000fe8800000000000000000000000000010035000004000c0000080000ffffffff02000000fe8000000000000000000000000000aa000004d32b000000000000007f000001000000000000000000000000000000000000a200940000000080000001000000fe8000000000000000000000000000aa000004d63c0000000200000000000000000000000000000000000000033500000400030001000000fdffffff7f0000007f000001000000000000000000000000000004d5330000000000000000000000000000000000000000000000013500000400ef0001000100090000000600000010000a002dbd700027bd700009000000"], 0x20c}}, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:17:36 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) r3 = open(&(0x7f0000000100)='./file0\x00', 0x200000, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0xffffffffffffffff, 0x7, r0, &(0x7f0000000200)={r3, r0, 0x7fffffff}) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) io_uring_enter(r0, 0x4b38, 0x5ee7, 0x3, &(0x7f0000000000)={[0xffffffffffffff80]}, 0x8) 06:17:36 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:17:36 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x1e) 06:17:36 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2795.225531] kmemleak: 20 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:18:00 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x24) 06:18:00 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x24) 06:18:00 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x4]}, 0x8, 0x17c55abe8f30778) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000100), 0x185a00, 0x0) ioctl$BTRFS_IOC_DEFRAG_RANGE(r3, 0x40309410, &(0x7f0000000200)={0x81, 0x1, 0x3, 0x9, 0x2, [0x3fe4, 0x9, 0x9, 0x1000]}) 06:18:00 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b63, 0x2) 06:18:00 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:18:00 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) finit_module(r0, &(0x7f0000000340)='\\.V\\\x00', 0x2) r3 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x10042, 0x0) syz_io_uring_setup(0x68eb, &(0x7f0000000200)={0x0, 0x43bd, 0x8, 0x0, 0x14e, 0x0, r3}, &(0x7f0000ff3000/0xd000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000280), &(0x7f00000002c0)) 06:18:00 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:18:00 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:18:00 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x1969257608020000) 06:18:00 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2816.302784] kmemleak: 9 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:18:21 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x2a) 06:18:21 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b64, 0x2) 06:18:21 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, 0x0, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:18:21 executing program 2: r0 = perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='attr/keycreate\x00') r2 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000280), 0x119441, 0x0) pwrite64(r2, &(0x7f0000000340)="53cb33580cae6f8b627b5afe2576d032a3b1b61a08311381f2bb9d4760d6bf28f4dfbcbfe0619eb150c76b3911d11b10c213a5c0244dee42340b809530e9ef604b9e21e2802fcaf4b969fc9f0be264a9fb1dc048e2fe2e298f87", 0x5a, 0x80) dup3(r1, r0, 0x0) sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x28}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)={0x48, 0x2, 0x3, 0x101, 0x0, 0x0, {0x7, 0x0, 0x8}, [@NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x400}, @NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x3}}, @NFQA_CFG_PARAMS={0x9, 0x2, {0x1, 0x1}}, @NFQA_CFG_CMD={0x8, 0x1, {0x0, 0x0, 0xf}}, @NFQA_CFG_CMD={0x8, 0x1, {0x0, 0x0, 0x2}}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x8}]}, 0x48}, 0x1, 0x0, 0x0, 0x4}, 0x0) r3 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0xa16) 06:18:21 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:18:21 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) r3 = syz_open_dev$vcsn(&(0x7f0000000000), 0x1, 0x80480) r4 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_msfilter(r4, 0x0, 0x29, 0x0, 0x18) r5 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_msfilter(r5, 0x0, 0x29, 0x0, 0x18) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000200)=[0xffffffffffffffff, r3, r4, r5, r0], 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:18:21 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x2a) 06:18:21 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:18:21 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:18:21 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(r3, 0x8933, &(0x7f0000000000)={'wg0\x00'}) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:18:22 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 2839.689576] kmemleak: 12 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:18:46 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x30) 06:18:46 executing program 3: r0 = perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='attr/keycreate\x00') r2 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000280), 0x119441, 0x0) pwrite64(r2, &(0x7f0000000340)="53cb33580cae6f8b627b5afe2576d032a3b1b61a08311381f2bb9d4760d6bf28f4dfbcbfe0619eb150c76b3911d11b10c213a5c0244dee42340b809530e9ef604b9e21e2802fcaf4b969fc9f0be264a9fb1dc048e2fe2e298f87", 0x5a, 0x80) dup3(r1, r0, 0x0) sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x28}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)={0x48, 0x2, 0x3, 0x101, 0x0, 0x0, {0x7, 0x0, 0x8}, [@NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x400}, @NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x3}}, @NFQA_CFG_PARAMS={0x9, 0x2, {0x1, 0x1}}, @NFQA_CFG_CMD={0x8, 0x1, {0x0, 0x0, 0xf}}, @NFQA_CFG_CMD={0x8, 0x1, {0x0, 0x0, 0x2}}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x8}]}, 0x48}, 0x1, 0x0, 0x0, 0x4}, 0x0) r3 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0xa16) 06:18:46 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x30) 06:18:46 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:18:46 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) r3 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_msfilter(r3, 0x0, 0x29, 0x0, 0x18) r4 = accept4$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @remote}, &(0x7f0000000100)=0x10, 0x80000) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r3, 0x50009418, &(0x7f0000000340)={{r4}, 0x0, 0x4, @inherit={0x90, &(0x7f0000000200)={0x0, 0x9, 0x9, 0x6, {0x11, 0x5, 0x6, 0x51225e83, 0x2}, [0x4, 0x80000001, 0x80, 0x2, 0x6, 0xc4b5, 0xff, 0x8000, 0x6]}}, @subvolid=0x9}) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:18:46 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:18:46 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b65, 0x2) 06:18:46 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) open_tree(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x9000) 06:18:46 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:18:46 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x36) 06:18:46 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE, 0x657) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:18:46 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:18:46 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:18:46 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:18:46 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) ioctl$BTRFS_IOC_WAIT_SYNC(r0, 0x40089416, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_msfilter(r3, 0x0, 0x29, 0x0, 0x18) syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) r6 = syz_io_uring_setup(0x1, &(0x7f0000000080), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x5, 0x0, @fd_index=0xffffffff, 0x3, 0x0, 0x0, 0x4, 0x0, {0x0, r9}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x2, 0x0, r3, 0x80, &(0x7f0000000200)=@vsock={0x28, 0x0, 0xffffffff, @local}, 0x0, 0x0, 0x1, {0x0, r9}}, 0xffffffff) r10 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000340), 0x202100, 0x0) syz_io_uring_setup(0x4101, &(0x7f00000003c0)={0x0, 0x6795, 0x2, 0x1, 0xd6, 0x0, r6}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000440), &(0x7f0000000480)) syz_io_uring_submit(r7, r8, &(0x7f0000000380)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x4, 0x0, r10, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r9}}, 0x5d2) r11 = open(&(0x7f0000000280)='./file0\x00', 0x101040, 0x30) io_uring_enter(r11, 0x268d, 0x2478, 0x1, &(0x7f00000002c0), 0x8) 06:18:46 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_setup(0x32b1, &(0x7f0000000200)={0x0, 0x8a4c, 0x10, 0x3, 0x179}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000000), &(0x7f0000000100)=0x0) syz_io_uring_submit(r1, r3, &(0x7f0000000340)=@IORING_OP_CONNECT={0x10, 0x2, 0x0, 0xffffffffffffffff, 0x80, &(0x7f0000000280)=@ieee802154={0x24, @short={0x2, 0x0, 0xaaa0}}}, 0x1) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) [ 2863.047967] kmemleak: 18 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 06:19:09 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x36) 06:19:09 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:19:09 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x3c) 06:19:09 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:19:09 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) sendmsg(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001600)=[{&(0x7f0000000200)="6ef49858f76fec023fecd455240b154709cae74d51651a6499739a8888c9a7c7cda8d9415265f9e5b80703960185a5ab8f4ae716a71539897a26359ef5a647765151da867d67e2e521a93639a535f0753b81ac41dd00efe039130ff36aa6a98d399874e9a6a857e19d1046c35b751b39eca41dec1be4d7d591b25c284d8af316d39b6639d314b763ab2fa90f334008c87ff1a42add65fc6fc25798a91f58cf7f3faf5609265d5ebf053f766e563e779fedc65b8b", 0xb4}, {&(0x7f0000000000)="fade2f83763a50079fe2fc0ada07d96417fdaec71a1913f19b611f4af10f33fc93f2dca7c7355c5151301913b81b93b24d", 0x31}, {&(0x7f0000000340)="6d16cb36e4d577ec6afa6cb7429c715309e1019c4ec2753dcf942252422eebad507d4d2a2724814090b56b2f8ac28974a570e1830f4660b6b400d2c676a367f8c512841f191d25b327b5613d2415933bd9462f6213c1e3081552a0146b53e6f43f762db513736cf0360b7883ba3460bb1538ae", 0x73}, {&(0x7f00000003c0)="c0ca2b42aa835a9fbcee78cd0814b6e15b631a276e4a08d0a6d157fd4fc0fd76e68b21760f8b02c6401e87b692aee13928e611e4836ecbbbb09554f0b090b8846dd65fbf418f7d36bdd4bad8f2e86ebe0afbac180c1a5720e60929ac2ad3cbf8189c62b30cb61732d3947851df0006d280b0dbc58e6c2f16c4c1366f93bc2ffba993ce61338070c1ef396e30cb260de715f6a11c0cb734c58825755fbca3238b2e294456189516ed64120bb6b3427d285ae3caa592043a73df5035a888228de18cdb48904500d6e102594c6e16a345a1b87656158c032179296ada203df688c8a728bd840c2e80d445ec425f5a04c7dbebec0d3f63ca5d53cd3f04d1dee223070cc4e7a6f77bc2a709b6df214df5c578480d1c915d0f1dcd3a45774274d0e25fba9db67f2054030fd43cd2dda2fb4f475dfc3336b0990629fbde132dfd09003213ae6379c6698f75f2ea3a8ae025cc3a30afb45fae22c89145b03f608280210733f3a25470edb76767aa659fc763c0701604b8468ae248ca8ffbe10244f5d4a238b984f07cf2185fbfd4f577775b3b219fd371335da242c85a9859c7ff4a65bc3e1e1dff7bcbbd743bf67bb4d65c91eae6bad4648712744671db4c5bbe52257a3334eba30aa901e93afa6949992483ad2c7eeb7b8cd8f3b388ca8ea9bf67d45eb47191e9c8dab6f3ec9681a55621cb00b51222293b4fcaf1284ece43fba8c63c19ba812f92a5f849011ebc52fc0506a4489c7952d6823d4c1baf26c1a55d3c252ffc0eee58d3b284c60057fc628eee0812e15218bd4469974bad82023fb5bd3350734fd34b1beded1d3b5441e3117d6c224ab9dcfd809ef0310822e9468e868c045cf25fe309c28580be7e487539617d6b4e1a109f78bd5d38bea7b45fc4daa6fc377bc8d28ca988e916b174b1252efc894a9d085e48aec9f414c4a50830dfa8f8ff92b3c2dad9009d14714baf6e096fb8ea372919d2eba37e65a2a587a254a987486ee11a9f4547dbe92c2b5cc524a52b0ef97a0f3abfc6aa7169fc05c91f2c41fbdf1efbfd9ae2ecf7fb59cfcd4fe955568e9ea1fd9f3e1862f63e487aacfa29f9683abf523d2f043305818679d12020e3601334cc19d89936c7457489e79380902dbf52ac6340a5681d3c64eafef49b85129bf2794ddbefa02094f2eb579630cf665f473d19af838d0ddd060791a8205eb2b29ea96fbb2c220c322306188a3109f1b157bf28a7a6112970df0b07ce9a20ed4f6e00d6fdcaf701f31857981c1a21ce3b65a28891990b9b4ab0ae0c37a32f6e2b61d9b5a566fc44af7eb25842aaecc46372eebea0b32f9ea4cbd46a1058ac5f40d58a6c1eb1dc75f3cbd1753c635a3ea717d03a524de3046a0948136bae408ff8c46269d442bdec712030675d5eaffe766d28997f9a9fe8e15840eabf00b22e3cc13ec5f47a45befba434898d07735509695e72da349416cd9ad96493b4fe5ef04d3398ae0b518fc3d4abf304540b866abc36b554d203806069f83714116b0bb997455fec0a3312dda43848b3662d6fdb76a86d3a72714676b6beeb0ca853f9a2af122f41fd51d10885cd44aa62a18d445897f270d9e874093829ab6126ab5cc733940c4456cdd2cece1b3136caa90f452320859dfd22f46381075fabfe6d3a8b80ce3ad33f1c0edb006ee25daaf203b9474ec6d3e0ba3e27c0fc1f7a8c64c9c1e410dff0a8d619e43351616f6c4a0b424a980fecdd2f24ea2c2d4ee08a7e6bdd20d42e7211f598632ee3ee0fa22a0862856dea52eaf4319d964f2df0a8fbb85dbf1bf18e935f45f01238e9e2be9265f0179a3f6309ec916e69ada442773e9c6edb5502f13fd73a9e70ef83ecdc22e0788f927b7397377ceb88f9501e134e8696a47cfc60c53cff85298825780ff18a07b732284ce3068de1aaf4219e09f4cb10d815e7869d69af8ef062b81506118eb9f4ec41347503d3578157ee648ec2b4c211716f8ca6a02de9931fbc2cf1546aaf7397d4b1ac730a36b9cd10ccbcdd4401bf71fc753e1eb7e64fd99d907b64cd81c8997ebd614cf915e3921602bb5ca5a162b609f2f5eded612ed98650847e1520810cb78501d246f8f03a20fb905a9a7a432095dae4de223d41c549680259b9d080a966c87ead3f49123b1b923e10566a3b3b13504f2fa3b050ef91d7dd6c5f2a4c7ebca4be320310c57c48418f1ed33b7b84b9f03f7edf5d3fdfea089cb6e6b33f15a850d4444144e6835a322c6b1ba4dbf966bd3083a99d1cef57aece11c5f3be3efc96ffad1e58c61447252a3d2e4b467d26a392a2013116338228115efe356f4bf01b1bb336496855f66d146401dbed8d9a4c8504c6a702755b436f152d71f8c6c64290270197e2ca33ce98fd0e02f4d383dfe5be51ae6f028076fa2cb8baa92dab6fe684946da53ae545e374077c93f8db7c0f32557fe2273d79a349a1fd385526e3db69f6258bd93aadfce04548b58d500e53d4a114132171eba59fa0be9ac8be93fcd842a444a17047d63ce4399fba7ca6e48d8940b7f498c58441ca9db8020ef30b8d5664ac6f6a1e3ba62d433b2b6e657ad716376226ecb58c9b611dd38a70962064680c8b8ebf7586089407886e88ba456da77028d592fc5c35cea112c64b51b1622140ed4adfffaa866e850fb0cc8ff5449e3090aff606b7902e46e685e02f8f24116bdebb76fa67aecdd98a723c30f35552a638ec42d290f4dd906e6801318402f04ea153936e92f5abd1eef4268b7f8fad2b1f074342c02205c5341d2067e672a0fba390a0896bc53d91d090b349d8951385d05d50eb57722efc68d52c507fe28ad7d6d08bcb3c580bb26fa8e2cd840853894548062c01668fb9df8a3ffd825d0b5ae223ee2ec8e9a05f2f973efcb1b3bf917de231ebaca3beadd31d78def2dea26cd2cdf6542229e32c54c2f403e1f9ef853d32c0ee9c51c7af50f3b07037c1cf077282227c0f2615a43e6964557542a1a9d1d4f7c2ce40d815b0ef36076785b6baac4368d00db29f0adc25179a805513712f7e22bc6c09b1bb04cb548bc1f95563add9f186258bcba9ca9f761fad6f82514ac9c313b04d620def33c21174359a3929931e6f3eac98b889d52531b42d9f0d3ef801618058e96a10ea8b26399de8733f672c6e80ef6e4b425ac0b30ae8a3b72f25b9b1e869fbacdcc1accefc0edf7bdbc6cb6450584e1b890221b154458a8d4c3213fbe069c9047935ea72f5859f355478179e2a0f69848c636a25bcd30c7a5c629ae85a81a44a8cdb062480462064cc62281560b31f52a5ae998710475e85940f469a9dc3271b827ba5d06dd81e7a5e78e0bccfe19a7c3ca1010444d8d6e328e36ec71bafe4b06dfcfc602db8e7e64a421ccdffb37a78d02c951b94f1c56dae4508ec12d850580ceb192228d7b9bfe0999d5e63994dece67230cf62d830b88a998f7d2186a89e343b369684167c0ddf0a3e4a1b4454ea7c78ed087f1ca5c20fbc8f7aa40c4daa7ed526d794d66d8d571ef7abe8efddf81adc7a816bd8ce7923366ee4feae3654d1238a50d71b538273a51f2160b643851f19f1a0244fb418681e985b582de9bc838a34a6b344942be0dfa1a5f18c3bb7f89fc16902a2b0bf3c97bbd7c030d59da2adca50985dceaf0bfdec05ae971274db4024deba93ccf0c21c4e7f878eaf8827d1fe186a9b1f35551fda82f2a87597c3644829d9c06264c364a5e1235f9b7a077c9f84615033b807161136b0bc0f1447abf8ae14ed4964c87c2ec971bd604d95480a88fa375e973ba5992a16f505a41a01effa1b185df7f2a0873aaf2a489ee097e3689132dfa33aac169fa4362be6079890acd825bf4de2d6cd0d8af45905dab280548d35d65106778c9d2d43162ad09570a72da7479c0b79db63b59aaae1c46f673b7bc03b7c5315bc936fc95700f4474338bf5a6c9e4c37b8d06fc2c433b8e12b66d5bf88deab868dd608f0e57391a9bce9d35352d223e24121fddaf74ba284c6fa07ea16f02769053cc72e7b18f86260d5383c15fed5c5afd56eaa44ef35880e21ed990fa8b78e809ed7d6aa398b4883535ef4286b68691bbbecbcaceeccaed63eaf79f6b6ddda03d0f18ce427dd71a15b586ecb901aa1ff6cb754079cef4ed079f5345216c7f0918e7d901005fc2fd01bd059bcf2a6823f36ee3e11871fc0d15cd23a92bb70d25d571c49a7853fe19b284167160886a873314f89e799e304f9be64c00b0a90ffa4ccc0046c29316fce154653a385960e649f757d9c2315e9b8997fe6672836a9d73efd02879054f53fca14ac79c516e293de1a18688b3c2bddc74e3b674ba98a81d314c4ad40aca6e9aa837b82979a3b0131e3559b6448b88050bf41e0a9f01b8e2a11dbd311281c0631d2d6643926954e04ebfd834d3b83b238f08cbe88a3f5e60f8bb12f630927283370a2b277c650ead8cbc1922dc3bfef3798f220094b090f0c472773a58e8e18d9e06038334e98b2c300c72986d5a8c239b8271dd68d07a7ae03cac9e2dc132d8a0cc1251532166f191d2c1937d7fb483ab7ef8e1212810531df63d5d5ec68eaaa1d349e562015b480b6b7c3ae01de66fd7874201d1f98df24ee5e9d2f45dcb30dabae24d386bec8158a205202723cf8c84ca4ebdf2a30397a947a22b62405e4d4b1dcde59c9bee3876946a06727375dd1fdf44fb3722c81371545ff7024ccd8b6ec0e894a2276980cc76ec987f22cfb77df59cc880f27d82e75fa806bfab95faef707deec23cb7e43c4bbbd9781905881f20e53b74ee328becd43fe78947ebb72925d2b0bc05bc555d14fe5e844348dfef3f9805dfe5327f2c9b13424d67fa9c28beac543eb8c2b0de73e72162a548820c3f6505f9d53d579f27bdf22e8357dfb75cd25f39b3ddc165847b9fe6beb351a241c69dda3b3b447efc766a5805b4ea62fdf5af67b2d3cf1ed8c52a283c2a6992314eb7b3024e5a60d9adfa120a33abe6b43043bbf1e049778f5fa8d7d1555a842fdc4ecc4174c45a69a264e324258c821099792616a6627b9a6024177f561b60f44984e2c2615ffd110cbe049c25f9f3813fcd65ce55ed1c1fcdee2741e8a3c76f8181949c64358113498fbf7c04241ca83df639673c74eab111d9655b352df955f2f1496fb0a7c464b4c128dc15a6c2d6bd4699ae2c142d636cf3aa472460aadfaa9d496422fd9197e8f918f2ede107975911b98ff850a4865167cdc57d068046b94b65f7ab63ce8ba509b3230865bf7273077f5eb58c07776c91ba59b6d6e873456c8e8824c67c888aac225931ea5bcd6942f2d8d8b800882f529656f92e79950e9a6008b3984186131e1309b9b87fa5c473914e2e7e66d3720b449e2dcf2e5891a924267cd076142d8d6a1aa9f62696812f70234316a72bfd1fe4a7a7d0fb7b01ba913669b468b8e7beeaa61a07febae9ab964e1a7ccb694becdbeafbfd81359311b6e3c094c2f5f2b23bf272c36eb9bcc9fd712dbcd7964360a37ef898ee6b6620a93d0ee5cc9cdc8429b398803bb73b8f8d2798273c2e7b37349eb9257607c1f46961c1ad788d6a6f3077c2932193744cc4b2e4ef748e20682bd8aa6be6a46fda043712dfb05c8d111353c05c86fe258b782ddbe7bf8a652d22b8ab178694adf7f5a1da9250375ee5d9a610d00ccb33f1624add71eb7ad71eff7b392119e3d339283547f55313ca6cca90e321dd15f94d5322b9820c28b775c36b9bc5f7d4bbbe48dea5cda614c5909e9c7dd52c00a7cb6d01f7d264f1b4043c2d6c4c37fd345b6aab77b2032d86451599821adef12a697d7505889", 0x1000}, {&(0x7f0000000100)="feb151fbc393d729cadd4a87b5669536de70f86e2b1c1894f13a73d382412aeca93914cf6f33af8890b724588167a0b368", 0x31}, {&(0x7f00000013c0)="ab987d48c374faf7a702cc0f3f38fcf0974754c2e51fe87953848ec7fc36a98acb6b5d537c2bf4eddbd367b81a1292b8a02b32518e928e87602be0ddfd43ffcb71414aa994140ac0d90d225e26c4881b9b279ef7efb28c5904c744b8df9385f7dfe43db479611c60805cd2b092d0e06bbbfa7588d5585487f19d473e001dd5c30b862f58cc92095fc7ba48b98223797636896515f34fe96881db1327aa8cbc14b387aec2b0d0e5aad3502a68ffa45735658617d364381d", 0xb7}, {&(0x7f0000001480)="f9de66d7e17c819913027343353783a22702c9c1ec7fbbfdd8b8a62211d471ea04bf619a4dd8f51fda103eadc430f4ec87497fc14deb53b436abd758087b35c419018e53d87739d746a78ac4e88fcb41399efde3cb9f6e5bb3275b2a0f4083367dbabaa0d87cdb45e10d26c6c7b42fe8425b86acf6829e249c79c2b835411c3bff8a78423ec8a43cf7d128a16e5b01c462eb15eccc8eb127a4543d6403668aa7d565fa5f4c8bd70ee097c96835001c", 0xaf}, {&(0x7f0000001540)="02cb26dd585c03844a957bf3e95602c6b70ef91384f23f41d303a74bcfd4a3c9fc8ac3942e5184d09c3ec00464908c59efbf2942e618e21d97d10e6560272de652343e357efd662d1dce790bae493e880260b1570118c52df712103c3ef320e8d51969f21bbecda686c7c38b69c049f3acd8f30a511a92aeebd2bb3297fc6260f51b56ad5640dbbf9e280a9f9241469033479e9fac5e30ec7bf6d62eca50055dc364189cf60c1cfc51414009c1a4a68bf89504798f81024a", 0xb8}], 0x8, &(0x7f0000001680)=[{0x20, 0x10f, 0x6, "b36facea714d7d1bc51e21cc7f1a21"}, {0x58, 0x118, 0x0, "27a8c38c12adfc54c488884df9f0c3a177ca38a5a378262f6f68c8385cab6856b6159df74fe4d22bd0c5b7b2e28884aab377efac55f249b5af7faf3e8257c7500f1dd849c79a3e"}, {0xc8, 0x114, 0x3, "a00cfc5634d578fb18e4a6ff991187efb21e77dbc469850fd1cf242b122ca5e00d79d82b1d19bcb1e08e3a2ffa6781f9d158e2cc6d5277a09b864b9901d985322106aadd74794b179a388f268b46b17acc17264f2a94b73085fed53a3c0dab230cedb12f093404028c8f83d3ddefbda945358b7c0326c3319525987d1cddc42e6b34a4e09a36090f8f408779c4abe9a7704ce515bf776839a96d1080f3831720c916bae491bce9c3ad59afa24169a20f9ee2"}, {0xc8, 0x10e, 0x0, "c27b9c49b5fb9c034b8543fb4e4d71ddc431fd4074ad044512d4da57ca92d879dfe1e51171b676732b29b339f78c7f661271c7063a23e62ef316e62e7138e47f9f92c6da875f17126bd636886c6e42be8cccd99bc78dd98b085c7acd397ce80c8940e7ece9126b02b2d3491dd93a042447ffa75ee2d8a0b684791d40fc750a2e18506947b0df52f5505f91b8749f2d9769d67d4e2eacc93e0cc6fe1bb3d9f8948a1bd20b698b4168354276d4c7560c3a9b"}], 0x208}, 0x44000) 06:19:09 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b66, 0x2) 06:19:09 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:19:09 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', &(0x7f00000003c0)=[&(0x7f0000000280)='/dev/vcsu\x00', &(0x7f00000002c0)=')\x00', &(0x7f0000000300)='\x00', &(0x7f0000000340)='\x00', &(0x7f0000000380)='\x00'], &(0x7f00000004c0)=[&(0x7f0000000400)='\x00', &(0x7f0000000440)=',\'$\\](\x00', &(0x7f0000000480)='\x00'], 0x100) r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000000, 0x1010, r0, 0x8000000) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20820, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000580)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2(&(0x7f0000000480), 0x0) pipe2(0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fc00002}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0) fcntl$setownex(0xffffffffffffffff, 0xf, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, 0x0) perf_event_open(0x0, 0x0, 0xa, 0xffffffffffffffff, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1001, &(0x7f0000000080)={0x0, 0x2fe1, 0x18}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r4, r5, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x18}, 0x0) syz_io_uring_submit(r3, r5, &(0x7f0000000500)=@IORING_OP_TEE={0x21, 0x5, 0x0, @fd, 0x0, 0x0, 0x10000, 0x1, 0x1, {0x0, 0x0, r0}}, 0x3) r6 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x402000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x4, 0x10, r6, 0x0) 06:19:09 executing program 3: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:19:09 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:19:09 executing program 1: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) setresuid(0x0, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x3c) 06:19:09 executing program 4: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x48) 06:19:09 executing program 0: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) 06:19:09 executing program 2: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) syz_io_uring_setup(0x7c63, &(0x7f0000000200)={0x0, 0x9fb2, 0x0, 0x3, 0x2f0, 0x0, r0}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000000), &(0x7f0000000100)=0x0) syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) r6 = syz_io_uring_setup(0x1, &(0x7f0000000080), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000140)=0x0) io_uring_setup(0x7037, &(0x7f0000000340)={0x0, 0x3438, 0x1, 0x1, 0x12, 0x0, r0}) ioctl$sock_SIOCGIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8982, &(0x7f00000002c0)={0x2, 'team_slave_1\x00', {0x9}, 0xf639}) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r8}}, 0x0) syz_io_uring_submit(r1, r3, &(0x7f0000000280)=@IORING_OP_POLL_REMOVE={0x7, 0x2, 0x0, 0x0, 0x0, 0x23456, 0x0, 0x0, 0x0, {0x0, r8}}, 0x1) r9 = accept4$packet(0xffffffffffffffff, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000400)=0x14, 0x0) syz_io_uring_submit(r4, r7, &(0x7f0000000a40)=@IORING_OP_SENDMSG={0x9, 0x3, 0x0, r9, 0x0, &(0x7f0000000a00)={&(0x7f0000000440)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x4, 0x1}}, 0x80, &(0x7f00000008c0)=[{&(0x7f00000004c0)="1e74872cc036c6157543a3ddb11ad7e897a3ff0bad7501ebba883658a1c4e9cc0a6ff056b5daeb145073bf7f2627d7bd0d706f712e866f6dfbefbd8f9f7861579cd8742ad98e7a33f0b51ad0220221574d3c48ca28bc7bcaea31583ac207b9e03254feaf7516105a93f663c5600950d57a6c59b3aff3165a90d24448b57aa5da8856626555e1940d53c11ec57810d5dc3fc4f1", 0x93}, {&(0x7f0000000580)="3d56642fdabc810339d481e1e46fc1e6fdf78cf883317627841c3b53967ba16ac7c852c14f06df4b9e7df622f026e793259156a37614ebeb0236f10c039b0ec04bfa67617224f09737aaa31141dda1433167659641c32030640e606d373419573cdc8308306a465a4bc66b31890c37c74f47952aac8580021c9e2bf8b5b06ea31e4be72e0c0257", 0x87}, {&(0x7f0000000640)="2a9d66edda20a3d5332475167ae2320130b6ef70acab9bca27a632aaea599a1ad1c5c705a1b60c9aa090fbf58879b5c28962454cbf8f7dd5a0c07e46b551a5e9c26f22faa6516a0a205a098929f02f49086cf11f2aa895de7b7071ec6e8224bbb07bd749781769d6b648b2c1d79fe996b4282c49b61064814a0dbb36606e073d464fb54267d338d910fd4552a370026da27c2b918fffb2bc3c79a584591637c0d9b241f98d9f68b943d0f74b2cf69c", 0xaf}, {&(0x7f0000000700)="ba43be33960f526c8871335a9b314d548cdb5be07fb3edb85ae17cd3c861d942adb530b3d98812953a0c0069f09ba39354166e5d7b928f1a0489e42cb089443fe1b71d46ba12fbe8b11cf44492815feafee85aab2207c43dae9e2d769fd8122b7656de700d4a018b0c26de3d3e5386855426d763226662e9a97dc843fffc782045a3f1d4f39564930336d1180dd336118f058385a4f219439d30618c3a3d8dc17bd06fa73d249357b2aa4d13bc39b9f9c3a7fa15bde6523bef98144540312c1fec05cfe88464c673d8513939f6856f295205d73143543764dddd3982c6547a8f19defee29d230b693807595c5135c1a12ca1a89f5a46", 0xf6}, {&(0x7f0000000800)="068daaebb12c3265f0eca4f9f88c8818adc5d2d124e4cf5c10255341ead0713201820936daf63ebea3629837e3e3c774dce5b6a84a43bdb26e9c2daa668195", 0x3f}, {&(0x7f0000000840)="84862cef3a0ff5813626cd53df20e4d582a9a6ac3566c84b42d810b572fc9c07f77b838e62850ca9a6a68a6937619e36652143", 0x33}, {&(0x7f0000000880)="179a0fd773e1434e", 0x8}], 0x7, &(0x7f0000000940)=[{0x68, 0x0, 0xe38, "f0d714096a2d022c7c6b411b89c011198439eeb739ccecc1fda9a1d08c202645f54a363b64dbf3ae56f1137d7049096d2d8c8015edefa86a6f5295e0e48c85e5daf1af5f11f7f3258dbcdc8224f5c16960cbeffb"}, {0x28, 0x117, 0x1, "b6ab932fdf6c88c49d89c02f68edbe7e14f362f888"}], 0x90}, 0x0, 0x20000000, 0x1}, 0x4) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:19:09 executing program 5: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) r3 = accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200), 0x80800) syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_SPLICE={0x1e, 0x1, 0x0, @fd_index=0x2, 0x6, {0x0, r3}, 0x7ff, 0x2, 0x1, {0x0, 0x0, r0}}, 0x81) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) r4 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_msfilter(r4, 0x0, 0x29, 0x0, 0x18) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x5, 0x0, @fd=r4, 0x7, 0x0, 0x9, 0xa, 0x1}, 0x78000000) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) 06:19:09 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000040)={0x0, 0x7f, [0x3, 0x27, 0x3, 0x5, 0xc08, 0x1ff]}) fcntl$setstatus(r0, 0x4, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r2, 0x4b45, 0x2) 06:19:09 executing program 7: r0 = syz_io_uring_setup(0x20, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000540)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r0}, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, r3+60000000}}, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000140)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}, 0xa16) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0, 0x0) [ 3016.602150] INFO: task syz-executor.2:18292 blocked for more than 143 seconds. [ 3016.603374] Not tainted 5.10.60 #1 [ 3016.603972] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 3016.605081] task:syz-executor.2 state:D stack:28672 pid:18292 ppid: 5477 flags:0x00004004 [ 3016.607267] Call Trace: [ 3016.607929] __schedule+0x84b/0x1e90 [ 3016.609265] ? io_schedule_timeout+0x150/0x150 [ 3016.610458] ? do_raw_spin_lock+0x129/0x270 [ 3016.611715] ? rwlock_bug.part.0+0x90/0x90 [ 3016.612403] schedule+0xcb/0x270 [ 3016.613011] io_uring_cancel_task_requests+0xbbf/0x1260 [ 3016.613817] ? io_ring_exit_work+0x920/0x920 [ 3016.614468] ? wait_woken+0x250/0x250 [ 3016.615142] ? kcov_task_exit+0x93/0xd0 [ 3016.615711] ? lock_downgrade+0x6d0/0x6d0 [ 3016.616395] __io_uring_files_cancel+0x110/0x1b0 [ 3016.617168] ? __io_uring_free+0x1d0/0x1d0 [ 3016.617876] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 3016.618706] ? _raw_spin_unlock_irqrestore+0x34/0x40 [ 3016.619418] ? trace_hardirqs_on+0x5b/0x180 [ 3016.620029] do_exit+0x2f6/0x2770 [ 3016.620656] ? find_held_lock+0x2c/0x110 [ 3016.621251] ? mm_update_next_owner+0x7d0/0x7d0 [ 3016.621878] ? get_signal+0x399/0x2210 [ 3016.622594] ? lock_downgrade+0x6d0/0x6d0 [ 3016.623185] ? do_raw_spin_lock+0x129/0x270 [ 3016.623861] ? rwlock_bug.part.0+0x90/0x90 [ 3016.624613] do_group_exit+0x125/0x310 [ 3016.625294] get_signal+0x469/0x2210 [ 3016.625816] arch_do_signal+0x88/0x1b00 [ 3016.626438] ? rcu_read_lock_sched_held+0x3a/0x70 [ 3016.627170] ? io_uring_setup+0x436/0x2e40 [ 3016.627745] ? restore_sigcontext+0x620/0x620 [ 3016.628525] ? __ia32_sys_io_uring_enter+0x1a0/0x1a0 [ 3016.629380] ? io_poll_task_func+0x600/0x600 [ 3016.630145] ? io_rw_reissue+0x350/0x350 [ 3016.630806] exit_to_user_mode_prepare+0xf7/0x160 [ 3016.631485] syscall_exit_to_user_mode+0x38/0x230 [ 3016.632191] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3016.633013] RIP: 0033:0x466609 [ 3016.633466] RSP: 002b:00007f18e68a4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 3016.634721] RAX: 0000000000000003 RBX: 000000000056bf80 RCX: 0000000000466609 [ 3016.635826] RDX: 00000000200b0000 RSI: 0000000020000080 RDI: 0000000000000021 [ 3016.636976] RBP: 0000000020000080 R08: 0000000020002a40 R09: 0000000020002a40 [ 3016.638078] R10: 0000000020000180 R11: 0000000000000202 R12: 0000000020002a40 [ 3016.639206] R13: 00000000200b0000 R14: 0000000020000180 R15: 0000000020ffb000 [ 3016.640364] INFO: task syz-executor.2:18348 blocked for more than 143 seconds. [ 3016.641465] Not tainted 5.10.60 #1 [ 3016.642201] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 3016.643391] task:syz-executor.2 state:D stack:28672 pid:18348 ppid: 5477 flags:0x00004004 [ 3016.644562] Call Trace: [ 3016.645097] __schedule+0x84b/0x1e90 [ 3016.645615] ? io_schedule_timeout+0x150/0x150 [ 3016.646406] ? do_raw_spin_lock+0x129/0x270 [ 3016.647120] ? rwlock_bug.part.0+0x90/0x90 [ 3016.647826] schedule+0xcb/0x270 [ 3016.648411] io_uring_cancel_task_requests+0xbbf/0x1260 [ 3016.649201] ? io_ring_exit_work+0x920/0x920 [ 3016.649892] ? xa_find+0x1cf/0x330 [ 3016.650409] ? wait_woken+0x250/0x250 [ 3016.651119] ? kcov_task_exit+0x93/0xd0 [ 3016.651743] ? lock_downgrade+0x6d0/0x6d0 [ 3016.652548] __io_uring_files_cancel+0x110/0x1b0 [ 3016.653349] ? __io_uring_free+0x1d0/0x1d0 [ 3016.653944] ? lockdep_hardirqs_on_prepare+0x273/0x3e0 [ 3016.654649] ? _raw_spin_unlock_irqrestore+0x34/0x40 [ 3016.655523] ? trace_hardirqs_on+0x5b/0x180 [ 3016.656145] do_exit+0x2f6/0x2770 [ 3016.656646] ? find_held_lock+0x2c/0x110 [ 3016.657368] ? mm_update_next_owner+0x7d0/0x7d0 [ 3016.658135] ? get_signal+0x399/0x2210 [ 3016.658834] ? lock_downgrade+0x6d0/0x6d0 [ 3016.659544] ? do_raw_spin_lock+0x129/0x270 [ 3016.660159] ? rwlock_bug.part.0+0x90/0x90 [ 3016.660885] do_group_exit+0x125/0x310 [ 3016.661455] get_signal+0x469/0x2210 [ 3016.662156] arch_do_signal+0x88/0x1b00 [ 3016.662805] ? __do_sys_io_uring_enter+0x1bb/0x1e90 [ 3016.663659] ? lock_downgrade+0x6d0/0x6d0 [ 3016.664540] ? restore_sigcontext+0x620/0x620 [ 3016.665354] ? __x64_sys_futex+0x200/0x570 [ 3016.666273] ? __x64_sys_futex+0x209/0x570 [ 3016.667148] ? __x64_sys_futex_time32+0x500/0x500 [ 3016.668164] exit_to_user_mode_prepare+0xf7/0x160 [ 3016.669115] syscall_exit_to_user_mode+0x38/0x230 [ 3016.670095] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3016.671172] RIP: 0033:0x466609 [ 3016.671868] RSP: 002b:00007f18e6862218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 3016.673300] RAX: fffffffffffffe00 RBX: 000000000056c0f8 RCX: 0000000000466609 [ 3016.674687] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000056c0f8 [ 3016.675990] RBP: 000000000056c0f0 R08: 0000000000000000 R09: 0000000000000000 [ 3016.677344] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0fc [ 3016.678640] R13: 00007ffd03f4893f R14: 00007f18e6862300 R15: 0000000000022000 [ 3016.679863] [ 3016.679863] Showing all locks held in the system: [ 3016.681057] 1 lock held by khungtaskd/22: [ 3016.681736] #0: ffffffff84df66e0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x269 [ 3016.683438] 3 locks held by systemd-journal/104: [ 3016.684334] 1 lock held by in:imklog/191: [ 3016.685182] #0: ffff88800c641270 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xe9/0x100 [ 3016.687607] 2 locks held by rs:main Q:Reg/193: [ 3016.688504] #0: ffff888009782af0 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xe9/0x100 [ 3016.689946] #1: ffff88800ee16438 (sb_writers#3){.+.+}-{0:0}, at: ksys_write+0x12d/0x250 [ 3016.691532] [ 3016.691804] ============================================= [ 3016.691804] VM DIAGNOSIS: 06:21:34 Registers: info registers vcpu 0 RAX=0000000000000074 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8226b221 RDI=ffffffff876c5000 RBP=ffffffff876c4fc0 RSP=ffff888008e179f0 R8 =0000000000000001 R9 =0000000000000003 R10=0000000000000000 R11=0000000000000001 R12=0000000000000074 R13=0000000000000074 R14=ffffffff876c4fc0 R15=dffffc0000000000 RIP=ffffffff8226b278 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000564ff5578678 CR3=000000000f5b8000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=8100000000000000 4007 FPR6=8740000000000000 4008 FPR7=8740000000000000 4008 XMM00=00000000000000000000000000000000 XMM01=00000000000000030000000000000003 XMM02=fc2d9476c0fc03010398ff1b000c04fe XMM03=00000606060301ec4cdb9afcf2772cc2 XMM04=00657a696d696e696d20636578650d00 XMM05=65786508006c61746f7420636578650a XMM06=73616d7320636578650a006e65672063 XMM07=650a0073746e696820636578650a0068 XMM08=646e616320636578650e007a7a756620 XMM09=696e696d20636578650d006574616469 XMM10=6c61746f7420636578650a00657a696d XMM11=636578650a006e656720636578650800 XMM12=6e696820636578650a006873616d7320 XMM13=1100736465657320636578650a007374 XMM14=7472617473657220726f747563657865 XMM15=000065676169727420636578650b0073 info registers vcpu 1 RAX=0000000000000007 RBX=dffffc0000000000 RCX=ffffffff814b4221 RDX=0000000000000000 RSI=ffffffff814b4a32 RDI=ffffc9000068319c RBP=ffff88800fd0fcd0 RSP=ffff88800fd0fc08 R8 =0000000000000001 R9 =0000000000000001 R10=00000000c000003e R11=0000000000000001 R12=00000000000000b4 R13=ffffed1001fa1f9c R14=00000000c000003e R15=ffffc90000683198 RIP=ffffffff814b4a4c RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fe5491d7900 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000003e000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000003c000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fe5485c2f38 CR3=000000000e742000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=f000000000000000 4004 FPR6=fe00000000000000 4005 FPR7=fe00000000000000 4005 XMM00=00000000000000000000000000000000 XMM01=c06381b24d35a3bf6b45006f3c4008e8 XMM02=6b1e99b806172e3b00000000000aea00 XMM03=375afdebbf381c810000000000121a40 XMM04=b8124ae11ccd5ada0000000000356490 XMM05=d3fdd5f48436fbd700000000000aeaa8 XMM06=b8f5fe83ba58cb7e00000000000ae960 XMM07=a1fcdcf819d7e1e500000000000ae728 XMM08=44495f474f4c5359530069253d595449 XMM09=00000000000000000000000000000000 XMM10=20000000000000200000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000