b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:09:18 executing program 2:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{0x0}], 0x1)

08:09:18 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r4, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r5 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r5, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
dup2(r7, r6)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r7, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:09:18 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x1}, 0x0)
perf_event_open(0x0, r2, 0x8, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:09:18 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7", 0x31, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:09:18 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:09:18 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x1}, 0x0)
perf_event_open(0x0, r2, 0x8, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:09:18 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

[ 1403.450601] EXT4-fs (loop1): VFS: Can't find ext4 filesystem
[ 1403.468083] EXT4-fs (loop7): VFS: Can't find ext4 filesystem
08:09:18 executing program 2:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{0x0}], 0x1)

08:09:18 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

[ 1403.568720] EXT4-fs (loop7): VFS: Can't find ext4 filesystem
08:09:18 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r4, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r5 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r5, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
dup2(r7, r6)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r7, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:09:18 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7", 0x31, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

[ 1403.738786] EXT4-fs (loop1): VFS: Can't find ext4 filesystem
08:09:31 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x1}, 0x0)
perf_event_open(0x0, r2, 0x8, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:09:31 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:09:31 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r1, &(0x7f0000000200)='./file0\x00', 0x86)
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

08:09:31 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:09:31 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{0x0, 0x0, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:09:31 executing program 2:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{0x0}], 0x1)

08:09:31 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r4, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r5 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r5, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
dup2(r7, r6)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r7, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1416.836106] EXT4-fs (loop1): VFS: Can't find ext4 filesystem
08:09:31 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7", 0x31, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

[ 1416.839737] EXT4-fs (loop7): VFS: Can't find ext4 filesystem
08:09:31 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r8, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:09:31 executing program 4:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(0x0, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r4, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r5 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r5, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
dup2(r7, r6)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r7, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:09:43 executing program 2:
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r1, &(0x7f0000000200)='./file0\x00', 0x86)

08:09:43 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r1, &(0x7f0000000200)='./file0\x00', 0x86)
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

08:09:43 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB, @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:09:43 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x0)

08:09:43 executing program 5:
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r1, &(0x7f0000000200)='./file0\x00', 0x86)

08:09:43 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r8, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:09:43 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000", 0x4a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:09:43 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

[ 1428.885105] EXT4-fs (loop7): VFS: Can't find ext4 filesystem
[ 1428.890357] EXT4-fs error (device loop1): ext4_fill_super:4962: inode #2: comm syz-executor.1: iget: special inode unallocated
[ 1428.891964] EXT4-fs (loop1): get root inode failed
[ 1428.892536] EXT4-fs (loop1): mount failed
08:09:43 executing program 2:
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r1, &(0x7f0000000200)='./file0\x00', 0x86)

08:09:43 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x0)

08:09:43 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r8, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:09:43 executing program 5:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:09:43 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r1, &(0x7f0000000200)='./file0\x00', 0x86)
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

08:09:43 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:09:43 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000", 0x4a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:09:43 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:09:43 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)

[ 1429.141836] EXT4-fs (loop7): VFS: Can't find ext4 filesystem
[ 1429.167693] EXT4-fs error (device loop1): ext4_fill_super:4962: inode #2: comm syz-executor.1: iget: special inode unallocated
[ 1429.169124] EXT4-fs (loop1): get root inode failed
[ 1429.169510] EXT4-fs (loop1): mount failed
[ 1429.191419] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1429.230984] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
08:09:56 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB, @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:09:56 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, 0x0, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r8, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:09:56 executing program 4:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:09:56 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000), 0x0, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:09:56 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)

08:09:56 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000", 0x4a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:09:56 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000", 0x4a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:09:56 executing program 0:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)

[ 1442.215216] EXT4-fs (loop7): VFS: Can't find ext4 filesystem
[ 1442.240150] EXT4-fs error (device loop2): ext4_fill_super:4962: inode #2: comm syz-executor.2: iget: special inode unallocated
[ 1442.242799] EXT4-fs (loop2): get root inode failed
[ 1442.243250] EXT4-fs (loop2): mount failed
[ 1442.243887] EXT4-fs error (device loop1): ext4_fill_super:4962: inode #2: comm syz-executor.1: iget: special inode unallocated
[ 1442.248443] EXT4-fs (loop1): get root inode failed
[ 1442.248871] EXT4-fs (loop1): mount failed
[ 1442.276469] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 1442.280794] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
08:09:57 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7", 0x31, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:09:57 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, 0x0, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r8, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:09:57 executing program 2:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:09:57 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00", 0x56, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:09:57 executing program 0:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)

08:09:57 executing program 5:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1442.513354] EXT4-fs (loop1): unsupported inode size: 0
[ 1442.514830] EXT4-fs (loop1): blocksize: 1024
08:09:57 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7", 0x31, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:09:57 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB, @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

[ 1442.628579] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[ 1442.657719] EXT4-fs (loop7): VFS: Can't find ext4 filesystem
08:10:10 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x1}, 0x0)
perf_event_open(0x0, r2, 0x8, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:10:10 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, 0x0, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r8, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:10:10 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x1}, 0x0)
perf_event_open(0x0, r2, 0x8, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:10:10 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7", 0x31, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:10:10 executing program 4:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:10:10 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00", 0x56, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:10:10 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB, @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:10:10 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

[ 1455.976603] EXT4-fs (loop1): unsupported inode size: 0
[ 1455.977141] EXT4-fs (loop1): blocksize: 1024
[ 1456.069242] EXT4-fs (loop7): VFS: Can't find ext4 filesystem
08:10:10 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r8, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:10:10 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00", 0x56, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:10:10 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:10:11 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000", 0x4a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

[ 1456.313844] EXT4-fs (loop1): unsupported inode size: 0
[ 1456.314316] EXT4-fs (loop1): blocksize: 1024
08:10:11 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x1}, 0x0)
perf_event_open(0x0, r2, 0x8, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

[ 1456.510539] EXT4-fs error (device loop7): ext4_fill_super:4962: inode #2: comm syz-executor.7: iget: special inode unallocated
[ 1456.521319] EXT4-fs (loop7): get root inode failed
[ 1456.521746] EXT4-fs (loop7): mount failed
08:10:24 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)

08:10:24 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:10:24 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000", 0x5c, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:10:24 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x61)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x0)

08:10:24 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)

08:10:24 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r8, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:10:24 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000", 0x4a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:10:24 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x1}, 0x0)
perf_event_open(0x0, r2, 0x8, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

[ 1470.197757] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1470.203664] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1470.281108] EXT4-fs error (device loop7): ext4_fill_super:4962: inode #2: comm syz-executor.7: iget: special inode unallocated
[ 1470.304002] EXT4-fs (loop7): get root inode failed
[ 1470.304948] EXT4-fs (loop7): mount failed
08:10:25 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x1}, 0x0)
perf_event_open(0x0, r2, 0x8, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

[ 1470.341425] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
08:10:25 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r8, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:10:25 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000", 0x4a, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:10:25 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000", 0x5c, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:10:25 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000", 0x5c, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:10:25 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x1}, 0x0)
perf_event_open(0x0, r2, 0x8, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:10:25 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29c", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

[ 1470.643856] EXT4-fs error (device loop7): ext4_fill_super:4962: inode #2: comm syz-executor.7: iget: special inode unallocated
[ 1470.645925] EXT4-fs (loop7): get root inode failed
[ 1470.646621] EXT4-fs (loop7): mount failed
08:10:25 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r8, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:10:25 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x61)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x0)

[ 1470.807540] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
08:10:25 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x61)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x0)

08:10:25 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r8, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:10:25 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000", 0x5c, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:10:42 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x1}, 0x0)
perf_event_open(0x0, r2, 0x8, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:10:42 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x61)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x0)

08:10:42 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r8, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:10:42 executing program 0:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r8, 0xb3715000)

08:10:42 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00", 0x56, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:10:42 executing program 4:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r8, 0xb3715000)

08:10:42 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200", 0x5f, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:10:42 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29c", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

[ 1487.611001] EXT4-fs (loop7): unsupported inode size: 0
[ 1487.612042] EXT4-fs (loop7): blocksize: 1024
[ 1487.628470] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
08:10:42 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x61)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x0)

08:10:42 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x1}, 0x0)
perf_event_open(0x0, r2, 0x8, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:10:42 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200", 0x5f, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:10:42 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x1}, 0x0)
perf_event_open(0x0, r2, 0x8, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:10:42 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x0, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r8, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:10:56 executing program 0:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x61)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x0)

08:10:56 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x1}, 0x0)
perf_event_open(0x0, r2, 0x8, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
unshare(0x48020200)

08:10:56 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29c", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:10:56 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29c", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

[ 1501.412970] EXT4-fs (loop7): unsupported inode size: 0
[ 1501.413532] EXT4-fs (loop7): blocksize: 1024
08:10:56 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00", 0x56, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:10:56 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200", 0x5f, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:10:56 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x1}, 0x0)
perf_event_open(0x0, r2, 0x8, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:10:56 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x0, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r8, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:10:56 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x1}, 0x0)
perf_event_open(0x0, r2, 0x8, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
unshare(0x48020200)

[ 1501.555968] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
08:10:56 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00", 0x56, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:10:56 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b000000000200002802000002", 0x61, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

[ 1501.660748] EXT4-fs (loop7): unsupported inode size: 0
[ 1501.661578] EXT4-fs (loop7): blocksize: 1024
08:10:56 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:10:56 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:10:56 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x0, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r8, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:10:56 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29c", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:10:56 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000", 0x5c, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

[ 1501.840724] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1501.853676] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1501.896734] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
08:10:56 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x61)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x0)

08:10:56 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x1}, 0x0)
perf_event_open(0x0, r2, 0x8, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)

08:10:56 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b000000000200002802000002", 0x61, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

[ 1502.114943] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
08:11:10 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:11:10 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b000000000200002802000002", 0x61, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:11:10 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x61)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x0)

08:11:10 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000", 0x5c, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:11:10 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x0)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r8, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:11:10 executing program 0:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 1)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

08:11:10 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x1}, 0x0)
perf_event_open(0x0, r2, 0x8, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)

08:11:10 executing program 2:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400000000000000080006", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 1)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')

[ 1515.417298] FAULT_INJECTION: forcing a failure.
[ 1515.417298] name failslab, interval 1, probability 0, space 0, times 1
[ 1515.419452] CPU: 1 PID: 9273 Comm: syz-executor.0 Not tainted 5.10.211 #1
[ 1515.420600] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1515.421947] Call Trace:
[ 1515.422400]  dump_stack+0x107/0x167
[ 1515.422993]  should_fail.cold+0x5/0xa
[ 1515.423625]  ? getname_flags.part.0+0x50/0x4f0
[ 1515.424418]  should_failslab+0x5/0x20
[ 1515.425041]  kmem_cache_alloc+0x5b/0x310
[ 1515.425726]  getname_flags.part.0+0x50/0x4f0
[ 1515.426460]  getname_flags+0x9a/0xe0
[ 1515.427082]  do_mkdirat+0x8f/0x2b0
[ 1515.427686]  ? user_path_create+0xf0/0xf0
[ 1515.428402]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1515.429266]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1515.430123]  do_syscall_64+0x33/0x40
[ 1515.430507] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 1515.430726]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1515.430745] RIP: 0033:0x7f8dbfff9b19
[ 1515.433056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1515.436082] RSP: 002b:00007f8dbd56f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1515.437347] RAX: ffffffffffffffda RBX: 00007f8dc010cf60 RCX: 00007f8dbfff9b19
[ 1515.438510] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1515.439682] RBP: 00007f8dbd56f1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1515.440855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1515.442031] R13: 00007ffc385ac51f R14: 00007f8dbd56f300 R15: 0000000000022000
08:11:10 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x1}, 0x0)
perf_event_open(0x0, r2, 0x8, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)

08:11:10 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

[ 1515.538829] FAULT_INJECTION: forcing a failure.
[ 1515.538829] name failslab, interval 1, probability 0, space 0, times 0
[ 1515.540984] CPU: 1 PID: 9290 Comm: syz-executor.2 Not tainted 5.10.211 #1
[ 1515.542109] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1515.543464] Call Trace:
[ 1515.543915]  dump_stack+0x107/0x167
[ 1515.544526]  should_fail.cold+0x5/0xa
[ 1515.545163]  ? getname_flags.part.0+0x50/0x4f0
[ 1515.545906]  should_failslab+0x5/0x20
[ 1515.546540]  kmem_cache_alloc+0x5b/0x310
[ 1515.547234]  getname_flags.part.0+0x50/0x4f0
[ 1515.547964]  getname_flags+0x9a/0xe0
[ 1515.548586]  do_mkdirat+0x8f/0x2b0
08:11:10 executing program 0:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 2)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

[ 1515.549189]  ? user_path_create+0xf0/0xf0
[ 1515.550071]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1515.551066]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1515.552183]  do_syscall_64+0x33/0x40
[ 1515.552965]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1515.553984] RIP: 0033:0x7fe52009fb19
[ 1515.554645] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1515.557704] RSP: 002b:00007fe51d615188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1515.558947] RAX: ffffffffffffffda RBX: 00007fe5201b2f60 RCX: 00007fe52009fb19
[ 1515.560140] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1515.561300] RBP: 00007fe51d6151d0 R08: 0000000000000000 R09: 0000000000000000
[ 1515.562462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1515.563676] R13: 00007fff0a4138bf R14: 00007fe51d615300 R15: 0000000000022000
[ 1515.567847] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
08:11:10 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000", 0x5c, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:11:10 executing program 2:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400000000000000080006", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 2)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')

08:11:10 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x0) (fail_nth: 1)

[ 1515.683577] FAULT_INJECTION: forcing a failure.
[ 1515.683577] name failslab, interval 1, probability 0, space 0, times 0
[ 1515.685411] CPU: 1 PID: 9298 Comm: syz-executor.0 Not tainted 5.10.211 #1
[ 1515.686405] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1515.687621] Call Trace:
[ 1515.688028]  dump_stack+0x107/0x167
[ 1515.688581]  should_fail.cold+0x5/0xa
[ 1515.689161]  ? create_object.isra.0+0x3a/0xa20
[ 1515.689831]  should_failslab+0x5/0x20
[ 1515.690398]  kmem_cache_alloc+0x5b/0x310
[ 1515.690987]  ? ksys_write+0x21a/0x260
[ 1515.691568]  create_object.isra.0+0x3a/0xa20
[ 1515.692232]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1515.692966]  kmem_cache_alloc+0x159/0x310
[ 1515.693585]  getname_flags.part.0+0x50/0x4f0
[ 1515.694237]  getname_flags+0x9a/0xe0
[ 1515.694778]  do_mkdirat+0x8f/0x2b0
[ 1515.695315]  ? user_path_create+0xf0/0xf0
[ 1515.695936]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1515.696704]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1515.697471]  do_syscall_64+0x33/0x40
[ 1515.698005]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1515.698753] RIP: 0033:0x7f8dbfff9b19
[ 1515.699311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1515.701960] RSP: 002b:00007f8dbd56f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1515.703069] RAX: ffffffffffffffda RBX: 00007f8dc010cf60 RCX: 00007f8dbfff9b19
[ 1515.704121] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1515.705157] RBP: 00007f8dbd56f1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1515.706191] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1515.707229] R13: 00007ffc385ac51f R14: 00007f8dbd56f300 R15: 0000000000022000
[ 1515.739411] FAULT_INJECTION: forcing a failure.
[ 1515.739411] name failslab, interval 1, probability 0, space 0, times 0
[ 1515.740603] CPU: 0 PID: 9303 Comm: syz-executor.4 Not tainted 5.10.211 #1
[ 1515.741170] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1515.741849] Call Trace:
[ 1515.742076]  dump_stack+0x107/0x167
[ 1515.742376]  should_fail.cold+0x5/0xa
[ 1515.742691]  ? getname_flags.part.0+0x50/0x4f0
[ 1515.743068]  should_failslab+0x5/0x20
[ 1515.743388]  kmem_cache_alloc+0x5b/0x310
[ 1515.743734]  ? ksys_write+0x12d/0x260
[ 1515.744056]  getname_flags.part.0+0x50/0x4f0
[ 1515.744422]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1515.744816]  user_path_at_empty+0xa1/0x100
[ 1515.745169]  path_setxattr+0x95/0x190
[ 1515.745480]  ? setxattr+0x330/0x330
[ 1515.745787]  ? ksys_write+0x1a9/0x260
[ 1515.746102]  ? __ia32_sys_read+0xb0/0xb0
[ 1515.746445]  __x64_sys_setxattr+0xc0/0x160
[ 1515.746791]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1515.747221]  do_syscall_64+0x33/0x40
[ 1515.747528]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1515.747952] RIP: 0033:0x7f3ed2558b19
[ 1515.748264] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1515.749740] RSP: 002b:00007f3ecface188 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[ 1515.750370] RAX: ffffffffffffffda RBX: 00007f3ed266bf60 RCX: 00007f3ed2558b19
[ 1515.750950] RDX: 0000000020000240 RSI: 00000000200001c0 RDI: 0000000020000180
[ 1515.751526] RBP: 00007f3ecface1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1515.752113] R10: 0000000000000025 R11: 0000000000000246 R12: 0000000000000001
[ 1515.752689] R13: 00007ffd34e6ca4f R14: 00007f3ecface300 R15: 0000000000022000
08:11:10 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

[ 1515.771862] FAULT_INJECTION: forcing a failure.
[ 1515.771862] name failslab, interval 1, probability 0, space 0, times 0
[ 1515.773814] CPU: 1 PID: 9304 Comm: syz-executor.2 Not tainted 5.10.211 #1
[ 1515.774813] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1515.776021] Call Trace:
[ 1515.776435]  dump_stack+0x107/0x167
[ 1515.776969]  should_fail.cold+0x5/0xa
[ 1515.777548]  ? create_object.isra.0+0x3a/0xa20
[ 1515.778225]  should_failslab+0x5/0x20
[ 1515.778775]  kmem_cache_alloc+0x5b/0x310
[ 1515.779384]  ? ksys_write+0x21a/0x260
[ 1515.779952]  create_object.isra.0+0x3a/0xa20
[ 1515.780606]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1515.781358]  kmem_cache_alloc+0x159/0x310
[ 1515.781965]  getname_flags.part.0+0x50/0x4f0
[ 1515.782616]  getname_flags+0x9a/0xe0
[ 1515.783165]  do_mkdirat+0x8f/0x2b0
[ 1515.783693]  ? user_path_create+0xf0/0xf0
[ 1515.784317]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1515.785076]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1515.785828]  do_syscall_64+0x33/0x40
[ 1515.786380]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1515.787128] RIP: 0033:0x7fe52009fb19
[ 1515.787676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1515.790336] RSP: 002b:00007fe51d615188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1515.791438] RAX: ffffffffffffffda RBX: 00007fe5201b2f60 RCX: 00007fe52009fb19
[ 1515.792492] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1515.793523] RBP: 00007fe51d6151d0 R08: 0000000000000000 R09: 0000000000000000
[ 1515.794551] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1515.795583] R13: 00007fff0a4138bf R14: 00007fe51d615300 R15: 0000000000022000
08:11:10 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x0)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r8, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1515.862313] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
08:11:10 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x0) (fail_nth: 2)

08:11:10 executing program 0:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 3)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

[ 1515.934737] FAULT_INJECTION: forcing a failure.
[ 1515.934737] name failslab, interval 1, probability 0, space 0, times 0
[ 1515.935757] CPU: 0 PID: 9316 Comm: syz-executor.4 Not tainted 5.10.211 #1
[ 1515.936323] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1515.936997] Call Trace:
[ 1515.937222]  dump_stack+0x107/0x167
[ 1515.937527]  should_fail.cold+0x5/0xa
[ 1515.937842]  ? create_object.isra.0+0x3a/0xa20
[ 1515.938220]  should_failslab+0x5/0x20
[ 1515.938539]  kmem_cache_alloc+0x5b/0x310
[ 1515.938878]  create_object.isra.0+0x3a/0xa20
[ 1515.939246]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1515.939677]  kmem_cache_alloc+0x159/0x310
[ 1515.940031]  getname_flags.part.0+0x50/0x4f0
[ 1515.940399]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1515.940795]  user_path_at_empty+0xa1/0x100
[ 1515.941148]  path_setxattr+0x95/0x190
[ 1515.941461]  ? setxattr+0x330/0x330
[ 1515.941760]  ? ksys_write+0x1a9/0x260
[ 1515.942075]  ? __ia32_sys_read+0xb0/0xb0
[ 1515.942420]  __x64_sys_setxattr+0xc0/0x160
[ 1515.942764]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1515.943189]  do_syscall_64+0x33/0x40
[ 1515.943501]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1515.943932] RIP: 0033:0x7f3ed2558b19
[ 1515.944236] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1515.945716] RSP: 002b:00007f3ecface188 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[ 1515.946339] RAX: ffffffffffffffda RBX: 00007f3ed266bf60 RCX: 00007f3ed2558b19
[ 1515.946923] RDX: 0000000020000240 RSI: 00000000200001c0 RDI: 0000000020000180
[ 1515.947504] RBP: 00007f3ecface1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1515.948095] R10: 0000000000000025 R11: 0000000000000246 R12: 0000000000000001
[ 1515.948684] R13: 00007ffd34e6ca4f R14: 00007f3ecface300 R15: 0000000000022000
[ 1515.972986] FAULT_INJECTION: forcing a failure.
[ 1515.972986] name fail_usercopy, interval 1, probability 0, space 0, times 1
[ 1515.975080] CPU: 1 PID: 9318 Comm: syz-executor.0 Not tainted 5.10.211 #1
[ 1515.975918] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1515.976994] Call Trace:
[ 1515.977333]  dump_stack+0x107/0x167
[ 1515.977786]  should_fail.cold+0x5/0xa
[ 1515.978268]  strncpy_from_user+0x34/0x470
[ 1515.978791]  getname_flags.part.0+0x95/0x4f0
[ 1515.979339]  getname_flags+0x9a/0xe0
[ 1515.979802]  do_mkdirat+0x8f/0x2b0
[ 1515.980236]  ? user_path_create+0xf0/0xf0
[ 1515.980755]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1515.981400]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1515.982037]  do_syscall_64+0x33/0x40
[ 1515.982495]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1515.983139] RIP: 0033:0x7f8dbfff9b19
[ 1515.983588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1515.985845] RSP: 002b:00007f8dbd56f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1515.986779] RAX: ffffffffffffffda RBX: 00007f8dc010cf60 RCX: 00007f8dbfff9b19
[ 1515.987649] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1515.988533] RBP: 00007f8dbd56f1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1515.989399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1515.990294] R13: 00007ffc385ac51f R14: 00007f8dbd56f300 R15: 0000000000022000
08:11:23 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x0) (fail_nth: 3)

08:11:23 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x0)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r8, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:11:23 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x1}, 0x0)
perf_event_open(0x0, r2, 0x8, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)

08:11:23 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200", 0x5f, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:11:23 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d790", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:11:23 executing program 2:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400000000000000080006", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 3)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')

08:11:23 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:11:23 executing program 0:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 4)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

[ 1529.136354] FAULT_INJECTION: forcing a failure.
[ 1529.136354] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1529.137275] FAULT_INJECTION: forcing a failure.
[ 1529.137275] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1529.137442] CPU: 1 PID: 9333 Comm: syz-executor.2 Not tainted 5.10.211 #1
[ 1529.139964] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1529.140638] Call Trace:
[ 1529.140863]  dump_stack+0x107/0x167
[ 1529.141168]  should_fail.cold+0x5/0xa
[ 1529.141487]  strncpy_from_user+0x34/0x470
[ 1529.141827]  getname_flags.part.0+0x95/0x4f0
[ 1529.142189]  getname_flags+0x9a/0xe0
[ 1529.142489]  do_mkdirat+0x8f/0x2b0
[ 1529.142779]  ? user_path_create+0xf0/0xf0
[ 1529.143123]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1529.143551]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1529.143983]  do_syscall_64+0x33/0x40
[ 1529.144298]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1529.144707] RIP: 0033:0x7fe52009fb19
[ 1529.145008] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1529.146480] RSP: 002b:00007fe51d615188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1529.147097] RAX: ffffffffffffffda RBX: 00007fe5201b2f60 RCX: 00007fe52009fb19
[ 1529.147670] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1529.148259] RBP: 00007fe51d6151d0 R08: 0000000000000000 R09: 0000000000000000
[ 1529.148827] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1529.149413] R13: 00007fff0a4138bf R14: 00007fe51d615300 R15: 0000000000022000
[ 1529.150037] CPU: 0 PID: 9326 Comm: syz-executor.4 Not tainted 5.10.211 #1
[ 1529.151317] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1529.152868] Call Trace:
[ 1529.153365]  dump_stack+0x107/0x167
[ 1529.154038]  should_fail.cold+0x5/0xa
[ 1529.154749]  strncpy_from_user+0x34/0x470
[ 1529.155511]  getname_flags.part.0+0x95/0x4f0
[ 1529.156324]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1529.157203]  user_path_at_empty+0xa1/0x100
[ 1529.157982]  path_setxattr+0x95/0x190
[ 1529.158683]  ? setxattr+0x330/0x330
[ 1529.159351]  ? ksys_write+0x1a9/0x260
[ 1529.160055]  ? __ia32_sys_read+0xb0/0xb0
[ 1529.160800]  __x64_sys_setxattr+0xc0/0x160
[ 1529.161568]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1529.162504]  do_syscall_64+0x33/0x40
[ 1529.163182]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1529.164131] RIP: 0033:0x7f3ed2558b19
[ 1529.164843] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1529.168270] RSP: 002b:00007f3ecface188 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[ 1529.169649] RAX: ffffffffffffffda RBX: 00007f3ed266bf60 RCX: 00007f3ed2558b19
[ 1529.170952] RDX: 0000000020000240 RSI: 00000000200001c0 RDI: 0000000020000180
[ 1529.172241] RBP: 00007f3ecface1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1529.173109] R10: 0000000000000025 R11: 0000000000000246 R12: 0000000000000001
[ 1529.174015] R13: 00007ffd34e6ca4f R14: 00007f3ecface300 R15: 0000000000022000
08:11:23 executing program 2:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400000000000000080006", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 4)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')

[ 1529.196664] FAULT_INJECTION: forcing a failure.
[ 1529.196664] name failslab, interval 1, probability 0, space 0, times 0
[ 1529.198395] CPU: 0 PID: 9334 Comm: syz-executor.0 Not tainted 5.10.211 #1
[ 1529.199252] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1529.200274] Call Trace:
[ 1529.200599]  dump_stack+0x107/0x167
[ 1529.201061]  should_fail.cold+0x5/0xa
[ 1529.201534]  ? __d_alloc+0x2a/0x990
[ 1529.201988]  should_failslab+0x5/0x20
[ 1529.202460]  kmem_cache_alloc+0x5b/0x310
[ 1529.202960]  ? __d_lookup+0x3bf/0x760
[ 1529.203438]  __d_alloc+0x2a/0x990
[ 1529.203883]  d_alloc+0x46/0x1c0
[ 1529.204300]  __lookup_hash+0xcc/0x190
[ 1529.204776]  filename_create+0x186/0x4a0
[ 1529.205277]  ? filename_parentat+0x570/0x570
[ 1529.205819]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1529.206409]  do_mkdirat+0xa2/0x2b0
[ 1529.206847]  ? user_path_create+0xf0/0xf0
[ 1529.207365]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1529.208031]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1529.208702]  do_syscall_64+0x33/0x40
[ 1529.209173]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1529.209796] RIP: 0033:0x7f8dbfff9b19
[ 1529.210254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1529.212522] RSP: 002b:00007f8dbd56f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1529.213447] RAX: ffffffffffffffda RBX: 00007f8dc010cf60 RCX: 00007f8dbfff9b19
[ 1529.214321] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1529.215197] RBP: 00007f8dbd56f1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1529.216079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1529.216962] R13: 00007ffc385ac51f R14: 00007f8dbd56f300 R15: 0000000000022000
[ 1529.244234] EXT4-fs (loop1): VFS: Can't find ext4 filesystem
08:11:24 executing program 0:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 5)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

08:11:24 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x1}, 0x0)
perf_event_open(0x0, r2, 0x8, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)

[ 1529.282298] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 1529.300516] FAULT_INJECTION: forcing a failure.
[ 1529.300516] name failslab, interval 1, probability 0, space 0, times 0
[ 1529.301517] CPU: 1 PID: 9344 Comm: syz-executor.2 Not tainted 5.10.211 #1
[ 1529.302065] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1529.302723] Call Trace:
[ 1529.302938]  dump_stack+0x107/0x167
[ 1529.303248]  should_fail.cold+0x5/0xa
[ 1529.303558]  ? __d_alloc+0x2a/0x990
[ 1529.303864]  should_failslab+0x5/0x20
[ 1529.304184]  kmem_cache_alloc+0x5b/0x310
[ 1529.304515]  ? __d_lookup+0x3bf/0x760
[ 1529.304825]  __d_alloc+0x2a/0x990
[ 1529.305113]  d_alloc+0x46/0x1c0
[ 1529.305387]  __lookup_hash+0xcc/0x190
[ 1529.305703]  filename_create+0x186/0x4a0
[ 1529.306034]  ? filename_parentat+0x570/0x570
[ 1529.306389]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1529.306770]  do_mkdirat+0xa2/0x2b0
[ 1529.307059]  ? user_path_create+0xf0/0xf0
[ 1529.307396]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1529.307830]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1529.308250]  do_syscall_64+0x33/0x40
[ 1529.308552]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1529.308966] RIP: 0033:0x7fe52009fb19
[ 1529.309265] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1529.310725] RSP: 002b:00007fe51d615188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1529.311337] RAX: ffffffffffffffda RBX: 00007fe5201b2f60 RCX: 00007fe52009fb19
[ 1529.311919] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1529.312493] RBP: 00007fe51d6151d0 R08: 0000000000000000 R09: 0000000000000000
[ 1529.313064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1529.313630] R13: 00007fff0a4138bf R14: 00007fe51d615300 R15: 0000000000022000
08:11:24 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x0) (fail_nth: 4)

[ 1529.366631] FAULT_INJECTION: forcing a failure.
[ 1529.366631] name failslab, interval 1, probability 0, space 0, times 0
[ 1529.368293] CPU: 0 PID: 9350 Comm: syz-executor.0 Not tainted 5.10.211 #1
[ 1529.369152] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1529.370158] Call Trace:
[ 1529.370497]  dump_stack+0x107/0x167
[ 1529.370966]  should_fail.cold+0x5/0xa
[ 1529.371456]  ? create_object.isra.0+0x3a/0xa20
[ 1529.372030]  should_failslab+0x5/0x20
[ 1529.372496]  kmem_cache_alloc+0x5b/0x310
[ 1529.373004]  create_object.isra.0+0x3a/0xa20
[ 1529.373549]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1529.374174]  kmem_cache_alloc+0x159/0x310
[ 1529.374677]  ? __d_lookup+0x3bf/0x760
[ 1529.375147]  __d_alloc+0x2a/0x990
[ 1529.375574]  d_alloc+0x46/0x1c0
[ 1529.375991]  __lookup_hash+0xcc/0x190
[ 1529.376457]  filename_create+0x186/0x4a0
[ 1529.376952]  ? filename_parentat+0x570/0x570
[ 1529.377485]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1529.378059]  do_mkdirat+0xa2/0x2b0
[ 1529.378495]  ? user_path_create+0xf0/0xf0
[ 1529.379002]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1529.379638]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1529.380278]  do_syscall_64+0x33/0x40
[ 1529.380730]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1529.381350] RIP: 0033:0x7f8dbfff9b19
[ 1529.381802] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1529.384001] RSP: 002b:00007f8dbd56f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1529.384930] RAX: ffffffffffffffda RBX: 00007f8dc010cf60 RCX: 00007f8dbfff9b19
[ 1529.385789] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1529.386653] RBP: 00007f8dbd56f1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1529.387516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1529.388408] R13: 00007ffc385ac51f R14: 00007f8dbd56f300 R15: 0000000000022000
08:11:24 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200", 0x5f, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

[ 1529.438847] FAULT_INJECTION: forcing a failure.
[ 1529.438847] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1529.440569] CPU: 0 PID: 9355 Comm: syz-executor.4 Not tainted 5.10.211 #1
[ 1529.441414] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1529.442427] Call Trace:
[ 1529.442779]  dump_stack+0x107/0x167
[ 1529.443235]  should_fail.cold+0x5/0xa
[ 1529.443715]  strncpy_from_user+0x34/0x470
[ 1529.444239]  setxattr+0xc8/0x330
[ 1529.444662]  ? vfs_setxattr+0x270/0x270
[ 1529.445155]  ? filename_lookup+0x3c8/0x570
[ 1529.445680]  ? may_linkat+0x230/0x230
[ 1529.446162]  ? lock_acquire+0x197/0x470
[ 1529.446649]  ? path_setxattr+0xb5/0x190
[ 1529.447138]  ? lock_release+0x680/0x680
[ 1529.447630]  ? strncpy_from_user+0x9e/0x470
[ 1529.448183]  ? __mnt_want_write+0x196/0x280
[ 1529.448717]  path_setxattr+0x174/0x190
[ 1529.449193]  ? setxattr+0x330/0x330
[ 1529.449646]  ? __ia32_sys_read+0xb0/0xb0
[ 1529.450145]  __x64_sys_setxattr+0xc0/0x160
[ 1529.450663]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1529.451286]  do_syscall_64+0x33/0x40
[ 1529.451742]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1529.452365] RIP: 0033:0x7f3ed2558b19
[ 1529.452830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1529.455025] RSP: 002b:00007f3ecface188 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[ 1529.455965] RAX: ffffffffffffffda RBX: 00007f3ed266bf60 RCX: 00007f3ed2558b19
[ 1529.456823] RDX: 0000000020000240 RSI: 00000000200001c0 RDI: 0000000020000180
[ 1529.457672] RBP: 00007f3ecface1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1529.458521] R10: 0000000000000025 R11: 0000000000000246 R12: 0000000000000001
[ 1529.459380] R13: 00007ffd34e6ca4f R14: 00007f3ecface300 R15: 0000000000022000
[ 1529.518010] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
08:11:38 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d790", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:11:38 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:11:38 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200", 0x5f, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:11:38 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x0) (fail_nth: 5)

08:11:38 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(0x0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r8, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:11:38 executing program 0:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 6)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

[ 1544.051694] FAULT_INJECTION: forcing a failure.
[ 1544.051694] name failslab, interval 1, probability 0, space 0, times 0
[ 1544.053255] CPU: 0 PID: 9376 Comm: syz-executor.4 Not tainted 5.10.211 #1
[ 1544.054072] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1544.055058] Call Trace:
[ 1544.055383]  dump_stack+0x107/0x167
[ 1544.055824]  should_fail.cold+0x5/0xa
[ 1544.056296]  ? kvmalloc_node+0x119/0x170
[ 1544.056785]  should_failslab+0x5/0x20
[ 1544.057241]  __kmalloc_node+0x76/0x420
[ 1544.057720]  kvmalloc_node+0x119/0x170
08:11:38 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x1}, 0x0)
perf_event_open(0x0, r2, 0x8, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)

08:11:38 executing program 2:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400000000000000080006", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 5)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')

[ 1544.058201]  setxattr+0x14e/0x330
[ 1544.058773]  ? vfs_setxattr+0x270/0x270
[ 1544.059254]  ? filename_lookup+0x3c8/0x570
[ 1544.059774]  ? lock_acquire+0x197/0x470
[ 1544.060265]  ? path_setxattr+0xb5/0x190
[ 1544.060764]  ? lock_release+0x680/0x680
[ 1544.061252]  ? strncpy_from_user+0x9e/0x470
[ 1544.061785]  ? __mnt_want_write+0x196/0x280
[ 1544.062322]  path_setxattr+0x174/0x190
[ 1544.062792]  ? setxattr+0x330/0x330
[ 1544.063239]  ? __ia32_sys_read+0xb0/0xb0
[ 1544.063759]  __x64_sys_setxattr+0xc0/0x160
[ 1544.064312]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1544.064961]  do_syscall_64+0x33/0x40
[ 1544.065432]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1544.066072] RIP: 0033:0x7f3ed2558b19
[ 1544.066545] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1544.068830] RSP: 002b:00007f3ecface188 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[ 1544.069775] RAX: ffffffffffffffda RBX: 00007f3ed266bf60 RCX: 00007f3ed2558b19
[ 1544.070661] RDX: 0000000020000240 RSI: 00000000200001c0 RDI: 0000000020000180
[ 1544.071546] RBP: 00007f3ecface1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1544.072438] R10: 0000000000000025 R11: 0000000000000246 R12: 0000000000000001
[ 1544.073321] R13: 00007ffd34e6ca4f R14: 00007f3ecface300 R15: 0000000000022000
[ 1544.090356] EXT4-fs (loop1): VFS: Can't find ext4 filesystem
[ 1544.108969] FAULT_INJECTION: forcing a failure.
[ 1544.108969] name failslab, interval 1, probability 0, space 0, times 0
[ 1544.110766] CPU: 0 PID: 9383 Comm: syz-executor.2 Not tainted 5.10.211 #1
[ 1544.111590] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1544.112593] Call Trace:
[ 1544.112919]  dump_stack+0x107/0x167
[ 1544.113359]  should_fail.cold+0x5/0xa
[ 1544.113830]  ? create_object.isra.0+0x3a/0xa20
[ 1544.114389]  should_failslab+0x5/0x20
[ 1544.114847]  kmem_cache_alloc+0x5b/0x310
[ 1544.115346]  create_object.isra.0+0x3a/0xa20
[ 1544.115880]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1544.116505]  kmem_cache_alloc+0x159/0x310
[ 1544.117009]  ? __d_lookup+0x3bf/0x760
[ 1544.117482]  __d_alloc+0x2a/0x990
[ 1544.117917]  d_alloc+0x46/0x1c0
[ 1544.118334]  __lookup_hash+0xcc/0x190
[ 1544.118792]  filename_create+0x186/0x4a0
[ 1544.119283]  ? filename_parentat+0x570/0x570
[ 1544.119807]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1544.120395]  do_mkdirat+0xa2/0x2b0
[ 1544.120823]  ? user_path_create+0xf0/0xf0
[ 1544.121332]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1544.121958]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1544.122594]  do_syscall_64+0x33/0x40
[ 1544.123039]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1544.123644] RIP: 0033:0x7fe52009fb19
[ 1544.124086] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1544.126192] RSP: 002b:00007fe51d615188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1544.127081] RAX: ffffffffffffffda RBX: 00007fe5201b2f60 RCX: 00007fe52009fb19
[ 1544.127917] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1544.128754] RBP: 00007fe51d6151d0 R08: 0000000000000000 R09: 0000000000000000
[ 1544.129567] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1544.130387] R13: 00007fff0a4138bf R14: 00007fe51d615300 R15: 0000000000022000
[ 1544.164535] FAULT_INJECTION: forcing a failure.
[ 1544.164535] name failslab, interval 1, probability 0, space 0, times 0
[ 1544.167192] CPU: 1 PID: 9381 Comm: syz-executor.0 Not tainted 5.10.211 #1
[ 1544.168301] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1544.169639] Call Trace:
[ 1544.170078]  dump_stack+0x107/0x167
[ 1544.170779]  should_fail.cold+0x5/0xa
08:11:38 executing program 2:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400000000000000080006", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 6)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')

[ 1544.171408]  ? alloc_inode+0x171/0x240
[ 1544.172331]  should_failslab+0x5/0x20
[ 1544.172957]  kmem_cache_alloc+0x5b/0x310
[ 1544.173632]  ? d_alloc+0x163/0x1c0
[ 1544.174204]  alloc_inode+0x171/0x240
[ 1544.174815]  iget_locked+0x1ae/0x6a0
[ 1544.175432]  kernfs_get_inode+0x47/0x520
[ 1544.176113]  kernfs_iop_lookup+0x194/0x220
[ 1544.176813]  __lookup_hash+0x121/0x190
[ 1544.177453]  filename_create+0x186/0x4a0
[ 1544.178122]  ? filename_parentat+0x570/0x570
[ 1544.178840]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1544.179593]  do_mkdirat+0xa2/0x2b0
[ 1544.180191]  ? user_path_create+0xf0/0xf0
[ 1544.180877]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1544.181729]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1544.182579]  do_syscall_64+0x33/0x40
[ 1544.183189]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1544.184012] RIP: 0033:0x7f8dbfff9b19
[ 1544.184628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1544.187578] RSP: 002b:00007f8dbd56f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1544.188805] RAX: ffffffffffffffda RBX: 00007f8dc010cf60 RCX: 00007f8dbfff9b19
[ 1544.189956] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1544.191106] RBP: 00007f8dbd56f1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1544.192329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1544.193526] R13: 00007ffc385ac51f R14: 00007f8dbd56f300 R15: 0000000000022000
[ 1544.216189] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
08:11:39 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x0) (fail_nth: 6)

08:11:39 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x1}, 0x0)
perf_event_open(0x0, r2, 0x8, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)

[ 1544.333214] FAULT_INJECTION: forcing a failure.
[ 1544.333214] name failslab, interval 1, probability 0, space 0, times 0
[ 1544.334459] CPU: 0 PID: 9396 Comm: syz-executor.4 Not tainted 5.10.211 #1
[ 1544.335125] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1544.335932] Call Trace:
[ 1544.336213]  dump_stack+0x107/0x167
[ 1544.336576]  should_fail.cold+0x5/0xa
[ 1544.336957]  ? create_object.isra.0+0x3a/0xa20
[ 1544.337418]  should_failslab+0x5/0x20
[ 1544.337792]  kmem_cache_alloc+0x5b/0x310
[ 1544.338202]  create_object.isra.0+0x3a/0xa20
[ 1544.338636]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1544.339136]  __kmalloc_node+0x1ae/0x420
[ 1544.339538]  kvmalloc_node+0x119/0x170
[ 1544.339921]  setxattr+0x14e/0x330
[ 1544.340285]  ? vfs_setxattr+0x270/0x270
[ 1544.340673]  ? filename_lookup+0x3c8/0x570
[ 1544.341099]  ? lock_acquire+0x197/0x470
[ 1544.341485]  ? path_setxattr+0xb5/0x190
[ 1544.341878]  ? lock_release+0x680/0x680
[ 1544.342276]  ? strncpy_from_user+0x9e/0x470
[ 1544.342711]  ? __mnt_want_write+0x196/0x280
[ 1544.343144]  path_setxattr+0x174/0x190
[ 1544.343529]  ? setxattr+0x330/0x330
[ 1544.343891]  ? __ia32_sys_read+0xb0/0xb0
[ 1544.344306]  __x64_sys_setxattr+0xc0/0x160
[ 1544.344728]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1544.345244]  do_syscall_64+0x33/0x40
[ 1544.345614]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1544.346118] RIP: 0033:0x7f3ed2558b19
[ 1544.346483] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1544.348267] RSP: 002b:00007f3ecface188 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[ 1544.349010] RAX: ffffffffffffffda RBX: 00007f3ed266bf60 RCX: 00007f3ed2558b19
[ 1544.349712] RDX: 0000000020000240 RSI: 00000000200001c0 RDI: 0000000020000180
[ 1544.350412] RBP: 00007f3ecface1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1544.351106] R10: 0000000000000025 R11: 0000000000000246 R12: 0000000000000001
[ 1544.351793] R13: 00007ffd34e6ca4f R14: 00007f3ecface300 R15: 0000000000022000
[ 1544.400758] FAULT_INJECTION: forcing a failure.
[ 1544.400758] name failslab, interval 1, probability 0, space 0, times 0
[ 1544.403134] CPU: 1 PID: 9393 Comm: syz-executor.2 Not tainted 5.10.211 #1
[ 1544.404194] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1544.405454] Call Trace:
[ 1544.405875]  dump_stack+0x107/0x167
[ 1544.406445]  should_fail.cold+0x5/0xa
[ 1544.407045]  ? cgroup_mkdir+0x254/0xf50
[ 1544.407658]  should_failslab+0x5/0x20
[ 1544.408259]  __kmalloc+0x72/0x390
[ 1544.408809]  cgroup_mkdir+0x254/0xf50
[ 1544.409408]  ? cgroup_destroy_locked+0x710/0x710
[ 1544.410149]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1544.410778]  vfs_mkdir+0x493/0x700
[ 1544.411339]  do_mkdirat+0x150/0x2b0
[ 1544.411896]  ? user_path_create+0xf0/0xf0
[ 1544.412557]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1544.413371]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1544.414159]  do_syscall_64+0x33/0x40
[ 1544.414737]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1544.415528] RIP: 0033:0x7fe52009fb19
[ 1544.416112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1544.419491] RSP: 002b:00007fe51d615188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1544.420960] RAX: ffffffffffffffda RBX: 00007fe5201b2f60 RCX: 00007fe52009fb19
[ 1544.422305] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1544.423650] RBP: 00007fe51d6151d0 R08: 0000000000000000 R09: 0000000000000000
[ 1544.424837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1544.426031] R13: 00007fff0a4138bf R14: 00007fe51d615300 R15: 0000000000022000
08:11:53 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x0) (fail_nth: 7)

08:11:53 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b000000000200002802000002", 0x61, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:11:53 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d790", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:11:53 executing program 2:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400000000000000080006", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 7)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')

08:11:53 executing program 0:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 7)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

08:11:53 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(0x0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r8, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:11:53 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x1}, 0x0)
perf_event_open(0x0, r2, 0x8, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)

08:11:53 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, 0x0)
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

[ 1558.737265] FAULT_INJECTION: forcing a failure.
[ 1558.737265] name failslab, interval 1, probability 0, space 0, times 0
[ 1558.738267] CPU: 0 PID: 9415 Comm: syz-executor.0 Not tainted 5.10.211 #1
[ 1558.738819] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1558.739488] Call Trace:
[ 1558.739706]  dump_stack+0x107/0x167
[ 1558.740006]  should_fail.cold+0x5/0xa
[ 1558.740335]  ? create_object.isra.0+0x3a/0xa20
[ 1558.740723]  should_failslab+0x5/0x20
[ 1558.741038]  kmem_cache_alloc+0x5b/0x310
[ 1558.741381]  create_object.isra.0+0x3a/0xa20
[ 1558.741742]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1558.742162]  __kmalloc+0x16e/0x390
[ 1558.742460]  cgroup_mkdir+0x254/0xf50
[ 1558.742779]  ? cgroup_destroy_locked+0x710/0x710
[ 1558.743171]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1558.743509]  vfs_mkdir+0x493/0x700
[ 1558.743807]  do_mkdirat+0x150/0x2b0
[ 1558.744105]  ? user_path_create+0xf0/0xf0
[ 1558.744455]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1558.744881]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1558.745308]  do_syscall_64+0x33/0x40
[ 1558.745613]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1558.746027] RIP: 0033:0x7f8dbfff9b19
[ 1558.746330] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1558.747798] RSP: 002b:00007f8dbd56f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1558.748426] RAX: ffffffffffffffda RBX: 00007f8dc010cf60 RCX: 00007f8dbfff9b19
[ 1558.749002] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1558.749587] RBP: 00007f8dbd56f1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1558.750162] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1558.750739] R13: 00007ffc385ac51f R14: 00007f8dbd56f300 R15: 0000000000022000
[ 1558.753918] FAULT_INJECTION: forcing a failure.
[ 1558.753918] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1558.756054] CPU: 1 PID: 9414 Comm: syz-executor.4 Not tainted 5.10.211 #1
[ 1558.757212] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1558.758598] Call Trace:
[ 1558.759054]  dump_stack+0x107/0x167
[ 1558.759696]  should_fail.cold+0x5/0xa
[ 1558.760378]  _copy_from_user+0x2e/0x1b0
[ 1558.761063]  setxattr+0x188/0x330
[ 1558.761664]  ? vfs_setxattr+0x270/0x270
[ 1558.762355]  ? filename_lookup+0x3c8/0x570
[ 1558.763093]  ? lock_acquire+0x197/0x470
[ 1558.763758]  ? path_setxattr+0xb5/0x190
[ 1558.764447]  ? lock_release+0x680/0x680
[ 1558.765134]  ? strncpy_from_user+0x9e/0x470
[ 1558.765873]  ? __mnt_want_write+0x196/0x280
[ 1558.766607]  path_setxattr+0x174/0x190
[ 1558.767257]  ? setxattr+0x330/0x330
[ 1558.767868]  ? __ia32_sys_read+0xb0/0xb0
[ 1558.768581]  __x64_sys_setxattr+0xc0/0x160
[ 1558.769291]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1558.770169]  do_syscall_64+0x33/0x40
[ 1558.770793]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1558.771652] RIP: 0033:0x7f3ed2558b19
[ 1558.772289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1558.775355] RSP: 002b:00007f3ecface188 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[ 1558.776639] RAX: ffffffffffffffda RBX: 00007f3ed266bf60 RCX: 00007f3ed2558b19
[ 1558.777792] RDX: 0000000020000240 RSI: 00000000200001c0 RDI: 0000000020000180
[ 1558.778963] RBP: 00007f3ecface1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1558.780114] R10: 0000000000000025 R11: 0000000000000246 R12: 0000000000000001
[ 1558.781296] R13: 00007ffd34e6ca4f R14: 00007f3ecface300 R15: 0000000000022000
08:11:53 executing program 0:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 8)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

[ 1558.833611] FAULT_INJECTION: forcing a failure.
[ 1558.833611] name failslab, interval 1, probability 0, space 0, times 0
[ 1558.834543] CPU: 0 PID: 9418 Comm: syz-executor.2 Not tainted 5.10.211 #1
[ 1558.835063] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1558.835718] Call Trace:
[ 1558.835939]  dump_stack+0x107/0x167
[ 1558.836260]  should_fail.cold+0x5/0xa
[ 1558.836568]  ? create_object.isra.0+0x3a/0xa20
[ 1558.836926]  should_failslab+0x5/0x20
[ 1558.837222]  kmem_cache_alloc+0x5b/0x310
[ 1558.837535]  ? selinux_determine_inode_label+0x1ab/0x340
[ 1558.837950]  create_object.isra.0+0x3a/0xa20
[ 1558.838285]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1558.838675]  __kmalloc+0x16e/0x390
[ 1558.838955]  cgroup_mkdir+0x254/0xf50
[ 1558.839255]  ? cgroup_destroy_locked+0x710/0x710
[ 1558.839646]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1558.839968]  vfs_mkdir+0x493/0x700
[ 1558.840255]  do_mkdirat+0x150/0x2b0
[ 1558.840536]  ? user_path_create+0xf0/0xf0
[ 1558.840857]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1558.841273]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1558.841664]  do_syscall_64+0x33/0x40
[ 1558.841942]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1558.842331] RIP: 0033:0x7fe52009fb19
[ 1558.842615] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1558.843978] RSP: 002b:00007fe51d615188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1558.844561] RAX: ffffffffffffffda RBX: 00007fe5201b2f60 RCX: 00007fe52009fb19
[ 1558.845099] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1558.845625] RBP: 00007fe51d6151d0 R08: 0000000000000000 R09: 0000000000000000
[ 1558.846159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1558.846688] R13: 00007fff0a4138bf R14: 00007fe51d615300 R15: 0000000000022000
08:11:53 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(0x0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r8, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1558.896415] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
08:11:53 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x0) (fail_nth: 8)

08:11:53 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x1}, 0x0)
perf_event_open(0x0, r2, 0x8, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)

[ 1558.929671] FAULT_INJECTION: forcing a failure.
[ 1558.929671] name failslab, interval 1, probability 0, space 0, times 0
[ 1558.930726] CPU: 0 PID: 9428 Comm: syz-executor.0 Not tainted 5.10.211 #1
[ 1558.931229] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1558.931851] Call Trace:
[ 1558.932068]  dump_stack+0x107/0x167
[ 1558.932362]  should_fail.cold+0x5/0xa
[ 1558.932648]  ? create_object.isra.0+0x3a/0xa20
[ 1558.932985]  should_failslab+0x5/0x20
[ 1558.933266]  kmem_cache_alloc+0x5b/0x310
[ 1558.933568]  create_object.isra.0+0x3a/0xa20
[ 1558.933923]  kmemleak_alloc_percpu+0xa0/0x100
[ 1558.934259]  pcpu_alloc+0x4e2/0x1240
[ 1558.934568]  ? cset_cgroup_from_root+0x2a0/0x2a0
[ 1558.934919]  percpu_ref_init+0x31/0x3d0
[ 1558.935241]  cgroup_mkdir+0x28b/0xf50
[ 1558.935530]  ? cgroup_destroy_locked+0x710/0x710
[ 1558.935901]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1558.936219]  vfs_mkdir+0x493/0x700
[ 1558.936495]  do_mkdirat+0x150/0x2b0
[ 1558.936769]  ? user_path_create+0xf0/0xf0
[ 1558.937104]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1558.937486]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1558.937892]  do_syscall_64+0x33/0x40
[ 1558.938167]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1558.938563] RIP: 0033:0x7f8dbfff9b19
[ 1558.938858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1558.940305] RSP: 002b:00007f8dbd56f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1558.940903] RAX: ffffffffffffffda RBX: 00007f8dc010cf60 RCX: 00007f8dbfff9b19
[ 1558.941462] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1558.942023] RBP: 00007f8dbd56f1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1558.942580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1558.943138] R13: 00007ffc385ac51f R14: 00007f8dbd56f300 R15: 0000000000022000
08:11:53 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b000000000200002802000002", 0x61, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

[ 1558.983752] FAULT_INJECTION: forcing a failure.
[ 1558.983752] name failslab, interval 1, probability 0, space 0, times 0
[ 1558.984712] CPU: 0 PID: 9436 Comm: syz-executor.4 Not tainted 5.10.211 #1
[ 1558.985233] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1558.985868] Call Trace:
[ 1558.986084]  dump_stack+0x107/0x167
[ 1558.986382]  should_fail.cold+0x5/0xa
[ 1558.986686]  should_failslab+0x5/0x20
[ 1558.986976]  __kmalloc_track_caller+0x79/0x370
[ 1558.987328]  ? security_context_to_sid_core+0xb4/0x890
[ 1558.987746]  ? avc_has_perm_noaudit+0x1f7/0x3e0
[ 1558.988113]  kmemdup_nul+0x2d/0xa0
[ 1558.988398]  security_context_to_sid_core+0xb4/0x890
[ 1558.988789]  ? __lock_acquire+0x1657/0x5b00
[ 1558.989119]  ? security_compute_sid.part.0+0x16e0/0x16e0
[ 1558.989526]  ? avc_has_perm+0xc5/0x1b0
[ 1558.989822]  ? avc_has_perm+0x108/0x1b0
[ 1558.990141]  ? avc_has_perm_noaudit+0x3e0/0x3e0
[ 1558.990508]  security_context_to_sid+0x35/0x50
[ 1558.990866]  selinux_inode_setxattr+0x366/0x8a0
[ 1558.991227]  ? selinux_sb_clone_mnt_opts+0xc60/0xc60
[ 1558.991612]  ? perf_trace_lock+0xac/0x490
[ 1558.991925]  ? SOFTIRQ_verbose+0x10/0x10
[ 1558.992262]  security_inode_setxattr+0xed/0x1b0
[ 1558.992619]  __vfs_setxattr_locked+0xa1/0x250
[ 1558.992962]  vfs_setxattr+0xe8/0x270
[ 1558.993255]  ? __vfs_setxattr_locked+0x250/0x250
[ 1558.993626]  setxattr+0x23d/0x330
[ 1558.993898]  ? vfs_setxattr+0x270/0x270
[ 1558.994203]  ? filename_lookup+0x3c8/0x570
[ 1558.994533]  ? lock_acquire+0x197/0x470
[ 1558.994839]  ? path_setxattr+0xb5/0x190
[ 1558.995144]  ? lock_release+0x680/0x680
[ 1558.995455]  ? strncpy_from_user+0x9e/0x470
[ 1558.995793]  ? __mnt_want_write+0x196/0x280
[ 1558.996130]  path_setxattr+0x174/0x190
[ 1558.996432]  ? setxattr+0x330/0x330
[ 1558.996716]  ? __ia32_sys_read+0xb0/0xb0
[ 1558.997031]  __x64_sys_setxattr+0xc0/0x160
[ 1558.997355]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1558.997758]  do_syscall_64+0x33/0x40
[ 1558.998059]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1558.998455] RIP: 0033:0x7f3ed2558b19
[ 1558.998750] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1559.000119] RSP: 002b:00007f3ecface188 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[ 1559.000725] RAX: ffffffffffffffda RBX: 00007f3ed266bf60 RCX: 00007f3ed2558b19
[ 1559.001286] RDX: 0000000020000240 RSI: 00000000200001c0 RDI: 0000000020000180
[ 1559.001832] RBP: 00007f3ecface1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1559.002374] R10: 0000000000000025 R11: 0000000000000246 R12: 0000000000000001
[ 1559.002909] R13: 00007ffd34e6ca4f R14: 00007f3ecface300 R15: 0000000000022000
08:11:53 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, 0x0)
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:11:53 executing program 2:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400000000000000080006", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 8)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')

08:11:53 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:11:53 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b000000000200002802000002", 0x61, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:11:53 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x0) (fail_nth: 9)

08:11:53 executing program 0:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 9)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

08:11:53 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

[ 1559.153301] FAULT_INJECTION: forcing a failure.
[ 1559.153301] name failslab, interval 1, probability 0, space 0, times 0
[ 1559.155663] CPU: 1 PID: 9446 Comm: syz-executor.4 Not tainted 5.10.211 #1
[ 1559.156829] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1559.158265] Call Trace:
[ 1559.158734]  dump_stack+0x107/0x167
[ 1559.159381]  should_fail.cold+0x5/0xa
[ 1559.160047]  ? create_object.isra.0+0x3a/0xa20
[ 1559.160845]  should_failslab+0x5/0x20
[ 1559.161548]  kmem_cache_alloc+0x5b/0x310
[ 1559.162351]  ? lock_downgrade+0x6d0/0x6d0
[ 1559.163223]  create_object.isra.0+0x3a/0xa20
[ 1559.164143]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1559.165243]  __kmalloc_track_caller+0x177/0x370
[ 1559.166235]  ? security_context_to_sid_core+0xb4/0x890
[ 1559.167322]  ? avc_has_perm_noaudit+0x1f7/0x3e0
[ 1559.168343]  kmemdup_nul+0x2d/0xa0
[ 1559.169104]  security_context_to_sid_core+0xb4/0x890
[ 1559.170160]  ? __lock_acquire+0x1657/0x5b00
[ 1559.170932]  ? security_compute_sid.part.0+0x16e0/0x16e0
[ 1559.171874]  ? avc_has_perm+0xc5/0x1b0
[ 1559.172567]  ? avc_has_perm+0x108/0x1b0
[ 1559.173289]  ? avc_has_perm_noaudit+0x3e0/0x3e0
[ 1559.174138]  security_context_to_sid+0x35/0x50
[ 1559.174939]  selinux_inode_setxattr+0x366/0x8a0
[ 1559.175729]  ? selinux_sb_clone_mnt_opts+0xc60/0xc60
[ 1559.176804]  ? perf_trace_lock+0xac/0x490
[ 1559.177537]  ? SOFTIRQ_verbose+0x10/0x10
[ 1559.178272]  security_inode_setxattr+0xed/0x1b0
[ 1559.179099]  __vfs_setxattr_locked+0xa1/0x250
[ 1559.179898]  vfs_setxattr+0xe8/0x270
[ 1559.180584]  ? __vfs_setxattr_locked+0x250/0x250
[ 1559.181303]  setxattr+0x23d/0x330
[ 1559.181805]  ? vfs_setxattr+0x270/0x270
[ 1559.182377]  ? _raw_spin_unlock_irq+0x27/0x30
[ 1559.183059]  ? lock_acquire+0x197/0x470
[ 1559.183660]  ? path_setxattr+0xb5/0x190
[ 1559.184248]  ? lock_release+0x680/0x680
[ 1559.184832]  ? io_schedule_timeout+0x140/0x140
[ 1559.185502]  ? __mnt_want_write+0x196/0x280
[ 1559.186128]  path_setxattr+0x174/0x190
[ 1559.186722]  ? setxattr+0x330/0x330
[ 1559.187260]  ? __ia32_sys_read+0xb0/0xb0
[ 1559.187896]  __x64_sys_setxattr+0xc0/0x160
[ 1559.188545]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1559.189296]  do_syscall_64+0x33/0x40
[ 1559.189835]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1559.190574] RIP: 0033:0x7f3ed2558b19
[ 1559.191106] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1559.193820] RSP: 002b:00007f3ecface188 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[ 1559.194945] RAX: ffffffffffffffda RBX: 00007f3ed266bf60 RCX: 00007f3ed2558b19
[ 1559.195994] RDX: 0000000020000240 RSI: 00000000200001c0 RDI: 0000000020000180
[ 1559.197027] RBP: 00007f3ecface1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1559.198054] R10: 0000000000000025 R11: 0000000000000246 R12: 0000000000000001
[ 1559.199082] R13: 00007ffd34e6ca4f R14: 00007f3ecface300 R15: 0000000000022000
08:11:53 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, 0x0)
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:11:53 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x1}, 0x0)
perf_event_open(0x0, r2, 0x8, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)

[ 1559.258018] EXT4-fs (loop7): VFS: Can't find ext4 filesystem
[ 1559.299222] FAULT_INJECTION: forcing a failure.
[ 1559.299222] name failslab, interval 1, probability 0, space 0, times 0
[ 1559.301899] CPU: 1 PID: 9453 Comm: syz-executor.2 Not tainted 5.10.211 #1
[ 1559.302824] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1559.303945] Call Trace:
[ 1559.304330]  dump_stack+0x107/0x167
[ 1559.304840]  should_fail.cold+0x5/0xa
[ 1559.305374]  ? create_object.isra.0+0x3a/0xa20
[ 1559.306013]  should_failslab+0x5/0x20
[ 1559.306536]  kmem_cache_alloc+0x5b/0x310
[ 1559.307098]  create_object.isra.0+0x3a/0xa20
[ 1559.307698]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1559.308406]  __kmalloc+0x16e/0x390
[ 1559.308902]  cgroup_mkdir+0x254/0xf50
[ 1559.309425]  ? cgroup_destroy_locked+0x710/0x710
[ 1559.310073]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1559.310635]  vfs_mkdir+0x493/0x700
[ 1559.311123]  do_mkdirat+0x150/0x2b0
[ 1559.311622]  ? user_path_create+0xf0/0xf0
[ 1559.312198]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1559.312905]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1559.313608]  do_syscall_64+0x33/0x40
[ 1559.314109]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1559.314798] RIP: 0033:0x7fe52009fb19
[ 1559.315297] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1559.317766] RSP: 002b:00007fe51d615188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1559.318790] RAX: ffffffffffffffda RBX: 00007fe5201b2f60 RCX: 00007fe52009fb19
[ 1559.319753] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1559.320722] RBP: 00007fe51d6151d0 R08: 0000000000000000 R09: 0000000000000000
[ 1559.321676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1559.322641] R13: 00007fff0a4138bf R14: 00007fe51d615300 R15: 0000000000022000
[ 1559.338626] FAULT_INJECTION: forcing a failure.
[ 1559.338626] name failslab, interval 1, probability 0, space 0, times 0
[ 1559.340488] CPU: 1 PID: 9458 Comm: syz-executor.0 Not tainted 5.10.211 #1
[ 1559.341397] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1559.342494] Call Trace:
[ 1559.342847]  dump_stack+0x107/0x167
[ 1559.343353]  should_fail.cold+0x5/0xa
[ 1559.343866]  ? create_object.isra.0+0x3a/0xa20
[ 1559.344484]  should_failslab+0x5/0x20
[ 1559.344989]  kmem_cache_alloc+0x5b/0x310
[ 1559.345534]  create_object.isra.0+0x3a/0xa20
[ 1559.346115]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1559.346790]  kmem_cache_alloc+0x159/0x310
[ 1559.347350]  security_inode_alloc+0x34/0x160
[ 1559.347934]  inode_init_always+0xa4e/0xd10
[ 1559.348500]  alloc_inode+0x84/0x240
[ 1559.348985]  iget_locked+0x1ae/0x6a0
[ 1559.349485]  kernfs_get_inode+0x47/0x520
[ 1559.350026]  kernfs_iop_lookup+0x194/0x220
[ 1559.350592]  __lookup_hash+0x121/0x190
[ 1559.351115]  filename_create+0x186/0x4a0
[ 1559.351653]  ? filename_parentat+0x570/0x570
[ 1559.352246]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1559.352862]  do_mkdirat+0xa2/0x2b0
[ 1559.353329]  ? user_path_create+0xf0/0xf0
[ 1559.353873]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1559.354550]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1559.355233]  do_syscall_64+0x33/0x40
[ 1559.355719]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1559.356401] RIP: 0033:0x7f8dbfff9b19
[ 1559.356888] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1559.359279] RSP: 002b:00007f8dbd56f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1559.360282] RAX: ffffffffffffffda RBX: 00007f8dc010cf60 RCX: 00007f8dbfff9b19
[ 1559.361209] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1559.362137] RBP: 00007f8dbd56f1d0 R08: 0000000000000000 R09: 0000000000000000
08:11:54 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x0) (fail_nth: 10)

[ 1559.363058] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1559.364208] R13: 00007ffc385ac51f R14: 00007f8dbd56f300 R15: 0000000000022000
[ 1559.441356] FAULT_INJECTION: forcing a failure.
[ 1559.441356] name failslab, interval 1, probability 0, space 0, times 0
[ 1559.443283] CPU: 1 PID: 9464 Comm: syz-executor.4 Not tainted 5.10.211 #1
[ 1559.444136] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1559.445171] Call Trace:
[ 1559.445505]  dump_stack+0x107/0x167
[ 1559.445963]  should_fail.cold+0x5/0xa
[ 1559.446444]  should_failslab+0x5/0x20
[ 1559.446919]  __kmalloc_track_caller+0x79/0x370
[ 1559.447498]  ? security_context_to_sid_core+0xb4/0x890
[ 1559.448144]  ? kfree+0x1ab/0x340
[ 1559.448591]  kmemdup_nul+0x2d/0xa0
[ 1559.449032]  security_context_to_sid_core+0xb4/0x890
[ 1559.449663]  ? cred_has_capability.isra.0+0x152/0x2b0
[ 1559.450275]  ? security_compute_sid.part.0+0x16e0/0x16e0
[ 1559.450939]  ? check_nnp_nosuid.isra.0+0x2a0/0x2a0
[ 1559.451550]  ? avc_has_perm_noaudit+0x3e0/0x3e0
[ 1559.452135]  security_context_to_sid_force+0x34/0x50
[ 1559.452767]  selinux_inode_setxattr+0x6b6/0x8a0
[ 1559.453347]  ? selinux_sb_clone_mnt_opts+0xc60/0xc60
[ 1559.453970]  ? perf_trace_lock+0xac/0x490
[ 1559.454505]  security_inode_setxattr+0xed/0x1b0
[ 1559.455080]  __vfs_setxattr_locked+0xa1/0x250
[ 1559.455640]  vfs_setxattr+0xe8/0x270
[ 1559.456104]  ? __vfs_setxattr_locked+0x250/0x250
[ 1559.456704]  setxattr+0x23d/0x330
[ 1559.457135]  ? vfs_setxattr+0x270/0x270
[ 1559.457625]  ? filename_lookup+0x3c8/0x570
[ 1559.458163]  ? lock_acquire+0x197/0x470
[ 1559.458654]  ? path_setxattr+0xb5/0x190
[ 1559.459152]  ? lock_release+0x680/0x680
[ 1559.459649]  ? strncpy_from_user+0x9e/0x470
[ 1559.460200]  ? __mnt_want_write+0x196/0x280
[ 1559.460744]  path_setxattr+0x174/0x190
[ 1559.461230]  ? setxattr+0x330/0x330
[ 1559.461688]  ? __ia32_sys_read+0xb0/0xb0
[ 1559.462200]  __x64_sys_setxattr+0xc0/0x160
[ 1559.462725]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1559.463363]  do_syscall_64+0x33/0x40
[ 1559.463824]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1559.464470] RIP: 0033:0x7f3ed2558b19
[ 1559.464931] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1559.467171] RSP: 002b:00007f3ecface188 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[ 1559.468093] RAX: ffffffffffffffda RBX: 00007f3ed266bf60 RCX: 00007f3ed2558b19
[ 1559.468967] RDX: 0000000020000240 RSI: 00000000200001c0 RDI: 0000000020000180
[ 1559.469839] RBP: 00007f3ecface1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1559.470706] R10: 0000000000000025 R11: 0000000000000246 R12: 0000000000000002
[ 1559.471575] R13: 00007ffd34e6ca4f R14: 00007f3ecface300 R15: 0000000000022000
08:12:08 executing program 2:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400000000000000080006", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 9)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')

08:12:08 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x0) (fail_nth: 11)

08:12:08 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x1}, 0x0)
perf_event_open(0x0, r2, 0x8, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)

08:12:08 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

[ 1574.156484] FAULT_INJECTION: forcing a failure.
[ 1574.156484] name failslab, interval 1, probability 0, space 0, times 0
[ 1574.158274] CPU: 1 PID: 9475 Comm: syz-executor.2 Not tainted 5.10.211 #1
[ 1574.159241] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1574.160351] Call Trace:
[ 1574.160677]  dump_stack+0x107/0x167
[ 1574.161118]  should_fail.cold+0x5/0xa
[ 1574.161581]  ? create_object.isra.0+0x3a/0xa20
[ 1574.162134]  should_failslab+0x5/0x20
[ 1574.162594]  kmem_cache_alloc+0x5b/0x310
[ 1574.163088]  ? mark_held_locks+0x9e/0xe0
08:12:08 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r5 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r5, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
dup2(r7, r6)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r7, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1574.163584]  create_object.isra.0+0x3a/0xa20
[ 1574.164328]  kmemleak_alloc_percpu+0xa0/0x100
[ 1574.165024]  pcpu_alloc+0x4e2/0x1240
[ 1574.165518]  ? cset_cgroup_from_root+0x2a0/0x2a0
[ 1574.166104]  percpu_ref_init+0x31/0x3d0
[ 1574.166606]  cgroup_mkdir+0x28b/0xf50
[ 1574.167084]  ? cgroup_destroy_locked+0x710/0x710
[ 1574.167682]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1574.168195]  vfs_mkdir+0x493/0x700
[ 1574.168650]  do_mkdirat+0x150/0x2b0
[ 1574.169114]  ? user_path_create+0xf0/0xf0
[ 1574.169644]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1574.170304]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1574.170960]  do_syscall_64+0x33/0x40
[ 1574.171429]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1574.172070] RIP: 0033:0x7fe52009fb19
[ 1574.172547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1574.174814] RSP: 002b:00007fe51d615188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1574.175772] RAX: ffffffffffffffda RBX: 00007fe5201b2f60 RCX: 00007fe52009fb19
[ 1574.176678] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
08:12:08 executing program 0:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 10)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

08:12:08 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:12:08 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

[ 1574.177696] RBP: 00007fe51d6151d0 R08: 0000000000000000 R09: 0000000000000000
[ 1574.178729] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1574.179611] R13: 00007fff0a4138bf R14: 00007fe51d615300 R15: 0000000000022000
[ 1574.188257] FAULT_INJECTION: forcing a failure.
[ 1574.188257] name failslab, interval 1, probability 0, space 0, times 0
[ 1574.189976] CPU: 0 PID: 9483 Comm: syz-executor.4 Not tainted 5.10.211 #1
[ 1574.190850] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1574.191884] Call Trace:
[ 1574.192215]  dump_stack+0x107/0x167
[ 1574.192706]  should_fail.cold+0x5/0xa
[ 1574.193186]  ? create_object.isra.0+0x3a/0xa20
[ 1574.193774]  should_failslab+0x5/0x20
[ 1574.194253]  kmem_cache_alloc+0x5b/0x310
[ 1574.194778]  create_object.isra.0+0x3a/0xa20
[ 1574.195330]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1574.195996]  __kmalloc_track_caller+0x177/0x370
[ 1574.196588]  ? security_context_to_sid_core+0xb4/0x890
[ 1574.197255]  ? kfree+0x1ab/0x340
[ 1574.197697]  kmemdup_nul+0x2d/0xa0
[ 1574.198147]  security_context_to_sid_core+0xb4/0x890
[ 1574.198796]  ? cred_has_capability.isra.0+0x152/0x2b0
[ 1574.199436]  ? security_compute_sid.part.0+0x16e0/0x16e0
[ 1574.200133]  ? check_nnp_nosuid.isra.0+0x2a0/0x2a0
[ 1574.200815]  ? avc_has_perm_noaudit+0x3e0/0x3e0
[ 1574.201408]  security_context_to_sid_force+0x34/0x50
[ 1574.202058]  selinux_inode_setxattr+0x6b6/0x8a0
[ 1574.202662]  ? selinux_sb_clone_mnt_opts+0xc60/0xc60
[ 1574.203298]  ? perf_trace_lock+0xac/0x490
[ 1574.203860]  security_inode_setxattr+0xed/0x1b0
[ 1574.204463]  __vfs_setxattr_locked+0xa1/0x250
[ 1574.205043]  vfs_setxattr+0xe8/0x270
[ 1574.205517]  ? __vfs_setxattr_locked+0x250/0x250
[ 1574.206131]  setxattr+0x23d/0x330
[ 1574.206569]  ? vfs_setxattr+0x270/0x270
[ 1574.207076]  ? filename_lookup+0x3c8/0x570
[ 1574.207621]  ? lock_acquire+0x197/0x470
[ 1574.208127]  ? path_setxattr+0xb5/0x190
[ 1574.208654]  ? lock_release+0x680/0x680
[ 1574.209167]  ? strncpy_from_user+0x9e/0x470
[ 1574.209731]  ? __mnt_want_write+0x196/0x280
[ 1574.210279]  path_setxattr+0x174/0x190
[ 1574.210778]  ? setxattr+0x330/0x330
[ 1574.211236]  ? __ia32_sys_read+0xb0/0xb0
[ 1574.211763]  __x64_sys_setxattr+0xc0/0x160
[ 1574.212293]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1574.212970]  do_syscall_64+0x33/0x40
[ 1574.213432]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1574.214086] RIP: 0033:0x7f3ed2558b19
[ 1574.214551] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1574.216877] RSP: 002b:00007f3ecface188 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[ 1574.217836] RAX: ffffffffffffffda RBX: 00007f3ed266bf60 RCX: 00007f3ed2558b19
[ 1574.218731] RDX: 0000000020000240 RSI: 00000000200001c0 RDI: 0000000020000180
[ 1574.219621] RBP: 00007f3ecface1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1574.220537] R10: 0000000000000025 R11: 0000000000000246 R12: 0000000000000002
[ 1574.221445] R13: 00007ffd34e6ca4f R14: 00007f3ecface300 R15: 0000000000022000
[ 1574.237513] EXT4-fs (loop7): VFS: Can't find ext4 filesystem
[ 1574.244596] FAULT_INJECTION: forcing a failure.
[ 1574.244596] name failslab, interval 1, probability 0, space 0, times 0
[ 1574.246122] CPU: 0 PID: 9486 Comm: syz-executor.0 Not tainted 5.10.211 #1
[ 1574.246970] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1574.247994] Call Trace:
[ 1574.248328]  dump_stack+0x107/0x167
[ 1574.248800]  should_fail.cold+0x5/0xa
[ 1574.249281]  ? percpu_ref_init+0xd8/0x3d0
[ 1574.249803]  should_failslab+0x5/0x20
[ 1574.250279]  kmem_cache_alloc_trace+0x55/0x320
[ 1574.250855]  ? cset_cgroup_from_root+0x2a0/0x2a0
[ 1574.251448]  percpu_ref_init+0xd8/0x3d0
[ 1574.251952]  cgroup_mkdir+0x28b/0xf50
[ 1574.252445]  ? cgroup_destroy_locked+0x710/0x710
[ 1574.253047]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1574.253582]  vfs_mkdir+0x493/0x700
[ 1574.254043]  do_mkdirat+0x150/0x2b0
[ 1574.254510]  ? user_path_create+0xf0/0xf0
[ 1574.255044]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1574.255705]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1574.256374]  do_syscall_64+0x33/0x40
[ 1574.256852]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1574.257501] RIP: 0033:0x7f8dbfff9b19
[ 1574.257978] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1574.260255] RSP: 002b:00007f8dbd56f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1574.261226] RAX: ffffffffffffffda RBX: 00007f8dc010cf60 RCX: 00007f8dbfff9b19
[ 1574.262119] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1574.263011] RBP: 00007f8dbd56f1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1574.263900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1574.264805] R13: 00007ffc385ac51f R14: 00007f8dbd56f300 R15: 0000000000022000
08:12:09 executing program 0:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 11)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

08:12:09 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x0) (fail_nth: 12)

08:12:09 executing program 2:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400000000000000080006", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 10)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')

[ 1574.360944] FAULT_INJECTION: forcing a failure.
[ 1574.360944] name failslab, interval 1, probability 0, space 0, times 0
[ 1574.362503] CPU: 1 PID: 9495 Comm: syz-executor.0 Not tainted 5.10.211 #1
[ 1574.363326] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1574.364318] Call Trace:
[ 1574.364660]  dump_stack+0x107/0x167
[ 1574.365205]  should_fail.cold+0x5/0xa
[ 1574.365678]  ? create_object.isra.0+0x3a/0xa20
[ 1574.365966] FAULT_INJECTION: forcing a failure.
[ 1574.365966] name failslab, interval 1, probability 0, space 0, times 0
[ 1574.366237]  should_failslab+0x5/0x20
[ 1574.368005]  kmem_cache_alloc+0x5b/0x310
[ 1574.368509]  create_object.isra.0+0x3a/0xa20
[ 1574.369038]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1574.369653]  kmem_cache_alloc_trace+0x151/0x320
[ 1574.370217]  ? cset_cgroup_from_root+0x2a0/0x2a0
[ 1574.370785]  percpu_ref_init+0xd8/0x3d0
[ 1574.371273]  cgroup_mkdir+0x28b/0xf50
[ 1574.371742]  ? cgroup_destroy_locked+0x710/0x710
[ 1574.372319]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1574.372828]  vfs_mkdir+0x493/0x700
[ 1574.373262]  do_mkdirat+0x150/0x2b0
[ 1574.373704]  ? user_path_create+0xf0/0xf0
[ 1574.374209]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1574.374834]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1574.375455]  do_syscall_64+0x33/0x40
[ 1574.375900]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1574.376521] RIP: 0033:0x7f8dbfff9b19
[ 1574.376970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1574.379152] RSP: 002b:00007f8dbd56f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1574.380060] RAX: ffffffffffffffda RBX: 00007f8dc010cf60 RCX: 00007f8dbfff9b19
[ 1574.380911] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1574.381761] RBP: 00007f8dbd56f1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1574.382606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1574.383452] R13: 00007ffc385ac51f R14: 00007f8dbd56f300 R15: 0000000000022000
[ 1574.384329] CPU: 0 PID: 9498 Comm: syz-executor.4 Not tainted 5.10.211 #1
[ 1574.385169] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1574.386154] Call Trace:
[ 1574.386474]  dump_stack+0x107/0x167
[ 1574.386914]  should_fail.cold+0x5/0xa
[ 1574.387378]  should_failslab+0x5/0x20
[ 1574.387835]  __kmalloc_track_caller+0x79/0x370
[ 1574.388390]  ? security_context_to_sid_core+0x7fc/0x890
[ 1574.389028]  ? kfree+0x1ab/0x340
[ 1574.389445]  kstrdup+0x36/0x70
[ 1574.389835]  security_context_to_sid_core+0x7fc/0x890
[ 1574.390462]  ? cred_has_capability.isra.0+0x152/0x2b0
[ 1574.391085]  ? security_compute_sid.part.0+0x16e0/0x16e0
[ 1574.391731]  ? check_nnp_nosuid.isra.0+0x2a0/0x2a0
[ 1574.392330]  ? avc_has_perm_noaudit+0x3e0/0x3e0
[ 1574.392910]  security_context_to_sid_force+0x34/0x50
[ 1574.393522]  selinux_inode_setxattr+0x6b6/0x8a0
[ 1574.394087]  ? selinux_sb_clone_mnt_opts+0xc60/0xc60
[ 1574.394693]  ? perf_trace_lock+0xac/0x490
[ 1574.395213]  security_inode_setxattr+0xed/0x1b0
[ 1574.395777]  __vfs_setxattr_locked+0xa1/0x250
[ 1574.396324]  vfs_setxattr+0xe8/0x270
[ 1574.396789]  ? __vfs_setxattr_locked+0x250/0x250
[ 1574.397369]  setxattr+0x23d/0x330
[ 1574.397789]  ? vfs_setxattr+0x270/0x270
[ 1574.398266]  ? filename_lookup+0x3c8/0x570
[ 1574.398787]  ? lock_acquire+0x197/0x470
[ 1574.399263]  ? path_setxattr+0xb5/0x190
[ 1574.399747]  ? lock_release+0x680/0x680
[ 1574.400233]  ? strncpy_from_user+0x9e/0x470
[ 1574.400775]  ? __mnt_want_write+0x196/0x280
[ 1574.401301]  path_setxattr+0x174/0x190
[ 1574.401775]  ? setxattr+0x330/0x330
[ 1574.402220]  ? __ia32_sys_read+0xb0/0xb0
[ 1574.402718]  __x64_sys_setxattr+0xc0/0x160
[ 1574.403228]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1574.403847]  do_syscall_64+0x33/0x40
[ 1574.404295]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1574.404968] RIP: 0033:0x7f3ed2558b19
[ 1574.405421] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1574.407615] RSP: 002b:00007f3ecface188 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[ 1574.408550] RAX: ffffffffffffffda RBX: 00007f3ed266bf60 RCX: 00007f3ed2558b19
[ 1574.409414] RDX: 0000000020000240 RSI: 00000000200001c0 RDI: 0000000020000180
[ 1574.410276] RBP: 00007f3ecface1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1574.411133] R10: 0000000000000025 R11: 0000000000000246 R12: 0000000000000002
[ 1574.411996] R13: 00007ffd34e6ca4f R14: 00007f3ecface300 R15: 0000000000022000
08:12:09 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x1}, 0x0)
perf_event_open(0x0, r2, 0x8, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)

08:12:09 executing program 0:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 12)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

[ 1574.447297] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1574.473219] FAULT_INJECTION: forcing a failure.
08:12:09 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

[ 1574.473219] name failslab, interval 1, probability 0, space 0, times 0
[ 1574.474627] CPU: 1 PID: 9504 Comm: syz-executor.2 Not tainted 5.10.211 #1
[ 1574.475313] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1574.476139] Call Trace:
[ 1574.476423]  dump_stack+0x107/0x167
[ 1574.476791]  should_fail.cold+0x5/0xa
[ 1574.477177]  ? percpu_ref_init+0xd8/0x3d0
[ 1574.477596]  should_failslab+0x5/0x20
[ 1574.477981]  kmem_cache_alloc_trace+0x55/0x320
[ 1574.478443]  ? cset_cgroup_from_root+0x2a0/0x2a0
[ 1574.478919]  percpu_ref_init+0xd8/0x3d0
[ 1574.479326]  cgroup_mkdir+0x28b/0xf50
[ 1574.479721]  ? cgroup_destroy_locked+0x710/0x710
[ 1574.480198]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1574.480626]  vfs_mkdir+0x493/0x700
[ 1574.480988]  do_mkdirat+0x150/0x2b0
[ 1574.481361]  ? user_path_create+0xf0/0xf0
[ 1574.481784]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1574.482309]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1574.482834]  do_syscall_64+0x33/0x40
[ 1574.483209]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1574.483723] RIP: 0033:0x7fe52009fb19
[ 1574.484099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1574.485945] RSP: 002b:00007fe51d615188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1574.486715] RAX: ffffffffffffffda RBX: 00007fe5201b2f60 RCX: 00007fe52009fb19
[ 1574.487433] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1574.488142] RBP: 00007fe51d6151d0 R08: 0000000000000000 R09: 0000000000000000
[ 1574.488862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1574.489587] R13: 00007fff0a4138bf R14: 00007fe51d615300 R15: 0000000000022000
08:12:09 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r5 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r5, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
dup2(r7, r6)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r7, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1574.551616] FAULT_INJECTION: forcing a failure.
[ 1574.551616] name failslab, interval 1, probability 0, space 0, times 0
[ 1574.553224] CPU: 0 PID: 9507 Comm: syz-executor.0 Not tainted 5.10.211 #1
[ 1574.553995] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1574.554985] Call Trace:
[ 1574.555327]  dump_stack+0x107/0x167
[ 1574.555779]  should_fail.cold+0x5/0xa
[ 1574.556250]  ? create_object.isra.0+0x3a/0xa20
[ 1574.556823]  should_failslab+0x5/0x20
[ 1574.557296]  kmem_cache_alloc+0x5b/0x310
[ 1574.557805]  create_object.isra.0+0x3a/0xa20
[ 1574.558355]  kmemleak_alloc_percpu+0xa0/0x100
[ 1574.558897]  pcpu_alloc+0x4e2/0x1240
[ 1574.559476]  cgroup_rstat_init+0x14f/0x1f0
[ 1574.559984]  cgroup_mkdir+0x709/0xf50
[ 1574.560563]  ? cgroup_destroy_locked+0x710/0x710
[ 1574.561128]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1574.561749]  vfs_mkdir+0x493/0x700
[ 1574.562209]  do_mkdirat+0x150/0x2b0
[ 1574.562752]  ? user_path_create+0xf0/0xf0
[ 1574.563247]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1574.564018]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1574.564668]  do_syscall_64+0x33/0x40
[ 1574.565228]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1574.565991] RIP: 0033:0x7f8dbfff9b19
[ 1574.566435] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1574.569137] RSP: 002b:00007f8dbd54e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1574.570261] RAX: ffffffffffffffda RBX: 00007f8dc010d020 RCX: 00007f8dbfff9b19
[ 1574.571301] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1574.572347] RBP: 00007f8dbd54e1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1574.573385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1574.574428] R13: 00007ffc385ac51f R14: 00007f8dbd54e300 R15: 0000000000022000
[ 1574.584376] EXT4-fs (loop7): VFS: Can't find ext4 filesystem
[ 1587.530261] FAULT_INJECTION: forcing a failure.
[ 1587.530261] name failslab, interval 1, probability 0, space 0, times 0
[ 1587.531381] CPU: 1 PID: 9525 Comm: syz-executor.4 Not tainted 5.10.211 #1
[ 1587.531921] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1587.532736] Call Trace:
[ 1587.533005]  dump_stack+0x107/0x167
[ 1587.533370]  should_fail.cold+0x5/0xa
[ 1587.533748]  ? create_object.isra.0+0x3a/0xa20
[ 1587.534203]  should_failslab+0x5/0x20
[ 1587.534595]  kmem_cache_alloc+0x5b/0x310
[ 1587.535006]  ? mark_held_locks+0x9e/0xe0
[ 1587.535417]  create_object.isra.0+0x3a/0xa20
[ 1587.535852]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1587.536362]  __kmalloc_track_caller+0x177/0x370
[ 1587.536827]  ? security_context_to_sid_core+0x7fc/0x890
[ 1587.537351]  ? kfree+0x1ab/0x340
[ 1587.537699]  kstrdup+0x36/0x70
[ 1587.538027]  security_context_to_sid_core+0x7fc/0x890
[ 1587.538544]  ? cred_has_capability.isra.0+0x152/0x2b0
[ 1587.539060]  ? security_compute_sid.part.0+0x16e0/0x16e0
[ 1587.539534]  ? check_nnp_nosuid.isra.0+0x2a0/0x2a0
[ 1587.540032]  ? avc_has_perm_noaudit+0x3e0/0x3e0
[ 1587.540457]  security_context_to_sid_force+0x34/0x50
[ 1587.540970]  selinux_inode_setxattr+0x6b6/0x8a0
[ 1587.541438]  ? selinux_sb_clone_mnt_opts+0xc60/0xc60
[ 1587.541941]  ? perf_trace_lock+0xac/0x490
[ 1587.542379]  security_inode_setxattr+0xed/0x1b0
[ 1587.542847]  __vfs_setxattr_locked+0xa1/0x250
[ 1587.543295]  vfs_setxattr+0xe8/0x270
[ 1587.543672]  ? __vfs_setxattr_locked+0x250/0x250
[ 1587.544160]  setxattr+0x23d/0x330
[ 1587.544515]  ? vfs_setxattr+0x270/0x270
[ 1587.544914]  ? filename_lookup+0x3c8/0x570
[ 1587.545347]  ? lock_acquire+0x197/0x470
[ 1587.545738]  ? path_setxattr+0xb5/0x190
[ 1587.546143]  ? lock_release+0x680/0x680
[ 1587.546554]  ? strncpy_from_user+0x9e/0x470
[ 1587.546994]  ? __mnt_want_write+0x196/0x280
[ 1587.547437]  path_setxattr+0x174/0x190
[ 1587.547826]  ? setxattr+0x330/0x330
[ 1587.548196]  ? __ia32_sys_read+0xb0/0xb0
[ 1587.548618]  __x64_sys_setxattr+0xc0/0x160
[ 1587.549036]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1587.549546]  do_syscall_64+0x33/0x40
[ 1587.549922]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1587.550429] RIP: 0033:0x7f3ed2558b19
[ 1587.550801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1587.552599] RSP: 002b:00007f3ecface188 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[ 1587.553345] RAX: ffffffffffffffda RBX: 00007f3ed266bf60 RCX: 00007f3ed2558b19
[ 1587.554048] RDX: 0000000020000240 RSI: 00000000200001c0 RDI: 0000000020000180
[ 1587.554741] RBP: 00007f3ecface1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1587.555435] R10: 0000000000000025 R11: 0000000000000246 R12: 0000000000000002
[ 1587.556128] R13: 00007ffd34e6ca4f R14: 00007f3ecface300 R15: 0000000000022000
08:12:22 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r5 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r5, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
dup2(r7, r6)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r7, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:12:22 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:12:22 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x0) (fail_nth: 13)

08:12:22 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x1}, 0x0)
perf_event_open(0x0, r2, 0x8, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200, 0x18)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)

08:12:22 executing program 0:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 13)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

08:12:22 executing program 2:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400000000000000080006", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 11)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')

08:12:22 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:12:22 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, 0x0)
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

[ 1587.586810] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1587.591693] FAULT_INJECTION: forcing a failure.
[ 1587.591693] name failslab, interval 1, probability 0, space 0, times 0
[ 1587.592848] CPU: 1 PID: 9533 Comm: syz-executor.2 Not tainted 5.10.211 #1
[ 1587.593520] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1587.594337] Call Trace:
[ 1587.594612]  dump_stack+0x107/0x167
[ 1587.594977]  should_fail.cold+0x5/0xa
[ 1587.595361]  ? create_object.isra.0+0x3a/0xa20
[ 1587.595828]  should_failslab+0x5/0x20
[ 1587.596214]  kmem_cache_alloc+0x5b/0x310
[ 1587.596634]  create_object.isra.0+0x3a/0xa20
[ 1587.597073]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1587.597578]  kmem_cache_alloc_trace+0x151/0x320
[ 1587.597977]  ? cset_cgroup_from_root+0x2a0/0x2a0
[ 1587.598448]  percpu_ref_init+0xd8/0x3d0
[ 1587.598776]  cgroup_mkdir+0x28b/0xf50
[ 1587.599167]  ? cgroup_destroy_locked+0x710/0x710
[ 1587.599560]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1587.599976]  vfs_mkdir+0x493/0x700
[ 1587.600342]  do_mkdirat+0x150/0x2b0
[ 1587.600718]  ? user_path_create+0xf0/0xf0
[ 1587.601144]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1587.601662]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1587.602191]  do_syscall_64+0x33/0x40
[ 1587.602565]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1587.603077] RIP: 0033:0x7fe52009fb19
[ 1587.603455] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1587.605260] RSP: 002b:00007fe51d615188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1587.606008] RAX: ffffffffffffffda RBX: 00007fe5201b2f60 RCX: 00007fe52009fb19
[ 1587.606714] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1587.607417] RBP: 00007fe51d6151d0 R08: 0000000000000000 R09: 0000000000000000
[ 1587.608114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1587.608815] R13: 00007fff0a4138bf R14: 00007fe51d615300 R15: 0000000000022000
[ 1587.713678] FAULT_INJECTION: forcing a failure.
[ 1587.713678] name failslab, interval 1, probability 0, space 0, times 0
[ 1587.714959] CPU: 1 PID: 9531 Comm: syz-executor.0 Not tainted 5.10.211 #1
[ 1587.715624] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1587.716446] Call Trace:
[ 1587.716734]  dump_stack+0x107/0x167
[ 1587.717110]  should_fail.cold+0x5/0xa
[ 1587.717510]  should_failslab+0x5/0x20
[ 1587.717896]  __kmalloc_track_caller+0x79/0x370
[ 1587.718352]  ? security_context_to_sid_core+0xb4/0x890
08:12:22 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x1}, 0x0)
perf_event_open(0x0, r2, 0x8, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x200, 0x18)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)

[ 1587.718886]  kmemdup_nul+0x2d/0xa0
[ 1587.719459]  security_context_to_sid_core+0xb4/0x890
[ 1587.719973]  ? do_raw_spin_unlock+0x4f/0x220
[ 1587.720419]  ? security_compute_sid.part.0+0x16e0/0x16e0
[ 1587.720959]  ? simple_xattr_get+0x10a/0x180
[ 1587.721407]  ? kernfs_vfs_xattr_set+0xb0/0xb0
[ 1587.721856]  ? kernfs_vfs_xattr_get+0xb6/0xe0
[ 1587.722224]  ? __vfs_getxattr+0xeb/0x150
[ 1587.722624]  ? __vfs_setxattr+0x180/0x180
[ 1587.722999]  security_context_to_sid_default+0x3a/0x50
[ 1587.723530]  inode_doinit_use_xattr+0x110/0x350
[ 1587.723941]  inode_doinit_with_dentry+0x107e/0x1240
[ 1587.724448]  ? selinux_file_lock+0x280/0x280
[ 1587.724843]  ? kernfs_get_inode+0x388/0x520
[ 1587.725275]  ? lock_downgrade+0x6d0/0x6d0
[ 1587.725694]  selinux_d_instantiate+0x23/0x30
[ 1587.726137]  security_d_instantiate+0x56/0xe0
[ 1587.726586]  d_splice_alias+0x8c/0xc60
[ 1587.726936]  ? _raw_spin_unlock+0x1a/0x30
[ 1587.727363]  kernfs_iop_lookup+0x1ac/0x220
[ 1587.727714]  __lookup_hash+0x121/0x190
[ 1587.728105]  filename_create+0x186/0x4a0
[ 1587.728463]  ? filename_parentat+0x570/0x570
[ 1587.728917]  ? getname_flags.part.0+0x1dd/0x4f0
[ 1587.729350]  do_mkdirat+0xa2/0x2b0
[ 1587.729708]  ? user_path_create+0xf0/0xf0
08:12:22 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, 0x0)
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

[ 1587.730054]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1587.730837]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1587.731388]  do_syscall_64+0x33/0x40
[ 1587.731770]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1587.732280] RIP: 0033:0x7f8dbfff9b19
[ 1587.732626] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1587.734440] RSP: 002b:00007f8dbd56f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1587.735212] RAX: ffffffffffffffda RBX: 00007f8dc010cf60 RCX: 00007f8dbfff9b19
[ 1587.735913] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1587.736622] RBP: 00007f8dbd56f1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1587.737327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1587.738032] R13: 00007ffc385ac51f R14: 00007f8dbd56f300 R15: 0000000000022000
[ 1587.738797] SELinux: inode_doinit_use_xattr:  context_to_sid(system_u:object_r:cgroup_t:s0) returned 12 for dev=cgroup2 ino=5490
08:12:22 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:12:22 executing program 2:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400000000000000080006", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 12)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')

08:12:22 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x0) (fail_nth: 14)

08:12:22 executing program 0:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 14)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

[ 1587.857465] FAULT_INJECTION: forcing a failure.
[ 1587.857465] name failslab, interval 1, probability 0, space 0, times 0
[ 1587.858686] CPU: 1 PID: 9546 Comm: syz-executor.2 Not tainted 5.10.211 #1
[ 1587.859346] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1587.860171] Call Trace:
[ 1587.860443]  dump_stack+0x107/0x167
[ 1587.860823]  should_fail.cold+0x5/0xa
[ 1587.861206]  ? create_object.isra.0+0x3a/0xa20
[ 1587.861667]  should_failslab+0x5/0x20
[ 1587.862053]  kmem_cache_alloc+0x5b/0x310
[ 1587.862470]  create_object.isra.0+0x3a/0xa20
[ 1587.862921]  kmemleak_alloc_percpu+0xa0/0x100
[ 1587.863376]  pcpu_alloc+0x4e2/0x1240
[ 1587.863773]  cgroup_rstat_init+0x14f/0x1f0
[ 1587.864202]  cgroup_mkdir+0x709/0xf50
[ 1587.864595]  ? cgroup_destroy_locked+0x710/0x710
[ 1587.865068]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1587.865476]  vfs_mkdir+0x493/0x700
[ 1587.865833]  do_mkdirat+0x150/0x2b0
[ 1587.866197]  ? user_path_create+0xf0/0xf0
[ 1587.866615]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1587.867130]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1587.867648]  do_syscall_64+0x33/0x40
[ 1587.868018]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1587.868533] RIP: 0033:0x7fe52009fb19
[ 1587.868905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1587.870687] RSP: 002b:00007fe51d615188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1587.871433] RAX: ffffffffffffffda RBX: 00007fe5201b2f60 RCX: 00007fe52009fb19
[ 1587.872122] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1587.872821] RBP: 00007fe51d6151d0 R08: 0000000000000000 R09: 0000000000000000
[ 1587.873524] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1587.874227] R13: 00007fff0a4138bf R14: 00007fe51d615300 R15: 0000000000022000
08:12:22 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, 0x0, &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r8, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1587.916613] FAULT_INJECTION: forcing a failure.
[ 1587.916613] name failslab, interval 1, probability 0, space 0, times 0
[ 1587.918546] CPU: 0 PID: 9554 Comm: syz-executor.4 Not tainted 5.10.211 #1
[ 1587.919602] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1587.920877] Call Trace:
[ 1587.921299]  dump_stack+0x107/0x167
[ 1587.921865]  should_fail.cold+0x5/0xa
[ 1587.922458]  ? jbd2__journal_start+0x190/0x7e0
[ 1587.923168]  should_failslab+0x5/0x20
[ 1587.923757]  kmem_cache_alloc+0x5b/0x310
[ 1587.924382]  ? _down_write_nest_lock+0x160/0x160
[ 1587.925130]  jbd2__journal_start+0x190/0x7e0
[ 1587.925821]  __ext4_journal_start_sb+0x214/0x390
[ 1587.926556]  ext4_xattr_set+0x23a/0x340
[ 1587.927186]  ? ext4_xattr_set_credits+0x200/0x200
[ 1587.927927]  ? security_validate_transition+0x86/0xb0
[ 1587.928739]  ? xattr_resolve_name+0x26e/0x3e0
[ 1587.929435]  ? ext4_initxattrs+0x120/0x120
[ 1587.930080]  __vfs_setxattr+0x10f/0x180
[ 1587.930692]  ? xattr_resolve_name+0x3e0/0x3e0
[ 1587.931403]  __vfs_setxattr_noperm+0x11a/0x4c0
[ 1587.932115]  __vfs_setxattr_locked+0x1c3/0x250
[ 1587.932822]  vfs_setxattr+0xe8/0x270
[ 1587.933401]  ? __vfs_setxattr_locked+0x250/0x250
[ 1587.934140]  setxattr+0x23d/0x330
[ 1587.934677]  ? vfs_setxattr+0x270/0x270
[ 1587.935284]  ? filename_lookup+0x3c8/0x570
[ 1587.935944]  ? lock_acquire+0x197/0x470
[ 1587.936559]  ? path_setxattr+0xb5/0x190
[ 1587.937173]  ? lock_release+0x680/0x680
[ 1587.937783]  ? strncpy_from_user+0x9e/0x470
[ 1587.938453]  ? __mnt_want_write+0x196/0x280
[ 1587.939124]  path_setxattr+0x174/0x190
[ 1587.939722]  ? setxattr+0x330/0x330
[ 1587.940282]  ? __ia32_sys_read+0xb0/0xb0
[ 1587.940944]  __x64_sys_setxattr+0xc0/0x160
[ 1587.941592]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1587.942381]  do_syscall_64+0x33/0x40
[ 1587.942949]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1587.943819] RIP: 0033:0x7f3ed2558b19
[ 1587.944458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1587.947556] RSP: 002b:00007f3ecface188 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[ 1587.948872] RAX: ffffffffffffffda RBX: 00007f3ed266bf60 RCX: 00007f3ed2558b19
[ 1587.950075] RDX: 0000000020000240 RSI: 00000000200001c0 RDI: 0000000020000180
[ 1587.951280] RBP: 00007f3ecface1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1587.952502] R10: 0000000000000025 R11: 0000000000000246 R12: 0000000000000002
[ 1587.953714] R13: 00007ffd34e6ca4f R14: 00007f3ecface300 R15: 0000000000022000
[ 1587.962763] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
08:12:22 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

[ 1588.029710] FAULT_INJECTION: forcing a failure.
[ 1588.029710] name failslab, interval 1, probability 0, space 0, times 0
[ 1588.032237] CPU: 0 PID: 9558 Comm: syz-executor.0 Not tainted 5.10.211 #1
[ 1588.033361] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1588.034708] Call Trace:
[ 1588.035157]  dump_stack+0x107/0x167
[ 1588.035767]  should_fail.cold+0x5/0xa
[ 1588.036413]  should_failslab+0x5/0x20
[ 1588.037051]  __kmalloc_track_caller+0x79/0x370
[ 1588.037804]  ? kstrdup_const+0x53/0x80
[ 1588.038450]  ? find_held_lock+0x2c/0x110
[ 1588.039129]  kstrdup+0x36/0x70
[ 1588.039670]  kstrdup_const+0x53/0x80
[ 1588.040289]  __kernfs_new_node+0x9d/0x860
[ 1588.040983]  ? mark_held_locks+0x9e/0xe0
[ 1588.041649]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1588.042432]  ? cpumask_next+0x1f/0x30
[ 1588.043061]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 1588.043835]  ? pcpu_alloc+0x12a/0x1240
[ 1588.044507]  kernfs_new_node+0x18d/0x250
[ 1588.045191]  kernfs_create_dir_ns+0x49/0x160
[ 1588.045922]  cgroup_mkdir+0x318/0xf50
[ 1588.046560]  ? cgroup_destroy_locked+0x710/0x710
[ 1588.047344]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1588.048032]  vfs_mkdir+0x493/0x700
[ 1588.048642]  do_mkdirat+0x150/0x2b0
[ 1588.049247]  ? user_path_create+0xf0/0xf0
[ 1588.049936]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1588.050791]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1588.051640]  do_syscall_64+0x33/0x40
[ 1588.052256]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1588.053095] RIP: 0033:0x7f8dbfff9b19
[ 1588.053713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1588.056684] RSP: 002b:00007f8dbd56f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1588.057918] RAX: ffffffffffffffda RBX: 00007f8dc010cf60 RCX: 00007f8dbfff9b19
[ 1588.059072] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1588.060230] RBP: 00007f8dbd56f1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1588.061390] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1588.062553] R13: 00007ffc385ac51f R14: 00007f8dbd56f300 R15: 0000000000022000
08:12:37 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:12:37 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x1}, 0x0)
perf_event_open(0x0, r2, 0x8, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)

08:12:37 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:12:37 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, 0x0, &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r8, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:12:37 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, 0x0)
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:12:37 executing program 0:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 15)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

08:12:37 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x0) (fail_nth: 15)

08:12:37 executing program 2:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400000000000000080006", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 13)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')

[ 1602.524651] FAULT_INJECTION: forcing a failure.
[ 1602.524651] name failslab, interval 1, probability 0, space 0, times 0
[ 1602.525696] CPU: 0 PID: 9588 Comm: syz-executor.4 Not tainted 5.10.211 #1
[ 1602.526270] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1602.526663] FAULT_INJECTION: forcing a failure.
[ 1602.526663] name failslab, interval 1, probability 0, space 0, times 0
[ 1602.526960] Call Trace:
[ 1602.526984]  dump_stack+0x107/0x167
[ 1602.527005]  should_fail.cold+0x5/0xa
[ 1602.527029]  ? create_object.isra.0+0x3a/0xa20
[ 1602.527052]  should_failslab+0x5/0x20
[ 1602.527070]  kmem_cache_alloc+0x5b/0x310
[ 1602.527080]  ? __kasan_slab_free+0x122/0x160
[ 1602.527091]  ? sidtab_do_lookup+0x171/0x6b0
[ 1602.527104]  create_object.isra.0+0x3a/0xa20
[ 1602.527115]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1602.527130]  kmem_cache_alloc+0x159/0x310
[ 1602.527149]  ? _down_write_nest_lock+0x160/0x160
[ 1602.532263]  jbd2__journal_start+0x190/0x7e0
[ 1602.532634]  __ext4_journal_start_sb+0x214/0x390
[ 1602.533038]  ext4_xattr_set+0x23a/0x340
[ 1602.533379]  ? ext4_xattr_set_credits+0x200/0x200
[ 1602.533772]  ? security_validate_transition+0x86/0xb0
[ 1602.534208]  ? xattr_resolve_name+0x26e/0x3e0
[ 1602.534576]  ? ext4_initxattrs+0x120/0x120
[ 1602.534919]  __vfs_setxattr+0x10f/0x180
[ 1602.535260]  ? xattr_resolve_name+0x3e0/0x3e0
[ 1602.535635]  __vfs_setxattr_noperm+0x11a/0x4c0
[ 1602.536016]  __vfs_setxattr_locked+0x1c3/0x250
[ 1602.536398]  vfs_setxattr+0xe8/0x270
[ 1602.536708]  ? __vfs_setxattr_locked+0x250/0x250
[ 1602.537113]  setxattr+0x23d/0x330
[ 1602.537398]  ? vfs_setxattr+0x270/0x270
[ 1602.537723]  ? filename_lookup+0x3c8/0x570
[ 1602.538081]  ? lock_acquire+0x197/0x470
[ 1602.538409]  ? path_setxattr+0xb5/0x190
[ 1602.538740]  ? lock_release+0x680/0x680
[ 1602.539076]  ? strncpy_from_user+0x9e/0x470
[ 1602.539437]  ? __mnt_want_write+0x196/0x280
[ 1602.539797]  path_setxattr+0x174/0x190
[ 1602.540129]  ? setxattr+0x330/0x330
[ 1602.540427]  ? __ia32_sys_read+0xb0/0xb0
[ 1602.540769]  __x64_sys_setxattr+0xc0/0x160
[ 1602.541129]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1602.541554]  do_syscall_64+0x33/0x40
[ 1602.541858]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1602.542284] RIP: 0033:0x7f3ed2558b19
[ 1602.542585] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1602.544087] RSP: 002b:00007f3ecface188 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[ 1602.544710] RAX: ffffffffffffffda RBX: 00007f3ed266bf60 RCX: 00007f3ed2558b19
[ 1602.545297] RDX: 0000000020000240 RSI: 00000000200001c0 RDI: 0000000020000180
[ 1602.545873] RBP: 00007f3ecface1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1602.546458] R10: 0000000000000025 R11: 0000000000000246 R12: 0000000000000002
[ 1602.547039] R13: 00007ffd34e6ca4f R14: 00007f3ecface300 R15: 0000000000022000
[ 1602.547651] CPU: 1 PID: 9589 Comm: syz-executor.0 Not tainted 5.10.211 #1
[ 1602.548375] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1602.549239] Call Trace:
[ 1602.549524]  dump_stack+0x107/0x167
[ 1602.549901]  should_fail.cold+0x5/0xa
[ 1602.550327]  should_failslab+0x5/0x20
[ 1602.550735]  __kmalloc_track_caller+0x79/0x370
[ 1602.551229]  ? kstrdup_const+0x53/0x80
[ 1602.551637]  ? find_held_lock+0x2c/0x110
[ 1602.552073]  kstrdup+0x36/0x70
[ 1602.552418]  kstrdup_const+0x53/0x80
[ 1602.552821]  __kernfs_new_node+0x9d/0x860
[ 1602.553257]  ? mark_held_locks+0x9e/0xe0
[ 1602.553346] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1602.553677]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1602.553696]  ? cpumask_next+0x1f/0x30
[ 1602.555229]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 1602.555713]  ? pcpu_alloc+0x12a/0x1240
[ 1602.556143]  kernfs_new_node+0x18d/0x250
[ 1602.556573]  kernfs_create_dir_ns+0x49/0x160
[ 1602.557055]  cgroup_mkdir+0x318/0xf50
[ 1602.557457]  ? cgroup_destroy_locked+0x710/0x710
[ 1602.557947]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1602.558395]  vfs_mkdir+0x493/0x700
[ 1602.558772]  do_mkdirat+0x150/0x2b0
[ 1602.559165]  ? user_path_create+0xf0/0xf0
[ 1602.559605]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1602.560157]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1602.560702]  do_syscall_64+0x33/0x40
[ 1602.561099]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1602.561634] RIP: 0033:0x7f8dbfff9b19
[ 1602.562026] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1602.563915] RSP: 002b:00007f8dbd56f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1602.564722] RAX: ffffffffffffffda RBX: 00007f8dc010cf60 RCX: 00007f8dbfff9b19
[ 1602.565466] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1602.566218] RBP: 00007f8dbd56f1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1602.566948] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1602.567680] R13: 00007ffc385ac51f R14: 00007f8dbd56f300 R15: 0000000000022000
[ 1602.611674] FAULT_INJECTION: forcing a failure.
[ 1602.611674] name failslab, interval 1, probability 0, space 0, times 0
[ 1602.612850] CPU: 0 PID: 9584 Comm: syz-executor.2 Not tainted 5.10.211 #1
[ 1602.613421] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1602.614083] Call Trace:
[ 1602.614320]  dump_stack+0x107/0x167
[ 1602.614623]  should_fail.cold+0x5/0xa
[ 1602.614944]  ? create_object.isra.0+0x3a/0xa20
[ 1602.615319]  should_failslab+0x5/0x20
[ 1602.615628]  kmem_cache_alloc+0x5b/0x310
[ 1602.615964]  ? mark_held_locks+0x9e/0xe0
[ 1602.616302]  create_object.isra.0+0x3a/0xa20
[ 1602.616680]  kmemleak_alloc_percpu+0xa0/0x100
[ 1602.617060]  pcpu_alloc+0x4e2/0x1240
[ 1602.617389]  cgroup_rstat_init+0x14f/0x1f0
[ 1602.617745]  cgroup_mkdir+0x709/0xf50
[ 1602.618063]  ? cgroup_destroy_locked+0x710/0x710
[ 1602.618461]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1602.618803]  vfs_mkdir+0x493/0x700
[ 1602.619098]  do_mkdirat+0x150/0x2b0
[ 1602.619396]  ? user_path_create+0xf0/0xf0
[ 1602.619737]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1602.620159]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1602.620585]  do_syscall_64+0x33/0x40
[ 1602.620893]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1602.621305] RIP: 0033:0x7fe52009fb19
[ 1602.621612] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1602.623081] RSP: 002b:00007fe51d615188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1602.623683] RAX: ffffffffffffffda RBX: 00007fe5201b2f60 RCX: 00007fe52009fb19
[ 1602.624264] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1602.624852] RBP: 00007fe51d6151d0 R08: 0000000000000000 R09: 0000000000000000
[ 1602.625437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1602.626016] R13: 00007fff0a4138bf R14: 00007fe51d615300 R15: 0000000000022000
08:12:37 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x1}, 0x0)
perf_event_open(0x0, r2, 0x8, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)

08:12:37 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:12:37 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x0) (fail_nth: 16)

08:12:37 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:12:37 executing program 0:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 16)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

[ 1602.725614] FAULT_INJECTION: forcing a failure.
[ 1602.725614] name failslab, interval 1, probability 0, space 0, times 0
[ 1602.726923] CPU: 1 PID: 9598 Comm: syz-executor.4 Not tainted 5.10.211 #1
[ 1602.727555] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1602.728355] Call Trace:
[ 1602.728625]  dump_stack+0x107/0x167
[ 1602.729001]  should_fail.cold+0x5/0xa
08:12:37 executing program 2:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400000000000000080006", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 14)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')

[ 1602.729399]  should_failslab+0x5/0x20
[ 1602.729896]  __kmalloc_track_caller+0x79/0x370
[ 1602.730371]  ? security_context_to_sid_core+0xb4/0x890
[ 1602.730922]  kmemdup_nul+0x2d/0xa0
[ 1602.731304]  security_context_to_sid_core+0xb4/0x890
[ 1602.731833]  ? security_compute_sid.part.0+0x16e0/0x16e0
[ 1602.732395]  ? ext4_fc_mark_ineligible+0x78/0x170
[ 1602.732898]  ? ext4_xattr_set+0x293/0x340
[ 1602.733344]  ? ext4_xattr_set_credits+0x200/0x200
[ 1602.733842]  security_context_to_sid_force+0x34/0x50
[ 1602.734375]  selinux_inode_post_setxattr+0x11b/0x2d0
[ 1602.734894]  ? backing_inode_security+0x170/0x170
[ 1602.735403]  ? ext4_initxattrs+0x120/0x120
[ 1602.735837]  ? __vfs_setxattr+0x10f/0x180
[ 1602.736275]  ? xattr_resolve_name+0x3e0/0x3e0
[ 1602.736755]  security_inode_post_setxattr+0xd6/0x130
[ 1602.737291]  __vfs_setxattr_noperm+0x2a9/0x4c0
[ 1602.737765]  __vfs_setxattr_locked+0x1c3/0x250
[ 1602.738254]  vfs_setxattr+0xe8/0x270
[ 1602.738641]  ? __vfs_setxattr_locked+0x250/0x250
[ 1602.739152]  setxattr+0x23d/0x330
[ 1602.739510]  ? vfs_setxattr+0x270/0x270
[ 1602.739921]  ? filename_lookup+0x3c8/0x570
[ 1602.740373]  ? lock_acquire+0x197/0x470
[ 1602.740791]  ? path_setxattr+0xb5/0x190
[ 1602.741222]  ? lock_release+0x680/0x680
[ 1602.741636]  ? strncpy_from_user+0x9e/0x470
[ 1602.742100]  ? __mnt_want_write+0x196/0x280
[ 1602.742551]  path_setxattr+0x174/0x190
[ 1602.742954]  ? setxattr+0x330/0x330
[ 1602.743348]  ? __ia32_sys_read+0xb0/0xb0
[ 1602.743773]  __x64_sys_setxattr+0xc0/0x160
[ 1602.744224]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1602.744762]  do_syscall_64+0x33/0x40
[ 1602.745160]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1602.745688] RIP: 0033:0x7f3ed2558b19
[ 1602.746082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1602.747962] RSP: 002b:00007f3ecface188 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[ 1602.748755] RAX: ffffffffffffffda RBX: 00007f3ed266bf60 RCX: 00007f3ed2558b19
[ 1602.749491] RDX: 0000000020000240 RSI: 00000000200001c0 RDI: 0000000020000180
[ 1602.750225] RBP: 00007f3ecface1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1602.750950] R10: 0000000000000025 R11: 0000000000000246 R12: 0000000000000002
[ 1602.751688] R13: 00007ffd34e6ca4f R14: 00007f3ecface300 R15: 0000000000022000
[ 1602.752498] SELinux:  unable to map context to SIDfor (sda, 16020), rc=12
[ 1602.764378] FAULT_INJECTION: forcing a failure.
[ 1602.764378] name failslab, interval 1, probability 0, space 0, times 0
[ 1602.765581] CPU: 0 PID: 9605 Comm: syz-executor.0 Not tainted 5.10.211 #1
[ 1602.766145] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1602.766810] Call Trace:
[ 1602.767046]  dump_stack+0x107/0x167
[ 1602.767349]  should_fail.cold+0x5/0xa
[ 1602.767664]  ? __kernfs_new_node+0xd4/0x860
[ 1602.768028]  should_failslab+0x5/0x20
[ 1602.768350]  kmem_cache_alloc+0x5b/0x310
[ 1602.768702]  __kernfs_new_node+0xd4/0x860
[ 1602.769054]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1602.769452]  ? cpumask_next+0x1f/0x30
[ 1602.769763]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 1602.770158]  ? pcpu_alloc+0x12a/0x1240
[ 1602.770490]  kernfs_new_node+0x18d/0x250
[ 1602.770834]  kernfs_create_dir_ns+0x49/0x160
[ 1602.771198]  cgroup_mkdir+0x318/0xf50
[ 1602.771523]  ? cgroup_destroy_locked+0x710/0x710
[ 1602.771916]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1602.772264]  vfs_mkdir+0x493/0x700
[ 1602.772559]  do_mkdirat+0x150/0x2b0
[ 1602.772878]  ? user_path_create+0xf0/0xf0
[ 1602.773233]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1602.773654]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1602.774091]  do_syscall_64+0x33/0x40
[ 1602.774399]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1602.774819] RIP: 0033:0x7f8dbfff9b19
[ 1602.775128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1602.776622] RSP: 002b:00007f8dbd56f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1602.777263] RAX: ffffffffffffffda RBX: 00007f8dc010cf60 RCX: 00007f8dbfff9b19
[ 1602.777856] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1602.778450] RBP: 00007f8dbd56f1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1602.779041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1602.779627] R13: 00007ffc385ac51f R14: 00007f8dbd56f300 R15: 0000000000022000
08:12:37 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

[ 1602.802768] FAULT_INJECTION: forcing a failure.
[ 1602.802768] name failslab, interval 1, probability 0, space 0, times 0
[ 1602.804217] CPU: 1 PID: 9606 Comm: syz-executor.2 Not tainted 5.10.211 #1
[ 1602.804934] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1602.805797] Call Trace:
[ 1602.806095]  dump_stack+0x107/0x167
[ 1602.806476]  should_fail.cold+0x5/0xa
[ 1602.806869]  ? create_object.isra.0+0x3a/0xa20
[ 1602.807352]  should_failslab+0x5/0x20
[ 1602.807743]  kmem_cache_alloc+0x5b/0x310
[ 1602.808175]  ? mark_held_locks+0x9e/0xe0
[ 1602.808596]  create_object.isra.0+0x3a/0xa20
[ 1602.809082]  kmemleak_alloc_percpu+0xa0/0x100
[ 1602.809546]  pcpu_alloc+0x4e2/0x1240
[ 1602.809948]  cgroup_rstat_init+0x14f/0x1f0
[ 1602.810414]  cgroup_mkdir+0x709/0xf50
[ 1602.810809]  ? cgroup_destroy_locked+0x710/0x710
[ 1602.811309]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1602.811740]  vfs_mkdir+0x493/0x700
[ 1602.812120]  do_mkdirat+0x150/0x2b0
[ 1602.812496]  ? user_path_create+0xf0/0xf0
[ 1602.812943]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1602.813493]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1602.814043]  do_syscall_64+0x33/0x40
[ 1602.814418]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1602.814921] RIP: 0033:0x7fe52009fb19
[ 1602.815300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1602.817088] RSP: 002b:00007fe51d615188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1602.817818] RAX: ffffffffffffffda RBX: 00007fe5201b2f60 RCX: 00007fe52009fb19
[ 1602.818525] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1602.819236] RBP: 00007fe51d6151d0 R08: 0000000000000000 R09: 0000000000000000
[ 1602.819926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1602.820621] R13: 00007fff0a4138bf R14: 00007fe51d615300 R15: 0000000000022000
[ 1602.841655] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
08:12:50 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:12:50 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e7778", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:12:50 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:12:50 executing program 0:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 17)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

08:12:50 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x0) (fail_nth: 17)

08:12:50 executing program 2:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400000000000000080006", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 15)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')

08:12:50 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, 0x0, &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r8, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1615.521338] FAULT_INJECTION: forcing a failure.
[ 1615.521338] name failslab, interval 1, probability 0, space 0, times 0
[ 1615.522716] CPU: 0 PID: 9623 Comm: syz-executor.2 Not tainted 5.10.211 #1
[ 1615.523371] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1615.524150] Call Trace:
[ 1615.524416]  dump_stack+0x107/0x167
[ 1615.524769]  should_fail.cold+0x5/0xa
[ 1615.525159]  ? create_object.isra.0+0x3a/0xa20
[ 1615.525615]  should_failslab+0x5/0x20
[ 1615.526003]  kmem_cache_alloc+0x5b/0x310
[ 1615.526382]  create_object.isra.0+0x3a/0xa20
[ 1615.526776]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1615.527263]  __kmalloc_track_caller+0x177/0x370
[ 1615.527719]  ? kstrdup_const+0x53/0x80
[ 1615.528097]  ? find_held_lock+0x2c/0x110
[ 1615.528506]  kstrdup+0x36/0x70
[ 1615.528793]  kstrdup_const+0x53/0x80
[ 1615.529141]  __kernfs_new_node+0x9d/0x860
[ 1615.529541]  ? mark_held_locks+0x9e/0xe0
[ 1615.529945]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1615.530406]  ? cpumask_next+0x1f/0x30
[ 1615.530782]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 1615.531233]  ? pcpu_alloc+0x12a/0x1240
[ 1615.531631]  kernfs_new_node+0x18d/0x250
[ 1615.532029]  kernfs_create_dir_ns+0x49/0x160
[ 1615.532467]  cgroup_mkdir+0x318/0xf50
[ 1615.532846]  ? cgroup_destroy_locked+0x710/0x710
[ 1615.533317]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1615.533707]  vfs_mkdir+0x493/0x700
[ 1615.534067]  do_mkdirat+0x150/0x2b0
[ 1615.534426]  ? user_path_create+0xf0/0xf0
[ 1615.534839]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1615.534916] FAULT_INJECTION: forcing a failure.
[ 1615.534916] name failslab, interval 1, probability 0, space 0, times 0
08:12:50 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x1}, 0x0)
perf_event_open(0x0, r2, 0x8, 0xffffffffffffffff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)

[ 1615.535327]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1615.535347]  do_syscall_64+0x33/0x40
[ 1615.535360]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1615.535370] RIP: 0033:0x7fe52009fb19
[ 1615.535384] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1615.535391] RSP: 002b:00007fe51d615188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1615.535407] RAX: ffffffffffffffda RBX: 00007fe5201b2f60 RCX: 00007fe52009fb19
[ 1615.535415] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1615.535422] RBP: 00007fe51d6151d0 R08: 0000000000000000 R09: 0000000000000000
[ 1615.535429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1615.535437] R13: 00007fff0a4138bf R14: 00007fe51d615300 R15: 0000000000022000
[ 1615.547727] CPU: 1 PID: 9630 Comm: syz-executor.4 Not tainted 5.10.211 #1
[ 1615.548558] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1615.549546] Call Trace:
[ 1615.549885]  dump_stack+0x107/0x167
[ 1615.550336]  should_fail.cold+0x5/0xa
[ 1615.550812]  ? create_object.isra.0+0x3a/0xa20
[ 1615.551371]  should_failslab+0x5/0x20
[ 1615.551835]  kmem_cache_alloc+0x5b/0x310
[ 1615.552336]  create_object.isra.0+0x3a/0xa20
[ 1615.553013]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1615.553625]  __kmalloc_track_caller+0x177/0x370
[ 1615.554195]  ? security_context_to_sid_core+0xb4/0x890
[ 1615.554993]  kmemdup_nul+0x2d/0xa0
[ 1615.555432]  security_context_to_sid_core+0xb4/0x890
[ 1615.556194]  ? security_compute_sid.part.0+0x16e0/0x16e0
[ 1615.556870]  ? ext4_fc_mark_ineligible+0x78/0x170
[ 1615.557592]  ? ext4_xattr_set+0x293/0x340
[ 1615.558109]  ? ext4_xattr_set_credits+0x200/0x200
[ 1615.558825]  security_context_to_sid_force+0x34/0x50
[ 1615.559428]  selinux_inode_post_setxattr+0x11b/0x2d0
[ 1615.560013]  ? backing_inode_security+0x170/0x170
[ 1615.560735]  ? ext4_initxattrs+0x120/0x120
[ 1615.561264]  ? __vfs_setxattr+0x10f/0x180
[ 1615.561748]  ? xattr_resolve_name+0x3e0/0x3e0
[ 1615.562270]  security_inode_post_setxattr+0xd6/0x130
[ 1615.562867]  __vfs_setxattr_noperm+0x2a9/0x4c0
[ 1615.563413]  __vfs_setxattr_locked+0x1c3/0x250
[ 1615.563946]  vfs_setxattr+0xe8/0x270
[ 1615.564383]  ? __vfs_setxattr_locked+0x250/0x250
[ 1615.564956]  setxattr+0x23d/0x330
[ 1615.565323]  ? vfs_setxattr+0x270/0x270
[ 1615.565814]  ? filename_lookup+0x3c8/0x570
[ 1615.566280]  ? lock_acquire+0x197/0x470
[ 1615.566769]  ? path_setxattr+0xb5/0x190
[ 1615.567174]  ? lock_release+0x680/0x680
[ 1615.567677]  ? strncpy_from_user+0x9e/0x470
[ 1615.568123]  ? __mnt_want_write+0x196/0x280
[ 1615.568669]  path_setxattr+0x174/0x190
[ 1615.569079]  ? setxattr+0x330/0x330
[ 1615.569466]  ? __ia32_sys_read+0xb0/0xb0
[ 1615.569875]  __x64_sys_setxattr+0xc0/0x160
[ 1615.570305]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1615.570817]  do_syscall_64+0x33/0x40
[ 1615.571193]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1615.571708] RIP: 0033:0x7f3ed2558b19
[ 1615.572081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1615.573900] RSP: 002b:00007f3ecface188 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[ 1615.574654] RAX: ffffffffffffffda RBX: 00007f3ed266bf60 RCX: 00007f3ed2558b19
[ 1615.575361] RDX: 0000000020000240 RSI: 00000000200001c0 RDI: 0000000020000180
[ 1615.576061] RBP: 00007f3ecface1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1615.576770] R10: 0000000000000025 R11: 0000000000000246 R12: 0000000000000002
[ 1615.577481] R13: 00007ffd34e6ca4f R14: 00007f3ecface300 R15: 0000000000022000
08:12:50 executing program 2:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400000000000000080006", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 16)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')

[ 1615.625136] FAULT_INJECTION: forcing a failure.
[ 1615.625136] name failslab, interval 1, probability 0, space 0, times 0
[ 1615.626386] CPU: 0 PID: 9634 Comm: syz-executor.0 Not tainted 5.10.211 #1
[ 1615.627067] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1615.627885] Call Trace:
[ 1615.628177]  dump_stack+0x107/0x167
[ 1615.628548]  should_fail.cold+0x5/0xa
[ 1615.628947]  ? create_object.isra.0+0x3a/0xa20
[ 1615.629404]  should_failslab+0x5/0x20
[ 1615.629784]  kmem_cache_alloc+0x5b/0x310
[ 1615.630197]  create_object.isra.0+0x3a/0xa20
[ 1615.630639]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1615.631154]  kmem_cache_alloc+0x159/0x310
[ 1615.631569]  __kernfs_new_node+0xd4/0x860
[ 1615.631986]  ? mark_held_locks+0x9e/0xe0
[ 1615.632386]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1615.632879]  ? cpumask_next+0x1f/0x30
[ 1615.633268]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 1615.633734]  ? pcpu_alloc+0x12a/0x1240
[ 1615.634151]  kernfs_new_node+0x18d/0x250
[ 1615.634576]  kernfs_create_dir_ns+0x49/0x160
[ 1615.635018]  cgroup_mkdir+0x318/0xf50
[ 1615.635416]  ? cgroup_destroy_locked+0x710/0x710
[ 1615.635900]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1615.636313]  vfs_mkdir+0x493/0x700
[ 1615.636675]  do_mkdirat+0x150/0x2b0
[ 1615.637051]  ? user_path_create+0xf0/0xf0
[ 1615.637479]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1615.638006]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1615.638511]  do_syscall_64+0x33/0x40
[ 1615.638878]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1615.639394] RIP: 0033:0x7f8dbfff9b19
[ 1615.639761] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1615.641545] RSP: 002b:00007f8dbd56f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1615.642296] RAX: ffffffffffffffda RBX: 00007f8dc010cf60 RCX: 00007f8dbfff9b19
[ 1615.642984] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1615.643682] RBP: 00007f8dbd56f1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1615.644371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1615.645092] R13: 00007ffc385ac51f R14: 00007f8dbd56f300 R15: 0000000000022000
[ 1615.659955] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1615.662822] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
08:12:50 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:12:50 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x1}, 0x0)
perf_event_open(0x0, r2, 0x8, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)

08:12:50 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r8, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:12:50 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x0) (fail_nth: 18)

[ 1615.721921] FAULT_INJECTION: forcing a failure.
[ 1615.721921] name failslab, interval 1, probability 0, space 0, times 0
[ 1615.723884] CPU: 0 PID: 9645 Comm: syz-executor.2 Not tainted 5.10.211 #1
[ 1615.724594] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1615.725441] Call Trace:
[ 1615.725725]  dump_stack+0x107/0x167
[ 1615.726114]  should_fail.cold+0x5/0xa
[ 1615.726506]  ? create_object.isra.0+0x3a/0xa20
[ 1615.726981]  should_failslab+0x5/0x20
[ 1615.727371]  kmem_cache_alloc+0x5b/0x310
[ 1615.727803]  create_object.isra.0+0x3a/0xa20
[ 1615.728261]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1615.728797]  __kmalloc+0x16e/0x390
[ 1615.729170]  ext4_find_extent+0xa3d/0xd30
[ 1615.729617]  ext4_ext_map_blocks+0x1c8/0x5860
[ 1615.730094]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1615.730646]  ? SOFTIRQ_verbose+0x10/0x10
[ 1615.731073]  ? perf_trace_lock+0xac/0x490
[ 1615.731502]  ? SOFTIRQ_verbose+0x10/0x10
[ 1615.731939]  ? ext4_ext_release+0x10/0x10
[ 1615.732382]  ? lock_release+0x680/0x680
[ 1615.732803]  ? ext4_es_lookup_extent+0x48d/0xaa0
[ 1615.733274]  ? lock_downgrade+0x6d0/0x6d0
[ 1615.733725]  ? down_read+0x10f/0x430
[ 1615.734126]  ? down_write+0x160/0x160
[ 1615.734522]  ? ext4_es_lookup_extent+0xc4/0xaa0
[ 1615.734998]  ext4_map_blocks+0x9cc/0x1940
[ 1615.735446]  ? ext4_issue_zeroout+0x1c0/0x1c0
[ 1615.735913]  ? __brelse+0x84/0xa0
[ 1615.736272]  ? __ext4_new_inode+0x148/0x5370
[ 1615.736744]  ext4_append+0x1b8/0x4e0
[ 1615.737159]  ? ext4_move_extents+0x3050/0x3050
[ 1615.737634]  ? ext4_mark_inode_used+0x14a0/0x14a0
[ 1615.738133]  ext4_init_new_dir+0x25e/0x4d0
[ 1615.738570]  ? ext4_init_dot_dotdot+0x610/0x610
[ 1615.739030]  ext4_mkdir+0x3c1/0xb10
[ 1615.739395]  ? ext4_rmdir+0xf70/0xf70
[ 1615.739781]  vfs_mkdir+0x493/0x700
[ 1615.740143]  do_mkdirat+0x150/0x2b0
[ 1615.740509]  ? user_path_create+0xf0/0xf0
[ 1615.740941]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1615.741466]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1615.741968]  do_syscall_64+0x33/0x40
[ 1615.742346]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1615.742853] RIP: 0033:0x7fe52009fb19
[ 1615.743225] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1615.745019] RSP: 002b:00007fe51d5f4188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1615.745806] RAX: ffffffffffffffda RBX: 00007fe5201b3020 RCX: 00007fe52009fb19
[ 1615.746541] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005
[ 1615.747282] RBP: 00007fe51d5f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 1615.747999] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1615.748731] R13: 00007fff0a4138bf R14: 00007fe51d5f4300 R15: 0000000000022000
08:12:50 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

[ 1615.796868] FAULT_INJECTION: forcing a failure.
[ 1615.796868] name failslab, interval 1, probability 0, space 0, times 0
[ 1615.798165] CPU: 1 PID: 9652 Comm: syz-executor.4 Not tainted 5.10.211 #1
[ 1615.798862] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1615.799704] Call Trace:
[ 1615.799983]  dump_stack+0x107/0x167
[ 1615.800365]  should_fail.cold+0x5/0xa
[ 1615.800765]  should_failslab+0x5/0x20
[ 1615.801168]  __kmalloc_track_caller+0x79/0x370
[ 1615.801636]  ? security_context_to_sid_core+0x7fc/0x890
[ 1615.802182]  kstrdup+0x36/0x70
[ 1615.802518]  security_context_to_sid_core+0x7fc/0x890
[ 1615.803050]  ? security_compute_sid.part.0+0x16e0/0x16e0
[ 1615.803590]  ? ext4_fc_mark_ineligible+0x78/0x170
[ 1615.804076]  ? ext4_xattr_set+0x293/0x340
[ 1615.804518]  ? ext4_xattr_set_credits+0x200/0x200
[ 1615.805027]  security_context_to_sid_force+0x34/0x50
[ 1615.805540]  selinux_inode_post_setxattr+0x11b/0x2d0
[ 1615.806048]  ? backing_inode_security+0x170/0x170
[ 1615.806541]  ? ext4_initxattrs+0x120/0x120
[ 1615.806977]  ? xattr_resolve_name+0x3e0/0x3e0
[ 1615.807441]  security_inode_post_setxattr+0xd6/0x130
[ 1615.807956]  __vfs_setxattr_noperm+0x2a9/0x4c0
[ 1615.808432]  __vfs_setxattr_locked+0x1c3/0x250
[ 1615.808912]  vfs_setxattr+0xe8/0x270
[ 1615.809298]  ? __vfs_setxattr_locked+0x250/0x250
[ 1615.809793]  setxattr+0x23d/0x330
[ 1615.810150]  ? vfs_setxattr+0x270/0x270
[ 1615.810550]  ? filename_lookup+0x3c8/0x570
[ 1615.810996]  ? lock_acquire+0x197/0x470
[ 1615.811408]  ? path_setxattr+0xb5/0x190
[ 1615.811819]  ? lock_release+0x680/0x680
[ 1615.812264]  ? strncpy_from_user+0x9e/0x470
[ 1615.812759]  ? __mnt_want_write+0x196/0x280
[ 1615.813177]  path_setxattr+0x174/0x190
[ 1615.813670]  ? setxattr+0x330/0x330
[ 1615.814120]  ? __ia32_sys_read+0xb0/0xb0
[ 1615.814587]  __x64_sys_setxattr+0xc0/0x160
[ 1615.815032]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1615.815682]  do_syscall_64+0x33/0x40
[ 1615.816148]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1615.816786] RIP: 0033:0x7f3ed2558b19
[ 1615.817254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1615.819512] RSP: 002b:00007f3ecface188 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[ 1615.820456] RAX: ffffffffffffffda RBX: 00007f3ed266bf60 RCX: 00007f3ed2558b19
[ 1615.821335] RDX: 0000000020000240 RSI: 00000000200001c0 RDI: 0000000020000180
[ 1615.822210] RBP: 00007f3ecface1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1615.823080] R10: 0000000000000025 R11: 0000000000000246 R12: 0000000000000002
[ 1615.823954] R13: 00007ffd34e6ca4f R14: 00007f3ecface300 R15: 0000000000022000
[ 1615.825190] SELinux:  unable to map context to SIDfor (sda, 16033), rc=12
08:12:50 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x0) (fail_nth: 19)

[ 1615.866419] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
08:12:50 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
getpgid(0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x0, 0x2, 0x0, 0x1000, 0x0, 0x1}, 0x0)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)

08:12:50 executing program 0:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 18)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

08:12:50 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e7778", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

[ 1615.971507] FAULT_INJECTION: forcing a failure.
[ 1615.971507] name failslab, interval 1, probability 0, space 0, times 0
[ 1615.973155] CPU: 0 PID: 9660 Comm: syz-executor.4 Not tainted 5.10.211 #1
[ 1615.973858] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1615.974744] Call Trace:
[ 1615.975031]  dump_stack+0x107/0x167
[ 1615.975406]  should_fail.cold+0x5/0xa
[ 1615.975800]  ? create_object.isra.0+0x3a/0xa20
[ 1615.976276]  should_failslab+0x5/0x20
[ 1615.976667]  kmem_cache_alloc+0x5b/0x310
[ 1615.977080]  ? mark_held_locks+0x9e/0xe0
[ 1615.977510]  create_object.isra.0+0x3a/0xa20
[ 1615.977939]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1615.978486]  __kmalloc_track_caller+0x177/0x370
[ 1615.978946]  ? security_context_to_sid_core+0x7fc/0x890
[ 1615.979217] FAULT_INJECTION: forcing a failure.
[ 1615.979217] name failslab, interval 1, probability 0, space 0, times 0
[ 1615.979527]  kstrdup+0x36/0x70
[ 1615.981149]  security_context_to_sid_core+0x7fc/0x890
[ 1615.981697]  ? security_compute_sid.part.0+0x16e0/0x16e0
[ 1615.982277]  ? ext4_fc_mark_ineligible+0x78/0x170
[ 1615.982781]  ? ext4_xattr_set+0x293/0x340
[ 1615.983233]  ? ext4_xattr_set_credits+0x200/0x200
[ 1615.983742]  security_context_to_sid_force+0x34/0x50
[ 1615.984281]  selinux_inode_post_setxattr+0x11b/0x2d0
[ 1615.984809]  ? backing_inode_security+0x170/0x170
[ 1615.985333]  ? ext4_initxattrs+0x120/0x120
[ 1615.985745]  ? xattr_resolve_name+0x3e0/0x3e0
[ 1615.986156]  security_inode_post_setxattr+0xd6/0x130
[ 1615.986589]  __vfs_setxattr_noperm+0x2a9/0x4c0
[ 1615.987010]  __vfs_setxattr_locked+0x1c3/0x250
[ 1615.987409]  vfs_setxattr+0xe8/0x270
[ 1615.987750]  ? __vfs_setxattr_locked+0x250/0x250
[ 1615.988188]  setxattr+0x23d/0x330
[ 1615.988486]  ? vfs_setxattr+0x270/0x270
[ 1615.988846]  ? filename_lookup+0x3c8/0x570
[ 1615.989228]  ? lock_acquire+0x197/0x470
[ 1615.989569]  ? path_setxattr+0xb5/0x190
[ 1615.989908]  ? lock_release+0x680/0x680
[ 1615.990272]  ? strncpy_from_user+0x9e/0x470
[ 1615.990617]  ? __mnt_want_write+0x196/0x280
[ 1615.991015]  path_setxattr+0x174/0x190
[ 1615.991346]  ? setxattr+0x330/0x330
[ 1615.991671]  ? __ia32_sys_read+0xb0/0xb0
[ 1615.992030]  __x64_sys_setxattr+0xc0/0x160
[ 1615.992398]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1615.992853]  do_syscall_64+0x33/0x40
[ 1615.993175]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1615.993593] RIP: 0033:0x7f3ed2558b19
[ 1615.993906] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1615.995489] RSP: 002b:00007f3ecface188 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[ 1615.996147] RAX: ffffffffffffffda RBX: 00007f3ed266bf60 RCX: 00007f3ed2558b19
[ 1615.996745] RDX: 0000000020000240 RSI: 00000000200001c0 RDI: 0000000020000180
[ 1615.997333] RBP: 00007f3ecface1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1615.997933] R10: 0000000000000025 R11: 0000000000000246 R12: 0000000000000002
[ 1615.998545] R13: 00007ffd34e6ca4f R14: 00007f3ecface300 R15: 0000000000022000
[ 1615.999184] CPU: 1 PID: 9661 Comm: syz-executor.0 Not tainted 5.10.211 #1
[ 1616.000052] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1616.000919] Call Trace:
[ 1616.001195]  dump_stack+0x107/0x167
[ 1616.001567]  should_fail.cold+0x5/0xa
[ 1616.001952]  ? selinux_kernfs_init_security+0x137/0x4c0
[ 1616.002473]  should_failslab+0x5/0x20
[ 1616.002861]  __kmalloc+0x72/0x390
[ 1616.003217]  selinux_kernfs_init_security+0x137/0x4c0
[ 1616.003721]  ? selinux_file_mprotect+0x610/0x610
[ 1616.004308]  ? find_held_lock+0x2c/0x110
[ 1616.004726]  ? __kernfs_new_node+0x2ad/0x860
[ 1616.005294]  ? lock_downgrade+0x6d0/0x6d0
[ 1616.005738]  ? rwlock_bug.part.0+0x90/0x90
[ 1616.006290]  security_kernfs_init_security+0x4e/0xb0
[ 1616.006815]  __kernfs_new_node+0x531/0x860
[ 1616.007349]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1616.007839]  ? cpumask_next+0x1f/0x30
[ 1616.008321]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 1616.008798]  ? pcpu_alloc+0x12a/0x1240
[ 1616.009299]  kernfs_new_node+0x18d/0x250
[ 1616.009738]  kernfs_create_dir_ns+0x49/0x160
[ 1616.010295]  cgroup_mkdir+0x318/0xf50
[ 1616.010692]  ? cgroup_destroy_locked+0x710/0x710
[ 1616.011276]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1616.011708]  vfs_mkdir+0x493/0x700
[ 1616.012162]  do_mkdirat+0x150/0x2b0
[ 1616.012536]  ? user_path_create+0xf0/0xf0
[ 1616.013059]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1616.013590]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1616.014243]  do_syscall_64+0x33/0x40
[ 1616.014637]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1616.015270] RIP: 0033:0x7f8dbfff9b19
[ 1616.015642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1616.017895] RSP: 002b:00007f8dbd56f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1616.018687] RAX: ffffffffffffffda RBX: 00007f8dc010cf60 RCX: 00007f8dbfff9b19
[ 1616.019369] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1616.020068] RBP: 00007f8dbd56f1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1616.020765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1616.021480] R13: 00007ffc385ac51f R14: 00007f8dbd56f300 R15: 0000000000022000
[ 1616.100727] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
08:12:50 executing program 2:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400000000000000080006", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 17)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')

08:12:50 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x0) (fail_nth: 20)

[ 1616.157752] FAULT_INJECTION: forcing a failure.
[ 1616.157752] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[ 1616.158619] FAULT_INJECTION: forcing a failure.
[ 1616.158619] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1616.158935] CPU: 0 PID: 9675 Comm: syz-executor.2 Not tainted 5.10.211 #1
[ 1616.160689] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1616.161413] Call Trace:
[ 1616.161640]  dump_stack+0x107/0x167
[ 1616.161963]  should_fail.cold+0x5/0xa
[ 1616.162311]  __alloc_pages_nodemask+0x182/0x600
[ 1616.162710]  ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130
[ 1616.163251]  alloc_pages_current+0x187/0x280
[ 1616.163639]  allocate_slab+0x26f/0x380
[ 1616.163982]  ___slab_alloc+0x470/0x700
[ 1616.164337]  ? __kernfs_new_node+0xd4/0x860
[ 1616.164711]  ? trace_hardirqs_on+0x5b/0x180
[ 1616.165096]  ? __kernfs_new_node+0xd4/0x860
[ 1616.165453]  ? kmem_cache_alloc+0x301/0x310
[ 1616.165811]  kmem_cache_alloc+0x301/0x310
[ 1616.166166]  __kernfs_new_node+0xd4/0x860
[ 1616.166515]  ? mark_held_locks+0x9e/0xe0
[ 1616.166868]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1616.167300]  ? cpumask_next+0x1f/0x30
[ 1616.167631]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 1616.168053]  ? pcpu_alloc+0x12a/0x1240
[ 1616.168401]  kernfs_new_node+0x18d/0x250
[ 1616.168754]  kernfs_create_dir_ns+0x49/0x160
[ 1616.169163]  cgroup_mkdir+0x318/0xf50
[ 1616.169496]  ? cgroup_destroy_locked+0x710/0x710
[ 1616.169904]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1616.170278]  vfs_mkdir+0x493/0x700
[ 1616.170582]  do_mkdirat+0x150/0x2b0
[ 1616.170898]  ? user_path_create+0xf0/0xf0
[ 1616.171281]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1616.171736]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1616.172196]  do_syscall_64+0x33/0x40
[ 1616.172523]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1616.172977] RIP: 0033:0x7fe52009fb19
[ 1616.173302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1616.174878] RSP: 002b:00007fe51d615188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1616.175552] RAX: ffffffffffffffda RBX: 00007fe5201b2f60 RCX: 00007fe52009fb19
[ 1616.176156] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1616.176780] RBP: 00007fe51d6151d0 R08: 0000000000000000 R09: 0000000000000000
[ 1616.177404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1616.178011] R13: 00007fff0a4138bf R14: 00007fe51d615300 R15: 0000000000022000
[ 1616.178662] CPU: 1 PID: 9676 Comm: syz-executor.4 Not tainted 5.10.211 #1
[ 1616.179384] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1616.180220] Call Trace:
[ 1616.180508]  dump_stack+0x107/0x167
[ 1616.180895]  should_fail.cold+0x5/0xa
[ 1616.181291]  _copy_to_user+0x2e/0x180
[ 1616.181687]  simple_read_from_buffer+0xcc/0x160
[ 1616.182175]  proc_fail_nth_read+0x198/0x230
[ 1616.182719]  ? proc_sessionid_read+0x230/0x230
[ 1616.183174]  ? security_file_permission+0x24e/0x570
[ 1616.183785]  ? perf_trace_initcall_start+0x101/0x380
[ 1616.184294]  ? proc_sessionid_read+0x230/0x230
[ 1616.184865]  vfs_read+0x228/0x580
[ 1616.185213]  ksys_read+0x12d/0x260
[ 1616.185655]  ? vfs_write+0xa70/0xa70
[ 1616.186046]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1616.186696]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1616.187207]  do_syscall_64+0x33/0x40
[ 1616.187666]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1616.188166] RIP: 0033:0x7f3ed250b69c
[ 1616.188630] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
[ 1616.190801] RSP: 002b:00007f3ecface170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1616.191537] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3ed250b69c
[ 1616.192265] RDX: 000000000000000f RSI: 00007f3ecface1e0 RDI: 0000000000000005
[ 1616.192985] RBP: 00007f3ecface1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1616.193694] R10: 0000000000000025 R11: 0000000000000246 R12: 0000000000000002
[ 1616.194389] R13: 00007ffd34e6ca4f R14: 00007f3ecface300 R15: 0000000000022000
08:13:04 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x0)

08:13:04 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:13:04 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r8, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:13:04 executing program 2:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400000000000000080006", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 18)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')

08:13:04 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
getpgid(0x0)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)

08:13:04 executing program 0:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 19)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

08:13:04 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:13:04 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e7778", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

[ 1630.043530] FAULT_INJECTION: forcing a failure.
[ 1630.043530] name failslab, interval 1, probability 0, space 0, times 0
[ 1630.045946] CPU: 1 PID: 9690 Comm: syz-executor.0 Not tainted 5.10.211 #1
[ 1630.047048] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1630.048357] Call Trace:
[ 1630.048793]  dump_stack+0x107/0x167
[ 1630.049404]  should_fail.cold+0x5/0xa
[ 1630.050026]  ? create_object.isra.0+0x3a/0xa20
[ 1630.050755]  should_failslab+0x5/0x20
[ 1630.051418]  kmem_cache_alloc+0x5b/0x310
[ 1630.052084]  create_object.isra.0+0x3a/0xa20
[ 1630.052792]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1630.053619]  kmem_cache_alloc+0x159/0x310
[ 1630.054304]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 1630.055206]  radix_tree_extend+0x231/0x490
[ 1630.055903]  idr_get_free+0x623/0x8f0
[ 1630.056539]  idr_alloc_u32+0x170/0x2d0
[ 1630.057194]  ? __fprop_inc_percpu_max+0x130/0x130
[ 1630.057975]  ? lock_acquire+0x197/0x470
[ 1630.058619]  ? __kernfs_new_node+0xff/0x860
[ 1630.059323]  idr_alloc_cyclic+0x102/0x230
[ 1630.059996]  ? idr_alloc+0x130/0x130
[ 1630.060598]  ? rwlock_bug.part.0+0x90/0x90
[ 1630.061300]  __kernfs_new_node+0x117/0x860
[ 1630.061989]  ? mark_held_locks+0x9e/0xe0
[ 1630.062649]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1630.063420]  ? cpumask_next+0x1f/0x30
[ 1630.064038]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 1630.064791]  ? pcpu_alloc+0x12a/0x1240
[ 1630.065451]  kernfs_new_node+0x18d/0x250
[ 1630.066126]  kernfs_create_dir_ns+0x49/0x160
[ 1630.066839]  cgroup_mkdir+0x318/0xf50
[ 1630.067465]  ? cgroup_destroy_locked+0x710/0x710
[ 1630.068231]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1630.068906]  vfs_mkdir+0x493/0x700
[ 1630.069507]  do_mkdirat+0x150/0x2b0
[ 1630.070108]  ? user_path_create+0xf0/0xf0
[ 1630.070787]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1630.071630]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1630.072469]  do_syscall_64+0x33/0x40
[ 1630.073089]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1630.073912] RIP: 0033:0x7f8dbfff9b19
[ 1630.074508] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1630.077406] RSP: 002b:00007f8dbd56f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1630.078627] RAX: ffffffffffffffda RBX: 00007f8dc010cf60 RCX: 00007f8dbfff9b19
[ 1630.079758] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1630.080887] RBP: 00007f8dbd56f1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1630.082045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1630.083154] R13: 00007ffc385ac51f R14: 00007f8dbd56f300 R15: 0000000000022000
[ 1630.093421] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
08:13:04 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x7, 0x0)

[ 1630.153186] SELinux:  Context system_ is not valid (left unmapped).
[ 1630.166788] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
08:13:04 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
getpgid(0x0)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)

08:13:04 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

[ 1630.233152] FAULT_INJECTION: forcing a failure.
[ 1630.233152] name failslab, interval 1, probability 0, space 0, times 0
[ 1630.234554] CPU: 0 PID: 9708 Comm: syz-executor.2 Not tainted 5.10.211 #1
[ 1630.235248] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1630.236087] Call Trace:
[ 1630.236368]  dump_stack+0x107/0x167
[ 1630.236745]  should_fail.cold+0x5/0xa
[ 1630.237152]  ? selinux_kernfs_init_security+0x137/0x4c0
[ 1630.237699]  should_failslab+0x5/0x20
[ 1630.238095]  __kmalloc+0x72/0x390
[ 1630.238465]  selinux_kernfs_init_security+0x137/0x4c0
[ 1630.238991]  ? selinux_file_mprotect+0x610/0x610
[ 1630.239478]  ? find_held_lock+0x2c/0x110
[ 1630.239903]  ? __kernfs_new_node+0x2ad/0x860
[ 1630.240356]  ? lock_downgrade+0x6d0/0x6d0
[ 1630.240787]  ? rwlock_bug.part.0+0x90/0x90
[ 1630.241245]  security_kernfs_init_security+0x4e/0xb0
[ 1630.241768]  __kernfs_new_node+0x531/0x860
[ 1630.242218]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1630.242705]  ? cpumask_next+0x1f/0x30
[ 1630.243096]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 1630.243577]  ? pcpu_alloc+0x12a/0x1240
[ 1630.243993]  kernfs_new_node+0x18d/0x250
[ 1630.244576]  kernfs_create_dir_ns+0x49/0x160
[ 1630.245048]  cgroup_mkdir+0x318/0xf50
[ 1630.245454]  ? cgroup_destroy_locked+0x710/0x710
[ 1630.245940]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1630.246374]  vfs_mkdir+0x493/0x700
[ 1630.246744]  do_mkdirat+0x150/0x2b0
[ 1630.247120]  ? user_path_create+0xf0/0xf0
[ 1630.247554]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1630.248095]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1630.248627]  do_syscall_64+0x33/0x40
[ 1630.249023]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1630.249541] RIP: 0033:0x7fe52009fb19
[ 1630.249925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1630.251767] RSP: 002b:00007fe51d5f4188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1630.252544] RAX: ffffffffffffffda RBX: 00007fe5201b3020 RCX: 00007fe52009fb19
[ 1630.253274] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1630.253995] RBP: 00007fe51d5f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 1630.254724] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1630.255448] R13: 00007fff0a4138bf R14: 00007fe51d5f4300 R15: 0000000000022000
08:13:04 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:13:05 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x21, 0x0)

08:13:05 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787c", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

[ 1630.413889] SELinux:  Context system_u:object_r:pinentry_exec_t is not valid (left unmapped).
[ 1630.432471] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
08:13:17 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:13:17 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787c", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:13:17 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:13:17 executing program 2:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400000000000000080006", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 19)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')

08:13:17 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r8, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:13:17 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x20000265, 0x0)

08:13:17 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)

08:13:17 executing program 0:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 20)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

[ 1642.563248] FAULT_INJECTION: forcing a failure.
[ 1642.563248] name failslab, interval 1, probability 0, space 0, times 0
[ 1642.565474] CPU: 0 PID: 9745 Comm: syz-executor.2 Not tainted 5.10.211 #1
[ 1642.566643] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1642.568090] Call Trace:
[ 1642.568640]  dump_stack+0x107/0x167
[ 1642.569450]  should_fail.cold+0x5/0xa
[ 1642.570283]  ? create_object.isra.0+0x3a/0xa20
[ 1642.571278]  should_failslab+0x5/0x20
[ 1642.572103]  kmem_cache_alloc+0x5b/0x310
[ 1642.572973]  create_object.isra.0+0x3a/0xa20
[ 1642.573923]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1642.575035]  kmem_cache_alloc+0x159/0x310
[ 1642.575980]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 1642.577241]  radix_tree_extend+0x231/0x490
[ 1642.578207]  idr_get_free+0x623/0x8f0
[ 1642.579096]  idr_alloc_u32+0x170/0x2d0
[ 1642.579974]  ? __fprop_inc_percpu_max+0x130/0x130
[ 1642.581053]  ? lock_acquire+0x197/0x470
[ 1642.581946]  ? __kernfs_new_node+0xff/0x860
[ 1642.582927]  idr_alloc_cyclic+0x102/0x230
[ 1642.583851]  ? idr_alloc+0x130/0x130
[ 1642.584674]  ? rwlock_bug.part.0+0x90/0x90
[ 1642.585660]  __kernfs_new_node+0x117/0x860
[ 1642.586617]  ? mark_held_locks+0x9e/0xe0
[ 1642.587528]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1642.588590]  ? cpumask_next+0x1f/0x30
[ 1642.589457]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 1642.590496]  ? pcpu_alloc+0x12a/0x1240
[ 1642.591388]  kernfs_new_node+0x18d/0x250
[ 1642.592315]  kernfs_create_dir_ns+0x49/0x160
[ 1642.593313]  cgroup_mkdir+0x318/0xf50
[ 1642.594175]  ? cgroup_destroy_locked+0x710/0x710
[ 1642.595230]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1642.596158]  vfs_mkdir+0x493/0x700
[ 1642.596964]  do_mkdirat+0x150/0x2b0
[ 1642.597795]  ? user_path_create+0xf0/0xf0
[ 1642.598725]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1642.599874]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1642.601026]  do_syscall_64+0x33/0x40
[ 1642.601711]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1642.602538] RIP: 0033:0x7fe52009fb19
[ 1642.603161] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1642.606150] RSP: 002b:00007fe51d615188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1642.607388] RAX: ffffffffffffffda RBX: 00007fe5201b2f60 RCX: 00007fe52009fb19
[ 1642.608557] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1642.609739] RBP: 00007fe51d6151d0 R08: 0000000000000000 R09: 0000000000000000
[ 1642.610895] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1642.612060] R13: 00007fff0a4138bf R14: 00007fe51d615300 R15: 0000000000022000
[ 1642.628897] FAULT_INJECTION: forcing a failure.
[ 1642.628897] name failslab, interval 1, probability 0, space 0, times 0
[ 1642.630216] CPU: 1 PID: 9753 Comm: syz-executor.0 Not tainted 5.10.211 #1
[ 1642.630899] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1642.631724] Call Trace:
[ 1642.631987]  dump_stack+0x107/0x167
[ 1642.632347]  should_fail.cold+0x5/0xa
[ 1642.632735]  should_failslab+0x5/0x20
[ 1642.633106]  __kmalloc_track_caller+0x79/0x370
[ 1642.633550]  ? security_context_to_sid_core+0xb4/0x890
[ 1642.634085]  kmemdup_nul+0x2d/0xa0
[ 1642.634445]  security_context_to_sid_core+0xb4/0x890
[ 1642.634954]  ? security_compute_sid.part.0+0x16e0/0x16e0
[ 1642.635500]  ? do_raw_spin_lock+0x121/0x260
[ 1642.635926]  ? rwlock_bug.part.0+0x90/0x90
[ 1642.636368]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1642.636856]  ? do_raw_spin_unlock+0x4f/0x220
[ 1642.637319]  ? _raw_spin_unlock+0x1a/0x30
[ 1642.637734]  security_context_to_sid+0x35/0x50
[ 1642.638206]  selinux_kernfs_init_security+0x19d/0x4c0
[ 1642.638716]  ? selinux_file_mprotect+0x610/0x610
[ 1642.639205]  ? find_held_lock+0x2c/0x110
[ 1642.639613]  ? __kernfs_new_node+0x2ad/0x860
[ 1642.640063]  ? lock_downgrade+0x6d0/0x6d0
[ 1642.640483]  ? rwlock_bug.part.0+0x90/0x90
[ 1642.640920]  security_kernfs_init_security+0x4e/0xb0
[ 1642.641422]  __kernfs_new_node+0x531/0x860
[ 1642.641859]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1642.642326]  ? cpumask_next+0x1f/0x30
[ 1642.642720]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 1642.643186]  ? pcpu_alloc+0x12a/0x1240
[ 1642.643598]  kernfs_new_node+0x18d/0x250
[ 1642.644008]  kernfs_create_dir_ns+0x49/0x160
[ 1642.644464]  cgroup_mkdir+0x318/0xf50
[ 1642.644852]  ? cgroup_destroy_locked+0x710/0x710
[ 1642.645344]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1642.645751]  vfs_mkdir+0x493/0x700
[ 1642.646131]  do_mkdirat+0x150/0x2b0
[ 1642.646497]  ? user_path_create+0xf0/0xf0
[ 1642.646926]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1642.647446]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1642.647968]  do_syscall_64+0x33/0x40
[ 1642.648349]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1642.648858] RIP: 0033:0x7f8dbfff9b19
[ 1642.649239] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1642.651038] RSP: 002b:00007f8dbd56f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1642.651787] RAX: ffffffffffffffda RBX: 00007f8dc010cf60 RCX: 00007f8dbfff9b19
[ 1642.652505] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1642.653213] RBP: 00007f8dbd56f1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1642.653913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1642.654611] R13: 00007ffc385ac51f R14: 00007f8dbd56f300 R15: 0000000000022000
08:13:17 executing program 0:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 21)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

[ 1642.674743] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
08:13:17 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x2)

[ 1642.721884] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1642.805362] FAULT_INJECTION: forcing a failure.
[ 1642.805362] name failslab, interval 1, probability 0, space 0, times 0
[ 1642.807627] CPU: 0 PID: 9760 Comm: syz-executor.0 Not tainted 5.10.211 #1
[ 1642.808756] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1642.810115] Call Trace:
[ 1642.810556]  dump_stack+0x107/0x167
[ 1642.811182]  should_fail.cold+0x5/0xa
[ 1642.811830]  ? radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 1642.812774]  should_failslab+0x5/0x20
[ 1642.813404]  kmem_cache_alloc+0x5b/0x310
[ 1642.814104]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 1642.815045]  idr_get_free+0x4b5/0x8f0
[ 1642.815708]  idr_alloc_u32+0x170/0x2d0
[ 1642.816349]  ? __fprop_inc_percpu_max+0x130/0x130
[ 1642.817163]  ? lock_acquire+0x197/0x470
[ 1642.817835]  ? __kernfs_new_node+0xff/0x860
[ 1642.818550]  idr_alloc_cyclic+0x102/0x230
[ 1642.819255]  ? idr_alloc+0x130/0x130
[ 1642.819879]  ? rwlock_bug.part.0+0x90/0x90
[ 1642.820590]  __kernfs_new_node+0x117/0x860
[ 1642.821307]  ? mark_held_locks+0x9e/0xe0
[ 1642.821992]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1642.822802]  ? cpumask_next+0x1f/0x30
[ 1642.823428]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 1642.824218]  ? pcpu_alloc+0x12a/0x1240
[ 1642.824887]  kernfs_new_node+0x18d/0x250
[ 1642.825580]  kernfs_create_dir_ns+0x49/0x160
[ 1642.826330]  cgroup_mkdir+0x318/0xf50
[ 1642.826997]  ? cgroup_destroy_locked+0x710/0x710
[ 1642.827791]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1642.828472]  vfs_mkdir+0x493/0x700
[ 1642.829077]  do_mkdirat+0x150/0x2b0
[ 1642.829711]  ? user_path_create+0xf0/0xf0
[ 1642.830393]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1642.831272]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1642.832140]  do_syscall_64+0x33/0x40
[ 1642.832767]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1642.833624] RIP: 0033:0x7f8dbfff9b19
[ 1642.834242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1642.837262] RSP: 002b:00007f8dbd56f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1642.838513] RAX: ffffffffffffffda RBX: 00007f8dc010cf60 RCX: 00007f8dbfff9b19
[ 1642.839702] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1642.840863] RBP: 00007f8dbd56f1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1642.842048] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1642.843251] R13: 00007ffc385ac51f R14: 00007f8dbd56f300 R15: 0000000000022000
08:13:31 executing program 0:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 22)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

08:13:31 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)

08:13:31 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787c", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x80d0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:13:31 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x4)

08:13:31 executing program 2:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400000000000000080006", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 20)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')

08:13:31 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:13:31 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:13:31 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r8, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1657.036328] FAULT_INJECTION: forcing a failure.
[ 1657.036328] name failslab, interval 1, probability 0, space 0, times 0
[ 1657.037828] CPU: 1 PID: 9783 Comm: syz-executor.0 Not tainted 5.10.211 #1
[ 1657.038517] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1657.039336] Call Trace:
[ 1657.039610]  dump_stack+0x107/0x167
[ 1657.039982]  should_fail.cold+0x5/0xa
[ 1657.040384]  should_failslab+0x5/0x20
[ 1657.040772]  __kmalloc_track_caller+0x79/0x370
[ 1657.041241]  ? sidtab_sid2str_get+0x17e/0x720
[ 1657.041712]  kmemdup+0x23/0x50
[ 1657.042046]  sidtab_sid2str_get+0x17e/0x720
[ 1657.042489]  sidtab_entry_to_string+0x33/0x110
[ 1657.042955]  security_sid_to_context_core+0x33c/0x5d0
[ 1657.043502]  selinux_kernfs_init_security+0x239/0x4c0
[ 1657.044028]  ? selinux_file_mprotect+0x610/0x610
[ 1657.044504]  ? find_held_lock+0x2c/0x110
[ 1657.044914]  ? __kernfs_new_node+0x2ad/0x860
[ 1657.045382]  ? rwlock_bug.part.0+0x90/0x90
[ 1657.045822]  security_kernfs_init_security+0x4e/0xb0
[ 1657.046355]  __kernfs_new_node+0x531/0x860
[ 1657.046790]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1657.047359]  ? cpumask_next+0x1f/0x30
[ 1657.047832]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 1657.048332]  ? pcpu_alloc+0x12a/0x1240
[ 1657.048742]  kernfs_new_node+0x18d/0x250
[ 1657.049177]  kernfs_create_dir_ns+0x49/0x160
[ 1657.049649]  cgroup_mkdir+0x318/0xf50
[ 1657.050051]  ? cgroup_destroy_locked+0x710/0x710
[ 1657.050547]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1657.050969]  vfs_mkdir+0x493/0x700
[ 1657.051356]  do_mkdirat+0x150/0x2b0
[ 1657.051729]  ? user_path_create+0xf0/0xf0
[ 1657.052173]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1657.052706]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1657.053246]  do_syscall_64+0x33/0x40
[ 1657.053635]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1657.054168] RIP: 0033:0x7f8dbfff9b19
[ 1657.054553] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1657.056434] RSP: 002b:00007f8dbd56f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1657.057223] RAX: ffffffffffffffda RBX: 00007f8dc010cf60 RCX: 00007f8dbfff9b19
[ 1657.057971] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1657.058697] RBP: 00007f8dbd56f1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1657.059426] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1657.060159] R13: 00007ffc385ac51f R14: 00007f8dbd56f300 R15: 0000000000022000
[ 1657.104171] FAULT_INJECTION: forcing a failure.
[ 1657.104171] name failslab, interval 1, probability 0, space 0, times 0
[ 1657.105475] CPU: 1 PID: 9791 Comm: syz-executor.2 Not tainted 5.10.211 #1
[ 1657.106053] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1657.106729] Call Trace:
[ 1657.106960]  dump_stack+0x107/0x167
[ 1657.107271]  should_fail.cold+0x5/0xa
[ 1657.107594]  ? ext4_mb_new_blocks+0x64d/0x45b0
[ 1657.107976]  should_failslab+0x5/0x20
[ 1657.108298]  kmem_cache_alloc+0x5b/0x310
[ 1657.108641]  ext4_mb_new_blocks+0x64d/0x45b0
[ 1657.109028]  ? mark_held_locks+0x4c/0xe0
[ 1657.109382]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1657.109826]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 1657.110282]  ? trace_hardirqs_on+0x5b/0x180
[ 1657.110645]  ? ext4_discard_preallocations+0xd80/0xd80
[ 1657.111094]  ? ext4_inode_to_goal_block+0x320/0x430
[ 1657.111522]  ext4_ext_map_blocks+0x1d49/0x5860
[ 1657.111913]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1657.112353]  ? SOFTIRQ_verbose+0x10/0x10
[ 1657.112689]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1657.113135]  ? _raw_spin_unlock_irq+0x1f/0x30
[ 1657.113513]  ? trace_hardirqs_on+0x5b/0x180
[ 1657.113874]  ? _raw_spin_unlock_irq+0x1f/0x30
[ 1657.114248]  ? finish_task_switch+0x126/0x5d0
[ 1657.114619]  ? ext4_ext_release+0x10/0x10
[ 1657.114960]  ? ext4_map_blocks+0x5e0/0x1940
[ 1657.115327]  ? lock_release+0x680/0x680
[ 1657.115664]  ? io_schedule_timeout+0x140/0x140
[ 1657.116050]  ? lock_downgrade+0x6d0/0x6d0
[ 1657.116407]  ? down_write_killable+0x180/0x180
[ 1657.116795]  ext4_map_blocks+0x652/0x1940
[ 1657.117152]  ? _down_write_nest_lock+0x160/0x160
[ 1657.117553]  ? ext4_issue_zeroout+0x1c0/0x1c0
[ 1657.117931]  ? ext4_es_lookup_extent+0xc4/0xaa0
[ 1657.118349]  ext4_getblk+0x144/0x680
[ 1657.118655]  ? ext4_iomap_overwrite_begin+0xb0/0xb0
[ 1657.119076]  ? ext4_issue_zeroout+0x1c0/0x1c0
[ 1657.119447]  ? __brelse+0x84/0xa0
[ 1657.119737]  ? __ext4_new_inode+0x148/0x5370
[ 1657.120115]  ext4_bread+0x29/0x1f0
[ 1657.120416]  ext4_append+0x228/0x4e0
[ 1657.120733]  ? ext4_move_extents+0x3050/0x3050
[ 1657.121128]  ? ext4_mark_inode_used+0x14a0/0x14a0
[ 1657.121552]  ext4_init_new_dir+0x25e/0x4d0
[ 1657.121908]  ? ext4_init_dot_dotdot+0x610/0x610
[ 1657.122297]  ext4_mkdir+0x3c1/0xb10
[ 1657.122610]  ? ext4_rmdir+0xf70/0xf70
[ 1657.122934]  vfs_mkdir+0x493/0x700
[ 1657.123243]  do_mkdirat+0x150/0x2b0
[ 1657.123554]  ? user_path_create+0xf0/0xf0
[ 1657.123905]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1657.124346]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1657.124780]  do_syscall_64+0x33/0x40
[ 1657.125093]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1657.125525] RIP: 0033:0x7fe52009fb19
[ 1657.125831] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1657.127355] RSP: 002b:00007fe51d5f4188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1657.127979] RAX: ffffffffffffffda RBX: 00007fe5201b3020 RCX: 00007fe52009fb19
[ 1657.128569] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005
[ 1657.129158] RBP: 00007fe51d5f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 1657.129747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1657.130346] R13: 00007fff0a4138bf R14: 00007fe51d5f4300 R15: 0000000000022000
08:13:31 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)

08:13:31 executing program 0:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 23)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

[ 1657.168715] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1657.188316] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
08:13:31 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x8)

08:13:31 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

[ 1657.276228] FAULT_INJECTION: forcing a failure.
[ 1657.276228] name failslab, interval 1, probability 0, space 0, times 0
[ 1657.277404] CPU: 1 PID: 9805 Comm: syz-executor.0 Not tainted 5.10.211 #1
[ 1657.277962] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1657.278623] Call Trace:
[ 1657.278841]  dump_stack+0x107/0x167
[ 1657.279151]  should_fail.cold+0x5/0xa
[ 1657.279468]  ? create_object.isra.0+0x3a/0xa20
[ 1657.279848]  should_failslab+0x5/0x20
[ 1657.280166]  kmem_cache_alloc+0x5b/0x310
[ 1657.280516]  ? mark_held_locks+0x9e/0xe0
[ 1657.280873]  create_object.isra.0+0x3a/0xa20
[ 1657.281230]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1657.281651]  kmem_cache_alloc+0x159/0x310
[ 1657.281998]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 1657.282455]  idr_get_free+0x4b5/0x8f0
[ 1657.282779]  idr_alloc_u32+0x170/0x2d0
[ 1657.283108]  ? __fprop_inc_percpu_max+0x130/0x130
[ 1657.283497]  ? lock_acquire+0x197/0x470
[ 1657.283847]  ? __kernfs_new_node+0xff/0x860
[ 1657.284208]  idr_alloc_cyclic+0x102/0x230
[ 1657.284555]  ? idr_alloc+0x130/0x130
[ 1657.284857]  ? rwlock_bug.part.0+0x90/0x90
[ 1657.285215]  __kernfs_new_node+0x117/0x860
[ 1657.285580]  ? mark_held_locks+0x9e/0xe0
[ 1657.285917]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1657.286319]  ? cpumask_next+0x1f/0x30
[ 1657.286659]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 1657.287050]  ? pcpu_alloc+0x12a/0x1240
[ 1657.287382]  kernfs_new_node+0x18d/0x250
[ 1657.287743]  kernfs_create_dir_ns+0x49/0x160
[ 1657.288113]  cgroup_mkdir+0x318/0xf50
[ 1657.288428]  ? cgroup_destroy_locked+0x710/0x710
[ 1657.288815]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1657.289173]  vfs_mkdir+0x493/0x700
[ 1657.289482]  do_mkdirat+0x150/0x2b0
[ 1657.289781]  ? user_path_create+0xf0/0xf0
[ 1657.290132]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1657.290563]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1657.290990]  do_syscall_64+0x33/0x40
[ 1657.291300]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1657.291712] RIP: 0033:0x7f8dbfff9b19
[ 1657.292019] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1657.293523] RSP: 002b:00007f8dbd56f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1657.294148] RAX: ffffffffffffffda RBX: 00007f8dc010cf60 RCX: 00007f8dbfff9b19
[ 1657.294722] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1657.295319] RBP: 00007f8dbd56f1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1657.295898] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1657.296464] R13: 00007ffc385ac51f R14: 00007f8dbd56f300 R15: 0000000000022000
08:13:32 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)

08:13:32 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r8, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:13:32 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:13:32 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x10)

08:13:32 executing program 2:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400000000000000080006", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 21)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')

08:13:32 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

[ 1657.427100] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 1657.435849] FAULT_INJECTION: forcing a failure.
[ 1657.435849] name failslab, interval 1, probability 0, space 0, times 0
[ 1657.437128] CPU: 1 PID: 9822 Comm: syz-executor.2 Not tainted 5.10.211 #1
[ 1657.437697] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1657.438393] Call Trace:
[ 1657.438616]  dump_stack+0x107/0x167
[ 1657.438926]  should_fail.cold+0x5/0xa
[ 1657.439245]  should_failslab+0x5/0x20
[ 1657.439572]  __kmalloc_track_caller+0x79/0x370
[ 1657.439941]  ? security_context_to_sid_core+0xb4/0x890
[ 1657.440400]  kmemdup_nul+0x2d/0xa0
[ 1657.440689]  security_context_to_sid_core+0xb4/0x890
[ 1657.441143]  ? security_compute_sid.part.0+0x16e0/0x16e0
[ 1657.441613]  ? do_raw_spin_lock+0x121/0x260
[ 1657.441987]  ? rwlock_bug.part.0+0x90/0x90
[ 1657.442363]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1657.442773]  ? do_raw_spin_unlock+0x4f/0x220
[ 1657.443158]  ? _raw_spin_unlock+0x1a/0x30
[ 1657.443517]  security_context_to_sid+0x35/0x50
[ 1657.443893]  selinux_kernfs_init_security+0x19d/0x4c0
[ 1657.444344]  ? selinux_file_mprotect+0x610/0x610
[ 1657.444723]  ? find_held_lock+0x2c/0x110
[ 1657.445067]  ? __kernfs_new_node+0x2ad/0x860
[ 1657.445448]  ? lock_downgrade+0x6d0/0x6d0
[ 1657.445779]  ? rwlock_bug.part.0+0x90/0x90
[ 1657.446162]  security_kernfs_init_security+0x4e/0xb0
[ 1657.446597]  __kernfs_new_node+0x531/0x860
[ 1657.446942]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1657.447358]  ? cpumask_next+0x1f/0x30
[ 1657.447678]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 1657.448060]  ? pcpu_alloc+0x12a/0x1240
[ 1657.448398]  kernfs_new_node+0x18d/0x250
[ 1657.448750]  kernfs_create_dir_ns+0x49/0x160
[ 1657.449120]  cgroup_mkdir+0x318/0xf50
[ 1657.449458]  ? cgroup_destroy_locked+0x710/0x710
[ 1657.449840]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1657.450209]  vfs_mkdir+0x493/0x700
[ 1657.450501]  do_mkdirat+0x150/0x2b0
[ 1657.450811]  ? user_path_create+0xf0/0xf0
[ 1657.451156]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1657.451598]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1657.452023]  do_syscall_64+0x33/0x40
[ 1657.452344]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1657.452774] RIP: 0033:0x7fe52009fb19
[ 1657.453096] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1657.454643] RSP: 002b:00007fe51d615188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1657.455292] RAX: ffffffffffffffda RBX: 00007fe5201b2f60 RCX: 00007fe52009fb19
[ 1657.455900] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1657.456514] RBP: 00007fe51d6151d0 R08: 0000000000000000 R09: 0000000000000000
[ 1657.457121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1657.457729] R13: 00007fff0a4138bf R14: 00007fe51d615300 R15: 0000000000022000
08:13:46 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:13:46 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:13:46 executing program 2:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400000000000000080006", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 22)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')

08:13:46 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r8, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:13:46 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0xf0)

08:13:46 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)

08:13:46 executing program 0:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 24)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

08:13:46 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

[ 1671.372858] FAULT_INJECTION: forcing a failure.
[ 1671.372858] name failslab, interval 1, probability 0, space 0, times 0
[ 1671.374428] CPU: 0 PID: 9830 Comm: syz-executor.2 Not tainted 5.10.211 #1
[ 1671.375253] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1671.376260] Call Trace:
[ 1671.376597]  dump_stack+0x107/0x167
[ 1671.377045]  should_fail.cold+0x5/0xa
[ 1671.377512]  ? radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 1671.378198]  should_failslab+0x5/0x20
[ 1671.378658]  kmem_cache_alloc+0x5b/0x310
[ 1671.379152]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 1671.379827]  idr_get_free+0x4b5/0x8f0
[ 1671.380302]  idr_alloc_u32+0x170/0x2d0
[ 1671.380767]  ? __fprop_inc_percpu_max+0x130/0x130
[ 1671.381348]  ? lock_acquire+0x197/0x470
[ 1671.381847]  ? __kernfs_new_node+0xff/0x860
[ 1671.382374]  idr_alloc_cyclic+0x102/0x230
[ 1671.382871]  ? idr_alloc+0x130/0x130
[ 1671.383311]  ? rwlock_bug.part.0+0x90/0x90
[ 1671.383821]  __kernfs_new_node+0x117/0x860
[ 1671.384334]  ? mark_held_locks+0x9e/0xe0
[ 1671.384828]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1671.385388]  ? cpumask_next+0x1f/0x30
[ 1671.385856]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 1671.386419]  ? pcpu_alloc+0x12a/0x1240
[ 1671.386913]  kernfs_new_node+0x18d/0x250
[ 1671.387422]  kernfs_create_dir_ns+0x49/0x160
[ 1671.387954]  cgroup_mkdir+0x318/0xf50
[ 1671.388411]  ? cgroup_destroy_locked+0x710/0x710
[ 1671.388983]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1671.389489]  vfs_mkdir+0x493/0x700
[ 1671.389946]  do_mkdirat+0x150/0x2b0
[ 1671.390388]  ? user_path_create+0xf0/0xf0
[ 1671.390902]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1671.391528]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1671.392151]  do_syscall_64+0x33/0x40
[ 1671.392614]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1671.393231] RIP: 0033:0x7fe52009fb19
[ 1671.393686] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1671.395844] RSP: 002b:00007fe51d615188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1671.396753] RAX: ffffffffffffffda RBX: 00007fe5201b2f60 RCX: 00007fe52009fb19
[ 1671.397607] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1671.398468] RBP: 00007fe51d6151d0 R08: 0000000000000000 R09: 0000000000000000
[ 1671.399322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1671.400199] R13: 00007fff0a4138bf R14: 00007fe51d615300 R15: 0000000000022000
08:13:46 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x321)

[ 1671.437291] FAULT_INJECTION: forcing a failure.
[ 1671.437291] name failslab, interval 1, probability 0, space 0, times 0
[ 1671.439112] CPU: 0 PID: 9849 Comm: syz-executor.0 Not tainted 5.10.211 #1
[ 1671.439936] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1671.440948] Call Trace:
[ 1671.441289]  dump_stack+0x107/0x167
[ 1671.441761]  should_fail.cold+0x5/0xa
[ 1671.442233]  ? __es_insert_extent+0xed1/0x1370
[ 1671.442798]  should_failslab+0x5/0x20
[ 1671.443278]  kmem_cache_alloc+0x5b/0x310
[ 1671.443780]  __es_insert_extent+0xed1/0x1370
[ 1671.444356]  ext4_es_insert_extent+0x45d/0xf10
[ 1671.444915]  ? ext4_es_scan_clu+0x2e0/0x2e0
[ 1671.445443]  ? lock_downgrade+0x6d0/0x6d0
[ 1671.445960]  ? down_write_killable+0x180/0x180
[ 1671.446534]  ext4_map_blocks+0x8e1/0x1940
[ 1671.447046]  ? ext4_issue_zeroout+0x1c0/0x1c0
[ 1671.447606]  ? ext4_es_lookup_extent+0xc4/0xaa0
[ 1671.448188]  ext4_getblk+0x144/0x680
[ 1671.448657]  ? ext4_iomap_overwrite_begin+0xb0/0xb0
[ 1671.449254]  ? ext4_issue_zeroout+0x1c0/0x1c0
[ 1671.449819]  ? __brelse+0x84/0xa0
[ 1671.450236]  ? __ext4_new_inode+0x148/0x5370
[ 1671.450776]  ext4_bread+0x29/0x1f0
[ 1671.451225]  ext4_append+0x228/0x4e0
[ 1671.451674]  ? ext4_move_extents+0x3050/0x3050
[ 1671.452242]  ? ext4_mark_inode_used+0x14a0/0x14a0
[ 1671.452843]  ext4_init_new_dir+0x25e/0x4d0
[ 1671.453361]  ? ext4_init_dot_dotdot+0x610/0x610
[ 1671.453946]  ext4_mkdir+0x3c1/0xb10
[ 1671.454400]  ? ext4_rmdir+0xf70/0xf70
[ 1671.454875]  vfs_mkdir+0x493/0x700
[ 1671.455311]  do_mkdirat+0x150/0x2b0
[ 1671.455755]  ? user_path_create+0xf0/0xf0
[ 1671.456259]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1671.456894]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1671.457561]  do_syscall_64+0x33/0x40
[ 1671.457996]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1671.458636] RIP: 0033:0x7f8dbfff9b19
[ 1671.459077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1671.461309] RSP: 002b:00007f8dbd54e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1671.462230] RAX: ffffffffffffffda RBX: 00007f8dc010d020 RCX: 00007f8dbfff9b19
[ 1671.463085] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005
[ 1671.463956] RBP: 00007f8dbd54e1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1671.464837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1671.465723] R13: 00007ffc385ac51f R14: 00007f8dbd54e300 R15: 0000000000022000
08:13:46 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)

[ 1671.495563] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
08:13:46 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340))
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, 0x0)
r5 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r5, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
dup2(r7, r6)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r7, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:13:46 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

[ 1671.594665] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
08:13:46 executing program 0:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 25)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

08:13:46 executing program 2:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400000000000000080006", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 23)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')

08:13:46 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x2000)

[ 1671.675270] FAULT_INJECTION: forcing a failure.
[ 1671.675270] name failslab, interval 1, probability 0, space 0, times 0
[ 1671.676695] CPU: 0 PID: 9864 Comm: syz-executor.2 Not tainted 5.10.211 #1
[ 1671.677404] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1671.678254] Call Trace:
[ 1671.678531]  dump_stack+0x107/0x167
[ 1671.678903]  should_fail.cold+0x5/0xa
[ 1671.679310]  should_failslab+0x5/0x20
[ 1671.679716]  __kmalloc_track_caller+0x79/0x370
[ 1671.680192]  ? security_context_to_sid_core+0xb4/0x890
[ 1671.680735]  kmemdup_nul+0x2d/0xa0
[ 1671.681108]  security_context_to_sid_core+0xb4/0x890
[ 1671.681644]  ? security_compute_sid.part.0+0x16e0/0x16e0
[ 1671.682214]  ? do_raw_spin_lock+0x121/0x260
[ 1671.682661]  ? rwlock_bug.part.0+0x90/0x90
[ 1671.683088]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1671.683587]  ? do_raw_spin_unlock+0x4f/0x220
[ 1671.684034]  ? _raw_spin_unlock+0x1a/0x30
[ 1671.684461]  security_context_to_sid+0x35/0x50
[ 1671.684927]  selinux_kernfs_init_security+0x19d/0x4c0
[ 1671.685448]  ? selinux_file_mprotect+0x610/0x610
[ 1671.685935]  ? find_held_lock+0x2c/0x110
[ 1671.686355]  ? __kernfs_new_node+0x2ad/0x860
[ 1671.686798]  ? lock_downgrade+0x6d0/0x6d0
[ 1671.687222]  ? rwlock_bug.part.0+0x90/0x90
[ 1671.687844]  security_kernfs_init_security+0x4e/0xb0
[ 1671.688362]  __kernfs_new_node+0x531/0x860
[ 1671.688788]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1671.689272]  ? cpumask_next+0x1f/0x30
[ 1671.689664]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 1671.690136]  ? pcpu_alloc+0x12a/0x1240
[ 1671.690547]  kernfs_new_node+0x18d/0x250
[ 1671.690966]  kernfs_create_dir_ns+0x49/0x160
[ 1671.691426]  cgroup_mkdir+0x318/0xf50
[ 1671.691831]  ? cgroup_destroy_locked+0x710/0x710
[ 1671.692319]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1671.692736]  vfs_mkdir+0x493/0x700
[ 1671.693109]  do_mkdirat+0x150/0x2b0
[ 1671.693488]  ? user_path_create+0xf0/0xf0
[ 1671.693916]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1671.694442]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1671.694964]  do_syscall_64+0x33/0x40
[ 1671.695340]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1671.695854] RIP: 0033:0x7fe52009fb19
[ 1671.696230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1671.698053] RSP: 002b:00007fe51d615188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1671.698819] RAX: ffffffffffffffda RBX: 00007fe5201b2f60 RCX: 00007fe52009fb19
[ 1671.699529] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1671.700243] RBP: 00007fe51d6151d0 R08: 0000000000000000 R09: 0000000000000000
[ 1671.700955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1671.701663] R13: 00007fff0a4138bf R14: 00007fe51d615300 R15: 0000000000022000
08:13:46 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

[ 1671.739408] FAULT_INJECTION: forcing a failure.
[ 1671.739408] name failslab, interval 1, probability 0, space 0, times 0
[ 1671.740820] CPU: 0 PID: 9867 Comm: syz-executor.0 Not tainted 5.10.211 #1
[ 1671.741519] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1671.742366] Call Trace:
[ 1671.742640]  dump_stack+0x107/0x167
[ 1671.743012]  should_fail.cold+0x5/0xa
[ 1671.743406]  ? create_object.isra.0+0x3a/0xa20
[ 1671.743876]  should_failslab+0x5/0x20
[ 1671.744264]  kmem_cache_alloc+0x5b/0x310
[ 1671.744682]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1671.745173]  create_object.isra.0+0x3a/0xa20
[ 1671.745635]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1671.746166]  __kmalloc+0x16e/0x390
[ 1671.746540]  selinux_kernfs_init_security+0x137/0x4c0
[ 1671.747073]  ? selinux_file_mprotect+0x610/0x610
[ 1671.747558]  ? find_held_lock+0x2c/0x110
[ 1671.747998]  ? __kernfs_new_node+0x2ad/0x860
[ 1671.748454]  ? lock_downgrade+0x6d0/0x6d0
[ 1671.748885]  ? rwlock_bug.part.0+0x90/0x90
[ 1671.749322]  security_kernfs_init_security+0x4e/0xb0
[ 1671.749811]  __kernfs_new_node+0x531/0x860
[ 1671.750227]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1671.750711]  ? cpumask_next+0x1f/0x30
[ 1671.751116]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 1671.751596]  ? pcpu_alloc+0x12a/0x1240
[ 1671.752011]  kernfs_new_node+0x18d/0x250
[ 1671.752440]  kernfs_create_dir_ns+0x49/0x160
[ 1671.752897]  cgroup_mkdir+0x318/0xf50
[ 1671.753294]  ? cgroup_destroy_locked+0x710/0x710
[ 1671.753784]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1671.754203]  vfs_mkdir+0x493/0x700
[ 1671.754575]  do_mkdirat+0x150/0x2b0
[ 1671.754955]  ? user_path_create+0xf0/0xf0
[ 1671.755401]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1671.755918]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1671.756447]  do_syscall_64+0x33/0x40
[ 1671.756822]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1671.757348] RIP: 0033:0x7f8dbfff9b19
[ 1671.757727] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1671.759573] RSP: 002b:00007f8dbd56f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1671.760344] RAX: ffffffffffffffda RBX: 00007f8dc010cf60 RCX: 00007f8dbfff9b19
[ 1671.761066] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1671.761786] RBP: 00007f8dbd56f1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1671.762513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1671.763226] R13: 00007ffc385ac51f R14: 00007f8dbd56f300 R15: 0000000000022000
08:13:46 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, 0xffffffffffffffff, 0x729d2000)

08:13:46 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:13:46 executing program 2:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400000000000000080006", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 24)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')

[ 1671.880260] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 1671.918910] FAULT_INJECTION: forcing a failure.
[ 1671.918910] name failslab, interval 1, probability 0, space 0, times 0
[ 1671.920394] CPU: 1 PID: 9883 Comm: syz-executor.2 Not tainted 5.10.211 #1
[ 1671.920982] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1671.921700] Call Trace:
[ 1671.921923]  dump_stack+0x107/0x167
[ 1671.922237]  should_fail.cold+0x5/0xa
[ 1671.922566]  ? __kernfs_iattrs+0xbc/0x470
[ 1671.922932]  should_failslab+0x5/0x20
[ 1671.923259]  kmem_cache_alloc+0x5b/0x310
[ 1671.923608]  __kernfs_iattrs+0xbc/0x470
[ 1671.923952]  kernfs_xattr_set+0x2b/0x80
[ 1671.924296]  selinux_kernfs_init_security+0x26d/0x4c0
[ 1671.924737]  ? selinux_file_mprotect+0x610/0x610
[ 1671.925148]  ? find_held_lock+0x2c/0x110
[ 1671.925491]  ? __kernfs_new_node+0x2ad/0x860
[ 1671.925856]  ? rwlock_bug.part.0+0x90/0x90
[ 1671.926209]  security_kernfs_init_security+0x4e/0xb0
[ 1671.926619]  __kernfs_new_node+0x531/0x860
[ 1671.926984]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1671.927376]  ? cpumask_next+0x1f/0x30
[ 1671.927696]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 1671.928089]  ? pcpu_alloc+0x12a/0x1240
[ 1671.928407]  kernfs_new_node+0x18d/0x250
[ 1671.928760]  kernfs_create_dir_ns+0x49/0x160
[ 1671.929140]  cgroup_mkdir+0x318/0xf50
[ 1671.929463]  ? cgroup_destroy_locked+0x710/0x710
[ 1671.929864]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1671.930219]  vfs_mkdir+0x493/0x700
[ 1671.930520]  do_mkdirat+0x150/0x2b0
[ 1671.930837]  ? user_path_create+0xf0/0xf0
[ 1671.931189]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1671.931632]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1671.932078]  do_syscall_64+0x33/0x40
[ 1671.932388]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1671.932822] RIP: 0033:0x7fe52009fb19
[ 1671.933149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1671.934674] RSP: 002b:00007fe51d615188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1671.935313] RAX: ffffffffffffffda RBX: 00007fe5201b2f60 RCX: 00007fe52009fb19
[ 1671.935897] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1671.936502] RBP: 00007fe51d6151d0 R08: 0000000000000000 R09: 0000000000000000
[ 1671.937097] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1671.937690] R13: 00007fff0a4138bf R14: 00007fe51d615300 R15: 0000000000022000
08:13:59 executing program 2:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400000000000000080006", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 25)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')

08:13:59 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:13:59 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:13:59 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, 0xffffffffffffffff, 0x729d2000)

08:13:59 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x2103)

08:13:59 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340))
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, 0x0)
r5 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r5, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
dup2(r7, r6)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r7, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:13:59 executing program 0:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 26)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

08:13:59 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

[ 1684.420190] FAULT_INJECTION: forcing a failure.
[ 1684.420190] name failslab, interval 1, probability 0, space 0, times 0
[ 1684.421495] CPU: 0 PID: 9894 Comm: syz-executor.0 Not tainted 5.10.211 #1
[ 1684.422201] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1684.423053] Call Trace:
[ 1684.423341]  dump_stack+0x107/0x167
[ 1684.423724]  should_fail.cold+0x5/0xa
[ 1684.424137]  should_failslab+0x5/0x20
[ 1684.424542]  __kmalloc_track_caller+0x79/0x370
[ 1684.425023]  ? security_context_to_sid_core+0xb4/0x890
[ 1684.425589]  kmemdup_nul+0x2d/0xa0
[ 1684.425986]  security_context_to_sid_core+0xb4/0x890
[ 1684.426532]  ? security_compute_sid.part.0+0x16e0/0x16e0
[ 1684.427107]  ? do_raw_spin_lock+0x121/0x260
[ 1684.427564]  ? rwlock_bug.part.0+0x90/0x90
[ 1684.428003]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1684.428510]  ? do_raw_spin_unlock+0x4f/0x220
[ 1684.428944]  ? _raw_spin_unlock+0x1a/0x30
[ 1684.429380]  security_context_to_sid+0x35/0x50
[ 1684.429851]  selinux_kernfs_init_security+0x19d/0x4c0
[ 1684.430409]  ? selinux_file_mprotect+0x610/0x610
[ 1684.430881]  ? find_held_lock+0x2c/0x110
[ 1684.431339]  ? __kernfs_new_node+0x2ad/0x860
[ 1684.431782]  ? lock_downgrade+0x6d0/0x6d0
[ 1684.432231]  ? rwlock_bug.part.0+0x90/0x90
[ 1684.432666]  security_kernfs_init_security+0x4e/0xb0
[ 1684.433204]  __kernfs_new_node+0x531/0x860
[ 1684.433661]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1684.434157]  ? cpumask_next+0x1f/0x30
[ 1684.434538]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 1684.435024]  ? pcpu_alloc+0x12a/0x1240
[ 1684.435421]  kernfs_new_node+0x18d/0x250
[ 1684.435860]  kernfs_create_dir_ns+0x49/0x160
[ 1684.436304]  cgroup_mkdir+0x318/0xf50
[ 1684.436714]  ? cgroup_destroy_locked+0x710/0x710
[ 1684.437201]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1684.437654]  vfs_mkdir+0x493/0x700
[ 1684.438037]  do_mkdirat+0x150/0x2b0
[ 1684.438410]  ? user_path_create+0xf0/0xf0
[ 1684.438831]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1684.439394]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1684.439912]  do_syscall_64+0x33/0x40
[ 1684.440319]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1684.440825] RIP: 0033:0x7f8dbfff9b19
[ 1684.441226] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1684.443046] RSP: 002b:00007f8dbd56f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1684.443828] RAX: ffffffffffffffda RBX: 00007f8dc010cf60 RCX: 00007f8dbfff9b19
[ 1684.444509] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1684.445185] RBP: 00007f8dbd56f1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1684.445905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1684.446632] R13: 00007ffc385ac51f R14: 00007f8dbd56f300 R15: 0000000000022000
[ 1684.473663] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 1684.477123] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1684.493192] FAULT_INJECTION: forcing a failure.
[ 1684.493192] name failslab, interval 1, probability 0, space 0, times 0
[ 1684.494445] CPU: 1 PID: 9902 Comm: syz-executor.2 Not tainted 5.10.211 #1
[ 1684.495153] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1684.496000] Call Trace:
[ 1684.496299]  dump_stack+0x107/0x167
[ 1684.496686]  should_fail.cold+0x5/0xa
[ 1684.497092]  ? create_object.isra.0+0x3a/0xa20
[ 1684.497581]  should_failslab+0x5/0x20
[ 1684.497971]  kmem_cache_alloc+0x5b/0x310
[ 1684.498398]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1684.498884]  create_object.isra.0+0x3a/0xa20
[ 1684.499341]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1684.499863]  __kmalloc+0x16e/0x390
[ 1684.500253]  selinux_kernfs_init_security+0x137/0x4c0
[ 1684.500769]  ? selinux_file_mprotect+0x610/0x610
[ 1684.501265]  ? find_held_lock+0x2c/0x110
[ 1684.501697]  ? __kernfs_new_node+0x2ad/0x860
[ 1684.502170]  ? lock_downgrade+0x6d0/0x6d0
[ 1684.502579]  ? rwlock_bug.part.0+0x90/0x90
[ 1684.503039]  security_kernfs_init_security+0x4e/0xb0
[ 1684.503558]  __kernfs_new_node+0x531/0x860
[ 1684.504024]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1684.504499]  ? cpumask_next+0x1f/0x30
[ 1684.504896]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 1684.505379]  ? pcpu_alloc+0x12a/0x1240
[ 1684.505819]  kernfs_new_node+0x18d/0x250
[ 1684.506251]  kernfs_create_dir_ns+0x49/0x160
[ 1684.506713]  cgroup_mkdir+0x318/0xf50
[ 1684.507107]  ? cgroup_destroy_locked+0x710/0x710
[ 1684.507611]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1684.508032]  vfs_mkdir+0x493/0x700
[ 1684.508426]  do_mkdirat+0x150/0x2b0
[ 1684.508791]  ? user_path_create+0xf0/0xf0
[ 1684.509233]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1684.509760]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1684.510301]  do_syscall_64+0x33/0x40
[ 1684.510685]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1684.511225] RIP: 0033:0x7fe52009fb19
[ 1684.511610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1684.513490] RSP: 002b:00007fe51d615188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1684.514263] RAX: ffffffffffffffda RBX: 00007fe5201b2f60 RCX: 00007fe52009fb19
[ 1684.514962] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1684.515660] RBP: 00007fe51d6151d0 R08: 0000000000000000 R09: 0000000000000000
[ 1684.516370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1684.517064] R13: 00007fff0a4138bf R14: 00007fe51d615300 R15: 0000000000022000
08:13:59 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, 0xffffffffffffffff, 0x729d2000)

08:13:59 executing program 0:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 27)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

08:13:59 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0xf000)

08:13:59 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x0, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:13:59 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

[ 1684.701317] FAULT_INJECTION: forcing a failure.
[ 1684.701317] name failslab, interval 1, probability 0, space 0, times 0
[ 1684.702762] CPU: 1 PID: 9920 Comm: syz-executor.0 Not tainted 5.10.211 #1
[ 1684.703436] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1684.704295] Call Trace:
[ 1684.704581]  dump_stack+0x107/0x167
[ 1684.704979]  should_fail.cold+0x5/0xa
[ 1684.705383]  ? create_object.isra.0+0x3a/0xa20
[ 1684.705883]  should_failslab+0x5/0x20
[ 1684.706293]  kmem_cache_alloc+0x5b/0x310
[ 1684.706727]  ? lock_downgrade+0x6d0/0x6d0
[ 1684.707185]  create_object.isra.0+0x3a/0xa20
[ 1684.707664]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1684.708217]  __kmalloc_node+0x1ae/0x420
[ 1684.708662]  kvmalloc_node+0x119/0x170
[ 1684.709092]  simple_xattr_alloc+0x43/0xa0
[ 1684.709545]  simple_xattr_set+0x75/0x610
[ 1684.710006]  kernfs_xattr_set+0x50/0x80
[ 1684.710449]  selinux_kernfs_init_security+0x26d/0x4c0
[ 1684.711008]  ? selinux_file_mprotect+0x610/0x610
[ 1684.711513]  ? find_held_lock+0x2c/0x110
[ 1684.711950]  ? __kernfs_new_node+0x2ad/0x860
[ 1684.712426]  ? rwlock_bug.part.0+0x90/0x90
[ 1684.712877]  security_kernfs_init_security+0x4e/0xb0
[ 1684.713408]  __kernfs_new_node+0x531/0x860
[ 1684.713867]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1684.714368]  ? cpumask_next+0x1f/0x30
[ 1684.714773]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 1684.715276]  ? pcpu_alloc+0x12a/0x1240
[ 1684.715711]  kernfs_new_node+0x18d/0x250
[ 1684.716160]  kernfs_create_dir_ns+0x49/0x160
[ 1684.716647]  cgroup_mkdir+0x318/0xf50
[ 1684.717071]  ? cgroup_destroy_locked+0x710/0x710
[ 1684.717574]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1684.718024]  vfs_mkdir+0x493/0x700
[ 1684.718412]  do_mkdirat+0x150/0x2b0
[ 1684.718802]  ? user_path_create+0xf0/0xf0
[ 1684.719248]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1684.719804]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1684.720359]  do_syscall_64+0x33/0x40
[ 1684.720764]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1684.721309] RIP: 0033:0x7f8dbfff9b19
[ 1684.721718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1684.723633] RSP: 002b:00007f8dbd56f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1684.724439] RAX: ffffffffffffffda RBX: 00007f8dc010cf60 RCX: 00007f8dbfff9b19
[ 1684.725182] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1684.725941] RBP: 00007f8dbd56f1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1684.726703] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1684.727460] R13: 00007ffc385ac51f R14: 00007f8dbd56f300 R15: 0000000000022000
08:13:59 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x0, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:13:59 executing program 2:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400000000000000080006", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 26)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')

08:13:59 executing program 0:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 28)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

[ 1684.878843] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 1684.879668] FAULT_INJECTION: forcing a failure.
[ 1684.879668] name failslab, interval 1, probability 0, space 0, times 0
[ 1684.880937] CPU: 1 PID: 9927 Comm: syz-executor.2 Not tainted 5.10.211 #1
[ 1684.881319] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1684.881618] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1684.881630] Call Trace:
[ 1684.881654]  dump_stack+0x107/0x167
[ 1684.883892]  should_fail.cold+0x5/0xa
[ 1684.884315]  should_failslab+0x5/0x20
[ 1684.884729]  __kmalloc_track_caller+0x79/0x370
[ 1684.885217]  ? security_context_to_sid_core+0xb4/0x890
[ 1684.885794]  kmemdup_nul+0x2d/0xa0
[ 1684.886167]  security_context_to_sid_core+0xb4/0x890
[ 1684.886713]  ? security_compute_sid.part.0+0x16e0/0x16e0
[ 1684.887295]  ? do_raw_spin_lock+0x121/0x260
[ 1684.887758]  ? rwlock_bug.part.0+0x90/0x90
[ 1684.888212]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1684.888734]  ? do_raw_spin_unlock+0x4f/0x220
[ 1684.889210]  ? _raw_spin_unlock+0x1a/0x30
[ 1684.889664]  security_context_to_sid+0x35/0x50
[ 1684.890162]  selinux_kernfs_init_security+0x19d/0x4c0
[ 1684.890716]  ? selinux_file_mprotect+0x610/0x610
[ 1684.891227]  ? find_held_lock+0x2c/0x110
[ 1684.891675]  ? __kernfs_new_node+0x2ad/0x860
[ 1684.892144]  ? lock_downgrade+0x6d0/0x6d0
[ 1684.892592]  ? rwlock_bug.part.0+0x90/0x90
[ 1684.893060]  security_kernfs_init_security+0x4e/0xb0
[ 1684.893614]  __kernfs_new_node+0x531/0x860
[ 1684.894087]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1684.894602]  ? cpumask_next+0x1f/0x30
[ 1684.895015]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 1684.895528]  ? pcpu_alloc+0x12a/0x1240
[ 1684.895967]  kernfs_new_node+0x18d/0x250
[ 1684.896422]  kernfs_create_dir_ns+0x49/0x160
[ 1684.896908]  cgroup_mkdir+0x318/0xf50
[ 1684.897336]  ? cgroup_destroy_locked+0x710/0x710
[ 1684.897864]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1684.898319]  vfs_mkdir+0x493/0x700
[ 1684.898710]  do_mkdirat+0x150/0x2b0
[ 1684.899102]  ? user_path_create+0xf0/0xf0
[ 1684.899551]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1684.900106]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1684.900659]  do_syscall_64+0x33/0x40
[ 1684.901056]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1684.901602] RIP: 0033:0x7fe52009fb19
[ 1684.902011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1684.903928] RSP: 002b:00007fe51d615188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1684.904739] RAX: ffffffffffffffda RBX: 00007fe5201b2f60 RCX: 00007fe52009fb19
[ 1684.905493] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1684.906251] RBP: 00007fe51d6151d0 R08: 0000000000000000 R09: 0000000000000000
[ 1684.907008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1684.907743] R13: 00007fff0a4138bf R14: 00007fe51d615300 R15: 0000000000022000
[ 1684.954370] FAULT_INJECTION: forcing a failure.
[ 1684.954370] name failslab, interval 1, probability 0, space 0, times 0
[ 1684.955794] CPU: 1 PID: 9937 Comm: syz-executor.0 Not tainted 5.10.211 #1
[ 1684.956517] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1684.957397] Call Trace:
[ 1684.957692]  dump_stack+0x107/0x167
[ 1684.958096]  should_fail.cold+0x5/0xa
[ 1684.958513]  should_failslab+0x5/0x20
[ 1684.958920]  __kmalloc_track_caller+0x79/0x370
[ 1684.959408]  ? sidtab_sid2str_get+0x17e/0x720
[ 1684.959894]  kmemdup+0x23/0x50
[ 1684.960252]  sidtab_sid2str_get+0x17e/0x720
[ 1684.960717]  sidtab_entry_to_string+0x33/0x110
[ 1684.961229]  security_sid_to_context_core+0x33c/0x5d0
[ 1684.961799]  selinux_kernfs_init_security+0x239/0x4c0
[ 1684.962346]  ? selinux_file_mprotect+0x610/0x610
[ 1684.962844]  ? find_held_lock+0x2c/0x110
[ 1684.963282]  ? __kernfs_new_node+0x2ad/0x860
[ 1684.963761]  ? rwlock_bug.part.0+0x90/0x90
[ 1684.964219]  security_kernfs_init_security+0x4e/0xb0
[ 1684.964751]  __kernfs_new_node+0x531/0x860
[ 1684.965214]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1684.965742]  ? cpumask_next+0x1f/0x30
[ 1684.966165]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 1684.966671]  ? pcpu_alloc+0x12a/0x1240
[ 1684.967112]  kernfs_new_node+0x18d/0x250
[ 1684.967558]  kernfs_create_dir_ns+0x49/0x160
[ 1684.968037]  cgroup_mkdir+0x318/0xf50
[ 1684.968452]  ? cgroup_destroy_locked+0x710/0x710
[ 1684.968967]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1684.969413]  vfs_mkdir+0x493/0x700
[ 1684.969841]  do_mkdirat+0x150/0x2b0
[ 1684.970241]  ? user_path_create+0xf0/0xf0
[ 1684.970698]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1684.971285]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1684.971853]  do_syscall_64+0x33/0x40
[ 1684.972282]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1684.972827] RIP: 0033:0x7f8dbfff9b19
[ 1684.973272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1684.975251] RSP: 002b:00007f8dbd56f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1684.976083] RAX: ffffffffffffffda RBX: 00007f8dc010cf60 RCX: 00007f8dbfff9b19
[ 1684.976875] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1684.977676] RBP: 00007f8dbd56f1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1684.978439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1684.979218] R13: 00007ffc385ac51f R14: 00007f8dbd56f300 R15: 0000000000022000
08:14:12 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)

08:14:12 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x0, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:14:12 executing program 0:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 29)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

08:14:12 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:14:13 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x80000)

08:14:13 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340))
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, 0x0)
r5 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r5, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
dup2(r7, r6)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r7, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:14:13 executing program 2:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400000000000000080006", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 27)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')

08:14:13 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x0, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

[ 1698.303530] FAULT_INJECTION: forcing a failure.
[ 1698.303530] name failslab, interval 1, probability 0, space 0, times 0
[ 1698.305843] CPU: 1 PID: 9952 Comm: syz-executor.0 Not tainted 5.10.211 #1
[ 1698.306952] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1698.308291] Call Trace:
[ 1698.308740]  dump_stack+0x107/0x167
[ 1698.309355]  should_fail.cold+0x5/0xa
[ 1698.310004]  ? create_object.isra.0+0x3a/0xa20
[ 1698.310757]  should_failslab+0x5/0x20
[ 1698.311385]  kmem_cache_alloc+0x5b/0x310
[ 1698.312055]  ? sidtab_sid2str_get+0x65/0x720
[ 1698.312787]  create_object.isra.0+0x3a/0xa20
[ 1698.313512]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1698.314373]  __kmalloc_track_caller+0x177/0x370
[ 1698.315133]  ? sidtab_sid2str_get+0x17e/0x720
[ 1698.315885]  kmemdup+0x23/0x50
[ 1698.316428]  sidtab_sid2str_get+0x17e/0x720
[ 1698.317147]  sidtab_entry_to_string+0x33/0x110
[ 1698.317918]  security_sid_to_context_core+0x33c/0x5d0
[ 1698.318777]  selinux_kernfs_init_security+0x239/0x4c0
[ 1698.319623]  ? selinux_file_mprotect+0x610/0x610
[ 1698.320396]  ? find_held_lock+0x2c/0x110
[ 1698.321078]  ? __kernfs_new_node+0x2ad/0x860
[ 1698.321823]  ? rwlock_bug.part.0+0x90/0x90
[ 1698.322536]  security_kernfs_init_security+0x4e/0xb0
[ 1698.323370]  __kernfs_new_node+0x531/0x860
[ 1698.324076]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1698.324858]  ? cpumask_next+0x1f/0x30
[ 1698.325489]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 1698.326277]  ? pcpu_alloc+0x12a/0x1240
[ 1698.326937]  kernfs_new_node+0x18d/0x250
[ 1698.327622]  kernfs_create_dir_ns+0x49/0x160
[ 1698.328352]  cgroup_mkdir+0x318/0xf50
[ 1698.328991]  ? cgroup_destroy_locked+0x710/0x710
[ 1698.329772]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1698.330480]  vfs_mkdir+0x493/0x700
[ 1698.331080]  do_mkdirat+0x150/0x2b0
[ 1698.331686]  ? user_path_create+0xf0/0xf0
[ 1698.332383]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1698.333243]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1698.334109]  do_syscall_64+0x33/0x40
[ 1698.334724]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1698.335570] RIP: 0033:0x7f8dbfff9b19
[ 1698.336190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1698.339376] RSP: 002b:00007f8dbd56f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1698.340701] RAX: ffffffffffffffda RBX: 00007f8dc010cf60 RCX: 00007f8dbfff9b19
[ 1698.341939] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1698.343177] RBP: 00007f8dbd56f1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1698.344406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1698.345641] R13: 00007ffc385ac51f R14: 00007f8dbd56f300 R15: 0000000000022000
08:14:13 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x200000)

[ 1698.441342] FAULT_INJECTION: forcing a failure.
[ 1698.441342] name failslab, interval 1, probability 0, space 0, times 0
[ 1698.443661] CPU: 0 PID: 9967 Comm: syz-executor.2 Not tainted 5.10.211 #1
[ 1698.444690] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1698.445941] Call Trace:
[ 1698.446351]  dump_stack+0x107/0x167
[ 1698.446905]  should_fail.cold+0x5/0xa
[ 1698.447485]  ? create_object.isra.0+0x3a/0xa20
[ 1698.448175]  should_failslab+0x5/0x20
[ 1698.448754]  kmem_cache_alloc+0x5b/0x310
[ 1698.449375]  create_object.isra.0+0x3a/0xa20
[ 1698.450041]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1698.450771]  kmem_cache_alloc+0x159/0x310
[ 1698.451424]  jbd2_journal_add_journal_head+0x1a3/0x540
[ 1698.452220]  jbd2_journal_get_create_access+0x40/0x560
[ 1698.453034]  __ext4_journal_get_create_access+0x43/0x90
[ 1698.453831]  ext4_getblk+0x318/0x680
[ 1698.454381]  ? ext4_iomap_overwrite_begin+0xb0/0xb0
[ 1698.455102]  ? ext4_issue_zeroout+0x1c0/0x1c0
[ 1698.455755]  ? __brelse+0x84/0xa0
[ 1698.456267]  ? __ext4_new_inode+0x148/0x5370
[ 1698.456920]  ext4_bread+0x29/0x1f0
[ 1698.457445]  ext4_append+0x228/0x4e0
[ 1698.458006]  ? ext4_move_extents+0x3050/0x3050
[ 1698.458672]  ? ext4_mark_inode_used+0x14a0/0x14a0
[ 1698.459386]  ext4_init_new_dir+0x25e/0x4d0
[ 1698.460024]  ? ext4_init_dot_dotdot+0x610/0x610
[ 1698.460719]  ext4_mkdir+0x3c1/0xb10
[ 1698.461288]  ? ext4_rmdir+0xf70/0xf70
[ 1698.461865]  vfs_mkdir+0x493/0x700
[ 1698.462415]  do_mkdirat+0x150/0x2b0
[ 1698.462953]  ? user_path_create+0xf0/0xf0
[ 1698.463591]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1698.464355]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1698.465142]  do_syscall_64+0x33/0x40
[ 1698.465704]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1698.466481] RIP: 0033:0x7fe52009fb19
[ 1698.467046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1698.469807] RSP: 002b:00007fe51d5f4188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1698.470938] RAX: ffffffffffffffda RBX: 00007fe5201b3020 RCX: 00007fe52009fb19
[ 1698.472008] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000005
[ 1698.473070] RBP: 00007fe51d5f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 1698.474140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1698.475215] R13: 00007fff0a4138bf R14: 00007fe51d5f4300 R15: 0000000000022000
[ 1698.487572] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 1698.497931] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
08:14:13 executing program 5:
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r0, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r0, 0x729d2000)

08:14:13 executing program 0:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 30)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

08:14:13 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x0, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:14:13 executing program 2:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400000000000000080006", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 28)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')

08:14:13 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x0, 0x0)
openat(0xffffffffffffffff, &(0x7f0000001300)='./file1\x00', 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

[ 1698.673353] FAULT_INJECTION: forcing a failure.
[ 1698.673353] name failslab, interval 1, probability 0, space 0, times 0
[ 1698.675194] CPU: 0 PID: 9980 Comm: syz-executor.0 Not tainted 5.10.211 #1
[ 1698.676120] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1698.677246] Call Trace:
[ 1698.677613]  dump_stack+0x107/0x167
[ 1698.678116]  should_fail.cold+0x5/0xa
[ 1698.678639]  ? __kernfs_iattrs+0xbc/0x470
[ 1698.679215]  should_failslab+0x5/0x20
[ 1698.679728]  kmem_cache_alloc+0x5b/0x310
[ 1698.680294]  __kernfs_iattrs+0xbc/0x470
[ 1698.680832]  kernfs_xattr_set+0x2b/0x80
[ 1698.681376]  selinux_kernfs_init_security+0x26d/0x4c0
[ 1698.682076]  ? selinux_file_mprotect+0x610/0x610
[ 1698.682719]  ? find_held_lock+0x2c/0x110
[ 1698.683277]  ? __kernfs_new_node+0x2ad/0x860
[ 1698.683876]  ? rwlock_bug.part.0+0x90/0x90
[ 1698.684463]  security_kernfs_init_security+0x4e/0xb0
[ 1698.685151]  __kernfs_new_node+0x531/0x860
[ 1698.685731]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1698.686380]  ? cpumask_next+0x1f/0x30
[ 1698.686893]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 1698.687532]  ? pcpu_alloc+0x12a/0x1240
[ 1698.688071]  kernfs_new_node+0x18d/0x250
[ 1698.688624]  kernfs_create_dir_ns+0x49/0x160
[ 1698.689224]  cgroup_mkdir+0x318/0xf50
[ 1698.689744]  ? cgroup_destroy_locked+0x710/0x710
[ 1698.690397]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1698.690957]  vfs_mkdir+0x493/0x700
[ 1698.691440]  do_mkdirat+0x150/0x2b0
[ 1698.691935]  ? user_path_create+0xf0/0xf0
[ 1698.692502]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1698.693207]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1698.693910]  do_syscall_64+0x33/0x40
[ 1698.694412]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1698.695103] RIP: 0033:0x7f8dbfff9b19
[ 1698.695605] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1698.698041] RSP: 002b:00007f8dbd56f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1698.699049] RAX: ffffffffffffffda RBX: 00007f8dc010cf60 RCX: 00007f8dbfff9b19
[ 1698.699988] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1698.700921] RBP: 00007f8dbd56f1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1698.701870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1698.702811] R13: 00007ffc385ac51f R14: 00007f8dbd56f300 R15: 0000000000022000
[ 1698.779556] FAULT_INJECTION: forcing a failure.
[ 1698.779556] name failslab, interval 1, probability 0, space 0, times 0
[ 1698.781521] CPU: 1 PID: 9989 Comm: syz-executor.2 Not tainted 5.10.211 #1
[ 1698.782641] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1698.783988] Call Trace:
[ 1698.784425]  dump_stack+0x107/0x167
[ 1698.785025]  should_fail.cold+0x5/0xa
[ 1698.785659]  should_failslab+0x5/0x20
[ 1698.786289]  __kmalloc_track_caller+0x79/0x370
[ 1698.787033]  ? sidtab_sid2str_get+0x17e/0x720
[ 1698.787780]  kmemdup+0x23/0x50
[ 1698.788309]  sidtab_sid2str_get+0x17e/0x720
[ 1698.789022]  sidtab_entry_to_string+0x33/0x110
[ 1698.789771]  security_sid_to_context_core+0x33c/0x5d0
[ 1698.790632]  selinux_kernfs_init_security+0x239/0x4c0
[ 1698.791473]  ? selinux_file_mprotect+0x610/0x610
[ 1698.792240]  ? find_held_lock+0x2c/0x110
[ 1698.792867]  ? __kernfs_new_node+0x2ad/0x860
[ 1698.792978] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1698.793590]  ? rwlock_bug.part.0+0x90/0x90
[ 1698.795358]  security_kernfs_init_security+0x4e/0xb0
[ 1698.796129]  __kernfs_new_node+0x531/0x860
[ 1698.796793]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1698.797520]  ? cpumask_next+0x1f/0x30
[ 1698.798110]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 1698.798817]  ? pcpu_alloc+0x12a/0x1240
[ 1698.799422]  kernfs_new_node+0x18d/0x250
[ 1698.800049]  kernfs_create_dir_ns+0x49/0x160
[ 1698.800720]  cgroup_mkdir+0x318/0xf50
[ 1698.801308]  ? cgroup_destroy_locked+0x710/0x710
[ 1698.802035]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1698.802672]  vfs_mkdir+0x493/0x700
[ 1698.803224]  do_mkdirat+0x150/0x2b0
[ 1698.803829]  ? user_path_create+0xf0/0xf0
[ 1698.804470]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1698.805319]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1698.806114]  do_syscall_64+0x33/0x40
[ 1698.806675]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1698.807452] RIP: 0033:0x7fe52009fb19
[ 1698.808017] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1698.810744] RSP: 002b:00007fe51d615188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1698.811884] RAX: ffffffffffffffda RBX: 00007fe5201b2f60 RCX: 00007fe52009fb19
[ 1698.812946] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1698.814025] RBP: 00007fe51d6151d0 R08: 0000000000000000 R09: 0000000000000000
[ 1698.815088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1698.816147] R13: 00007fff0a4138bf R14: 00007fe51d615300 R15: 0000000000022000
08:14:27 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0xf0ffff)

08:14:27 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
r2 = getpgid(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002500)=ANY=[@ANYBLOB="1c0000001d0021eb94efc17c39b86a0c0000000000000000040002000000268000002300b1a007008d3ccbd3354af4880ec0fe265c450b6983ad5f79d382bbb2da927fbaf2cdb460efd32e24c1a5e35e7e0a7566432a2471136d1bbe8a9947a6ffd324ce93d17d40c467c006e45f11cee8c7bcd4925f092d0e9f07ccde17b08b9ec4a51f8ed3b69766cd86480e87fab1f472f9c0fdbc16ccab2476bcbdab5f772dfb5d4b80b4142c9da4ed96f36b5f0812c3b56f82fd575b52fea07e74581b852fa019d99217130ce899c20e9082c29cf6ca96910bdb3cdfe8175857b8409fd0a43e670bbad826e9ca7a31af1a5395e1bc5b06539ecfd83113204995452c78494f89d7902b940394faceed76ae0530221e77787ccc", @ANYRES32, @ANYRESOCT], 0x1c}}, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x105142, 0x0)
openat(0xffffffffffffffff, 0x0, 0x200000, 0x183)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
clone3(&(0x7f0000002340)={0x28000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), {0x28}, &(0x7f0000000180)=""/252, 0xfc, &(0x7f00000002c0)=""/4096, &(0x7f00000012c0)=[r2, 0xffffffffffffffff], 0x2, {r4}}, 0x58)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r1, 0x729d2000)
unshare(0x48020200)

08:14:27 executing program 2:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400000000000000080006", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 29)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')

08:14:27 executing program 3:
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x7ff, 0x9, 0x5835af50, 0x9, 0xfff, 0x3]}, &(0x7f0000000280)=0x78)
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00'])
fcntl$setlease(r3, 0x400, 0x2)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
eventfd2(0x20, 0x80000)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x3080017, &(0x7f0000000540)=ANY=[@ANYBLOB="7472610000000000000365646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',euid>', @ANYRESDEC=r5, @ANYBLOB=',fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723d00272778e01caa006488c470b08960e4c64fca1d0836dddaac5142a78db70151c60f472ff90a2c7569643e", @ANYRESDEC=0xee01])
r6 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r6, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
dup2(r8, r7)
mmap(&(0x7f0000a91000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r8, 0xb3715000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

08:14:27 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:14:27 executing program 5:
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r0, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r0, 0x729d2000)

08:14:27 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x0, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

08:14:27 executing program 0:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 31)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

[ 1713.307636] FAULT_INJECTION: forcing a failure.
[ 1713.307636] name failslab, interval 1, probability 0, space 0, times 0
[ 1713.309487] CPU: 1 PID: 10011 Comm: syz-executor.2 Not tainted 5.10.211 #1
[ 1713.310492] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1713.311693] Call Trace:
[ 1713.312079]  dump_stack+0x107/0x167
[ 1713.312605]  should_fail.cold+0x5/0xa
[ 1713.313153]  ? create_object.isra.0+0x3a/0xa20
[ 1713.313804]  should_failslab+0x5/0x20
[ 1713.314352]  kmem_cache_alloc+0x5b/0x310
[ 1713.314932]  ? sidtab_sid2str_get+0x65/0x720
[ 1713.315563]  create_object.isra.0+0x3a/0xa20
[ 1713.316188]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1713.316918]  __kmalloc_track_caller+0x177/0x370
[ 1713.317576]  ? sidtab_sid2str_get+0x17e/0x720
[ 1713.318234]  kmemdup+0x23/0x50
[ 1713.318692]  sidtab_sid2str_get+0x17e/0x720
[ 1713.319315]  sidtab_entry_to_string+0x33/0x110
[ 1713.319977]  security_sid_to_context_core+0x33c/0x5d0
[ 1713.320723]  selinux_kernfs_init_security+0x239/0x4c0
[ 1713.321401]  ? selinux_file_mprotect+0x610/0x610
[ 1713.322082]  ? find_held_lock+0x2c/0x110
[ 1713.322630]  ? __kernfs_new_node+0x2ad/0x860
[ 1713.323268]  ? rwlock_bug.part.0+0x90/0x90
[ 1713.323836]  security_kernfs_init_security+0x4e/0xb0
[ 1713.324561]  __kernfs_new_node+0x531/0x860
[ 1713.325125]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1713.325802]  ? cpumask_next+0x1f/0x30
[ 1713.326315]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 1713.326982]  ? pcpu_alloc+0x12a/0x1240
[ 1713.327506]  kernfs_new_node+0x18d/0x250
[ 1713.328093]  kernfs_create_dir_ns+0x49/0x160
[ 1713.328677]  cgroup_mkdir+0x318/0xf50
[ 1713.329227]  ? cgroup_destroy_locked+0x710/0x710
[ 1713.329850]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1713.330460]  vfs_mkdir+0x493/0x700
[ 1713.330933]  do_mkdirat+0x150/0x2b0
[ 1713.331456]  ? user_path_create+0xf0/0xf0
[ 1713.332005]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1713.332751]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1713.333499]  do_syscall_64+0x33/0x40
[ 1713.333991]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1713.334660] RIP: 0033:0x7fe52009fb19
[ 1713.335147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1713.337254] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 1713.337504] RSP: 002b:00007fe51d615188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1713.339858] RAX: ffffffffffffffda RBX: 00007fe5201b2f60 RCX: 00007fe52009fb19
[ 1713.340777] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1713.341694] RBP: 00007fe51d6151d0 R08: 0000000000000000 R09: 0000000000000000
[ 1713.342621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1713.343540] R13: 00007fff0a4138bf R14: 00007fe51d615300 R15: 0000000000022000
08:14:28 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x1000000)

08:14:28 executing program 5:
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r0, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r0, 0x729d2000)

[ 1713.439643] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1713.458615] FAULT_INJECTION: forcing a failure.
[ 1713.458615] name failslab, interval 1, probability 0, space 0, times 0
[ 1713.460747] CPU: 0 PID: 10029 Comm: syz-executor.0 Not tainted 5.10.211 #1
[ 1713.461889] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1713.463268] Call Trace:
[ 1713.463718]  dump_stack+0x107/0x167
[ 1713.464335]  should_fail.cold+0x5/0xa
[ 1713.464963]  ? create_object.isra.0+0x3a/0xa20
[ 1713.465725]  should_failslab+0x5/0x20
[ 1713.466367]  kmem_cache_alloc+0x5b/0x310
[ 1713.467043]  create_object.isra.0+0x3a/0xa20
[ 1713.467774]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1713.468626]  __kmalloc_track_caller+0x177/0x370
[ 1713.469389]  ? simple_xattr_set+0x93/0x610
[ 1713.470113]  kstrdup+0x36/0x70
[ 1713.470642]  simple_xattr_set+0x93/0x610
[ 1713.471329]  kernfs_xattr_set+0x50/0x80
[ 1713.471989]  selinux_kernfs_init_security+0x26d/0x4c0
[ 1713.472827]  ? selinux_file_mprotect+0x610/0x610
[ 1713.473599]  ? find_held_lock+0x2c/0x110
[ 1713.474281]  ? __kernfs_new_node+0x2ad/0x860
[ 1713.475004]  ? rwlock_bug.part.0+0x90/0x90
[ 1713.475708]  security_kernfs_init_security+0x4e/0xb0
[ 1713.476538]  __kernfs_new_node+0x531/0x860
[ 1713.477238]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1713.478032]  ? cpumask_next+0x1f/0x30
[ 1713.478665]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 1713.479445]  ? pcpu_alloc+0x12a/0x1240
[ 1713.480100]  kernfs_new_node+0x18d/0x250
[ 1713.480780]  kernfs_create_dir_ns+0x49/0x160
[ 1713.481512]  cgroup_mkdir+0x318/0xf50
[ 1713.482169]  ? cgroup_destroy_locked+0x710/0x710
[ 1713.482952]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1713.483635]  vfs_mkdir+0x493/0x700
[ 1713.484224]  do_mkdirat+0x150/0x2b0
[ 1713.484824]  ? user_path_create+0xf0/0xf0
[ 1713.485505]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1713.486374]  do_syscall_64+0x33/0x40
[ 1713.486981]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1713.487811] RIP: 0033:0x7f8dbfff9b19
[ 1713.488420] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1713.491392] RSP: 002b:00007f8dbd54e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1713.492874] RAX: ffffffffffffffda RBX: 00007f8dc010d020 RCX: 00007f8dbfff9b19
[ 1713.494040] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1713.495200] RBP: 00007f8dbd54e1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1713.496341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1713.497482] R13: 00007ffc385ac51f R14: 00007f8dbd54e300 R15: 0000000000022000
08:14:28 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000240)='system_u:object_r:pinentry_exec_t:s0\x00', 0x25, 0x2000000)

08:14:28 executing program 5:
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r0, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x12, r0, 0x729d2000)

08:14:28 executing program 0:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0xee00, @ANYBLOB="100001000000002000050000000000"], 0x3c, 0x2)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[])
unlinkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000004c0)='./file0\x00', 0x200)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
mkdirat(r2, &(0x7f0000000200)='./file0\x00', 0x86) (fail_nth: 32)
symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00')
readv(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f0000001340)=""/215, 0xd7}], 0x1)

08:14:28 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x38, &(0x7f00000063c0), &(0x7f0000006400)=0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000000000102e2f66696c65300005b04ed199fd8577f926100000000000002bc66fb1119c2a1a86a40e0a84eae918672ef65f9c4a9b1d706ac0c68332d0821d43bb0c8f1917ac4aef7bbfa85928567660320440c675b3414a3664426ff8392dcab7052442e6e95c22e727ea383d3d7b69cde57031dfa90eeabd6e62f002f273bd6c6a4c"])
bind$bt_sco(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340))
ftruncate(r4, 0xffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000140)=0x240000000, 0x3)
sendfile(r0, r1, 0x0, 0x20d315)
socket$inet6_tcp(0xa, 0x1, 0x0)

[ 1713.714427] FAULT_INJECTION: forcing a failure.
[ 1713.714427] name failslab, interval 1, probability 0, space 0, times 0
[ 1713.715873] CPU: 1 PID: 10043 Comm: syz-executor.0 Not tainted 5.10.211 #1
[ 1713.716722] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1713.717531] Call Trace:
[ 1713.717870]  dump_stack+0x107/0x167
[ 1713.718340]  should_fail.cold+0x5/0xa
[ 1713.718822]  ? kvmalloc_node+0x119/0x170
[ 1713.719337]  should_failslab+0x5/0x20
[ 1713.719813]  __kmalloc_node+0x76/0x420
[ 1713.720312]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1713.720916]  kvmalloc_node+0x119/0x170
[ 1713.721413]  simple_xattr_alloc+0x43/0xa0
[ 1713.721939]  simple_xattr_set+0x75/0x610
[ 1713.722469]  kernfs_xattr_set+0x50/0x80
[ 1713.722979]  selinux_kernfs_init_security+0x26d/0x4c0
[ 1713.723625]  ? selinux_file_mprotect+0x610/0x610
[ 1713.724219]  ? find_held_lock+0x2c/0x110
[ 1713.724736]  ? __kernfs_new_node+0x2ad/0x860
[ 1713.725301]  ? rwlock_bug.part.0+0x90/0x90
[ 1713.725836]  security_kernfs_init_security+0x4e/0xb0
[ 1713.726490]  __kernfs_new_node+0x531/0x860
[ 1713.727032]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1713.727626]  ? cpumask_next+0x1f/0x30
[ 1713.728101]  ? kmemleak_alloc_percpu+0xaf/0x100
[ 1713.728691]  ? pcpu_alloc+0x12a/0x1240
[ 1713.729193]  kernfs_new_node+0x18d/0x250
[ 1713.729710]  kernfs_create_dir_ns+0x49/0x160
[ 1713.730277]  cgroup_mkdir+0x318/0xf50
[ 1713.730763]  ? cgroup_destroy_locked+0x710/0x710
[ 1713.731373]  kernfs_iop_mkdir+0x14d/0x1e0
[ 1713.731894]  vfs_mkdir+0x493/0x700
[ 1713.732348]  do_mkdirat+0x150/0x2b0
[ 1713.732809]  ? user_path_create+0xf0/0xf0
[ 1713.733330]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1713.733989]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1713.734637]  do_syscall_64+0x33/0x40
[ 1713.735102]  entry_SYSCALL_64_after_hwframe+0x62/0xc7
[ 1713.735740] RIP: 0033:0x7f8dbfff9b19
[ 1713.736203] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1713.738475] RSP: 002b:00007f8dbd56f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1713.739425] RAX: ffffffffffffffda RBX: 00007f8dc010cf60 RCX: 00007f8dbfff9b19
[ 1713.740300] RDX: 0000000000000086 RSI: 0000000020000200 RDI: 0000000000000006
[ 1713.741198] RBP: 00007f8dbd56f1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1713.742093] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1713.742976] R13: 00007ffc385ac51f R14: 00007f8dbd56f300 R15: 0000000000022000
[ 1713.782168] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 1727.076442] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
BUG: memory leak
unreferenced object 0xffff88804b8be270 (size 144):
  comm "syz-executor.0", pid 10043, jiffies 4296380755 (age 22.290s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 64 31 e4 65 00 00 00 00  ........d1.e....
    94 93 c0 1a 00 00 00 00 64 31 e4 65 00 00 00 00  ........d1.e....
  backtrace:
    [<00000000bfb86472>] __kernfs_iattrs+0xbc/0x470
    [<0000000092d2c7d8>] kernfs_xattr_set+0x2b/0x80
    [<00000000fde603ed>] selinux_kernfs_init_security+0x26d/0x4c0
    [<00000000d92a9279>] security_kernfs_init_security+0x4e/0xb0
    [<000000001e2236d8>] __kernfs_new_node+0x531/0x860
    [<000000008e1b3ced>] kernfs_new_node+0x18d/0x250
    [<000000008f41819e>] kernfs_create_dir_ns+0x49/0x160
    [<00000000c18ffb09>] cgroup_mkdir+0x318/0xf50
    [<000000003ca13759>] kernfs_iop_mkdir+0x14d/0x1e0
    [<0000000077fe8ccb>] vfs_mkdir+0x493/0x700
    [<0000000066dcb136>] do_mkdirat+0x150/0x2b0
    [<00000000c95b3084>] do_syscall_64+0x33/0x40
    [<00000000d1c4b9ac>] entry_SYSCALL_64_after_hwframe+0x62/0xc7

BUG: leak checking failed

VM DIAGNOSIS:
08:14:51  Registers:
info registers vcpu 0
RAX=ffffffff83e659a0 RBX=0000000000000000 RCX=ffffffff83e4d78c RDX=0000000000000000
RSI=0000000000000000 RDI=ffffffff83e65fa8 RBP=fffffbfff09c6450 RSP=ffffffff84e07e38
R8 =0000000000000001 R9 =ffff88806ce3c12b R10=ffffed100d9c7825 R11=0000000000000001
R12=0000000000000000 R13=ffffffff85673988 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff83e659ae RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fff66f410b0 CR3=000000000d59e000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=0000000000000000415e895000000000 XMM03=0000ff00000000000000000000000000
XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962
XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=ffffffff83e659a0 RBX=0000000000000001 RCX=ffffffff83e4d78c RDX=0000000000000000
RSI=0000000000000000 RDI=ffffffff83e65fa8 RBP=ffffed1001130000 RSP=ffff88800898fe70
R8 =0000000000000001 R9 =ffff88806cf3c12b R10=ffffed100d9e7825 R11=0000000000000001
R12=0000000000000001 R13=ffffffff85673988 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff83e659ae RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f75207e3020 CR3=0000000017e90000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=656a626f206465636e6572656665726e
XMM02=2934343120657a697328203037326562 XMM03=3120646970202c22302e726f74756365
XMM04=2e2e2e2e2e2e2e202030302030302030 XMM05=20303020303020303020303020303020
XMM06=65747962203233207473726966282070 XMM07=32322065676128203535373038333639
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000