l$AUTOFS_IOC_SETTIMEOUT(r2, 0x80049367, &(0x7f0000000180)=0x8) r3 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r3, 0x660c) copy_file_range(r0, 0x0, r1, 0x0, 0xa1, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r5, 0x0, r4, 0x0, 0x200f5ef, 0x0) copy_file_range(r4, &(0x7f0000000100), r0, 0x0, 0x3, 0x0) 11:37:49 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:37:50 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:37:50 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0xf00, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:37:50 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:37:50 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0xf000, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:37:50 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, 0x0, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:37:50 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:38:04 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, 0x0, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:38:04 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:38:04 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:38:04 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:38:04 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x30000, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:38:04 executing program 0: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x0) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x22902, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000100)={0x0, 0x0, 0x4, 0x0, '\x00', [{0x2, 0xe835, 0xe900, 0x0, 0x4, 0x2}, {0x6, 0xff00000, 0x5, 0x7, 0xfffffffffffff800, 0x6}], ['\x00', '\x00', '\x00', '\x00']}) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x50b0}, 0x0, 0x1, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r2, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) pread64(r2, &(0x7f00000002c0)=""/205, 0xcd, 0x1f) copy_file_range(r0, 0x0, r1, 0x0, 0xa1, 0x0) lsetxattr$trusted_overlay_redirect(&(0x7f00000003c0)='./file1\x00', &(0x7f0000000400), &(0x7f0000000440)='./file1\x00', 0x8, 0x1) 11:38:04 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, 0x0, 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) 11:38:04 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:38:04 executing program 0: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x60) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x22902, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) copy_file_range(r0, 0x0, r1, 0x0, 0xa1, 0x0) 11:38:04 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x10, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:38:04 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x34000, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:38:04 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, 0x0, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:38:04 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:38:04 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x80000, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:38:04 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x10, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:38:04 executing program 0: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x0) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x22902, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) copy_file_range(r0, 0x0, r1, 0x0, 0xa1, 0x0) perf_event_open(&(0x7f0000000140)={0x6, 0x80, 0x0, 0x9c, 0x8, 0x40, 0x0, 0xfff, 0x21000, 0x4, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x81, 0x1, @perf_bp={&(0x7f0000000100), 0x2}, 0x51180, 0xfffffffffffffff9, 0x8000, 0x0, 0x3, 0x3ff, 0x8, 0x0, 0xfffffff9, 0x0, 0x4}, 0xffffffffffffffff, 0xc, 0xffffffffffffffff, 0x13) 11:38:04 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:38:19 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:38:19 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:38:19 executing program 3: perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:38:19 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x400300, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:38:19 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, 0x0, 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) 11:38:19 executing program 0: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x80) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x22902, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x7}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) readv(r1, &(0x7f0000000240)=[{&(0x7f0000000100)=""/206, 0xce}, {&(0x7f0000000200)=""/63, 0x3f}], 0x2) r2 = syz_open_dev$vcsu(&(0x7f0000000280), 0xffffffff, 0x80040) openat$cgroup(r2, &(0x7f00000002c0)='syz0\x00', 0x200002, 0x0) copy_file_range(r0, 0x0, r1, 0x0, 0xa1, 0x0) 11:38:19 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:38:19 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x10, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:38:19 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:38:19 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0xf0ffff, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:38:19 executing program 0: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x0) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x22902, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x81, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, r1, 0x0) copy_file_range(r0, 0x0, r1, 0x0, 0xa1, 0x0) 11:38:19 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:38:19 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:38:19 executing program 0: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x0) pipe2(&(0x7f0000000100), 0x4000) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x22902, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) copy_file_range(r0, 0x0, r1, 0x0, 0xa1, 0x0) 11:38:19 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:38:19 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:38:32 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x1000000, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:38:32 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:38:32 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(0xffffffffffffffff, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) 11:38:32 executing program 0: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x0) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x22902, 0x0) r2 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) copy_file_range(r0, 0x0, r1, 0x0, 0xa1, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r0, 0xc018937a, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r2, {0x1f}}, './file0\x00'}) perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x3f, 0x2, 0xfd, 0x2, 0x0, 0x0, 0x8c04, 0x4, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x1, @perf_bp={&(0x7f0000000100), 0x2}, 0x40, 0x3f, 0x100, 0x8, 0x5, 0x8000, 0x0, 0x0, 0x401, 0x0, 0x4}, 0xffffffffffffffff, 0xc, r3, 0x2) 11:38:32 executing program 3: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r3 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r4, 0x0, r3, 0x0, 0x200f5ef, 0x0) 11:38:32 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:38:32 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:38:32 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:38:33 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:38:33 executing program 0: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) accept4$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x0, @private0}, &(0x7f0000000140)=0x1c, 0x81000) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x22902, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$sock_ipv6_tunnel_SIOCDEL6RD(r2, 0x89fa, &(0x7f0000000240)={'sit0\x00', &(0x7f00000001c0)={'syztnl0\x00', 0x0, 0x29, 0x0, 0x0, 0x5, 0x4, @local, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x20, 0x8, 0x8, 0x7}}) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r0, 0x89fb, &(0x7f0000000300)={'ip6tnl0\x00', &(0x7f0000000280)={'syztnl1\x00', r3, 0x0, 0x7f, 0x81, 0x101, 0x3, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x10, 0x10, 0xe7a4, 0xfff}}) copy_file_range(r0, 0x0, r2, 0x0, 0xa1, 0x0) 11:38:33 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:38:33 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x2000000, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:38:33 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:38:48 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:38:48 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x3000000, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:38:48 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:38:48 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) (fail_nth: 1) 11:38:48 executing program 0: ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000100)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x3132}}, './file0\x00'}) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140), 0x6e, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/151, 0x97}], 0x1, &(0x7f00000002c0)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x28}, 0x40) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x652b}) fcntl$dupfd(r0, 0x406, r1) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x0) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0) r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x22902, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = openat(r3, &(0x7f0000000380)='./file0\x00', 0x604080, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000040)) sendfile(r4, r5, &(0x7f00000003c0)=0x6, 0x2) fcntl$setstatus(r2, 0x4, 0x2000) copy_file_range(r2, 0x0, r3, 0x0, 0xa1, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r6, 0x40086602, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_DISABLE(r6, 0x2401, 0x9) 11:38:48 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(0xffffffffffffffff, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) 11:38:48 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:38:48 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2021.971848] FAULT_INJECTION: forcing a failure. [ 2021.971848] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2021.973200] CPU: 0 PID: 14544 Comm: syz-executor.3 Not tainted 5.10.183 #1 [ 2021.973939] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2021.974844] Call Trace: [ 2021.975133] dump_stack+0x107/0x167 [ 2021.975534] should_fail.cold+0x5/0xa [ 2021.975946] _copy_from_user+0x2e/0x1b0 [ 2021.976378] __copy_msghdr_from_user+0x91/0x4b0 [ 2021.976876] ? __ia32_sys_shutdown+0x80/0x80 [ 2021.977357] ? perf_trace_lock+0xac/0x490 [ 2021.977803] ? __lock_acquire+0xbb1/0x5b00 [ 2021.978270] sendmsg_copy_msghdr+0xa1/0x160 [ 2021.978733] ? do_recvmmsg+0x6d0/0x6d0 [ 2021.979151] ? perf_trace_lock+0xac/0x490 [ 2021.979600] ? SOFTIRQ_verbose+0x10/0x10 [ 2021.980039] ? __lockdep_reset_lock+0x180/0x180 [ 2021.980542] ? perf_trace_lock+0xac/0x490 [ 2021.980999] ? SOFTIRQ_verbose+0x10/0x10 [ 2021.981440] ___sys_sendmsg+0xc6/0x170 [ 2021.981877] ? sendmsg_copy_msghdr+0x160/0x160 [ 2021.982403] ? __fget_files+0x26d/0x4c0 [ 2021.982851] ? lock_downgrade+0x6d0/0x6d0 [ 2021.983320] ? find_held_lock+0x2c/0x110 [ 2021.983779] ? __fget_files+0x296/0x4c0 [ 2021.984227] ? __fget_light+0xea/0x290 [ 2021.984668] __sys_sendmsg+0xe5/0x1b0 [ 2021.985089] ? __sys_sendmsg_sock+0x40/0x40 [ 2021.985578] ? rcu_read_lock_any_held+0x75/0xa0 [ 2021.986119] ? fput_many+0x2f/0x1a0 [ 2021.986528] ? ksys_write+0x1a9/0x260 [ 2021.986956] ? __ia32_sys_read+0xb0/0xb0 [ 2021.987414] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2021.988006] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2021.988589] ? trace_hardirqs_on+0x5b/0x180 [ 2021.989072] do_syscall_64+0x33/0x40 [ 2021.989489] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2021.990043] RIP: 0033:0x7f50c66fcb19 [ 2021.990462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2021.992506] RSP: 002b:00007f50c3c72188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2021.993357] RAX: ffffffffffffffda RBX: 00007f50c680ff60 RCX: 00007f50c66fcb19 [ 2021.994127] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000005 [ 2021.994927] RBP: 00007f50c3c721d0 R08: 0000000000000000 R09: 0000000000000000 [ 2021.995697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2021.996497] R13: 00007ffc258dc20f R14: 00007f50c3c72300 R15: 0000000000022000 11:38:49 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:38:49 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:38:49 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, 0xffffffffffffffff, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:38:49 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x4000000, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:38:49 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) (fail_nth: 2) 11:38:49 executing program 0: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x0) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x22902, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040)) copy_file_range(r0, &(0x7f0000000100)=0x20, r2, &(0x7f0000000140)=0x4, 0x6, 0x0) copy_file_range(r0, 0x0, r1, 0x0, 0xa1, 0x0) [ 2022.181304] FAULT_INJECTION: forcing a failure. [ 2022.181304] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2022.183919] CPU: 1 PID: 14558 Comm: syz-executor.3 Not tainted 5.10.183 #1 [ 2022.185429] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2022.187243] Call Trace: [ 2022.187817] dump_stack+0x107/0x167 [ 2022.188617] should_fail.cold+0x5/0xa [ 2022.189457] _copy_from_user+0x2e/0x1b0 [ 2022.190347] iovec_from_user+0x141/0x400 [ 2022.191234] __import_iovec+0x67/0x590 [ 2022.192079] ? __ia32_sys_shutdown+0x80/0x80 [ 2022.193035] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2022.194188] import_iovec+0x83/0xb0 [ 2022.194983] sendmsg_copy_msghdr+0x131/0x160 [ 2022.195936] ? do_recvmmsg+0x6d0/0x6d0 [ 2022.196785] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2022.197945] ? lock_downgrade+0x6d0/0x6d0 [ 2022.198847] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2022.199982] ? SOFTIRQ_verbose+0x10/0x10 [ 2022.200863] ___sys_sendmsg+0xc6/0x170 [ 2022.201707] ? sendmsg_copy_msghdr+0x160/0x160 [ 2022.202703] ? __fget_files+0x26d/0x4c0 [ 2022.203563] ? lock_downgrade+0x6d0/0x6d0 [ 2022.204461] ? find_held_lock+0x2c/0x110 [ 2022.205347] ? __fget_files+0x296/0x4c0 [ 2022.206230] ? __fget_light+0xea/0x290 [ 2022.207080] __sys_sendmsg+0xe5/0x1b0 [ 2022.207909] ? __sys_sendmsg_sock+0x40/0x40 [ 2022.208842] ? rcu_read_lock_any_held+0x75/0xa0 [ 2022.209853] ? fput_many+0x2f/0x1a0 [ 2022.210657] ? ksys_write+0x1a9/0x260 [ 2022.211492] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2022.212628] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2022.213756] ? trace_hardirqs_on+0x5b/0x180 [ 2022.214713] do_syscall_64+0x33/0x40 [ 2022.215532] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2022.216655] RIP: 0033:0x7f50c66fcb19 [ 2022.217470] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2022.221444] RSP: 002b:00007f50c3c72188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2022.223117] RAX: ffffffffffffffda RBX: 00007f50c680ff60 RCX: 00007f50c66fcb19 [ 2022.224675] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000005 [ 2022.226246] RBP: 00007f50c3c721d0 R08: 0000000000000000 R09: 0000000000000000 [ 2022.227755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2022.229309] R13: 00007ffc258dc20f R14: 00007f50c3c72300 R15: 0000000000022000 11:38:49 executing program 0: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x0) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x22902, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040)) r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) copy_file_range(r2, &(0x7f0000000100)=0x9, r3, 0x0, 0x6, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) copy_file_range(r0, 0x0, r1, 0x0, 0xa1, 0x0) recvmsg$unix(r2, &(0x7f0000000880)={&(0x7f0000000140), 0x6e, &(0x7f0000000700)=[{&(0x7f00000001c0)=""/161, 0xa1}, {&(0x7f0000000280)=""/205, 0xcd}, {&(0x7f0000000380)=""/166, 0xa6}, {&(0x7f0000000440)=""/34, 0x22}, {&(0x7f0000000480)=""/145, 0x91}, {&(0x7f0000000540)=""/138, 0x8a}, {&(0x7f0000000600)=""/71, 0x47}, {&(0x7f0000000680)=""/19, 0x13}, {&(0x7f00000006c0)=""/45, 0x2d}], 0x9, &(0x7f00000007c0)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x90}, 0x40010123) fsconfig$FSCONFIG_SET_FLAG(r4, 0x0, &(0x7f00000008c0)='sync\x00', 0x0, 0x0) 11:38:49 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:38:49 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x5000000, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:38:49 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(0xffffffffffffffff, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) 11:39:05 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, 0xffffffffffffffff, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:39:05 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:39:05 executing program 0: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x0) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x22902, 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(0xffffffffffffffff, 0xc0bc5351, &(0x7f0000000100)={0x6, 0x2, 'client0\x00', 0xc, "fb7192223e9b2ae0", "0edd2bcf95a72fa59612eb092308eaf77d6561f7a6a7c5fbddfc4b4137f30cdd", 0x4, 0x20}) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) copy_file_range(r0, 0x0, r1, 0x0, 0xa1, 0x0) 11:39:05 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x0, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) 11:39:05 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) (fail_nth: 3) 11:39:05 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:39:05 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x6000000, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:39:05 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2038.170033] FAULT_INJECTION: forcing a failure. [ 2038.170033] name failslab, interval 1, probability 0, space 0, times 0 [ 2038.171515] CPU: 0 PID: 14592 Comm: syz-executor.3 Not tainted 5.10.183 #1 [ 2038.172323] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2038.173209] Call Trace: [ 2038.173495] dump_stack+0x107/0x167 [ 2038.173878] should_fail.cold+0x5/0xa [ 2038.174295] ? __alloc_skb+0x6d/0x5b0 [ 2038.174704] should_failslab+0x5/0x20 [ 2038.175108] kmem_cache_alloc_node+0x55/0x330 [ 2038.175590] __alloc_skb+0x6d/0x5b0 [ 2038.175995] netlink_sendmsg+0x998/0xdf0 [ 2038.176428] ? netlink_unicast+0x7f0/0x7f0 [ 2038.176892] ? netlink_unicast+0x7f0/0x7f0 [ 2038.177340] sock_sendmsg+0x154/0x190 [ 2038.177765] ____sys_sendmsg+0x70d/0x870 [ 2038.178211] ? kernel_sendmsg+0x50/0x50 [ 2038.178639] ? do_recvmmsg+0x6d0/0x6d0 [ 2038.179054] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2038.179631] ? lock_downgrade+0x6d0/0x6d0 [ 2038.180093] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2038.180673] ? SOFTIRQ_verbose+0x10/0x10 [ 2038.181106] ___sys_sendmsg+0xf3/0x170 [ 2038.181538] ? sendmsg_copy_msghdr+0x160/0x160 [ 2038.182045] ? lock_downgrade+0x6d0/0x6d0 [ 2038.182525] ? find_held_lock+0x2c/0x110 [ 2038.182974] ? __fget_files+0x296/0x4c0 [ 2038.183424] ? __fget_light+0xea/0x290 [ 2038.183860] __sys_sendmsg+0xe5/0x1b0 [ 2038.184286] ? __sys_sendmsg_sock+0x40/0x40 [ 2038.184759] ? rcu_read_lock_any_held+0x75/0xa0 [ 2038.185284] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2038.185853] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2038.186415] ? trace_hardirqs_on+0x5b/0x180 [ 2038.186897] do_syscall_64+0x33/0x40 [ 2038.187306] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2038.187860] RIP: 0033:0x7f50c66fcb19 [ 2038.188270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2038.190259] RSP: 002b:00007f50c3c72188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2038.191065] RAX: ffffffffffffffda RBX: 00007f50c680ff60 RCX: 00007f50c66fcb19 [ 2038.191831] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000005 [ 2038.192604] RBP: 00007f50c3c721d0 R08: 0000000000000000 R09: 0000000000000000 [ 2038.193351] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2038.194094] R13: 00007ffc258dc20f R14: 00007f50c3c72300 R15: 0000000000022000 11:39:05 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, 0xffffffffffffffff, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:39:05 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:39:05 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x7000000, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:39:05 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 11:39:05 executing program 0: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x0) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x22902, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$inet6_icmp(0xa, 0x2, 0x3a) pread64(r2, &(0x7f0000000100), 0x0, 0x103) copy_file_range(r0, 0x0, r1, 0x0, 0xa1, 0x0) 11:39:05 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:39:05 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) (fail_nth: 4) 11:39:05 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x9000000, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:39:05 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2038.476467] FAULT_INJECTION: forcing a failure. [ 2038.476467] name failslab, interval 1, probability 0, space 0, times 0 [ 2038.477779] CPU: 0 PID: 14618 Comm: syz-executor.3 Not tainted 5.10.183 #1 [ 2038.478519] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2038.479405] Call Trace: [ 2038.479689] dump_stack+0x107/0x167 [ 2038.480076] should_fail.cold+0x5/0xa [ 2038.480484] ? create_object.isra.0+0x3a/0xa20 [ 2038.480974] should_failslab+0x5/0x20 [ 2038.481382] kmem_cache_alloc+0x5b/0x310 [ 2038.481826] create_object.isra.0+0x3a/0xa20 [ 2038.482300] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2038.482844] kmem_cache_alloc_node+0x169/0x330 [ 2038.483333] __alloc_skb+0x6d/0x5b0 [ 2038.483729] netlink_sendmsg+0x998/0xdf0 [ 2038.484167] ? netlink_unicast+0x7f0/0x7f0 [ 2038.484629] ? netlink_unicast+0x7f0/0x7f0 [ 2038.485073] sock_sendmsg+0x154/0x190 [ 2038.485479] ____sys_sendmsg+0x70d/0x870 [ 2038.485919] ? kernel_sendmsg+0x50/0x50 [ 2038.486356] ? do_recvmmsg+0x6d0/0x6d0 [ 2038.486773] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2038.487350] ? lock_downgrade+0x6d0/0x6d0 [ 2038.487814] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2038.488389] ? SOFTIRQ_verbose+0x10/0x10 [ 2038.488855] ___sys_sendmsg+0xf3/0x170 [ 2038.489280] ? sendmsg_copy_msghdr+0x160/0x160 [ 2038.489787] ? lock_downgrade+0x6d0/0x6d0 [ 2038.490252] ? find_held_lock+0x2c/0x110 [ 2038.490708] ? __fget_files+0x296/0x4c0 [ 2038.491141] ? __fget_light+0xea/0x290 [ 2038.491568] __sys_sendmsg+0xe5/0x1b0 [ 2038.491971] ? __sys_sendmsg_sock+0x40/0x40 [ 2038.492424] ? rcu_read_lock_any_held+0x75/0xa0 [ 2038.492940] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2038.493507] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2038.494067] ? trace_hardirqs_on+0x5b/0x180 [ 2038.494546] do_syscall_64+0x33/0x40 [ 2038.494948] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2038.495504] RIP: 0033:0x7f50c66fcb19 [ 2038.495910] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2038.497858] RSP: 002b:00007f50c3c72188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2038.498700] RAX: ffffffffffffffda RBX: 00007f50c680ff60 RCX: 00007f50c66fcb19 [ 2038.499496] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000005 [ 2038.500276] RBP: 00007f50c3c721d0 R08: 0000000000000000 R09: 0000000000000000 [ 2038.501062] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2038.501850] R13: 00007ffc258dc20f R14: 00007f50c3c72300 R15: 0000000000022000 11:39:18 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:39:18 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) (fail_nth: 5) 11:39:18 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 11:39:18 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0xf000000, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:39:18 executing program 0: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x0) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x22902, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000080)={0x0}, &(0x7f00000000c0)=0xc) sendmsg$nl_generic(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x11c, 0x1a, 0x101, 0x0, 0x0, {0xff}, [@nested={0x105, 0x25, 0x0, 0x1, [@generic="caff25b868a39ed4f2a98bedf9e7f94d9628c4586ab630065adb5ce99324b2bc290f13aaa1b375a91e26c2e7647f0d4d4129cf29156cafb37b67d8609b9d63f634ad9faeaf176fa600eceb94d94b06860dea939978653564f61cfdf4d594a7aae471765651af4f", @typed={0x4, 0x12}, @typed={0xa, 0x59, 0x0, 0x0, @str='*)#$&\x00'}, @typed={0x8, 0x43, 0x0, 0x0, @uid=0xee00}, @generic="ba4c73269591ea34f14ad506aceac7dd54d3156932a0d02341122f6cbaa54dc8b4d0b01ac37d2225ed37bacfd3e71c9180b14c5d116c85a770f26c96ebae790c221badd433486d34cfe813c7c7efa569409a5bf71d579de88755b8666c240f1543c8d56c3addf242adebf601e0af1c3546ab", @typed={0x8, 0x30, 0x0, 0x0, @u32=0x100}, @typed={0x8, 0x37, 0x0, 0x0, @pid=r4}]}]}, 0x11c}}, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x12446, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, r4, 0x0, 0xffffffffffffffff, 0x0) r5 = socket$inet6(0xa, 0x1, 0x6) ioctl$BTRFS_IOC_BALANCE_CTL(r5, 0x40049421, 0x1) copy_file_range(r0, 0x0, r1, 0x0, 0xa1, 0x0) 11:39:18 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x0, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) 11:39:18 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:39:18 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, 0x0, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:39:18 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, 0x0, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2051.544154] FAULT_INJECTION: forcing a failure. [ 2051.544154] name failslab, interval 1, probability 0, space 0, times 0 [ 2051.545444] CPU: 1 PID: 14638 Comm: syz-executor.3 Not tainted 5.10.183 #1 [ 2051.546179] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2051.547091] Call Trace: [ 2051.547378] dump_stack+0x107/0x167 [ 2051.547771] should_fail.cold+0x5/0xa [ 2051.548186] should_failslab+0x5/0x20 [ 2051.548598] __kmalloc_node_track_caller+0x74/0x3b0 [ 2051.549134] ? netlink_sendmsg+0x998/0xdf0 [ 2051.549588] __alloc_skb+0xb1/0x5b0 [ 2051.549994] netlink_sendmsg+0x998/0xdf0 [ 2051.550448] ? netlink_unicast+0x7f0/0x7f0 [ 2051.550907] ? netlink_unicast+0x7f0/0x7f0 [ 2051.551355] sock_sendmsg+0x154/0x190 [ 2051.551761] ____sys_sendmsg+0x70d/0x870 [ 2051.552201] ? kernel_sendmsg+0x50/0x50 [ 2051.552625] ? do_recvmmsg+0x6d0/0x6d0 [ 2051.553056] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2051.553636] ? lock_downgrade+0x6d0/0x6d0 [ 2051.554095] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2051.554667] ? SOFTIRQ_verbose+0x10/0x10 [ 2051.555102] ___sys_sendmsg+0xf3/0x170 [ 2051.555520] ? sendmsg_copy_msghdr+0x160/0x160 [ 2051.556009] ? lock_downgrade+0x6d0/0x6d0 [ 2051.556467] ? find_held_lock+0x2c/0x110 [ 2051.556914] ? __fget_files+0x296/0x4c0 [ 2051.557360] ? __fget_light+0xea/0x290 [ 2051.557784] __sys_sendmsg+0xe5/0x1b0 [ 2051.558190] ? __sys_sendmsg_sock+0x40/0x40 [ 2051.558659] ? rcu_read_lock_any_held+0x75/0xa0 [ 2051.559165] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2051.559731] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2051.560286] ? trace_hardirqs_on+0x5b/0x180 [ 2051.560753] do_syscall_64+0x33/0x40 [ 2051.561162] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2051.561714] RIP: 0033:0x7f50c66fcb19 [ 2051.562135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2051.564144] RSP: 002b:00007f50c3c72188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2051.564977] RAX: ffffffffffffffda RBX: 00007f50c680ff60 RCX: 00007f50c66fcb19 [ 2051.565751] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000005 [ 2051.566537] RBP: 00007f50c3c721d0 R08: 0000000000000000 R09: 0000000000000000 [ 2051.567326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2051.568091] R13: 00007ffc258dc20f R14: 00007f50c3c72300 R15: 0000000000022000 11:39:18 executing program 0: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x0) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0) sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r0, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="200026bd7046954337592a7de099002b0e0000210000001500b3f5020000000600b300000000000600b300000000000600b300000000000600b300010000000600b3000100004635679b05e53832cd46dc068edc60614572ff7b6dd15db6262fd1bacd8b5622dd4a776d1dfa1cf115a344f87ab249b27960d7b9c8e8fb9d7e268d98bd74800ec42a8db7d96a"], 0x58}, 0x1, 0x0, 0x0, 0x4004014}, 0x80) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x22902, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x2, 0x40000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) copy_file_range(r0, 0x0, r1, 0x0, 0xa1, 0x0) 11:39:18 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2051.606484] audit: type=1400 audit(1686569958.594:28): avc: denied { tracepoint } for pid=14642 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 11:39:18 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x9effffff, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:39:18 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) (fail_nth: 6) 11:39:18 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:39:18 executing program 0: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x0) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0) readv(r0, &(0x7f0000001540)=[{&(0x7f0000000100)=""/21, 0x15}, {&(0x7f0000000140)=""/92, 0x5c}, {&(0x7f00000001c0)=""/106, 0x6a}, {&(0x7f0000000240)=""/78, 0x4e}, {&(0x7f00000002c0)=""/230, 0xe6}, {&(0x7f00000003c0)=""/237, 0xed}, {&(0x7f00000004c0)=""/121, 0x79}, {&(0x7f0000000540)=""/4096, 0x1000}], 0x8) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x22902, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) copy_file_range(r0, 0x0, r1, 0x0, 0xa1, 0x0) 11:39:18 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, 0x0, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2051.775089] FAULT_INJECTION: forcing a failure. [ 2051.775089] name failslab, interval 1, probability 0, space 0, times 0 [ 2051.777595] CPU: 0 PID: 14655 Comm: syz-executor.3 Not tainted 5.10.183 #1 [ 2051.779126] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2051.780790] Call Trace: [ 2051.781321] dump_stack+0x107/0x167 [ 2051.782059] should_fail.cold+0x5/0xa [ 2051.782841] ? create_object.isra.0+0x3a/0xa20 [ 2051.783786] should_failslab+0x5/0x20 [ 2051.784575] kmem_cache_alloc+0x5b/0x310 [ 2051.785408] create_object.isra.0+0x3a/0xa20 [ 2051.786323] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2051.787355] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 2051.788378] ? netlink_sendmsg+0x998/0xdf0 [ 2051.789236] __alloc_skb+0xb1/0x5b0 [ 2051.789974] netlink_sendmsg+0x998/0xdf0 [ 2051.790805] ? netlink_unicast+0x7f0/0x7f0 [ 2051.791666] ? netlink_unicast+0x7f0/0x7f0 [ 2051.792515] sock_sendmsg+0x154/0x190 [ 2051.793289] ____sys_sendmsg+0x70d/0x870 [ 2051.794107] ? kernel_sendmsg+0x50/0x50 [ 2051.794918] ? do_recvmmsg+0x6d0/0x6d0 [ 2051.795701] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2051.796752] ? lock_downgrade+0x6d0/0x6d0 [ 2051.797588] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2051.798645] ? SOFTIRQ_verbose+0x10/0x10 [ 2051.799463] ___sys_sendmsg+0xf3/0x170 [ 2051.800247] ? sendmsg_copy_msghdr+0x160/0x160 [ 2051.801179] ? lock_downgrade+0x6d0/0x6d0 [ 2051.802021] ? find_held_lock+0x2c/0x110 [ 2051.802865] ? __fget_files+0x296/0x4c0 [ 2051.803685] ? __fget_light+0xea/0x290 [ 2051.804472] __sys_sendmsg+0xe5/0x1b0 [ 2051.805250] ? __sys_sendmsg_sock+0x40/0x40 [ 2051.806130] ? rcu_read_lock_any_held+0x75/0xa0 [ 2051.807085] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2051.808161] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2051.809205] ? trace_hardirqs_on+0x5b/0x180 [ 2051.810076] do_syscall_64+0x33/0x40 [ 2051.810837] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2051.811865] RIP: 0033:0x7f50c66fcb19 [ 2051.812615] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2051.816318] RSP: 002b:00007f50c3c72188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2051.817856] RAX: ffffffffffffffda RBX: 00007f50c680ff60 RCX: 00007f50c66fcb19 [ 2051.819301] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000005 [ 2051.820741] RBP: 00007f50c3c721d0 R08: 0000000000000000 R09: 0000000000000000 [ 2051.822178] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2051.823621] R13: 00007ffc258dc20f R14: 00007f50c3c72300 R15: 0000000000022000 11:39:30 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:39:30 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0xe394e2ff, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:39:30 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:39:30 executing program 0: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x0) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x22902, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) ioctl$FIBMAP(r2, 0x1, &(0x7f0000000140)=0x80000001) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) readv(r4, &(0x7f0000000400)=[{&(0x7f0000000240)=""/4, 0x4}, {&(0x7f0000000280)=""/55, 0x37}, {&(0x7f00000002c0)=""/168, 0xa8}, {&(0x7f0000000380)=""/37, 0x25}, {&(0x7f00000003c0)=""/22, 0x16}], 0x5) copy_file_range(r3, 0x0, r2, 0x0, 0x200f5ef, 0x0) ioctl$BLKIOOPT(r2, 0x1279, &(0x7f0000000100)) ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f0000000480)=ANY=[@ANYBLOB="0000000000000000010000000d271ae7ec6ed514bd5bc822c1000000007600000000000000000000000000000000000000000000000000000003000000050000000000008000000000bc27138bffffffff060000000020000006000000000000000000001f00000000000000000000000000000000000000000000000005000000080000000000000040000000000000000500000000000000faffffffffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3c44028b52c43271dc7eb3a2bf77d51b8a6bded5f6c739411ad264d89cb9e078c06fada562828925f2f8523760fe510acb0945088218ea35e1ef7ddf3cc2800"/312]) r5 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r6, 0x0, r5, 0x0, 0x200f5ef, 0x0) ioctl$BLKFLSBUF(r5, 0x1261, &(0x7f0000000180)) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) copy_file_range(r0, 0x0, r1, 0x0, 0xa1, 0x0) 11:39:30 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:39:30 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) (fail_nth: 7) 11:39:30 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x0, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) 11:39:30 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x10, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2063.924043] FAULT_INJECTION: forcing a failure. [ 2063.924043] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2063.926584] CPU: 1 PID: 14680 Comm: syz-executor.3 Not tainted 5.10.183 #1 [ 2063.927971] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2063.929742] Call Trace: [ 2063.930278] dump_stack+0x107/0x167 [ 2063.931026] should_fail.cold+0x5/0xa [ 2063.931841] _copy_from_iter_full+0x201/0xa60 [ 2063.932838] ? __virt_addr_valid+0x128/0x350 [ 2063.933887] ? __check_object_size+0x319/0x440 [ 2063.934827] netlink_sendmsg+0x879/0xdf0 [ 2063.935655] ? netlink_unicast+0x7f0/0x7f0 [ 2063.936585] ? netlink_unicast+0x7f0/0x7f0 [ 2063.937483] sock_sendmsg+0x154/0x190 [ 2063.938250] ____sys_sendmsg+0x70d/0x870 [ 2063.939079] ? kernel_sendmsg+0x50/0x50 [ 2063.939962] ? do_recvmmsg+0x6d0/0x6d0 [ 2063.940746] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2063.941837] ? lock_downgrade+0x6d0/0x6d0 [ 2063.942861] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2063.943975] ? SOFTIRQ_verbose+0x10/0x10 [ 2063.944791] ___sys_sendmsg+0xf3/0x170 [ 2063.945575] ? sendmsg_copy_msghdr+0x160/0x160 [ 2063.946522] ? lock_downgrade+0x6d0/0x6d0 [ 2063.947361] ? find_held_lock+0x2c/0x110 [ 2063.948311] ? __fget_files+0x296/0x4c0 [ 2063.949132] ? __fget_light+0xea/0x290 [ 2063.950020] __sys_sendmsg+0xe5/0x1b0 [ 2063.950832] ? __sys_sendmsg_sock+0x40/0x40 [ 2063.951704] ? rcu_read_lock_any_held+0x75/0xa0 [ 2063.952664] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2063.953721] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2063.954774] ? trace_hardirqs_on+0x5b/0x180 [ 2063.955650] do_syscall_64+0x33/0x40 [ 2063.956408] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2063.957442] RIP: 0033:0x7f50c66fcb19 [ 2063.958189] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2063.961992] RSP: 002b:00007f50c3c72188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2063.963833] RAX: ffffffffffffffda RBX: 00007f50c680ff60 RCX: 00007f50c66fcb19 [ 2063.965289] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000005 [ 2063.966764] RBP: 00007f50c3c721d0 R08: 0000000000000000 R09: 0000000000000000 [ 2063.968325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2063.969789] R13: 00007ffc258dc20f R14: 00007f50c3c72300 R15: 0000000000022000 11:39:30 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:39:31 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0xf0ffffff, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:39:31 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x10, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:39:31 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x10, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:39:31 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:39:31 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) (fail_nth: 8) 11:39:31 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0xffe294e3, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) [ 2064.357588] FAULT_INJECTION: forcing a failure. [ 2064.357588] name failslab, interval 1, probability 0, space 0, times 0 [ 2064.360066] CPU: 0 PID: 14698 Comm: syz-executor.3 Not tainted 5.10.183 #1 [ 2064.361534] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2064.363203] Call Trace: [ 2064.363743] dump_stack+0x107/0x167 [ 2064.364483] should_fail.cold+0x5/0xa [ 2064.365258] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x280 [ 2064.366585] should_failslab+0x5/0x20 [ 2064.367351] __kmalloc+0x72/0x390 [ 2064.368060] genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x280 [ 2064.369334] ? genl_rcv_msg+0x3f8/0x5a0 [ 2064.370138] genl_family_rcv_msg_doit+0xda/0x330 [ 2064.371113] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 2064.372438] ? memset+0x20/0x50 [ 2064.373116] ? genl_op_from_small+0x23/0x3d0 [ 2064.374004] ? genl_get_cmd+0x3cf/0x480 [ 2064.374849] genl_rcv_msg+0x33c/0x5a0 [ 2064.375627] ? genl_get_cmd+0x480/0x480 [ 2064.376428] ? netlbl_mgmt_listall_cb+0x360/0x360 [ 2064.377406] ? lock_release+0x680/0x680 [ 2064.378209] ? __lockdep_reset_lock+0x180/0x180 [ 2064.379164] netlink_rcv_skb+0x14b/0x430 [ 2064.379984] ? genl_get_cmd+0x480/0x480 [ 2064.380786] ? netlink_ack+0xab0/0xab0 [ 2064.381592] ? netlink_deliver_tap+0x1c4/0xcd0 [ 2064.382513] ? is_vmalloc_addr+0x7b/0xb0 [ 2064.383335] genl_rcv+0x24/0x40 [ 2064.384002] netlink_unicast+0x549/0x7f0 [ 2064.384834] ? netlink_attachskb+0x870/0x870 [ 2064.385724] ? __virt_addr_valid+0x128/0x350 [ 2064.386647] netlink_sendmsg+0x90f/0xdf0 [ 2064.387478] ? netlink_unicast+0x7f0/0x7f0 [ 2064.388348] ? netlink_unicast+0x7f0/0x7f0 [ 2064.389195] sock_sendmsg+0x154/0x190 [ 2064.389974] ____sys_sendmsg+0x70d/0x870 [ 2064.390797] ? kernel_sendmsg+0x50/0x50 [ 2064.391597] ? do_recvmmsg+0x6d0/0x6d0 [ 2064.392374] ? perf_trace_lock+0xac/0x490 [ 2064.393225] ? __lockdep_reset_lock+0x180/0x180 [ 2064.394149] ? perf_trace_lock+0xac/0x490 [ 2064.394995] ? SOFTIRQ_verbose+0x10/0x10 [ 2064.395818] ___sys_sendmsg+0xf3/0x170 [ 2064.396604] ? sendmsg_copy_msghdr+0x160/0x160 [ 2064.397522] ? lock_downgrade+0x6d0/0x6d0 [ 2064.398355] ? find_held_lock+0x2c/0x110 [ 2064.399194] ? __fget_files+0x296/0x4c0 [ 2064.400008] ? __fget_light+0xea/0x290 [ 2064.400800] __sys_sendmsg+0xe5/0x1b0 [ 2064.401569] ? __sys_sendmsg_sock+0x40/0x40 [ 2064.402430] ? rcu_read_lock_any_held+0x75/0xa0 [ 2064.403412] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2064.404465] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2064.405499] ? trace_hardirqs_on+0x5b/0x180 [ 2064.406372] do_syscall_64+0x33/0x40 [ 2064.407131] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2064.408155] RIP: 0033:0x7f50c66fcb19 [ 2064.408911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2064.412605] RSP: 002b:00007f50c3c72188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2064.414137] RAX: ffffffffffffffda RBX: 00007f50c680ff60 RCX: 00007f50c66fcb19 [ 2064.415582] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000005 [ 2064.417010] RBP: 00007f50c3c721d0 R08: 0000000000000000 R09: 0000000000000000 [ 2064.418453] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2064.419891] R13: 00007ffc258dc20f R14: 00007f50c3c72300 R15: 0000000000022000 11:39:45 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:39:45 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:39:45 executing program 0: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x0) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x22902, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x10000, 0x0, 0x5, 0x0, 0x8000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000040000000}, 0x0, 0x2, 0xffffffffffffffff, 0x0) copy_file_range(r0, 0x0, r1, 0x0, 0xa1, 0x0) 11:39:45 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:39:45 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x0, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) 11:39:45 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0xfffff000, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:39:45 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) (fail_nth: 9) 11:39:45 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) [ 2078.512534] FAULT_INJECTION: forcing a failure. [ 2078.512534] name failslab, interval 1, probability 0, space 0, times 0 [ 2078.515081] CPU: 0 PID: 14726 Comm: syz-executor.3 Not tainted 5.10.183 #1 [ 2078.516546] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2078.518317] Call Trace: [ 2078.518908] dump_stack+0x107/0x167 [ 2078.519693] should_fail.cold+0x5/0xa [ 2078.520509] ? create_object.isra.0+0x3a/0xa20 [ 2078.521495] should_failslab+0x5/0x20 [ 2078.522306] kmem_cache_alloc+0x5b/0x310 [ 2078.523308] ? lock_release+0x680/0x680 [ 2078.524130] create_object.isra.0+0x3a/0xa20 [ 2078.525210] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2078.526247] __kmalloc+0x16e/0x390 [ 2078.527066] genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x280 [ 2078.528349] ? genl_rcv_msg+0x3f8/0x5a0 [ 2078.529156] genl_family_rcv_msg_doit+0xda/0x330 [ 2078.530117] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 2078.531484] ? memset+0x20/0x50 [ 2078.532159] ? genl_op_from_small+0x23/0x3d0 [ 2078.533066] ? genl_get_cmd+0x3cf/0x480 [ 2078.533880] genl_rcv_msg+0x33c/0x5a0 [ 2078.534700] ? genl_get_cmd+0x480/0x480 [ 2078.535518] ? netlbl_mgmt_listall_cb+0x360/0x360 [ 2078.536641] ? lock_release+0x680/0x680 [ 2078.537681] ? netlink_deliver_tap+0xf4/0xcd0 [ 2078.538880] netlink_rcv_skb+0x14b/0x430 [ 2078.539948] ? genl_get_cmd+0x480/0x480 [ 2078.540878] ? netlink_ack+0xab0/0xab0 [ 2078.541722] ? netlink_deliver_tap+0x1c4/0xcd0 [ 2078.542682] ? is_vmalloc_addr+0x7b/0xb0 [ 2078.543573] genl_rcv+0x24/0x40 [ 2078.544249] netlink_unicast+0x549/0x7f0 [ 2078.545077] ? netlink_attachskb+0x870/0x870 [ 2078.545965] ? __virt_addr_valid+0x128/0x350 [ 2078.546872] netlink_sendmsg+0x90f/0xdf0 [ 2078.547705] ? netlink_unicast+0x7f0/0x7f0 [ 2078.548586] ? netlink_unicast+0x7f0/0x7f0 [ 2078.549441] sock_sendmsg+0x154/0x190 [ 2078.550219] ____sys_sendmsg+0x70d/0x870 [ 2078.551066] ? kernel_sendmsg+0x50/0x50 [ 2078.551873] ? do_recvmmsg+0x6d0/0x6d0 [ 2078.552663] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2078.553727] ? lock_downgrade+0x6d0/0x6d0 [ 2078.554572] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2078.555636] ? SOFTIRQ_verbose+0x10/0x10 [ 2078.556462] ___sys_sendmsg+0xf3/0x170 [ 2078.557252] ? sendmsg_copy_msghdr+0x160/0x160 [ 2078.558181] ? lock_downgrade+0x6d0/0x6d0 [ 2078.559033] ? find_held_lock+0x2c/0x110 [ 2078.559866] ? __fget_files+0x296/0x4c0 [ 2078.560686] ? __fget_light+0xea/0x290 [ 2078.561482] __sys_sendmsg+0xe5/0x1b0 [ 2078.562251] ? __sys_sendmsg_sock+0x40/0x40 [ 2078.563135] ? rcu_read_lock_any_held+0x75/0xa0 [ 2078.564100] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2078.565167] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2078.566214] ? trace_hardirqs_on+0x5b/0x180 [ 2078.567100] do_syscall_64+0x33/0x40 [ 2078.567872] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2078.568898] RIP: 0033:0x7f50c66fcb19 [ 2078.569651] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2078.573323] RSP: 002b:00007f50c3c72188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2078.574863] RAX: ffffffffffffffda RBX: 00007f50c680ff60 RCX: 00007f50c66fcb19 [ 2078.576286] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000005 [ 2078.577713] RBP: 00007f50c3c721d0 R08: 0000000000000000 R09: 0000000000000000 [ 2078.579145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2078.580568] R13: 00007ffc258dc20f R14: 00007f50c3c72300 R15: 0000000000022000 11:39:45 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:39:45 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0xffffff7f, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:39:45 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:39:45 executing program 0: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000040)) ioctl$F2FS_IOC_SET_PIN_FILE(r1, 0x4004f50d, &(0x7f0000000200)) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0) getsockopt$inet6_mreq(r0, 0x29, 0x14, &(0x7f0000000180), &(0x7f00000001c0)=0x14) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x22902, 0x0) r2 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0xffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fsetxattr$security_selinux(r2, &(0x7f0000000100), &(0x7f0000000140)='system_u:object_r:sendmail_exec_t:s0\x00', 0x25, 0x2) 11:39:45 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) (fail_nth: 10) 11:39:45 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:39:45 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0xffffff9e, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) [ 2078.805154] FAULT_INJECTION: forcing a failure. [ 2078.805154] name failslab, interval 1, probability 0, space 0, times 0 [ 2078.807516] CPU: 1 PID: 14740 Comm: syz-executor.3 Not tainted 5.10.183 #1 [ 2078.808778] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2078.810317] Call Trace: [ 2078.810809] dump_stack+0x107/0x167 [ 2078.811479] should_fail.cold+0x5/0xa [ 2078.812237] ? __alloc_skb+0x6d/0x5b0 [ 2078.812973] should_failslab+0x5/0x20 [ 2078.813683] kmem_cache_alloc_node+0x55/0x330 [ 2078.814492] __alloc_skb+0x6d/0x5b0 [ 2078.815179] netlbl_mgmt_listdef+0xba/0x5f0 [ 2078.815966] genl_family_rcv_msg_doit+0x22d/0x330 [ 2078.816889] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 2078.818086] ? genl_op_from_small+0x23/0x3d0 [ 2078.818904] ? genl_get_cmd+0x3cf/0x480 [ 2078.819639] genl_rcv_msg+0x33c/0x5a0 [ 2078.820410] ? genl_get_cmd+0x480/0x480 [ 2078.821129] ? netlbl_mgmt_listall_cb+0x360/0x360 [ 2078.822004] ? lock_release+0x680/0x680 [ 2078.822728] ? netlink_deliver_tap+0xf4/0xcd0 [ 2078.823598] netlink_rcv_skb+0x14b/0x430 [ 2078.824335] ? genl_get_cmd+0x480/0x480 [ 2078.825056] ? netlink_ack+0xab0/0xab0 [ 2078.825815] ? netlink_deliver_tap+0x1c4/0xcd0 [ 2078.826770] ? is_vmalloc_addr+0x7b/0xb0 [ 2078.827511] genl_rcv+0x24/0x40 [ 2078.828107] netlink_unicast+0x549/0x7f0 [ 2078.828849] ? netlink_attachskb+0x870/0x870 [ 2078.829713] ? __virt_addr_valid+0x128/0x350 [ 2078.830522] netlink_sendmsg+0x90f/0xdf0 [ 2078.831369] ? netlink_unicast+0x7f0/0x7f0 [ 2078.832201] ? netlink_unicast+0x7f0/0x7f0 [ 2078.833084] sock_sendmsg+0x154/0x190 [ 2078.833798] ____sys_sendmsg+0x70d/0x870 [ 2078.834563] ? kernel_sendmsg+0x50/0x50 [ 2078.835394] ? do_recvmmsg+0x6d0/0x6d0 [ 2078.836096] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2078.837071] ? lock_downgrade+0x6d0/0x6d0 [ 2078.837838] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2078.838909] ? SOFTIRQ_verbose+0x10/0x10 [ 2078.839695] ___sys_sendmsg+0xf3/0x170 [ 2078.840426] ? sendmsg_copy_msghdr+0x160/0x160 [ 2078.841328] ? lock_downgrade+0x6d0/0x6d0 [ 2078.842140] ? find_held_lock+0x2c/0x110 [ 2078.842891] ? __fget_files+0x296/0x4c0 [ 2078.843619] ? __fget_light+0xea/0x290 [ 2078.844332] __sys_sendmsg+0xe5/0x1b0 [ 2078.845114] ? __sys_sendmsg_sock+0x40/0x40 [ 2078.845892] ? rcu_read_lock_any_held+0x75/0xa0 [ 2078.846752] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2078.847794] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2078.848824] ? trace_hardirqs_on+0x5b/0x180 [ 2078.849608] do_syscall_64+0x33/0x40 [ 2078.850278] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2078.851282] RIP: 0033:0x7f50c66fcb19 [ 2078.852072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2078.855435] RSP: 002b:00007f50c3c72188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2078.856849] RAX: ffffffffffffffda RBX: 00007f50c680ff60 RCX: 00007f50c66fcb19 [ 2078.858197] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000005 [ 2078.859495] RBP: 00007f50c3c721d0 R08: 0000000000000000 R09: 0000000000000000 [ 2078.860824] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2078.862156] R13: 00007ffc258dc20f R14: 00007f50c3c72300 R15: 0000000000022000 11:39:45 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:39:59 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) (fail_nth: 11) 11:39:59 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:39:59 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:39:59 executing program 0: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x0) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0) bind$netlink(r0, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbff, 0x100000}, 0xc) bind$netlink(r0, &(0x7f0000000140)={0x10, 0x0, 0x25dfdbfb, 0x20}, 0xc) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x22902, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) copy_file_range(r0, 0x0, r1, 0x0, 0xa1, 0x0) 11:39:59 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x0, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) 11:39:59 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:39:59 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0xfffffff0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:39:59 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) [ 2092.584123] FAULT_INJECTION: forcing a failure. [ 2092.584123] name failslab, interval 1, probability 0, space 0, times 0 [ 2092.587054] CPU: 0 PID: 14766 Comm: syz-executor.3 Not tainted 5.10.183 #1 [ 2092.588726] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2092.590480] Call Trace: [ 2092.591131] dump_stack+0x107/0x167 [ 2092.591913] should_fail.cold+0x5/0xa [ 2092.592727] ? create_object.isra.0+0x3a/0xa20 [ 2092.593703] should_failslab+0x5/0x20 [ 2092.594503] kmem_cache_alloc+0x5b/0x310 [ 2092.595373] create_object.isra.0+0x3a/0xa20 [ 2092.596301] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2092.597370] kmem_cache_alloc_node+0x169/0x330 [ 2092.598337] __alloc_skb+0x6d/0x5b0 [ 2092.599132] netlbl_mgmt_listdef+0xba/0x5f0 [ 2092.600051] genl_family_rcv_msg_doit+0x22d/0x330 [ 2092.601071] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 2092.602463] ? genl_op_from_small+0x23/0x3d0 [ 2092.603402] ? genl_get_cmd+0x3cf/0x480 [ 2092.604255] genl_rcv_msg+0x33c/0x5a0 [ 2092.605073] ? genl_get_cmd+0x480/0x480 [ 2092.606006] ? netlbl_mgmt_listall_cb+0x360/0x360 [ 2092.607057] ? lock_release+0x680/0x680 [ 2092.607898] ? netlink_deliver_tap+0xf4/0xcd0 [ 2092.608849] netlink_rcv_skb+0x14b/0x430 [ 2092.609710] ? genl_get_cmd+0x480/0x480 [ 2092.610558] ? netlink_ack+0xab0/0xab0 [ 2092.611406] ? netlink_deliver_tap+0x1c4/0xcd0 [ 2092.612367] ? is_vmalloc_addr+0x7b/0xb0 [ 2092.613234] genl_rcv+0x24/0x40 [ 2092.613936] netlink_unicast+0x549/0x7f0 [ 2092.614828] ? netlink_attachskb+0x870/0x870 [ 2092.615758] ? __virt_addr_valid+0x128/0x350 [ 2092.616701] netlink_sendmsg+0x90f/0xdf0 [ 2092.617564] ? netlink_unicast+0x7f0/0x7f0 [ 2092.618472] ? netlink_unicast+0x7f0/0x7f0 [ 2092.619373] sock_sendmsg+0x154/0x190 [ 2092.620184] ____sys_sendmsg+0x70d/0x870 [ 2092.621041] ? kernel_sendmsg+0x50/0x50 [ 2092.621874] ? do_recvmmsg+0x6d0/0x6d0 [ 2092.622694] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2092.623808] ? lock_downgrade+0x6d0/0x6d0 [ 2092.624689] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2092.625790] ? SOFTIRQ_verbose+0x10/0x10 [ 2092.626651] ___sys_sendmsg+0xf3/0x170 [ 2092.627494] ? sendmsg_copy_msghdr+0x160/0x160 [ 2092.628463] ? lock_downgrade+0x6d0/0x6d0 [ 2092.629345] ? find_held_lock+0x2c/0x110 [ 2092.630214] ? __fget_files+0x296/0x4c0 [ 2092.631114] ? __fget_light+0xea/0x290 [ 2092.631949] __sys_sendmsg+0xe5/0x1b0 [ 2092.632753] ? __sys_sendmsg_sock+0x40/0x40 [ 2092.633660] ? rcu_read_lock_any_held+0x75/0xa0 [ 2092.634662] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2092.635789] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2092.636873] ? trace_hardirqs_on+0x5b/0x180 [ 2092.637787] do_syscall_64+0x33/0x40 [ 2092.638576] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2092.639662] RIP: 0033:0x7f50c66fcb19 [ 2092.640451] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2092.644322] RSP: 002b:00007f50c3c72188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2092.645922] RAX: ffffffffffffffda RBX: 00007f50c680ff60 RCX: 00007f50c66fcb19 [ 2092.647445] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000005 [ 2092.648942] RBP: 00007f50c3c721d0 R08: 0000000000000000 R09: 0000000000000000 [ 2092.650440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2092.651957] R13: 00007ffc258dc20f R14: 00007f50c3c72300 R15: 0000000000022000 11:39:59 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:39:59 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) (fail_nth: 12) 11:39:59 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:39:59 executing program 0: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x0) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0) setsockopt$SO_BINDTODEVICE_wg(r0, 0x1, 0x19, &(0x7f0000000240)='wg2\x00', 0x4) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x22902, 0x0) r2 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)={0x10040, 0x120, 0x10}, 0x18) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) openat$incfs(r3, &(0x7f00000002c0)='.pending_reads\x00', 0x80000, 0x1) r4 = pidfd_getfd(r0, r2, 0x0) ioctl$BTRFS_IOC_DEFRAG_RANGE(r1, 0x40309410, &(0x7f0000000280)={0xe37, 0x800, 0x1, 0x101, 0x2, [0xfffffffd, 0xe97, 0x8, 0x4]}) setns(r4, 0x20000000) ioctl$INCFS_IOC_FILL_BLOCKS(r2, 0x80106720, &(0x7f0000000180)={0x0, 0xffffffffffffffff}) r5 = perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x1ff, 0x5ad8}, 0x0, 0xd3}, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x1d, &(0x7f00000001c0), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000040)=0x0) r8 = syz_open_dev$tty1(0xc, 0x4, 0x1) syz_io_uring_submit(r6, r7, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd=r8, 0x0, 0x0, 0x0, 0x3}, 0x0) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r6, 0x0, &(0x7f0000000040)=@IORING_OP_CLOSE={0x13, 0x2fe83f3db2b5c217, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r9}}, 0x8) copy_file_range(r0, 0x0, r1, 0x0, 0xa1, 0x0) 11:39:59 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0xffffffff, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) [ 2092.842708] FAULT_INJECTION: forcing a failure. [ 2092.842708] name failslab, interval 1, probability 0, space 0, times 0 [ 2092.845166] CPU: 0 PID: 14775 Comm: syz-executor.3 Not tainted 5.10.183 #1 [ 2092.846615] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2092.848367] Call Trace: [ 2092.848930] dump_stack+0x107/0x167 [ 2092.849705] should_fail.cold+0x5/0xa [ 2092.850517] should_failslab+0x5/0x20 [ 2092.851352] __kmalloc_node_track_caller+0x74/0x3b0 [ 2092.852403] ? netlbl_mgmt_listdef+0xba/0x5f0 [ 2092.853353] __alloc_skb+0xb1/0x5b0 [ 2092.854129] netlbl_mgmt_listdef+0xba/0x5f0 [ 2092.855071] genl_family_rcv_msg_doit+0x22d/0x330 [ 2092.856099] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 2092.857519] ? genl_op_from_small+0x23/0x3d0 [ 2092.858451] ? genl_get_cmd+0x3cf/0x480 [ 2092.859322] genl_rcv_msg+0x33c/0x5a0 [ 2092.860137] ? genl_get_cmd+0x480/0x480 [ 2092.860995] ? netlbl_mgmt_listall_cb+0x360/0x360 [ 2092.862017] ? lock_release+0x680/0x680 [ 2092.862894] ? netlink_deliver_tap+0xf4/0xcd0 [ 2092.863849] netlink_rcv_skb+0x14b/0x430 [ 2092.864734] ? genl_get_cmd+0x480/0x480 [ 2092.865579] ? netlink_ack+0xab0/0xab0 [ 2092.866427] ? netlink_deliver_tap+0x1c4/0xcd0 [ 2092.867403] ? is_vmalloc_addr+0x7b/0xb0 [ 2092.868281] genl_rcv+0x24/0x40 [ 2092.868979] netlink_unicast+0x549/0x7f0 [ 2092.869860] ? netlink_attachskb+0x870/0x870 [ 2092.870816] ? __virt_addr_valid+0x128/0x350 [ 2092.871780] netlink_sendmsg+0x90f/0xdf0 [ 2092.872666] ? netlink_unicast+0x7f0/0x7f0 [ 2092.873595] ? netlink_unicast+0x7f0/0x7f0 [ 2092.874509] sock_sendmsg+0x154/0x190 [ 2092.875343] ____sys_sendmsg+0x70d/0x870 [ 2092.876222] ? kernel_sendmsg+0x50/0x50 [ 2092.877078] ? do_recvmmsg+0x6d0/0x6d0 [ 2092.877928] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2092.879054] ? lock_downgrade+0x6d0/0x6d0 [ 2092.879970] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2092.881111] ? SOFTIRQ_verbose+0x10/0x10 [ 2092.882011] ___sys_sendmsg+0xf3/0x170 [ 2092.882880] ? sendmsg_copy_msghdr+0x160/0x160 [ 2092.883879] ? lock_downgrade+0x6d0/0x6d0 [ 2092.884780] ? find_held_lock+0x2c/0x110 [ 2092.885670] ? __fget_files+0x296/0x4c0 [ 2092.886558] ? __fget_light+0xea/0x290 [ 2092.887429] __sys_sendmsg+0xe5/0x1b0 [ 2092.888262] ? __sys_sendmsg_sock+0x40/0x40 [ 2092.889202] ? rcu_read_lock_any_held+0x75/0xa0 [ 2092.890251] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2092.891412] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2092.892531] ? trace_hardirqs_on+0x5b/0x180 [ 2092.893474] do_syscall_64+0x33/0x40 [ 2092.894285] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2092.895407] RIP: 0033:0x7f50c66fcb19 [ 2092.896219] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2092.900229] RSP: 002b:00007f50c3c72188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2092.901885] RAX: ffffffffffffffda RBX: 00007f50c680ff60 RCX: 00007f50c66fcb19 [ 2092.903444] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000005 [ 2092.904987] RBP: 00007f50c3c721d0 R08: 0000000000000000 R09: 0000000000000000 [ 2092.906540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2092.908111] R13: 00007ffc258dc20f R14: 00007f50c3c72300 R15: 0000000000022000 11:40:16 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:40:16 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) [ 2109.276084] FAULT_INJECTION: forcing a failure. [ 2109.276084] name failslab, interval 1, probability 0, space 0, times 0 [ 2109.278482] CPU: 1 PID: 14793 Comm: syz-executor.3 Not tainted 5.10.183 #1 [ 2109.279913] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2109.281618] Call Trace: [ 2109.282175] dump_stack+0x107/0x167 [ 2109.282934] should_fail.cold+0x5/0xa [ 2109.283732] ? create_object.isra.0+0x3a/0xa20 [ 2109.284677] should_failslab+0x5/0x20 [ 2109.285462] kmem_cache_alloc+0x5b/0x310 [ 2109.286314] create_object.isra.0+0x3a/0xa20 [ 2109.287246] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2109.288300] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 2109.289335] ? netlbl_mgmt_listdef+0xba/0x5f0 [ 2109.290261] __alloc_skb+0xb1/0x5b0 [ 2109.291025] netlbl_mgmt_listdef+0xba/0x5f0 [ 2109.291930] genl_family_rcv_msg_doit+0x22d/0x330 [ 2109.292924] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 2109.294286] ? genl_op_from_small+0x23/0x3d0 [ 2109.295206] ? genl_get_cmd+0x3cf/0x480 [ 2109.296039] genl_rcv_msg+0x33c/0x5a0 [ 2109.296827] ? genl_get_cmd+0x480/0x480 [ 2109.297647] ? netlbl_mgmt_listall_cb+0x360/0x360 [ 2109.298637] ? lock_release+0x680/0x680 [ 2109.299466] ? netlink_deliver_tap+0xf4/0xcd0 [ 2109.300395] netlink_rcv_skb+0x14b/0x430 [ 2109.301236] ? genl_get_cmd+0x480/0x480 [ 2109.302055] ? netlink_ack+0xab0/0xab0 [ 2109.302870] ? netlink_deliver_tap+0x1c4/0xcd0 [ 2109.303825] ? is_vmalloc_addr+0x7b/0xb0 [ 2109.304672] genl_rcv+0x24/0x40 [ 2109.305357] netlink_unicast+0x549/0x7f0 [ 2109.306203] ? netlink_attachskb+0x870/0x870 [ 2109.307115] ? __virt_addr_valid+0x128/0x350 [ 2109.308042] netlink_sendmsg+0x90f/0xdf0 [ 2109.308883] ? netlink_unicast+0x7f0/0x7f0 [ 2109.309780] ? netlink_unicast+0x7f0/0x7f0 [ 2109.310808] sock_sendmsg+0x154/0x190 [ 2109.311616] ____sys_sendmsg+0x70d/0x870 [ 2109.312772] ? kernel_sendmsg+0x50/0x50 [ 2109.313590] ? do_recvmmsg+0x6d0/0x6d0 [ 2109.314536] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2109.315629] ? lock_downgrade+0x6d0/0x6d0 [ 2109.316641] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2109.317769] ? SOFTIRQ_verbose+0x10/0x10 [ 2109.318872] ___sys_sendmsg+0xf3/0x170 [ 2109.319944] ? sendmsg_copy_msghdr+0x160/0x160 [ 2109.321009] ? lock_downgrade+0x6d0/0x6d0 [ 2109.321965] ? find_held_lock+0x2c/0x110 [ 2109.322907] ? __fget_files+0x296/0x4c0 [ 2109.323858] ? __fget_light+0xea/0x290 [ 2109.324762] __sys_sendmsg+0xe5/0x1b0 [ 2109.325636] ? __sys_sendmsg_sock+0x40/0x40 [ 2109.326622] ? rcu_read_lock_any_held+0x75/0xa0 [ 2109.327725] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2109.328926] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2109.330106] ? trace_hardirqs_on+0x5b/0x180 [ 2109.331115] do_syscall_64+0x33/0x40 [ 2109.331973] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2109.333145] RIP: 0033:0x7f50c66fcb19 [ 2109.334000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2109.338198] RSP: 002b:00007f50c3c72188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2109.339946] RAX: ffffffffffffffda RBX: 00007f50c680ff60 RCX: 00007f50c66fcb19 [ 2109.341579] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000005 [ 2109.343226] RBP: 00007f50c3c721d0 R08: 0000000000000000 R09: 0000000000000000 [ 2109.344857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2109.346486] R13: 00007ffc258dc20f R14: 00007f50c3c72300 R15: 0000000000022000 11:40:16 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0xf, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:40:16 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:40:16 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:40:16 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) (fail_nth: 13) 11:40:16 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x0, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) 11:40:16 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000004c0), r0) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000500)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @private}]}, 0x1c}}, 0x0) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r1, &(0x7f0000000380)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000340)={&(0x7f0000000180)={0x1b8, r3, 0x400, 0x70bd2b, 0x25dfdbff, {}, [@NL802154_ATTR_SEC_DEVKEY={0x18c, 0x24, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x3}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0002}}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0002}}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0302}}, @NL802154_DEVKEY_ATTR_ID={0x64, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x20, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xfffe}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0302}}]}, @NL802154_KEY_ID_ATTR_IMPLICIT={0xc, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x3}]}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x2}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x1}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0xc3d}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x10, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0302}}]}]}, @NL802154_DEVKEY_ATTR_ID={0x58, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x4c, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x2}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x1}, @NL802154_DEV_ADDR_ATTR_MODE={0x8}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x2}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0xffff}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x2}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x1}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x3}]}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x4}]}, @NL802154_DEVKEY_ATTR_ID={0x70, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x4c, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x1}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0102}}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa1}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0002}}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0xffff}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xffff}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa3}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa0}]}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x2}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x4}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x2}]}, @NL802154_DEVKEY_ATTR_ID={0x24, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x1}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x2}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x2}, @NL802154_KEY_ID_ATTR_MODE={0x8}]}, @NL802154_DEVKEY_ATTR_ID={0xc, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x2}]}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}]}, 0x1b8}, 0x1, 0x0, 0x0, 0x8044}, 0x240400d4) r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x0) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0) r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x22902, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) copy_file_range(r4, 0x0, r5, 0x0, 0xa1, 0x0) 11:40:16 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 11:40:16 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:40:16 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) (fail_nth: 14) 11:40:16 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x14, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:40:16 executing program 0: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x22f82, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x8000000000000, 0xffffffffffffffff, 0x0) copy_file_range(r0, 0x0, r1, 0x0, 0xa1, 0x0) [ 2109.619986] FAULT_INJECTION: forcing a failure. [ 2109.619986] name failslab, interval 1, probability 0, space 0, times 0 [ 2109.622428] CPU: 0 PID: 14814 Comm: syz-executor.3 Not tainted 5.10.183 #1 [ 2109.623904] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2109.625649] Call Trace: [ 2109.626287] dump_stack+0x107/0x167 [ 2109.627080] should_fail.cold+0x5/0xa [ 2109.627889] ? __alloc_skb+0x6d/0x5b0 [ 2109.628695] should_failslab+0x5/0x20 [ 2109.629501] kmem_cache_alloc_node+0x55/0x330 [ 2109.630455] __alloc_skb+0x6d/0x5b0 [ 2109.631254] netlink_ack+0x1ed/0xab0 [ 2109.632054] ? netlbl_mgmt_listall_cb+0x360/0x360 [ 2109.633074] ? netlink_sendmsg+0xdf0/0xdf0 [ 2109.633970] ? lock_release+0x680/0x680 [ 2109.634813] ? netlink_deliver_tap+0xf4/0xcd0 [ 2109.635785] netlink_rcv_skb+0x348/0x430 [ 2109.636648] ? genl_get_cmd+0x480/0x480 [ 2109.637491] ? netlink_ack+0xab0/0xab0 [ 2109.638329] ? netlink_deliver_tap+0x1c4/0xcd0 [ 2109.639328] ? is_vmalloc_addr+0x7b/0xb0 [ 2109.640200] genl_rcv+0x24/0x40 [ 2109.640904] netlink_unicast+0x549/0x7f0 [ 2109.641772] ? netlink_attachskb+0x870/0x870 [ 2109.642708] ? __virt_addr_valid+0x128/0x350 [ 2109.643667] netlink_sendmsg+0x90f/0xdf0 [ 2109.644537] ? netlink_unicast+0x7f0/0x7f0 [ 2109.645446] ? netlink_unicast+0x7f0/0x7f0 [ 2109.646343] sock_sendmsg+0x154/0x190 [ 2109.647191] ____sys_sendmsg+0x70d/0x870 [ 2109.648059] ? kernel_sendmsg+0x50/0x50 [ 2109.648930] ? do_recvmmsg+0x6d0/0x6d0 [ 2109.649785] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2109.650942] ? lock_downgrade+0x6d0/0x6d0 [ 2109.651861] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2109.653012] ? SOFTIRQ_verbose+0x10/0x10 [ 2109.653903] ___sys_sendmsg+0xf3/0x170 [ 2109.654753] ? sendmsg_copy_msghdr+0x160/0x160 [ 2109.655782] ? lock_downgrade+0x6d0/0x6d0 [ 2109.656698] ? find_held_lock+0x2c/0x110 [ 2109.657598] ? __fget_files+0x296/0x4c0 [ 2109.658493] ? __fget_light+0xea/0x290 [ 2109.659367] __sys_sendmsg+0xe5/0x1b0 [ 2109.660208] ? __sys_sendmsg_sock+0x40/0x40 [ 2109.661157] ? rcu_read_lock_any_held+0x75/0xa0 [ 2109.662194] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2109.663366] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2109.664498] ? trace_hardirqs_on+0x5b/0x180 [ 2109.665448] do_syscall_64+0x33/0x40 [ 2109.666271] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2109.667415] RIP: 0033:0x7f50c66fcb19 [ 2109.668229] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2109.672159] RSP: 002b:00007f50c3c72188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2109.673731] RAX: ffffffffffffffda RBX: 00007f50c680ff60 RCX: 00007f50c66fcb19 [ 2109.675196] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000005 [ 2109.676634] RBP: 00007f50c3c721d0 R08: 0000000000000000 R09: 0000000000000000 [ 2109.678079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2109.679523] R13: 00007ffc258dc20f R14: 00007f50c3c72300 R15: 0000000000022000 11:40:16 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:40:16 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 11:40:16 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0xc0, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:40:30 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:40:30 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0xec0, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:40:30 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:40:30 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) pwritev(0xffffffffffffffff, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x19f) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000040)) openat(r3, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:40:30 executing program 0: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x0) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0) ioctl$CDROMRESET(r0, 0x5312) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x22902, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x100000001}, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0xfffc, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) copy_file_range(r0, 0x0, r1, 0x0, 0xa1, 0x0) ioctl$BTRFS_IOC_QGROUP_CREATE(r1, 0x4010942a, &(0x7f0000000100)={0x0, 0x9}) 11:40:30 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) 11:40:30 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) (fail_nth: 15) 11:40:30 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 11:40:30 executing program 0: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x0) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0) setsockopt$SO_BINDTODEVICE_wg(r0, 0x1, 0x19, &(0x7f0000000240)='wg2\x00', 0x4) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x22902, 0x0) r2 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)={0x10040, 0x120, 0x10}, 0x18) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) openat$incfs(r3, &(0x7f00000002c0)='.pending_reads\x00', 0x80000, 0x1) r4 = pidfd_getfd(r0, r2, 0x0) ioctl$BTRFS_IOC_DEFRAG_RANGE(r1, 0x40309410, &(0x7f0000000280)={0xe37, 0x800, 0x1, 0x101, 0x2, [0xfffffffd, 0xe97, 0x8, 0x4]}) setns(r4, 0x20000000) ioctl$INCFS_IOC_FILL_BLOCKS(r2, 0x80106720, &(0x7f0000000180)={0x0, 0xffffffffffffffff}) r5 = perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x1ff, 0x5ad8}, 0x0, 0xd3}, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x1d, &(0x7f00000001c0), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000040)=0x0) r8 = syz_open_dev$tty1(0xc, 0x4, 0x1) syz_io_uring_submit(r6, r7, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd=r8, 0x0, 0x0, 0x0, 0x3}, 0x0) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r6, 0x0, &(0x7f0000000040)=@IORING_OP_CLOSE={0x13, 0x2fe83f3db2b5c217, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r9}}, 0x8) copy_file_range(r0, 0x0, r1, 0x0, 0xa1, 0x0) [ 2123.883969] FAULT_INJECTION: forcing a failure. [ 2123.883969] name failslab, interval 1, probability 0, space 0, times 0 [ 2123.885469] CPU: 0 PID: 14846 Comm: syz-executor.3 Not tainted 5.10.183 #1 [ 2123.886373] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2123.887472] Call Trace: [ 2123.887825] dump_stack+0x107/0x167 [ 2123.888316] should_fail.cold+0x5/0xa [ 2123.888853] ? create_object.isra.0+0x3a/0xa20 [ 2123.889488] should_failslab+0x5/0x20 [ 2123.889987] kmem_cache_alloc+0x5b/0x310 [ 2123.890519] create_object.isra.0+0x3a/0xa20 [ 2123.891092] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2123.891781] kmem_cache_alloc_node+0x169/0x330 [ 2123.892372] __alloc_skb+0x6d/0x5b0 [ 2123.892853] netlink_ack+0x1ed/0xab0 [ 2123.893345] ? netlbl_mgmt_listall_cb+0x360/0x360 [ 2123.893972] ? netlink_sendmsg+0xdf0/0xdf0 [ 2123.894518] ? lock_release+0x680/0x680 [ 2123.895048] ? netlink_deliver_tap+0xf4/0xcd0 [ 2123.895622] netlink_rcv_skb+0x348/0x430 [ 2123.896164] ? genl_get_cmd+0x480/0x480 [ 2123.896689] ? netlink_ack+0xab0/0xab0 [ 2123.897205] ? netlink_deliver_tap+0x1c4/0xcd0 [ 2123.897797] ? is_vmalloc_addr+0x7b/0xb0 [ 2123.898339] genl_rcv+0x24/0x40 [ 2123.898769] netlink_unicast+0x549/0x7f0 [ 2123.899315] ? netlink_attachskb+0x870/0x870 [ 2123.899892] ? __virt_addr_valid+0x128/0x350 [ 2123.900470] netlink_sendmsg+0x90f/0xdf0 [ 2123.901014] ? netlink_unicast+0x7f0/0x7f0 [ 2123.901576] ? netlink_unicast+0x7f0/0x7f0 [ 2123.902130] sock_sendmsg+0x154/0x190 [ 2123.902623] ____sys_sendmsg+0x70d/0x870 [ 2123.903148] ? kernel_sendmsg+0x50/0x50 [ 2123.903680] ? do_recvmmsg+0x6d0/0x6d0 [ 2123.904189] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2123.904874] ? lock_downgrade+0x6d0/0x6d0 [ 2123.905423] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2123.906105] ? SOFTIRQ_verbose+0x10/0x10 [ 2123.906634] ___sys_sendmsg+0xf3/0x170 [ 2123.907139] ? sendmsg_copy_msghdr+0x160/0x160 [ 2123.907749] ? lock_downgrade+0x6d0/0x6d0 [ 2123.908301] ? find_held_lock+0x2c/0x110 [ 2123.908841] ? __fget_files+0x296/0x4c0 [ 2123.909368] ? __fget_light+0xea/0x290 [ 2123.909885] __sys_sendmsg+0xe5/0x1b0 [ 2123.910376] ? __sys_sendmsg_sock+0x40/0x40 [ 2123.910933] ? rcu_read_lock_any_held+0x75/0xa0 [ 2123.911566] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2123.912252] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2123.912923] ? trace_hardirqs_on+0x5b/0x180 [ 2123.913488] do_syscall_64+0x33/0x40 [ 2123.913972] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2123.914648] RIP: 0033:0x7f50c66fcb19 [ 2123.915139] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2123.917538] RSP: 002b:00007f50c3c72188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2123.918488] RAX: ffffffffffffffda RBX: 00007f50c680ff60 RCX: 00007f50c66fcb19 [ 2123.919439] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000005 [ 2123.920374] RBP: 00007f50c3c721d0 R08: 0000000000000000 R09: 0000000000000000 [ 2123.921253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2123.922173] R13: 00007ffc258dc20f R14: 00007f50c3c72300 R15: 0000000000022000 11:40:30 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, 0x0, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:40:30 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 1) 11:40:30 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x33fe0, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) [ 2124.020108] FAULT_INJECTION: forcing a failure. [ 2124.020108] name failslab, interval 1, probability 0, space 0, times 0 [ 2124.023884] CPU: 1 PID: 14852 Comm: syz-executor.1 Not tainted 5.10.183 #1 [ 2124.025401] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2124.027066] Call Trace: [ 2124.027694] dump_stack+0x107/0x167 [ 2124.028521] should_fail.cold+0x5/0xa [ 2124.029298] should_failslab+0x5/0x20 [ 2124.030065] kmem_cache_alloc_bulk+0x4b/0x320 [ 2124.030975] io_submit_sqes+0x6f76/0x85c0 [ 2124.031856] ? percpu_ref_tryget_many+0x166/0x2d0 [ 2124.032851] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2124.033850] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2124.034868] ? lock_downgrade+0x6d0/0x6d0 [ 2124.035717] ? find_held_lock+0x2c/0x110 [ 2124.036645] ? io_submit_sqes+0x85c0/0x85c0 [ 2124.037623] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2124.038855] ? wait_for_completion_io+0x270/0x270 [ 2124.040097] ? rcu_read_lock_any_held+0x75/0xa0 [ 2124.041239] ? vfs_write+0x354/0xa70 [ 2124.042033] ? fput_many+0x2f/0x1a0 [ 2124.042829] ? ksys_write+0x1a9/0x260 [ 2124.043622] ? __ia32_sys_read+0xb0/0xb0 [ 2124.044445] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2124.045512] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2124.046579] do_syscall_64+0x33/0x40 [ 2124.047445] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2124.048475] RIP: 0033:0x7fbb4dc35b19 11:40:31 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 1) [ 2124.049230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2124.053001] RSP: 002b:00007fbb4b1ab188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2124.054529] RAX: ffffffffffffffda RBX: 00007fbb4dd48f60 RCX: 00007fbb4dc35b19 [ 2124.055978] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2124.057415] RBP: 00007fbb4b1ab1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2124.058853] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2124.060292] R13: 00007ffdf3d18eef R14: 00007fbb4b1ab300 R15: 0000000000022000 11:40:31 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) (fail_nth: 16) [ 2124.116073] FAULT_INJECTION: forcing a failure. [ 2124.116073] name failslab, interval 1, probability 0, space 0, times 0 [ 2124.118698] CPU: 1 PID: 14859 Comm: syz-executor.3 Not tainted 5.10.183 #1 [ 2124.120317] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2124.122039] Call Trace: [ 2124.122634] dump_stack+0x107/0x167 [ 2124.123438] should_fail.cold+0x5/0xa 11:40:31 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x2000029c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) [ 2124.124217] should_failslab+0x5/0x20 [ 2124.125068] __kmalloc_node_track_caller+0x74/0x3b0 [ 2124.126074] ? netlink_ack+0x1ed/0xab0 [ 2124.126874] __alloc_skb+0xb1/0x5b0 [ 2124.127777] netlink_ack+0x1ed/0xab0 [ 2124.128620] ? netlbl_mgmt_listall_cb+0x360/0x360 [ 2124.129723] ? netlink_sendmsg+0xdf0/0xdf0 [ 2124.130663] ? lock_release+0x680/0x680 [ 2124.131630] netlink_rcv_skb+0x348/0x430 [ 2124.132585] ? genl_get_cmd+0x480/0x480 [ 2124.133451] ? netlink_ack+0xab0/0xab0 [ 2124.134364] ? netlink_deliver_tap+0x1c4/0xcd0 [ 2124.135399] ? is_vmalloc_addr+0x7b/0xb0 [ 2124.136319] genl_rcv+0x24/0x40 [ 2124.136995] netlink_unicast+0x549/0x7f0 [ 2124.137998] ? netlink_attachskb+0x870/0x870 [ 2124.138995] ? __virt_addr_valid+0x128/0x350 [ 2124.140111] netlink_sendmsg+0x90f/0xdf0 [ 2124.141169] ? netlink_unicast+0x7f0/0x7f0 [ 2124.142393] ? netlink_unicast+0x7f0/0x7f0 [ 2124.143636] sock_sendmsg+0x154/0x190 [ 2124.144435] ____sys_sendmsg+0x70d/0x870 [ 2124.145339] ? kernel_sendmsg+0x50/0x50 [ 2124.146154] ? do_recvmmsg+0x6d0/0x6d0 [ 2124.146957] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2124.148057] ? lock_downgrade+0x6d0/0x6d0 [ 2124.148996] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2124.150067] ? SOFTIRQ_verbose+0x10/0x10 [ 2124.150907] ___sys_sendmsg+0xf3/0x170 [ 2124.151736] ? sendmsg_copy_msghdr+0x160/0x160 [ 2124.152788] ? lock_downgrade+0x6d0/0x6d0 [ 2124.153804] ? find_held_lock+0x2c/0x110 [ 2124.154720] ? __fget_files+0x296/0x4c0 [ 2124.155631] ? __fget_light+0xea/0x290 [ 2124.156432] __sys_sendmsg+0xe5/0x1b0 [ 2124.157267] ? __sys_sendmsg_sock+0x40/0x40 [ 2124.158208] ? rcu_read_lock_any_held+0x75/0xa0 [ 2124.159173] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2124.160400] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2124.161512] ? trace_hardirqs_on+0x5b/0x180 [ 2124.162449] do_syscall_64+0x33/0x40 [ 2124.163270] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2124.164435] RIP: 0033:0x7f50c66fcb19 [ 2124.165236] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2124.169126] RSP: 002b:00007f50c3c72188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2124.170736] RAX: ffffffffffffffda RBX: 00007f50c680ff60 RCX: 00007f50c66fcb19 [ 2124.172198] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000005 [ 2124.173721] RBP: 00007f50c3c721d0 R08: 0000000000000000 R09: 0000000000000000 [ 2124.175240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2124.176839] R13: 00007ffc258dc20f R14: 00007f50c3c72300 R15: 0000000000022000 11:40:31 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, 0x0, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:40:31 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) (fail_nth: 17) [ 2124.314249] FAULT_INJECTION: forcing a failure. [ 2124.314249] name failslab, interval 1, probability 0, space 0, times 0 [ 2124.316958] CPU: 1 PID: 14863 Comm: syz-executor.0 Not tainted 5.10.183 #1 [ 2124.318336] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2124.320018] Call Trace: [ 2124.320560] dump_stack+0x107/0x167 [ 2124.321296] should_fail.cold+0x5/0xa [ 2124.322082] should_failslab+0x5/0x20 [ 2124.322889] kmem_cache_alloc_bulk+0x4b/0x320 [ 2124.323819] io_submit_sqes+0x6f76/0x85c0 [ 2124.324668] ? percpu_ref_tryget_many+0x166/0x2d0 [ 2124.325697] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2124.326715] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2124.327742] ? lock_downgrade+0x6d0/0x6d0 [ 2124.328585] ? find_held_lock+0x2c/0x110 [ 2124.329446] ? io_submit_sqes+0x85c0/0x85c0 [ 2124.330336] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2124.331340] ? wait_for_completion_io+0x270/0x270 [ 2124.332343] ? rcu_read_lock_any_held+0x75/0xa0 [ 2124.333296] ? vfs_write+0x354/0xa70 [ 2124.334094] ? fput_many+0x2f/0x1a0 [ 2124.334845] ? ksys_write+0x1a9/0x260 [ 2124.335647] ? __ia32_sys_read+0xb0/0xb0 [ 2124.336483] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2124.337551] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2124.338634] do_syscall_64+0x33/0x40 [ 2124.339416] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2124.340464] RIP: 0033:0x7fa0a6739b19 [ 2124.341223] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2124.345173] RSP: 002b:00007fa0a3caf188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2124.347110] RAX: ffffffffffffffda RBX: 00007fa0a684cf60 RCX: 00007fa0a6739b19 [ 2124.348797] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2124.350297] RBP: 00007fa0a3caf1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2124.351780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2124.353247] R13: 00007ffd62120f9f R14: 00007fa0a3caf300 R15: 0000000000022000 11:40:31 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x7ffff000, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) [ 2124.372371] FAULT_INJECTION: forcing a failure. [ 2124.372371] name failslab, interval 1, probability 0, space 0, times 0 [ 2124.374883] CPU: 0 PID: 14868 Comm: syz-executor.3 Not tainted 5.10.183 #1 [ 2124.376416] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2124.378139] Call Trace: [ 2124.378692] dump_stack+0x107/0x167 [ 2124.379467] should_fail.cold+0x5/0xa [ 2124.380244] ? create_object.isra.0+0x3a/0xa20 [ 2124.381175] should_failslab+0x5/0x20 [ 2124.381936] kmem_cache_alloc+0x5b/0x310 [ 2124.382756] create_object.isra.0+0x3a/0xa20 [ 2124.383658] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2124.384693] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 2124.385717] ? netlink_ack+0x1ed/0xab0 [ 2124.386506] __alloc_skb+0xb1/0x5b0 [ 2124.387259] netlink_ack+0x1ed/0xab0 [ 2124.388015] ? netlbl_mgmt_listall_cb+0x360/0x360 [ 2124.388988] ? netlink_sendmsg+0xdf0/0xdf0 [ 2124.389855] ? lock_release+0x680/0x680 [ 2124.390649] ? netlink_deliver_tap+0xf4/0xcd0 [ 2124.391585] netlink_rcv_skb+0x348/0x430 [ 2124.392413] ? genl_get_cmd+0x480/0x480 [ 2124.393220] ? netlink_ack+0xab0/0xab0 [ 2124.394030] ? netlink_deliver_tap+0x1c4/0xcd0 [ 2124.394946] ? is_vmalloc_addr+0x7b/0xb0 [ 2124.395794] genl_rcv+0x24/0x40 [ 2124.396465] netlink_unicast+0x549/0x7f0 [ 2124.397299] ? netlink_attachskb+0x870/0x870 [ 2124.398186] ? __virt_addr_valid+0x128/0x350 [ 2124.399082] netlink_sendmsg+0x90f/0xdf0 [ 2124.399928] ? netlink_unicast+0x7f0/0x7f0 [ 2124.400799] ? netlink_unicast+0x7f0/0x7f0 [ 2124.401663] sock_sendmsg+0x154/0x190 [ 2124.402425] ____sys_sendmsg+0x70d/0x870 [ 2124.403255] ? kernel_sendmsg+0x50/0x50 [ 2124.404054] ? do_recvmmsg+0x6d0/0x6d0 [ 2124.404842] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2124.405892] ? lock_downgrade+0x6d0/0x6d0 [ 2124.406736] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2124.407799] ? SOFTIRQ_verbose+0x10/0x10 [ 2124.408622] ___sys_sendmsg+0xf3/0x170 [ 2124.409412] ? sendmsg_copy_msghdr+0x160/0x160 [ 2124.410353] ? lock_downgrade+0x6d0/0x6d0 [ 2124.411186] ? find_held_lock+0x2c/0x110 [ 2124.412029] ? __fget_files+0x296/0x4c0 [ 2124.412860] ? __fget_light+0xea/0x290 [ 2124.413654] __sys_sendmsg+0xe5/0x1b0 [ 2124.414420] ? __sys_sendmsg_sock+0x40/0x40 [ 2124.415314] ? rcu_read_lock_any_held+0x75/0xa0 [ 2124.416277] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2124.417335] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2124.418381] ? trace_hardirqs_on+0x5b/0x180 [ 2124.419264] do_syscall_64+0x33/0x40 [ 2124.420021] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2124.421047] RIP: 0033:0x7f50c66fcb19 [ 2124.421820] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2124.425512] RSP: 002b:00007f50c3c72188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2124.427037] RAX: ffffffffffffffda RBX: 00007f50c680ff60 RCX: 00007f50c66fcb19 [ 2124.428481] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000005 [ 2124.429909] RBP: 00007f50c3c721d0 R08: 0000000000000000 R09: 0000000000000000 [ 2124.431351] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2124.432776] R13: 00007ffc258dc20f R14: 00007f50c3c72300 R15: 0000000000022000 11:40:45 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) pwritev(0xffffffffffffffff, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x19f) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000040)) openat(r3, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:40:45 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) pwritev(0xffffffffffffffff, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x19f) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000040)) openat(r3, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:40:45 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, 0x0, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:40:45 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0xfffffdef, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:40:45 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) (fail_nth: 18) 11:40:45 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 2) 11:40:45 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) 11:40:45 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 2) [ 2138.326217] FAULT_INJECTION: forcing a failure. [ 2138.326217] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2138.327556] CPU: 0 PID: 14884 Comm: syz-executor.3 Not tainted 5.10.183 #1 [ 2138.328328] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2138.329235] Call Trace: [ 2138.329530] dump_stack+0x107/0x167 [ 2138.329931] should_fail.cold+0x5/0xa [ 2138.330359] _copy_to_user+0x2e/0x180 [ 2138.330783] simple_read_from_buffer+0xcc/0x160 [ 2138.331301] proc_fail_nth_read+0x198/0x230 [ 2138.331787] ? proc_sessionid_read+0x230/0x230 [ 2138.332293] ? security_file_permission+0x24e/0x570 [ 2138.332894] ? perf_trace_initcall_start+0x101/0x380 [ 2138.333483] ? proc_sessionid_read+0x230/0x230 [ 2138.333981] vfs_read+0x228/0x580 [ 2138.334371] ksys_read+0x12d/0x260 [ 2138.334767] ? vfs_write+0xa70/0xa70 [ 2138.335216] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2138.335796] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2138.336410] do_syscall_64+0x33/0x40 [ 2138.336848] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2138.337446] RIP: 0033:0x7f50c66af69c [ 2138.337892] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 2138.340088] RSP: 002b:00007f50c3c72170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2138.340978] RAX: ffffffffffffffda RBX: 000000000000001c RCX: 00007f50c66af69c [ 2138.341809] RDX: 000000000000000f RSI: 00007f50c3c721e0 RDI: 0000000000000003 [ 2138.341922] FAULT_INJECTION: forcing a failure. [ 2138.341922] name failslab, interval 1, probability 0, space 0, times 0 [ 2138.342640] RBP: 00007f50c3c721d0 R08: 0000000000000000 R09: 0000000000000000 [ 2138.342646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2138.342652] R13: 00007ffc258dc20f R14: 00007f50c3c72300 R15: 0000000000022000 [ 2138.350899] CPU: 1 PID: 14893 Comm: syz-executor.0 Not tainted 5.10.183 #1 [ 2138.352531] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2138.354411] Call Trace: [ 2138.355040] dump_stack+0x107/0x167 [ 2138.355895] should_fail.cold+0x5/0xa [ 2138.356731] ? create_object.isra.0+0x3a/0xa20 [ 2138.357830] should_failslab+0x5/0x20 [ 2138.358664] kmem_cache_alloc+0x5b/0x310 [ 2138.359588] create_object.isra.0+0x3a/0xa20 [ 2138.360603] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2138.361825] kmem_cache_alloc_bulk+0x168/0x320 [ 2138.362905] io_submit_sqes+0x6f76/0x85c0 [ 2138.363861] ? percpu_ref_tryget_many+0x166/0x2d0 11:40:45 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2138.365057] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2138.366150] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2138.367257] ? lock_downgrade+0x6d0/0x6d0 [ 2138.368190] ? find_held_lock+0x2c/0x110 [ 2138.369090] ? io_submit_sqes+0x85c0/0x85c0 [ 2138.370112] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2138.371200] ? wait_for_completion_io+0x270/0x270 [ 2138.372350] ? rcu_read_lock_any_held+0x75/0xa0 [ 2138.373353] ? vfs_write+0x354/0xa70 [ 2138.374161] ? fput_many+0x2f/0x1a0 [ 2138.374949] ? ksys_write+0x1a9/0x260 [ 2138.375780] ? __ia32_sys_read+0xb0/0xb0 [ 2138.376664] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2138.377796] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2138.378911] do_syscall_64+0x33/0x40 [ 2138.379736] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2138.380844] RIP: 0033:0x7fa0a6739b19 [ 2138.381699] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2138.385762] RSP: 002b:00007fa0a3caf188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2138.387417] RAX: ffffffffffffffda RBX: 00007fa0a684cf60 RCX: 00007fa0a6739b19 [ 2138.389093] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2138.390711] RBP: 00007fa0a3caf1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2138.392255] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2138.393870] R13: 00007ffd62120f9f R14: 00007fa0a3caf300 R15: 0000000000022000 11:40:45 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) [ 2138.466889] FAULT_INJECTION: forcing a failure. [ 2138.466889] name failslab, interval 1, probability 0, space 0, times 0 [ 2138.469393] CPU: 1 PID: 14892 Comm: syz-executor.1 Not tainted 5.10.183 #1 11:40:45 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 3) [ 2138.470872] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2138.472931] Call Trace: [ 2138.473599] dump_stack+0x107/0x167 [ 2138.474385] should_fail.cold+0x5/0xa [ 2138.475213] ? create_object.isra.0+0x3a/0xa20 [ 2138.476213] should_failslab+0x5/0x20 [ 2138.477142] kmem_cache_alloc+0x5b/0x310 [ 2138.478093] create_object.isra.0+0x3a/0xa20 [ 2138.479052] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2138.480358] kmem_cache_alloc_bulk+0x168/0x320 [ 2138.481445] io_submit_sqes+0x6f76/0x85c0 [ 2138.482401] ? percpu_ref_tryget_many+0x166/0x2d0 [ 2138.483536] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2138.484690] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2138.485850] ? io_submit_sqes+0x85c0/0x85c0 [ 2138.486796] ? recalibrate_cpu_khz+0x10/0x10 [ 2138.487838] ? ktime_get+0x158/0x1f0 [ 2138.488645] ? setup_APIC_eilvt+0x2f0/0x2f0 [ 2138.489604] ? clockevents_program_event+0x131/0x360 [ 2138.490722] ? tick_program_event+0xa8/0x140 [ 2138.491701] ? hrtimer_interrupt+0x771/0x9b0 [ 2138.492711] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2138.493892] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2138.495062] do_syscall_64+0x33/0x40 [ 2138.495880] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2138.496976] RIP: 0033:0x7fbb4dc35b19 [ 2138.497808] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2138.501955] RSP: 002b:00007fbb4b1ab188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2138.503664] RAX: ffffffffffffffda RBX: 00007fbb4dd48f60 RCX: 00007fbb4dc35b19 [ 2138.505227] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2138.506752] RBP: 00007fbb4b1ab1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2138.508400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2138.509973] R13: 00007ffdf3d18eef R14: 00007fbb4b1ab300 R15: 0000000000022000 11:40:45 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x2, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:40:45 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:40:45 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:40:45 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x3, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) [ 2138.715618] FAULT_INJECTION: forcing a failure. [ 2138.715618] name failslab, interval 1, probability 0, space 0, times 0 [ 2138.716919] CPU: 0 PID: 14911 Comm: syz-executor.0 Not tainted 5.10.183 #1 [ 2138.717653] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2138.718551] Call Trace: [ 2138.718843] dump_stack+0x107/0x167 [ 2138.719241] should_fail.cold+0x5/0xa [ 2138.719667] ? create_object.isra.0+0x3a/0xa20 [ 2138.720158] should_failslab+0x5/0x20 [ 2138.720566] kmem_cache_alloc+0x5b/0x310 [ 2138.720998] ? mark_held_locks+0x9e/0xe0 [ 2138.721436] create_object.isra.0+0x3a/0xa20 [ 2138.721916] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2138.722464] kmem_cache_alloc_bulk+0x168/0x320 [ 2138.722976] io_submit_sqes+0x6f76/0x85c0 [ 2138.723509] ? percpu_ref_tryget_many+0x166/0x2d0 [ 2138.724042] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2138.724574] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2138.725099] ? lock_downgrade+0x6d0/0x6d0 [ 2138.725555] ? find_held_lock+0x2c/0x110 [ 2138.725996] ? io_submit_sqes+0x85c0/0x85c0 [ 2138.726484] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2138.727002] ? wait_for_completion_io+0x270/0x270 [ 2138.727533] ? rcu_read_lock_any_held+0x75/0xa0 [ 2138.728045] ? vfs_write+0x354/0xa70 [ 2138.728463] ? fput_many+0x2f/0x1a0 [ 2138.728854] ? ksys_write+0x1a9/0x260 [ 2138.729265] ? __ia32_sys_read+0xb0/0xb0 [ 2138.729716] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2138.730288] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2138.730841] do_syscall_64+0x33/0x40 [ 2138.731248] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2138.731827] RIP: 0033:0x7fa0a6739b19 [ 2138.732229] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2138.734199] RSP: 002b:00007fa0a3caf188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2138.735022] RAX: ffffffffffffffda RBX: 00007fa0a684cf60 RCX: 00007fa0a6739b19 [ 2138.735790] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2138.736551] RBP: 00007fa0a3caf1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2138.737316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2138.738076] R13: 00007ffd62120f9f R14: 00007fa0a3caf300 R15: 0000000000022000 11:40:45 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:41:01 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 3) 11:41:01 executing program 2: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 11:41:01 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) 11:41:01 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x2, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:41:01 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x6, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:41:01 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) pwritev(0xffffffffffffffff, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x19f) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000040)) openat(r3, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:41:01 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:41:01 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 4) 11:41:01 executing program 2: r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) read(r0, &(0x7f0000000340)=""/148, 0x94) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="2c000000260001010000000000000000000000001800008008000000", @ANYRES32=0x0, @ANYBLOB='\x00'/12], 0x2c}, 0x1, 0x0, 0x0, 0xa0}, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000000)='./file0\x00', 0x0) flock(r2, 0x8) fallocate(r2, 0x5, 0x7fffffff, 0x6) syz_io_uring_setup(0x57e6, &(0x7f0000000040)={0x0, 0x35a2, 0x8, 0x2, 0x3b7, 0x0, r2}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000440), &(0x7f0000000480)) syz_io_uring_submit(0x0, 0x0, 0x0, 0x9) sendmsg$NL80211_CMD_PEER_MEASUREMENT_START(0xffffffffffffffff, 0x0, 0x0) r3 = socket$inet6(0xa, 0x3, 0x7fffffff) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r2, 0xc0189372, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x3ff}}, './file0\x00'}) io_uring_enter(r4, 0x3a37, 0x29d1, 0x2, &(0x7f00000001c0)={[0x9]}, 0x8) setsockopt(r3, 0x20, 0x5, &(0x7f0000000280)="b7165d29a30a5c6bc43d99922c1a145e52fc464d31cc58a29568fb26732195b49df3b0409e1d341ba609339ce8540439aea7795549807e49c598d2d28a84831cb7135770909f16c0358502bf575570adea6a890c9d57bee1cd0e3ced191bebc51bfa1dd9774b44b083e7f6468311c579624a3b5a6314693a47013041169ac573a7c28bd02db9e09e936b943ea172e15202fa", 0x92) setsockopt$inet6_mreq(r3, 0x29, 0x1c, &(0x7f0000000140)={@loopback}, 0x14) [ 2154.591231] FAULT_INJECTION: forcing a failure. [ 2154.591231] name failslab, interval 1, probability 0, space 0, times 0 [ 2154.593989] CPU: 0 PID: 14929 Comm: syz-executor.0 Not tainted 5.10.183 #1 [ 2154.595464] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2154.597142] Call Trace: [ 2154.597685] dump_stack+0x107/0x167 [ 2154.598424] should_fail.cold+0x5/0xa [ 2154.599201] ? create_object.isra.0+0x3a/0xa20 [ 2154.600134] should_failslab+0x5/0x20 [ 2154.600904] kmem_cache_alloc+0x5b/0x310 [ 2154.601726] create_object.isra.0+0x3a/0xa20 [ 2154.602605] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2154.603638] kmem_cache_alloc_bulk+0x168/0x320 [ 2154.604561] io_submit_sqes+0x6f76/0x85c0 [ 2154.605411] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2154.606509] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2154.607529] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2154.608520] ? lock_downgrade+0x6d0/0x6d0 [ 2154.609375] ? find_held_lock+0x2c/0x110 [ 2154.610191] ? io_submit_sqes+0x85c0/0x85c0 [ 2154.611081] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2154.612060] ? wait_for_completion_io+0x270/0x270 [ 2154.613025] ? rcu_read_lock_any_held+0x75/0xa0 [ 2154.613958] ? vfs_write+0x354/0xa70 [ 2154.614721] ? fput_many+0x2f/0x1a0 [ 2154.615459] ? ksys_write+0x1a9/0x260 [ 2154.616249] ? __ia32_sys_read+0xb0/0xb0 [ 2154.616751] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2154.617084] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2154.619887] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2154.620935] do_syscall_64+0x33/0x40 [ 2154.621694] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2154.622730] RIP: 0033:0x7fa0a6739b19 [ 2154.623488] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2154.627227] RSP: 002b:00007fa0a3caf188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2154.628783] RAX: ffffffffffffffda RBX: 00007fa0a684cf60 RCX: 00007fa0a6739b19 [ 2154.630222] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2154.631672] RBP: 00007fa0a3caf1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2154.632852] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2154.633109] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2154.633131] R13: 00007ffd62120f9f R14: 00007fa0a3caf300 R15: 0000000000022000 [ 2154.652318] FAULT_INJECTION: forcing a failure. [ 2154.652318] name failslab, interval 1, probability 0, space 0, times 0 [ 2154.654777] CPU: 0 PID: 14934 Comm: syz-executor.1 Not tainted 5.10.183 #1 [ 2154.656185] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2154.657871] Call Trace: [ 2154.658409] dump_stack+0x107/0x167 [ 2154.659155] should_fail.cold+0x5/0xa [ 2154.659936] ? create_object.isra.0+0x3a/0xa20 [ 2154.660854] should_failslab+0x5/0x20 [ 2154.661613] kmem_cache_alloc+0x5b/0x310 [ 2154.662424] ? mark_held_locks+0x9e/0xe0 [ 2154.663235] create_object.isra.0+0x3a/0xa20 [ 2154.664132] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2154.665153] kmem_cache_alloc_bulk+0x168/0x320 [ 2154.666073] io_submit_sqes+0x6f76/0x85c0 11:41:01 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2154.666906] ? percpu_ref_tryget_many+0x166/0x2d0 [ 2154.668065] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2154.669055] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2154.670018] ? lock_downgrade+0x6d0/0x6d0 [ 2154.670839] ? find_held_lock+0x2c/0x110 [ 2154.671671] ? io_submit_sqes+0x85c0/0x85c0 [ 2154.672540] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2154.673504] ? wait_for_completion_io+0x270/0x270 [ 2154.674469] ? rcu_read_lock_any_held+0x75/0xa0 [ 2154.675392] ? vfs_write+0x354/0xa70 [ 2154.676148] ? fput_many+0x2f/0x1a0 [ 2154.676878] ? ksys_write+0x1a9/0x260 [ 2154.677635] ? __ia32_sys_read+0xb0/0xb0 [ 2154.678448] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2154.679495] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2154.680542] do_syscall_64+0x33/0x40 [ 2154.681289] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2154.682304] RIP: 0033:0x7fbb4dc35b19 [ 2154.683047] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2154.686699] RSP: 002b:00007fbb4b1ab188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa 11:41:01 executing program 2: r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x2008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000740), 0x4}, 0x0, 0x0, 0x0, 0x7, 0x4000004, 0x2, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/consoles\x00', 0x0, 0x0) connect$inet(0xffffffffffffffff, &(0x7f0000000280)={0x2, 0x0, @empty}, 0x10) ppoll(&(0x7f00000001c0)=[{0xffffffffffffffff, 0x9530}, {}, {0xffffffffffffffff, 0x18}, {r0, 0x100}, {r0, 0x8}, {0xffffffffffffffff, 0x457c}], 0x6, &(0x7f0000000240), &(0x7f0000000280)={[0x4]}, 0x8) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r3, 0x6, 0xa, &(0x7f0000000180)=0x2, 0x4) bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r4 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000500)={'nat\x00', 0x0, 0x0, 0x0, [0x10000, 0xfffffffffffffffb, 0x8000000000000000, 0xffffffffffffffc1, 0x5, 0x25fe], 0x0, &(0x7f0000000440)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}]}, 0x78) connect$inet(r4, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10) setsockopt$inet_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x4e20, @private=0xa010100}}, 0x0, 0x0, 0x4d, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8) setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000040), 0x4) sendto$inet(r4, &(0x7f00000002c0)="d7acf891ee6a7aac6b271916da3819e9fb2bea7eea6bfca846c0f40bfd563f0a7d05a4a58d66c5f6155bb1f71389bada0590e17f696af1016d13157ce47ab45503f8f908aee3169473ac4127ba97ed38940ce276bc14003a298b68078d16e09f46944586636aaf9f463bded6a8789c59c5f2bd36ba0546a1b4e5d23242ea3fbf2d4ac9ea57eb2c35195f158bffde902b71494edc48164b5b0de60da04b1f6d944937f29340e5c85165ab269eda7869f79bde9be8dcd0a29f17f687869023588787f2002b20da0d3a100d9e22f0492083ae1273fc4819d31bbc775a6af6c9390d0e898b0fd8959368715a550ecae5c7a6", 0xf0, 0x24004081, &(0x7f0000000100)={0x2, 0x8, @private=0xa010100}, 0x10) connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendfile(r3, r2, 0x0, 0x9bbb) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000780)=ANY=[@ANYBLOB="0100000001000000180000002652bd24d47a6e10f9bb3faba1cec31259bb118072e7168845a0aa6130224367f7bffb7da04affc89748dc6e5715d26240e623b7981d54d32a5fccb55761238ef4ffa971172fb808e71649d0f10975fc2378165856bfea9673292ea076a755f9b980371cc9d928ddef2b11a5b27e7816c6e37579f0e32966a71db48c0645ba4331ccf8454a6865e7b533795ad7eff5ce9c467381043744b8c380642acff8e79382dc21544911d0f89e451fae7e808dd764436a2a596387ff6e8fe737e9353faabd", @ANYRESDEC=r0, @ANYBLOB="00000000eb1b00002e2f66696c653000fa42c1c8e1ff7f0000f9448dffdca00625b3371565d16ebec91fff0f0000000000009b1a7eff", @ANYRES64, @ANYBLOB="fb2228a4029d1c1fed5df0c75f8ad796e22c983f6576448f893a4689fae90c412775623b7f15430f94a6a60d4b77902a500c1aa201a2f164f9386f8cdba25e74266cf409322741bde6", @ANYRES16=r4]) copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x200f5ef, 0x0) perf_event_open(&(0x7f00000005c0)={0x4, 0x80, 0x0, 0x3, 0x0, 0x91, 0x0, 0x12a9, 0x30808, 0x9, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x7f, 0x2, @perf_bp={&(0x7f0000000580), 0x1}, 0x10422, 0x7, 0x3, 0x8, 0x91e3, 0xfffffffa, 0x8, 0x0, 0x7, 0x0, 0x7}, 0x0, 0x3, 0xffffffffffffffff, 0x2) bind$inet6(0xffffffffffffffff, &(0x7f0000000400)={0xa, 0x4e21, 0x6, @mcast1, 0x2ad}, 0x1c) [ 2154.688218] RAX: ffffffffffffffda RBX: 00007fbb4dd48f60 RCX: 00007fbb4dc35b19 [ 2154.689737] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2154.691367] RBP: 00007fbb4b1ab1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2154.692803] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2154.694233] R13: 00007ffdf3d18eef R14: 00007fbb4b1ab300 R15: 0000000000022000 11:41:01 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x3, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:41:01 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x8, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:41:01 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 5) 11:41:01 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:41:01 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x4, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) [ 2155.025350] FAULT_INJECTION: forcing a failure. [ 2155.025350] name failslab, interval 1, probability 0, space 0, times 0 [ 2155.027859] CPU: 1 PID: 14954 Comm: syz-executor.0 Not tainted 5.10.183 #1 [ 2155.029274] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2155.030969] Call Trace: [ 2155.031519] dump_stack+0x107/0x167 [ 2155.032289] should_fail.cold+0x5/0xa [ 2155.033072] ? create_object.isra.0+0x3a/0xa20 [ 2155.034013] should_failslab+0x5/0x20 [ 2155.034795] kmem_cache_alloc+0x5b/0x310 [ 2155.035631] ? mark_held_locks+0x9e/0xe0 [ 2155.036465] create_object.isra.0+0x3a/0xa20 [ 2155.037363] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2155.038404] kmem_cache_alloc_bulk+0x168/0x320 [ 2155.039347] io_submit_sqes+0x6f76/0x85c0 [ 2155.040214] ? percpu_ref_tryget_many+0x166/0x2d0 [ 2155.041223] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2155.042238] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2155.043226] ? lock_downgrade+0x6d0/0x6d0 [ 2155.044081] ? find_held_lock+0x2c/0x110 [ 2155.044917] ? io_submit_sqes+0x85c0/0x85c0 [ 2155.045806] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2155.046794] ? wait_for_completion_io+0x270/0x270 [ 2155.047800] ? rcu_read_lock_any_held+0x75/0xa0 [ 2155.048746] ? vfs_write+0x354/0xa70 [ 2155.049511] ? fput_many+0x2f/0x1a0 [ 2155.050253] ? ksys_write+0x1a9/0x260 [ 2155.051031] ? __ia32_sys_read+0xb0/0xb0 [ 2155.051873] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2155.052941] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2155.053996] do_syscall_64+0x33/0x40 [ 2155.054757] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2155.055812] RIP: 0033:0x7fa0a6739b19 [ 2155.056574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2155.060333] RSP: 002b:00007fa0a3caf188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2155.061885] RAX: ffffffffffffffda RBX: 00007fa0a684cf60 RCX: 00007fa0a6739b19 [ 2155.063352] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2155.064818] RBP: 00007fa0a3caf1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2155.066278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2155.067746] R13: 00007ffd62120f9f R14: 00007fa0a3caf300 R15: 0000000000022000 11:41:18 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x500, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:41:18 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 6) 11:41:18 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x5, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:41:18 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:41:18 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r2, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r2, &(0x7f0000000040)='./file1\x00', 0x19f) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000040)) openat(r3, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, 0xffffffffffffffff, 0x0, 0x20d315) 11:41:18 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) 11:41:18 executing program 2: r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x2008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000740), 0x4}, 0x0, 0x0, 0x0, 0x7, 0x4000004, 0x2, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/consoles\x00', 0x0, 0x0) connect$inet(0xffffffffffffffff, &(0x7f0000000280)={0x2, 0x0, @empty}, 0x10) ppoll(&(0x7f00000001c0)=[{0xffffffffffffffff, 0x9530}, {}, {0xffffffffffffffff, 0x18}, {r0, 0x100}, {r0, 0x8}, {0xffffffffffffffff, 0x457c}], 0x6, &(0x7f0000000240), &(0x7f0000000280)={[0x4]}, 0x8) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r3, 0x6, 0xa, &(0x7f0000000180)=0x2, 0x4) bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r4 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000500)={'nat\x00', 0x0, 0x0, 0x0, [0x10000, 0xfffffffffffffffb, 0x8000000000000000, 0xffffffffffffffc1, 0x5, 0x25fe], 0x0, &(0x7f0000000440)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}]}, 0x78) connect$inet(r4, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10) setsockopt$inet_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x4e20, @private=0xa010100}}, 0x0, 0x0, 0x4d, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8) setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000040), 0x4) sendto$inet(r4, &(0x7f00000002c0)="d7acf891ee6a7aac6b271916da3819e9fb2bea7eea6bfca846c0f40bfd563f0a7d05a4a58d66c5f6155bb1f71389bada0590e17f696af1016d13157ce47ab45503f8f908aee3169473ac4127ba97ed38940ce276bc14003a298b68078d16e09f46944586636aaf9f463bded6a8789c59c5f2bd36ba0546a1b4e5d23242ea3fbf2d4ac9ea57eb2c35195f158bffde902b71494edc48164b5b0de60da04b1f6d944937f29340e5c85165ab269eda7869f79bde9be8dcd0a29f17f687869023588787f2002b20da0d3a100d9e22f0492083ae1273fc4819d31bbc775a6af6c9390d0e898b0fd8959368715a550ecae5c7a6", 0xf0, 0x24004081, &(0x7f0000000100)={0x2, 0x8, @private=0xa010100}, 0x10) connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendfile(r3, r2, 0x0, 0x9bbb) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000780)=ANY=[@ANYBLOB="0100000001000000180000002652bd24d47a6e10f9bb3faba1cec31259bb118072e7168845a0aa6130224367f7bffb7da04affc89748dc6e5715d26240e623b7981d54d32a5fccb55761238ef4ffa971172fb808e71649d0f10975fc2378165856bfea9673292ea076a755f9b980371cc9d928ddef2b11a5b27e7816c6e37579f0e32966a71db48c0645ba4331ccf8454a6865e7b533795ad7eff5ce9c467381043744b8c380642acff8e79382dc21544911d0f89e451fae7e808dd764436a2a596387ff6e8fe737e9353faabd", @ANYRESDEC=r0, @ANYBLOB="00000000eb1b00002e2f66696c653000fa42c1c8e1ff7f0000f9448dffdca00625b3371565d16ebec91fff0f0000000000009b1a7eff", @ANYRES64, @ANYBLOB="fb2228a4029d1c1fed5df0c75f8ad796e22c983f6576448f893a4689fae90c412775623b7f15430f94a6a60d4b77902a500c1aa201a2f164f9386f8cdba25e74266cf409322741bde6", @ANYRES16=r4]) copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x200f5ef, 0x0) perf_event_open(&(0x7f00000005c0)={0x4, 0x80, 0x0, 0x3, 0x0, 0x91, 0x0, 0x12a9, 0x30808, 0x9, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x7f, 0x2, @perf_bp={&(0x7f0000000580), 0x1}, 0x10422, 0x7, 0x3, 0x8, 0x91e3, 0xfffffffa, 0x8, 0x0, 0x7, 0x0, 0x7}, 0x0, 0x3, 0xffffffffffffffff, 0x2) bind$inet6(0xffffffffffffffff, &(0x7f0000000400)={0xa, 0x4e21, 0x6, @mcast1, 0x2ad}, 0x1c) 11:41:18 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2171.822029] FAULT_INJECTION: forcing a failure. [ 2171.822029] name failslab, interval 1, probability 0, space 0, times 0 [ 2171.824456] CPU: 0 PID: 14980 Comm: syz-executor.0 Not tainted 5.10.183 #1 [ 2171.825852] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2171.827531] Call Trace: [ 2171.828089] dump_stack+0x107/0x167 [ 2171.828825] should_fail.cold+0x5/0xa [ 2171.829596] ? create_object.isra.0+0x3a/0xa20 [ 2171.830515] should_failslab+0x5/0x20 [ 2171.831281] kmem_cache_alloc+0x5b/0x310 [ 2171.832122] create_object.isra.0+0x3a/0xa20 [ 2171.833006] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2171.834034] kmem_cache_alloc_bulk+0x168/0x320 [ 2171.834963] io_submit_sqes+0x6f76/0x85c0 [ 2171.835830] ? percpu_ref_tryget_many+0x166/0x2d0 [ 2171.836847] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2171.837847] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2171.838824] ? lock_downgrade+0x6d0/0x6d0 [ 2171.839655] ? find_held_lock+0x2c/0x110 [ 2171.840485] ? io_submit_sqes+0x85c0/0x85c0 [ 2171.841376] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2171.842348] ? wait_for_completion_io+0x270/0x270 [ 2171.843315] ? rcu_read_lock_any_held+0x75/0xa0 [ 2171.844255] ? vfs_write+0x354/0xa70 [ 2171.845004] ? fput_many+0x2f/0x1a0 [ 2171.845735] ? ksys_write+0x1a9/0x260 [ 2171.846493] ? __ia32_sys_read+0xb0/0xb0 [ 2171.847316] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2171.848380] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2171.849419] do_syscall_64+0x33/0x40 [ 2171.850164] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2171.851195] RIP: 0033:0x7fa0a6739b19 [ 2171.851948] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2171.855632] RSP: 002b:00007fa0a3caf188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2171.857178] RAX: ffffffffffffffda RBX: 00007fa0a684cf60 RCX: 00007fa0a6739b19 [ 2171.858611] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2171.860046] RBP: 00007fa0a3caf1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2171.861476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2171.862906] R13: 00007ffd62120f9f R14: 00007fa0a3caf300 R15: 0000000000022000 11:41:18 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:41:18 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:41:18 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) 11:41:18 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x6, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:41:18 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r2, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r2, &(0x7f0000000040)='./file1\x00', 0x19f) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000040)) openat(r3, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, 0xffffffffffffffff, 0x0, 0x20d315) 11:41:18 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:41:18 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x2, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:41:19 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 7) 11:41:19 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) pwritev(0xffffffffffffffff, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x19f) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000040)) openat(r3, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:41:19 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) 11:41:19 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x7, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:41:19 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r2, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r2, &(0x7f0000000040)='./file1\x00', 0x19f) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000040)) openat(r3, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, 0xffffffffffffffff, 0x0, 0x20d315) [ 2172.153217] FAULT_INJECTION: forcing a failure. [ 2172.153217] name failslab, interval 1, probability 0, space 0, times 0 [ 2172.155753] CPU: 1 PID: 15003 Comm: syz-executor.0 Not tainted 5.10.183 #1 [ 2172.157156] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2172.158846] Call Trace: [ 2172.159386] dump_stack+0x107/0x167 [ 2172.160171] should_fail.cold+0x5/0xa [ 2172.160950] ? create_object.isra.0+0x3a/0xa20 [ 2172.161888] should_failslab+0x5/0x20 [ 2172.162666] kmem_cache_alloc+0x5b/0x310 [ 2172.163494] ? mark_held_locks+0x9e/0xe0 [ 2172.164337] create_object.isra.0+0x3a/0xa20 [ 2172.165229] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2172.166263] kmem_cache_alloc_bulk+0x168/0x320 [ 2172.167205] io_submit_sqes+0x6f76/0x85c0 [ 2172.168054] ? percpu_ref_tryget_many+0x166/0x2d0 [ 2172.169063] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2172.170075] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2172.171061] ? lock_downgrade+0x6d0/0x6d0 [ 2172.171925] ? find_held_lock+0x2c/0x110 [ 2172.172761] ? io_submit_sqes+0x85c0/0x85c0 [ 2172.173646] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2172.174631] ? wait_for_completion_io+0x270/0x270 [ 2172.175611] ? rcu_read_lock_any_held+0x75/0xa0 [ 2172.176576] ? vfs_write+0x354/0xa70 [ 2172.177355] ? fput_many+0x2f/0x1a0 [ 2172.178098] ? ksys_write+0x1a9/0x260 [ 2172.178871] ? __ia32_sys_read+0xb0/0xb0 [ 2172.179699] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2172.180780] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2172.181836] do_syscall_64+0x33/0x40 [ 2172.182595] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2172.183630] RIP: 0033:0x7fa0a6739b19 [ 2172.184402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2172.188132] RSP: 002b:00007fa0a3caf188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2172.189686] RAX: ffffffffffffffda RBX: 00007fa0a684cf60 RCX: 00007fa0a6739b19 [ 2172.191133] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2172.192575] RBP: 00007fa0a3caf1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2172.194015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2172.195491] R13: 00007ffd62120f9f R14: 00007fa0a3caf300 R15: 0000000000022000 11:41:31 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x8, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:41:31 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x3, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:41:31 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 11:41:31 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:41:31 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) 11:41:31 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 8) 11:41:31 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:41:31 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000080)={0x0}, &(0x7f00000000c0)=0xc) sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1c0100001a0001010000000000000000ff000007050100000000000008009ed4f2a98bedf9e7f94d9628c458dd02bb5c5d9df2486ab630065adb217a62cc26d15ab1045ce99324b2bc290f13aaa1b375a91e26c2e7647f0d4d4129cf29156cafb37b67d8609b9d63f6348ad9aeaf176fa600ecebdc00ff516bc732931e94d94b06860dea939978653564f61cfdf4d594a7aae471765651af4f040012000a0059002a2923242600000008004300", @ANYRES32=0xee00, @ANYBLOB="ba4c73269591ea34f14ad506aceac7dd54d3156932a0d02341122f6cbaa54dc8b4d0b01ac37d2225ed37bacfd3e71c9180b14c5d116c85a770f26ca7d389d858870f1838e32913354496ebae790c221badd433486d34cfe813c7c7efa569409a5bf71d5701008755b8666c240f1543c8d56c3addf242adebf601e0af1c3546ab0800080037000000000000005664cf53ce81e0b6406cce733376d9008293e0a814bcca71563c377d60f865", @ANYRES32=r2, @ANYBLOB='\x00\x00\x00'], 0x11c}}, 0x0) r3 = clone3(&(0x7f0000000380)={0x100088000, &(0x7f0000000040), &(0x7f00000000c0), &(0x7f0000000100), {0x36}, &(0x7f0000000140)=""/115, 0x73, &(0x7f0000000280)=""/208, &(0x7f00000001c0)}, 0x58) connect$inet6(r1, &(0x7f00000001c0)={0xa, 0x4e24, 0x81, @private0, 0x9}, 0x1c) r4 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r5, 0x0, r4, 0x0, 0x200f5ef, 0x0) kcmp(r2, r3, 0x3, r5, 0xffffffffffffffff) connect$inet6(r1, &(0x7f0000000200)={0xa, 0x4e23, 0x80000000, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xdc8b}, 0x1c) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffff9c, 0x40106614, &(0x7f0000000400)) r6 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000740)=ANY=[@ANYBLOB="144aba62954cef3b947c0000001800030d80008000523f55725d000057faec6d99f61e0e69ecd5e7062f1ef48343e89bb23dd1990170a1155fbccc65778e79548306e9515de6152c1cd70ae38f1b2c9aee5dda6dc6c654774317eaa30e8953f7dfd430be78b83546b637f2a614c5b25993f009c36918caa3cae4a263b40eb974cfad6ff494ce4c6a42b4d2bed41aaaca6f94e70c9e04ae864f1d4a8d226b960ff6843fcd0ad7e47cdf18c7337dc2f6d28395f6a5fd672f8b30b7fedc8aa40b2156a56911315c3d9ba2f2018e789c5612656a506227407976141c53078e1fa4ab72be753e9e3513d2eaac24d297e2cda577f422eef1173b3606b072e2f5c1bb57ede777ede987055c6ce36de2515ceea3f07ad12dfcab1c92792d5c509fc66a677b4fbbfad8b3d2dcee34599adb55b3660da4be4a67d80f2c4b06524dac9710aa6733ead6f2764e69fcec8fe9081dd75b4f564dc0b8d961f64f30c785f9f653419f64e0b8c633a3b29e2ff9a1142a6b6880144845393c04c58dda6e06da47459bc989512d8fcbada239b649777754e9e27a51fc519df96d4093ad1de769783180d2b93a3f8d8f829c7c80fb73bc4370348fb7"], 0x14}}, 0x0) r7 = syz_open_dev$vcsa(&(0x7f0000000440), 0x1, 0x20000) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000080)={0x0}, &(0x7f00000000c0)=0xc) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x11c, 0x1a, 0x101, 0x0, 0x0, {0xff}, [@nested={0x105, 0x25, 0x0, 0x1, [@generic="caff25b868a39ed4f2a98bedf9e7f94d9628c4586ab630065adb5ce99324b2bc290f13aaa1b375a91e26c2e7647f0d4d4129cf29156cafb37b67d8609b9d63f634ad9faeaf176fa600eceb94d94b06860dea939978653564f61cfdf4d594a7aae471765651af4f", @typed={0x4, 0x12}, @typed={0xa, 0x59, 0x0, 0x0, @str='*)#$&\x00'}, @typed={0x8, 0x43, 0x0, 0x0, @uid=0xee00}, @generic="ba4c73269591ea34f14ad506aceac7dd54d3156932a0d02341122f6cbaa54dc8b4d0b01ac37d2225ed37bacfd3e71c9180b14c5d116c85a770f26c96ebae790c221badd433486d34cfe813c7c7efa569409a5bf71d579de88755b8666c240f1543c8d56c3addf242adebf601e0af1c3546ab", @typed={0x8, 0x30, 0x0, 0x0, @u32=0x100}, @typed={0x8, 0x37, 0x0, 0x0, @pid=r8}]}]}, 0x11c}}, 0x0) r9 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000bc0)='/proc/diskstats\x00', 0x0, 0x0) kcmp(0x0, r8, 0x1, r4, r9) sendmsg$DEVLINK_CMD_PORT_SET(r7, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x74, 0x0, 0x400, 0x70bd29, 0x25dfdbfc, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x6, 0x4, 0x3}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x6, 0x4, 0x2}}]}, 0x74}, 0x1, 0x0, 0x0, 0x20000000}, 0x48824) [ 2184.818086] FAULT_INJECTION: forcing a failure. [ 2184.818086] name failslab, interval 1, probability 0, space 0, times 0 [ 2184.820015] CPU: 1 PID: 15022 Comm: syz-executor.0 Not tainted 5.10.183 #1 [ 2184.821199] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2184.822616] Call Trace: [ 2184.823084] dump_stack+0x107/0x167 [ 2184.823706] should_fail.cold+0x5/0xa [ 2184.824373] ? create_object.isra.0+0x3a/0xa20 [ 2184.825157] should_failslab+0x5/0x20 [ 2184.825815] kmem_cache_alloc+0x5b/0x310 [ 2184.826514] ? mark_held_locks+0x9e/0xe0 [ 2184.827212] create_object.isra.0+0x3a/0xa20 [ 2184.827959] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2184.828707] kmem_cache_alloc_bulk+0x168/0x320 [ 2184.829350] io_submit_sqes+0x6f76/0x85c0 [ 2184.829932] ? percpu_ref_tryget_many+0x166/0x2d0 [ 2184.830613] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2184.831291] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2184.831992] ? lock_downgrade+0x6d0/0x6d0 [ 2184.832572] ? find_held_lock+0x2c/0x110 [ 2184.833151] ? io_submit_sqes+0x85c0/0x85c0 [ 2184.833778] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2184.834462] ? wait_for_completion_io+0x270/0x270 [ 2184.835149] ? rcu_read_lock_any_held+0x75/0xa0 [ 2184.835806] ? vfs_write+0x354/0xa70 [ 2184.836336] ? fput_many+0x2f/0x1a0 [ 2184.836850] ? ksys_write+0x1a9/0x260 [ 2184.837384] ? __ia32_sys_read+0xb0/0xb0 [ 2184.837956] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2184.838691] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2184.839412] do_syscall_64+0x33/0x40 [ 2184.839938] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2184.840670] RIP: 0033:0x7fa0a6739b19 [ 2184.841191] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2184.843770] RSP: 002b:00007fa0a3caf188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2184.844852] RAX: ffffffffffffffda RBX: 00007fa0a684cf60 RCX: 00007fa0a6739b19 [ 2184.845862] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2184.846871] RBP: 00007fa0a3caf1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2184.847872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2184.848884] R13: 00007ffd62120f9f R14: 00007fa0a3caf300 R15: 0000000000022000 11:41:31 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x9, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:41:31 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x4, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:41:31 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 9) 11:41:31 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) 11:41:32 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 11:41:32 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xff, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {0x0, 0x0, 0x3e0}], 0x8000, &(0x7f00000002c0)=ANY=[]) [ 2185.086171] FAULT_INJECTION: forcing a failure. [ 2185.086171] name failslab, interval 1, probability 0, space 0, times 0 [ 2185.087556] CPU: 1 PID: 15041 Comm: syz-executor.0 Not tainted 5.10.183 #1 [ 2185.088388] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2185.089355] Call Trace: [ 2185.089678] dump_stack+0x107/0x167 [ 2185.090121] should_fail.cold+0x5/0xa [ 2185.090569] ? create_object.isra.0+0x3a/0xa20 [ 2185.091109] should_failslab+0x5/0x20 [ 2185.091561] kmem_cache_alloc+0x5b/0x310 [ 2185.092038] ? mark_held_locks+0x9e/0xe0 [ 2185.092513] create_object.isra.0+0x3a/0xa20 [ 2185.093039] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2185.093625] kmem_cache_alloc_bulk+0x168/0x320 [ 2185.094160] io_submit_sqes+0x6f76/0x85c0 [ 2185.094641] ? percpu_ref_tryget_many+0x166/0x2d0 [ 2185.095205] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2185.095780] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2185.096360] ? lock_downgrade+0x6d0/0x6d0 [ 2185.096865] ? find_held_lock+0x2c/0x110 [ 2185.097369] ? io_submit_sqes+0x85c0/0x85c0 [ 2185.097905] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2185.098499] ? wait_for_completion_io+0x270/0x270 [ 2185.099085] ? rcu_read_lock_any_held+0x75/0xa0 [ 2185.099659] ? vfs_write+0x354/0xa70 [ 2185.100129] ? fput_many+0x2f/0x1a0 [ 2185.100577] ? ksys_write+0x1a9/0x260 [ 2185.101044] ? __ia32_sys_read+0xb0/0xb0 [ 2185.101570] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2185.102215] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2185.102850] do_syscall_64+0x33/0x40 [ 2185.103307] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2185.103939] RIP: 0033:0x7fa0a6739b19 [ 2185.104418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2185.106639] RSP: 002b:00007fa0a3caf188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2185.107556] RAX: ffffffffffffffda RBX: 00007fa0a684cf60 RCX: 00007fa0a6739b19 [ 2185.108425] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2185.109293] RBP: 00007fa0a3caf1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2185.110154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2185.111020] R13: 00007ffd62120f9f R14: 00007fa0a3caf300 R15: 0000000000022000 [ 2189.986592] Bluetooth: hci3: command 0x0409 tx timeout [ 2192.035471] Bluetooth: hci3: command 0x041b tx timeout [ 2194.082492] Bluetooth: hci3: command 0x040f tx timeout [ 2194.906027] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2194.908683] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2194.914122] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 2194.959814] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2194.961799] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2194.965887] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 2196.130494] Bluetooth: hci3: command 0x0419 tx timeout 11:41:55 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x2, 0x0, 0x0, 0x0) 11:41:55 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x5, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:41:55 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:41:55 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 10) 11:41:55 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) 11:41:55 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 11:41:55 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0xf, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:41:55 executing program 2: r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000080)={0x0}, &(0x7f00000000c0)=0xc) sendmsg$nl_generic(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x11c, 0x1a, 0x101, 0x0, 0x0, {0xff}, [@nested={0x105, 0x25, 0x0, 0x1, [@generic="caff25b868a39ed4f2a98bedf9e7f94d9628c4586ab630065adb5ce99324b2bc290f13aaa1b375a91e26c2e7647f0d4d4129cf29156cafb37b67d8609b9d63f634ad9faeaf176fa600eceb94d94b06860dea939978653564f61cfdf4d594a7aae471765651af4f", @typed={0x4, 0x12}, @typed={0xa, 0x59, 0x0, 0x0, @str='*)#$&\x00'}, @typed={0x8, 0x43, 0x0, 0x0, @uid=0xee00}, @generic="ba4c73269591ea34f14ad506aceac7dd54d3156932a0d02341122f6cbaa54dc8b4d0b01ac37d2225ed37bacfd3e71c9180b14c5d116c85a770f26c96ebae790c221badd433486d34cfe813c7c7efa569409a5bf71d579de88755b8666c240f1543c8d56c3addf242adebf601e0af1c3546ab", @typed={0x8, 0x30, 0x0, 0x0, @u32=0x100}, @typed={0x8, 0x37, 0x0, 0x0, @pid=r3}]}]}, 0x11c}}, 0x0) perf_event_open(&(0x7f0000000280)={0x3, 0x80, 0x8, 0x9, 0xf8, 0x3, 0x0, 0x80, 0x45d, 0x15, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x80000000, 0x0, @perf_config_ext={0x1f}, 0x20, 0x3, 0x70, 0xfce75fa58a0139ec, 0x1, 0xb15, 0x0, 0x0, 0x7ff, 0x0, 0x7ff}, r3, 0x6, 0xffffffffffffffff, 0x8) r4 = socket$inet_tcp(0x2, 0x1, 0x0) r5 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x12802}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0xf, r5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r5, 0x40082404, &(0x7f0000000000)=0x1000) r6 = socket$inet_tcp(0x2, 0x1, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x13, r6, 0x0) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, 0x0, &(0x7f00000001c0)) sendfile(r6, r0, &(0x7f00000000c0), 0x3) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r4, 0x6, 0x23, &(0x7f0000000180)={&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000001c0)=0x40) r7 = openat$null(0xffffffffffffff9c, &(0x7f0000000100), 0x400002, 0x0) r8 = accept4$inet6(r7, &(0x7f0000000140), &(0x7f0000000200)=0x1c, 0x4db8bde448bc2f67) setsockopt$inet6_buf(r8, 0x29, 0x2d, &(0x7f0000000240)="a55be9b5", 0x4) lseek(r7, 0x5, 0x4) 11:41:55 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x6, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) [ 2208.146919] FAULT_INJECTION: forcing a failure. [ 2208.146919] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2208.149466] CPU: 1 PID: 15536 Comm: syz-executor.0 Not tainted 5.10.183 #1 [ 2208.150876] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2208.152574] Call Trace: [ 2208.153123] dump_stack+0x107/0x167 [ 2208.153871] should_fail.cold+0x5/0xa [ 2208.154648] _copy_from_user+0x2e/0x1b0 [ 2208.155464] __copy_msghdr_from_user+0x91/0x4b0 [ 2208.156426] ? __ia32_sys_shutdown+0x80/0x80 [ 2208.157323] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2208.158391] ? SOFTIRQ_verbose+0x10/0x10 [ 2208.159241] __io_recvmsg_copy_hdr+0xac/0x2f0 [ 2208.160162] ? __io_compat_recvmsg_copy_hdr+0x360/0x360 [ 2208.161266] ? lock_chain_count+0x20/0x20 [ 2208.162119] ? __is_insn_slot_addr+0x123/0x290 [ 2208.163045] ? lock_downgrade+0x6d0/0x6d0 [ 2208.163893] io_recvmsg+0xa31/0xca0 [ 2208.164654] ? io_sendmsg+0x790/0x790 [ 2208.165437] ? mark_lock+0xf5/0x2df0 [ 2208.166198] ? lock_chain_count+0x20/0x20 [ 2208.167049] ? lock_chain_count+0x20/0x20 [ 2208.167888] ? stack_trace_save+0x8c/0xc0 [ 2208.168755] ? stack_trace_consume_entry+0x160/0x160 [ 2208.169807] ? lock_acquire+0x197/0x470 [ 2208.170627] ? __lock_acquire+0xbb1/0x5b00 [ 2208.171496] io_issue_sqe+0x35f1/0x7660 [ 2208.172319] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2208.173388] ? SOFTIRQ_verbose+0x10/0x10 [ 2208.174214] ? lock_chain_count+0x20/0x20 [ 2208.175060] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2208.176127] ? io_connect+0x610/0x610 [ 2208.176913] ? lock_acquire+0x197/0x470 [ 2208.177718] ? find_held_lock+0x2c/0x110 [ 2208.178558] ? __fget_files+0x26d/0x4c0 [ 2208.179365] ? lock_downgrade+0x6d0/0x6d0 [ 2208.180211] __io_queue_sqe+0x90/0x9d0 [ 2208.181026] ? io_issue_sqe+0x7660/0x7660 [ 2208.181893] io_submit_sqes+0x4461/0x85c0 [ 2208.182769] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2208.183781] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2208.184775] ? lock_downgrade+0x6d0/0x6d0 [ 2208.185786] ? find_held_lock+0x2c/0x110 [ 2208.186764] ? io_submit_sqes+0x85c0/0x85c0 [ 2208.187748] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2208.188748] ? wait_for_completion_io+0x270/0x270 [ 2208.189733] ? rcu_read_lock_any_held+0x75/0xa0 [ 2208.190680] ? vfs_write+0x354/0xa70 [ 2208.191439] ? fput_many+0x2f/0x1a0 [ 2208.192186] ? ksys_write+0x1a9/0x260 [ 2208.192973] ? __ia32_sys_read+0xb0/0xb0 [ 2208.193812] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2208.194978] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2208.196135] do_syscall_64+0x33/0x40 [ 2208.196903] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2208.197940] RIP: 0033:0x7fa0a6739b19 [ 2208.198696] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2208.202766] RSP: 002b:00007fa0a3caf188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2208.204341] RAX: ffffffffffffffda RBX: 00007fa0a684cf60 RCX: 00007fa0a6739b19 [ 2208.205800] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2208.207262] RBP: 00007fa0a3caf1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2208.208746] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2208.210194] R13: 00007ffd62120f9f R14: 00007fa0a3caf300 R15: 0000000000022000 11:41:55 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 1) 11:41:55 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) 11:41:55 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0xf0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) [ 2208.300134] FAULT_INJECTION: forcing a failure. [ 2208.300134] name failslab, interval 1, probability 0, space 0, times 0 [ 2208.302934] CPU: 0 PID: 15544 Comm: syz-executor.5 Not tainted 5.10.183 #1 [ 2208.304419] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2208.306116] Call Trace: [ 2208.306660] dump_stack+0x107/0x167 [ 2208.307406] should_fail.cold+0x5/0xa [ 2208.308188] should_failslab+0x5/0x20 [ 2208.308967] kmem_cache_alloc_bulk+0x4b/0x320 [ 2208.309880] io_submit_sqes+0x6f76/0x85c0 [ 2208.310736] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2208.311855] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2208.312884] __do_sys_io_uring_enter+0x6b5/0x1730 11:41:55 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 11) [ 2208.313875] ? io_submit_sqes+0x85c0/0x85c0 [ 2208.314926] ? recalibrate_cpu_khz+0x10/0x10 [ 2208.315820] ? ktime_get+0x158/0x1f0 [ 2208.316597] ? setup_APIC_eilvt+0x2f0/0x2f0 [ 2208.317471] ? clockevents_program_event+0x131/0x360 [ 2208.318515] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2208.319584] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2208.320698] ? trace_hardirqs_on+0x5b/0x180 [ 2208.321577] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2208.322679] ? __io_uring_cancel+0x20/0x20 [ 2208.323552] do_syscall_64+0x33/0x40 [ 2208.324314] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2208.325351] RIP: 0033:0x7fe21c796b19 [ 2208.326108] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2208.329860] RSP: 002b:00007fe219d0c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2208.331402] RAX: ffffffffffffffda RBX: 00007fe21c8a9f60 RCX: 00007fe21c796b19 [ 2208.332853] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2208.334298] RBP: 00007fe219d0c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2208.335742] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2208.337212] R13: 00007ffd07aa720f R14: 00007fe219d0c300 R15: 0000000000022000 11:41:55 executing program 2: r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000080)={0x0}, &(0x7f00000000c0)=0xc) sendmsg$nl_generic(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x11c, 0x1a, 0x101, 0x0, 0x0, {0xff}, [@nested={0x105, 0x25, 0x0, 0x1, [@generic="caff25b868a39ed4f2a98bedf9e7f94d9628c4586ab630065adb5ce99324b2bc290f13aaa1b375a91e26c2e7647f0d4d4129cf29156cafb37b67d8609b9d63f634ad9faeaf176fa600eceb94d94b06860dea939978653564f61cfdf4d594a7aae471765651af4f", @typed={0x4, 0x12}, @typed={0xa, 0x59, 0x0, 0x0, @str='*)#$&\x00'}, @typed={0x8, 0x43, 0x0, 0x0, @uid=0xee00}, @generic="ba4c73269591ea34f14ad506aceac7dd54d3156932a0d02341122f6cbaa54dc8b4d0b01ac37d2225ed37bacfd3e71c9180b14c5d116c85a770f26c96ebae790c221badd433486d34cfe813c7c7efa569409a5bf71d579de88755b8666c240f1543c8d56c3addf242adebf601e0af1c3546ab", @typed={0x8, 0x30, 0x0, 0x0, @u32=0x100}, @typed={0x8, 0x37, 0x0, 0x0, @pid=r3}]}]}, 0x11c}}, 0x0) perf_event_open(&(0x7f0000000280)={0x3, 0x80, 0x8, 0x9, 0xf8, 0x3, 0x0, 0x80, 0x45d, 0x15, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x80000000, 0x0, @perf_config_ext={0x1f}, 0x20, 0x3, 0x70, 0xfce75fa58a0139ec, 0x1, 0xb15, 0x0, 0x0, 0x7ff, 0x0, 0x7ff}, r3, 0x6, 0xffffffffffffffff, 0x8) r4 = socket$inet_tcp(0x2, 0x1, 0x0) r5 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x12802}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0xf, r5, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r5, 0x40082404, &(0x7f0000000000)=0x1000) r6 = socket$inet_tcp(0x2, 0x1, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x13, r6, 0x0) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, 0x0, &(0x7f00000001c0)) sendfile(r6, r0, &(0x7f00000000c0), 0x3) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r4, 0x6, 0x23, &(0x7f0000000180)={&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000001c0)=0x40) r7 = openat$null(0xffffffffffffff9c, &(0x7f0000000100), 0x400002, 0x0) r8 = accept4$inet6(r7, &(0x7f0000000140), &(0x7f0000000200)=0x1c, 0x4db8bde448bc2f67) setsockopt$inet6_buf(r8, 0x29, 0x2d, &(0x7f0000000240)="a55be9b5", 0x4) lseek(r7, 0x5, 0x4) 11:41:55 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x7, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) [ 2208.425958] FAULT_INJECTION: forcing a failure. [ 2208.425958] name failslab, interval 1, probability 0, space 0, times 0 [ 2208.428950] CPU: 0 PID: 15552 Comm: syz-executor.0 Not tainted 5.10.183 #1 [ 2208.430361] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2208.432127] Call Trace: [ 2208.432693] dump_stack+0x107/0x167 [ 2208.433440] should_fail.cold+0x5/0xa [ 2208.434213] ? iovec_from_user+0x36c/0x400 [ 2208.435081] should_failslab+0x5/0x20 [ 2208.435846] __kmalloc+0x72/0x390 [ 2208.436557] ? _copy_from_user+0xfb/0x1b0 [ 2208.437392] iovec_from_user+0x36c/0x400 [ 2208.438218] __import_iovec+0x67/0x590 [ 2208.439023] __io_recvmsg_copy_hdr+0x26d/0x2f0 [ 2208.439944] ? __io_compat_recvmsg_copy_hdr+0x360/0x360 [ 2208.441017] ? __is_insn_slot_addr+0x123/0x290 [ 2208.441957] ? lock_chain_count+0x20/0x20 [ 2208.442776] ? 0xffffffffa0008000 [ 2208.443480] io_recvmsg+0xa31/0xca0 [ 2208.444220] ? io_sendmsg+0x790/0x790 [ 2208.445010] ? mark_lock+0xf5/0x2df0 [ 2208.445764] ? mark_held_locks+0x9e/0xe0 [ 2208.446584] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2208.447642] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2208.448722] ? trace_hardirqs_on+0x5b/0x180 [ 2208.449614] ? lock_acquire+0x1b9/0x470 [ 2208.450413] ? __lock_acquire+0xbb1/0x5b00 [ 2208.451273] io_issue_sqe+0x35f1/0x7660 [ 2208.452078] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2208.453138] ? SOFTIRQ_verbose+0x10/0x10 [ 2208.453956] ? lock_chain_count+0x20/0x20 [ 2208.454794] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2208.455846] ? io_connect+0x610/0x610 [ 2208.456633] ? lock_acquire+0x197/0x470 [ 2208.457425] ? find_held_lock+0x2c/0x110 [ 2208.458250] ? __fget_files+0x26d/0x4c0 [ 2208.459055] ? lock_downgrade+0x6d0/0x6d0 [ 2208.459898] __io_queue_sqe+0x90/0x9d0 [ 2208.460693] ? io_issue_sqe+0x7660/0x7660 [ 2208.461551] io_submit_sqes+0x4461/0x85c0 [ 2208.462425] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2208.463428] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2208.464418] ? lock_downgrade+0x6d0/0x6d0 [ 2208.465249] ? find_held_lock+0x2c/0x110 [ 2208.466082] ? io_submit_sqes+0x85c0/0x85c0 [ 2208.466961] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2208.467944] ? wait_for_completion_io+0x270/0x270 [ 2208.468934] ? rcu_read_lock_any_held+0x75/0xa0 [ 2208.469890] ? vfs_write+0x354/0xa70 [ 2208.470644] ? fput_many+0x2f/0x1a0 [ 2208.471371] ? ksys_write+0x1a9/0x260 [ 2208.472137] ? __ia32_sys_read+0xb0/0xb0 [ 2208.472970] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2208.474022] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2208.475063] do_syscall_64+0x33/0x40 [ 2208.475821] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2208.476878] RIP: 0033:0x7fa0a6739b19 [ 2208.477623] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2208.481293] RSP: 002b:00007fa0a3caf188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2208.482811] RAX: ffffffffffffffda RBX: 00007fa0a684cf60 RCX: 00007fa0a6739b19 [ 2208.484231] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2208.485660] RBP: 00007fa0a3caf1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2208.487087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2208.488522] R13: 00007ffd62120f9f R14: 00007fa0a3caf300 R15: 0000000000022000 11:41:55 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 2) [ 2208.635847] FAULT_INJECTION: forcing a failure. [ 2208.635847] name failslab, interval 1, probability 0, space 0, times 0 [ 2208.638179] CPU: 1 PID: 15561 Comm: syz-executor.5 Not tainted 5.10.183 #1 [ 2208.639562] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2208.641237] Call Trace: [ 2208.641782] dump_stack+0x107/0x167 [ 2208.642521] should_fail.cold+0x5/0xa [ 2208.643278] ? create_object.isra.0+0x3a/0xa20 [ 2208.644201] should_failslab+0x5/0x20 [ 2208.644981] kmem_cache_alloc+0x5b/0x310 [ 2208.645809] create_object.isra.0+0x3a/0xa20 [ 2208.646702] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2208.647726] kmem_cache_alloc_bulk+0x168/0x320 [ 2208.648683] io_submit_sqes+0x6f76/0x85c0 [ 2208.649519] ? percpu_ref_tryget_many+0x166/0x2d0 [ 2208.650519] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2208.651514] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2208.652498] ? lock_downgrade+0x6d0/0x6d0 [ 2208.653330] ? find_held_lock+0x2c/0x110 [ 2208.654152] ? io_submit_sqes+0x85c0/0x85c0 [ 2208.655023] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2208.655988] ? wait_for_completion_io+0x270/0x270 [ 2208.656971] ? rcu_read_lock_any_held+0x75/0xa0 [ 2208.657907] ? vfs_write+0x354/0xa70 [ 2208.658652] ? fput_many+0x2f/0x1a0 [ 2208.659378] ? ksys_write+0x1a9/0x260 [ 2208.660144] ? __ia32_sys_read+0xb0/0xb0 [ 2208.660986] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2208.662047] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2208.663086] do_syscall_64+0x33/0x40 [ 2208.663832] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2208.664881] RIP: 0033:0x7fe21c796b19 [ 2208.665629] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2208.669319] RSP: 002b:00007fe219d0c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2208.670841] RAX: ffffffffffffffda RBX: 00007fe21c8a9f60 RCX: 00007fe21c796b19 [ 2208.672257] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2208.673699] RBP: 00007fe219d0c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2208.675144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2208.676589] R13: 00007ffd07aa720f R14: 00007fe219d0c300 R15: 0000000000022000 11:42:08 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x8, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:42:08 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x300, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:42:08 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) 11:42:08 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:42:08 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x8, 0x0, 0x0, 0x0) 11:42:08 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0xc, &(0x7f0000000100)=0x3f, 0x4) dup(0xffffffffffffffff) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x9}}, './file0\x00'}) connect$netlink(r1, &(0x7f0000000040)=@proc={0x10, 0x0, 0x25dfdbff, 0x400000}, 0xc) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)={0x1c, 0x16, 0xc21, 0x0, 0x0, {0xa}, [@typed={0x8, 0x0, 0x0, 0x0, @ipv4=@multicast1}]}, 0x1c}}, 0x0) 11:42:08 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 12) 11:42:08 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 3) [ 2221.542700] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. 11:42:08 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="00a9c900040000c9"], 0x8) fcntl$dupfd(r0, 0x0, r0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_mtu(r1, 0x29, 0x17, &(0x7f0000000040), 0x4) [ 2221.613047] FAULT_INJECTION: forcing a failure. [ 2221.613047] name failslab, interval 1, probability 0, space 0, times 0 [ 2221.615580] CPU: 1 PID: 15581 Comm: syz-executor.0 Not tainted 5.10.183 #1 [ 2221.616970] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2221.618620] Call Trace: [ 2221.619161] dump_stack+0x107/0x167 [ 2221.619932] should_fail.cold+0x5/0xa [ 2221.620373] FAULT_INJECTION: forcing a failure. [ 2221.620373] name failslab, interval 1, probability 0, space 0, times 0 [ 2221.620714] ? create_object.isra.0+0x3a/0xa20 [ 2221.620738] should_failslab+0x5/0x20 [ 2221.620756] kmem_cache_alloc+0x5b/0x310 [ 2221.620781] create_object.isra.0+0x3a/0xa20 [ 2221.620809] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2221.627503] __kmalloc+0x16e/0x390 [ 2221.628242] iovec_from_user+0x36c/0x400 [ 2221.629085] __import_iovec+0x67/0x590 [ 2221.629892] __io_recvmsg_copy_hdr+0x26d/0x2f0 [ 2221.630819] ? __io_compat_recvmsg_copy_hdr+0x360/0x360 [ 2221.631908] ? __is_insn_slot_addr+0x123/0x290 [ 2221.632849] ? lock_downgrade+0x6d0/0x6d0 [ 2221.633695] io_recvmsg+0xa31/0xca0 [ 2221.634439] ? io_sendmsg+0x790/0x790 [ 2221.635224] ? mark_lock+0xf5/0x2df0 [ 2221.636008] ? stack_trace_consume_entry+0x160/0x160 [ 2221.637078] ? lock_acquire+0x197/0x470 [ 2221.637896] ? __lock_acquire+0xbb1/0x5b00 [ 2221.638770] io_issue_sqe+0x35f1/0x7660 [ 2221.639588] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2221.640672] ? SOFTIRQ_verbose+0x10/0x10 [ 2221.641500] ? lock_chain_count+0x20/0x20 [ 2221.642349] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2221.643417] ? io_connect+0x610/0x610 [ 2221.644203] ? lock_acquire+0x197/0x470 [ 2221.645017] ? find_held_lock+0x2c/0x110 [ 2221.645845] ? __fget_files+0x26d/0x4c0 [ 2221.646649] ? lock_downgrade+0x6d0/0x6d0 [ 2221.647491] __io_queue_sqe+0x90/0x9d0 [ 2221.648285] ? io_issue_sqe+0x7660/0x7660 [ 2221.649162] io_submit_sqes+0x4461/0x85c0 [ 2221.650032] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2221.651044] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2221.652029] ? lock_downgrade+0x6d0/0x6d0 [ 2221.652873] ? find_held_lock+0x2c/0x110 [ 2221.653702] ? io_submit_sqes+0x85c0/0x85c0 [ 2221.654582] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2221.655560] ? wait_for_completion_io+0x270/0x270 [ 2221.656561] ? rcu_read_lock_any_held+0x75/0xa0 [ 2221.657503] ? vfs_write+0x354/0xa70 [ 2221.658262] ? fput_many+0x2f/0x1a0 [ 2221.659002] ? ksys_write+0x1a9/0x260 [ 2221.659773] ? __ia32_sys_read+0xb0/0xb0 [ 2221.660606] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2221.661671] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2221.662720] do_syscall_64+0x33/0x40 [ 2221.663474] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2221.664522] RIP: 0033:0x7fa0a6739b19 [ 2221.665276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2221.669010] RSP: 002b:00007fa0a3caf188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2221.670550] RAX: ffffffffffffffda RBX: 00007fa0a684cf60 RCX: 00007fa0a6739b19 [ 2221.671995] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2221.673448] RBP: 00007fa0a3caf1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2221.674892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2221.676330] R13: 00007ffd62120f9f R14: 00007fa0a3caf300 R15: 0000000000022000 [ 2221.677827] CPU: 0 PID: 15580 Comm: syz-executor.5 Not tainted 5.10.183 #1 [ 2221.679237] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2221.680907] Call Trace: [ 2221.681446] dump_stack+0x107/0x167 [ 2221.682182] should_fail.cold+0x5/0xa [ 2221.682949] ? create_object.isra.0+0x3a/0xa20 [ 2221.683869] should_failslab+0x5/0x20 [ 2221.684661] kmem_cache_alloc+0x5b/0x310 [ 2221.685489] create_object.isra.0+0x3a/0xa20 [ 2221.686500] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2221.687520] kmem_cache_alloc_bulk+0x168/0x320 [ 2221.688449] io_submit_sqes+0x6f76/0x85c0 [ 2221.689288] ? percpu_ref_tryget_many+0x166/0x2d0 [ 2221.690281] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2221.691277] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2221.692247] ? lock_downgrade+0x6d0/0x6d0 [ 2221.693083] ? find_held_lock+0x2c/0x110 [ 2221.693901] ? io_submit_sqes+0x85c0/0x85c0 [ 2221.694776] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2221.695748] ? wait_for_completion_io+0x270/0x270 [ 2221.696736] ? rcu_read_lock_any_held+0x75/0xa0 [ 2221.697661] ? vfs_write+0x354/0xa70 [ 2221.698411] ? fput_many+0x2f/0x1a0 [ 2221.699143] ? ksys_write+0x1a9/0x260 [ 2221.699906] ? __ia32_sys_read+0xb0/0xb0 [ 2221.700728] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2221.701780] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2221.702816] do_syscall_64+0x33/0x40 [ 2221.703582] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2221.704635] RIP: 0033:0x7fe21c796b19 [ 2221.705389] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2221.709200] RSP: 002b:00007fe219d0c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2221.710726] RAX: ffffffffffffffda RBX: 00007fe21c8a9f60 RCX: 00007fe21c796b19 [ 2221.712165] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2221.713598] RBP: 00007fe219d0c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2221.715029] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2221.716471] R13: 00007ffd07aa720f R14: 00007fe219d0c300 R15: 0000000000022000 11:42:08 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) 11:42:08 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x500, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:42:08 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x9, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:42:08 executing program 2: openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) r0 = openat(0xffffffffffffffff, 0x0, 0x0, 0x0) name_to_handle_at(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0x0, 0x8}, 0x80000000, 0x8}}, &(0x7f00000002c0), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x101}, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000040)='./file0\x00', 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) syz_io_uring_setup(0x45a8, &(0x7f0000000140)={0x0, 0x66ba, 0x14, 0x0, 0x2bf, 0x0, r0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000280), &(0x7f0000000380)=0x0) syz_io_uring_submit(0x0, r1, &(0x7f00000003c0)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd_index=0x9, 0x40, 0x0, 0x6}, 0x6) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x107142, 0x0) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file1\x00', 0x18000, 0x8) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/timer_list\x00', 0x0, 0x0) connect$bt_l2cap(r4, &(0x7f0000000100)={0x1f, 0x4c, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x5, 0x2}, 0xe) r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_TSINFO_GET(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000004c0)={0x18, r5, 0x321, 0x0, 0x0, {0xb}, [@HEADER={0x4}]}, 0x18}}, 0x0) fsetxattr$trusted_overlay_nlink(r3, &(0x7f0000000300), &(0x7f0000000340)={'L+'}, 0x16, 0x1) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, 0xffffffffffffffff, 0x0, 0x0) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) unshare(0x48020200) 11:42:08 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 13) 11:42:08 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(0xffffffffffffffff, 0x0, r1, 0x0, 0x200f5ef, 0x0) [ 2222.049896] FAULT_INJECTION: forcing a failure. [ 2222.049896] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2222.052691] CPU: 0 PID: 15603 Comm: syz-executor.0 Not tainted 5.10.183 #1 [ 2222.054174] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2222.055825] Call Trace: [ 2222.056354] dump_stack+0x107/0x167 [ 2222.057090] should_fail.cold+0x5/0xa [ 2222.057875] _copy_from_user+0x2e/0x1b0 [ 2222.058676] __copy_msghdr_from_user+0x91/0x4b0 [ 2222.059650] ? __ia32_sys_shutdown+0x80/0x80 [ 2222.060546] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2222.061626] ? SOFTIRQ_verbose+0x10/0x10 [ 2222.062455] ? lock_downgrade+0x6d0/0x6d0 [ 2222.063328] __io_recvmsg_copy_hdr+0xac/0x2f0 [ 2222.064242] ? __io_compat_recvmsg_copy_hdr+0x360/0x360 [ 2222.065364] ? __is_insn_slot_addr+0x123/0x290 [ 2222.066299] ? lock_downgrade+0x6d0/0x6d0 [ 2222.067173] io_recvmsg+0xa31/0xca0 [ 2222.067938] ? mark_lock+0xf5/0x2df0 [ 2222.068712] ? io_sendmsg+0x790/0x790 [ 2222.069481] ? __is_insn_slot_addr+0x14c/0x290 [ 2222.070412] ? lock_chain_count+0x20/0x20 [ 2222.071244] ? mark_lock+0xf5/0x2df0 [ 2222.072013] ? register_lock_class+0xbb/0x17b0 [ 2222.072940] ? arch_stack_walk+0x99/0xf0 [ 2222.073772] ? lock_chain_count+0x20/0x20 [ 2222.074635] ? is_dynamic_key+0x1e0/0x1e0 [ 2222.075485] ? lock_chain_count+0x20/0x20 [ 2222.076339] ? __lock_acquire+0x1657/0x5b00 [ 2222.077257] ? __lock_acquire+0xbb1/0x5b00 [ 2222.078116] io_issue_sqe+0x35f1/0x7660 [ 2222.078937] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2222.079992] ? SOFTIRQ_verbose+0x10/0x10 [ 2222.080824] ? lock_chain_count+0x20/0x20 [ 2222.081682] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2222.082738] ? io_connect+0x610/0x610 [ 2222.083506] ? lock_acquire+0x197/0x470 [ 2222.084317] ? find_held_lock+0x2c/0x110 [ 2222.085158] ? __fget_files+0x26d/0x4c0 [ 2222.085971] ? lock_downgrade+0x6d0/0x6d0 [ 2222.086823] __io_queue_sqe+0x90/0x9d0 [ 2222.087614] ? io_issue_sqe+0x7660/0x7660 [ 2222.088485] io_submit_sqes+0x4461/0x85c0 [ 2222.089351] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2222.090367] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2222.091335] ? lock_downgrade+0x6d0/0x6d0 [ 2222.092182] ? find_held_lock+0x2c/0x110 [ 2222.093006] ? io_submit_sqes+0x85c0/0x85c0 [ 2222.093900] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2222.094857] ? wait_for_completion_io+0x270/0x270 [ 2222.095839] ? rcu_read_lock_any_held+0x75/0xa0 [ 2222.096807] ? vfs_write+0x354/0xa70 [ 2222.097570] ? fput_many+0x2f/0x1a0 [ 2222.098306] ? ksys_write+0x1a9/0x260 [ 2222.099092] ? __ia32_sys_read+0xb0/0xb0 [ 2222.099931] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2222.101019] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2222.102048] do_syscall_64+0x33/0x40 [ 2222.102811] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2222.103843] RIP: 0033:0x7fa0a6739b19 [ 2222.104623] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2222.108288] RSP: 002b:00007fa0a3caf188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2222.109849] RAX: ffffffffffffffda RBX: 00007fa0a684cf60 RCX: 00007fa0a6739b19 [ 2222.111267] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2222.112693] RBP: 00007fa0a3caf1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2222.114114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2222.115562] R13: 00007ffd62120f9f R14: 00007fa0a3caf300 R15: 0000000000022000 11:42:23 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0xf, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:42:23 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x2000, 0x0, 0x0, 0x0) [ 2236.078930] FAULT_INJECTION: forcing a failure. [ 2236.078930] name failslab, interval 1, probability 0, space 0, times 0 [ 2236.080483] CPU: 1 PID: 15614 Comm: syz-executor.5 Not tainted 5.10.183 #1 [ 2236.081362] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2236.082413] Call Trace: [ 2236.082750] dump_stack+0x107/0x167 [ 2236.083204] should_fail.cold+0x5/0xa [ 2236.083678] ? create_object.isra.0+0x3a/0xa20 [ 2236.084249] should_failslab+0x5/0x20 [ 2236.084736] kmem_cache_alloc+0x5b/0x310 [ 2236.085249] ? mark_held_locks+0x9e/0xe0 [ 2236.085763] create_object.isra.0+0x3a/0xa20 [ 2236.086331] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2236.086975] kmem_cache_alloc_bulk+0x168/0x320 [ 2236.087566] io_submit_sqes+0x6f76/0x85c0 [ 2236.088089] ? percpu_ref_tryget_many+0x166/0x2d0 [ 2236.088756] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2236.089414] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2236.090047] ? lock_downgrade+0x6d0/0x6d0 [ 2236.090586] ? find_held_lock+0x2c/0x110 [ 2236.091116] ? io_submit_sqes+0x85c0/0x85c0 [ 2236.091685] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2236.092311] ? wait_for_completion_io+0x270/0x270 [ 2236.092925] ? rcu_read_lock_any_held+0x75/0xa0 [ 2236.093516] ? vfs_write+0x354/0xa70 [ 2236.093999] ? fput_many+0x2f/0x1a0 [ 2236.094481] ? ksys_write+0x1a9/0x260 [ 2236.094972] ? __ia32_sys_read+0xb0/0xb0 [ 2236.095514] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2236.096198] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2236.096883] do_syscall_64+0x33/0x40 [ 2236.097379] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2236.098052] RIP: 0033:0x7fe21c796b19 [ 2236.098523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2236.100954] RSP: 002b:00007fe219d0c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2236.101948] RAX: ffffffffffffffda RBX: 00007fe21c8a9f60 RCX: 00007fe21c796b19 [ 2236.102877] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2236.103806] RBP: 00007fe219d0c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2236.104747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2236.105675] R13: 00007ffd07aa720f R14: 00007fe219d0c300 R15: 0000000000022000 11:42:23 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r2, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r2, &(0x7f0000000040)='./file1\x00', 0x19f) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000040)) openat(r3, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x20d315) 11:42:23 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 4) 11:42:23 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x600, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:42:23 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(0xffffffffffffffff, 0x0, r1, 0x0, 0x200f5ef, 0x0) 11:42:23 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 14) 11:42:23 executing program 2: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000040)={0x0, 0xffffffffffffffa5, 0x0, 0x0, 0x1, [{0xc7, 0x0, 0x190, '\x00', 0x1a82}]}) 11:42:23 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(0xffffffffffffffff, 0x0, r1, 0x0, 0x200f5ef, 0x0) 11:42:23 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0xf0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:42:23 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r2, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r2, &(0x7f0000000040)='./file1\x00', 0x19f) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000040)) openat(r3, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x20d315) [ 2236.230076] FAULT_INJECTION: forcing a failure. [ 2236.230076] name failslab, interval 1, probability 0, space 0, times 0 [ 2236.232491] CPU: 0 PID: 15620 Comm: syz-executor.0 Not tainted 5.10.183 #1 [ 2236.233874] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2236.235511] Call Trace: [ 2236.236044] dump_stack+0x107/0x167 [ 2236.236796] should_fail.cold+0x5/0xa [ 2236.237554] ? iovec_from_user+0x36c/0x400 [ 2236.238398] should_failslab+0x5/0x20 [ 2236.239153] __kmalloc+0x72/0x390 [ 2236.239880] ? _copy_from_user+0xfb/0x1b0 [ 2236.240815] iovec_from_user+0x36c/0x400 [ 2236.241725] __import_iovec+0x67/0x590 [ 2236.242614] __io_recvmsg_copy_hdr+0x26d/0x2f0 [ 2236.243641] ? __io_compat_recvmsg_copy_hdr+0x360/0x360 [ 2236.244858] ? __is_insn_slot_addr+0x123/0x290 [ 2236.245890] ? lock_downgrade+0x6d0/0x6d0 [ 2236.246824] io_recvmsg+0xa31/0xca0 [ 2236.247639] ? mark_lock+0xf5/0x2df0 [ 2236.248476] ? io_sendmsg+0x790/0x790 [ 2236.249332] ? __is_insn_slot_addr+0x14c/0x290 [ 2236.250272] ? lock_chain_count+0x20/0x20 [ 2236.251094] ? mark_lock+0xf5/0x2df0 [ 2236.251846] ? register_lock_class+0xbb/0x17b0 [ 2236.252758] ? arch_stack_walk+0x99/0xf0 [ 2236.253571] ? is_dynamic_key+0x1e0/0x1e0 [ 2236.254412] ? __lock_acquire+0x1657/0x5b00 [ 2236.255276] ? __lock_acquire+0xbb1/0x5b00 [ 2236.256122] io_issue_sqe+0x35f1/0x7660 [ 2236.256958] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2236.257996] ? SOFTIRQ_verbose+0x10/0x10 [ 2236.258804] ? lock_chain_count+0x20/0x20 [ 2236.259632] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2236.260677] ? io_connect+0x610/0x610 [ 2236.261448] ? lock_acquire+0x197/0x470 [ 2236.262245] ? find_held_lock+0x2c/0x110 [ 2236.263056] ? __fget_files+0x26d/0x4c0 [ 2236.263845] ? lock_downgrade+0x6d0/0x6d0 [ 2236.264680] __io_queue_sqe+0x90/0x9d0 [ 2236.265459] ? io_issue_sqe+0x7660/0x7660 [ 2236.266306] io_submit_sqes+0x4461/0x85c0 [ 2236.267167] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2236.268157] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2236.269135] ? lock_downgrade+0x6d0/0x6d0 [ 2236.269953] ? find_held_lock+0x2c/0x110 [ 2236.270780] ? io_submit_sqes+0x85c0/0x85c0 [ 2236.271646] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2236.272606] ? wait_for_completion_io+0x270/0x270 [ 2236.273573] ? rcu_read_lock_any_held+0x75/0xa0 [ 2236.274495] ? vfs_write+0x354/0xa70 [ 2236.275239] ? fput_many+0x2f/0x1a0 [ 2236.275965] ? ksys_write+0x1a9/0x260 [ 2236.276759] ? __ia32_sys_read+0xb0/0xb0 [ 2236.277572] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2236.278621] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2236.279660] do_syscall_64+0x33/0x40 [ 2236.280406] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2236.281430] RIP: 0033:0x7fa0a6739b19 [ 2236.282172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2236.285835] RSP: 002b:00007fa0a3caf188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2236.287345] RAX: ffffffffffffffda RBX: 00007fa0a684cf60 RCX: 00007fa0a6739b19 [ 2236.288776] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2236.290191] RBP: 00007fa0a3caf1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2236.291617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2236.293037] R13: 00007ffd62120f9f R14: 00007fa0a3caf300 R15: 0000000000022000 11:42:23 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x300, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:42:23 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, 0xffffffffffffffff, 0x0, 0x200f5ef, 0x0) 11:42:23 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x700, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:42:23 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 15) 11:42:23 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 5) [ 2236.422970] FAULT_INJECTION: forcing a failure. [ 2236.422970] name failslab, interval 1, probability 0, space 0, times 0 [ 2236.425699] CPU: 0 PID: 15646 Comm: syz-executor.0 Not tainted 5.10.183 #1 [ 2236.427084] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2236.428757] Call Trace: [ 2236.429293] dump_stack+0x107/0x167 [ 2236.430028] should_fail.cold+0x5/0xa [ 2236.430788] ? iovec_from_user+0x36c/0x400 [ 2236.431633] should_failslab+0x5/0x20 [ 2236.432390] __kmalloc+0x72/0x390 [ 2236.433099] ? _copy_from_user+0xfb/0x1b0 [ 2236.433928] iovec_from_user+0x36c/0x400 [ 2236.434742] __import_iovec+0x67/0x590 [ 2236.435544] __io_recvmsg_copy_hdr+0x26d/0x2f0 [ 2236.436468] ? __io_compat_recvmsg_copy_hdr+0x360/0x360 [ 2236.437562] io_recvmsg+0xa31/0xca0 [ 2236.438295] ? lock_chain_count+0x20/0x20 [ 2236.439118] ? io_sendmsg+0x790/0x790 [ 2236.439878] ? register_lock_class+0xbb/0x17b0 [ 2236.440806] ? mark_lock+0xf5/0x2df0 [ 2236.441550] ? is_dynamic_key+0x1e0/0x1e0 [ 2236.442423] ? __lock_acquire+0xbb1/0x5b00 [ 2236.443278] io_issue_sqe+0x35f1/0x7660 [ 2236.444078] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2236.445132] ? SOFTIRQ_verbose+0x10/0x10 [ 2236.445947] ? percpu_ref_put_many+0x153/0x2b0 [ 2236.446851] ? io_connect+0x610/0x610 [ 2236.447613] ? lock_acquire+0x197/0x470 [ 2236.448402] ? find_held_lock+0x2c/0x110 [ 2236.449238] ? __fget_files+0x26d/0x4c0 [ 2236.450039] ? lock_downgrade+0x6d0/0x6d0 [ 2236.450871] __io_queue_sqe+0x90/0x9d0 [ 2236.451652] ? io_issue_sqe+0x7660/0x7660 [ 2236.452503] io_submit_sqes+0x4461/0x85c0 [ 2236.453368] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2236.454371] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2236.455339] ? lock_downgrade+0x6d0/0x6d0 [ 2236.456161] ? find_held_lock+0x2c/0x110 [ 2236.456988] ? io_submit_sqes+0x85c0/0x85c0 [ 2236.457853] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2236.458816] ? wait_for_completion_io+0x270/0x270 [ 2236.459781] ? rcu_read_lock_any_held+0x75/0xa0 [ 2236.460709] ? vfs_write+0x354/0xa70 [ 2236.461457] ? fput_many+0x2f/0x1a0 [ 2236.462186] ? ksys_write+0x1a9/0x260 [ 2236.462945] ? __ia32_sys_read+0xb0/0xb0 [ 2236.463758] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2236.464824] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2236.465856] do_syscall_64+0x33/0x40 [ 2236.466606] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2236.467626] RIP: 0033:0x7fa0a6739b19 [ 2236.468373] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2236.472016] RSP: 002b:00007fa0a3caf188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2236.473542] RAX: ffffffffffffffda RBX: 00007fa0a684cf60 RCX: 00007fa0a6739b19 [ 2236.474960] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2236.476379] RBP: 00007fa0a3caf1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2236.477816] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2236.479232] R13: 00007ffd62120f9f R14: 00007fa0a3caf300 R15: 0000000000022000 [ 2236.494048] FAULT_INJECTION: forcing a failure. [ 2236.494048] name failslab, interval 1, probability 0, space 0, times 0 [ 2236.496941] CPU: 0 PID: 15648 Comm: syz-executor.5 Not tainted 5.10.183 #1 [ 2236.498327] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2236.499971] Call Trace: [ 2236.500504] dump_stack+0x107/0x167 [ 2236.501243] should_fail.cold+0x5/0xa [ 2236.502007] ? create_object.isra.0+0x3a/0xa20 [ 2236.502916] should_failslab+0x5/0x20 [ 2236.503678] kmem_cache_alloc+0x5b/0x310 [ 2236.504485] ? mark_held_locks+0x9e/0xe0 [ 2236.505312] create_object.isra.0+0x3a/0xa20 [ 2236.506189] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2236.507205] kmem_cache_alloc_bulk+0x168/0x320 [ 2236.508120] io_submit_sqes+0x6f76/0x85c0 [ 2236.508971] ? percpu_ref_tryget_many+0x166/0x2d0 [ 2236.509956] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2236.510947] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2236.511927] ? lock_downgrade+0x6d0/0x6d0 [ 2236.512794] ? find_held_lock+0x2c/0x110 [ 2236.513610] ? io_submit_sqes+0x85c0/0x85c0 [ 2236.514495] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2236.515453] ? wait_for_completion_io+0x270/0x270 [ 2236.516443] ? rcu_read_lock_any_held+0x75/0xa0 [ 2236.517376] ? vfs_write+0x354/0xa70 [ 2236.518138] ? fput_many+0x2f/0x1a0 [ 2236.518867] ? ksys_write+0x1a9/0x260 [ 2236.519657] ? __ia32_sys_read+0xb0/0xb0 [ 2236.520468] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2236.521542] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2236.522575] do_syscall_64+0x33/0x40 [ 2236.523344] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2236.524366] RIP: 0033:0x7fe21c796b19 [ 2236.525134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2236.528781] RSP: 002b:00007fe219d0c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2236.530289] RAX: ffffffffffffffda RBX: 00007fe21c8a9f60 RCX: 00007fe21c796b19 [ 2236.531699] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2236.533126] RBP: 00007fe219d0c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2236.534536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2236.535948] R13: 00007ffd07aa720f R14: 00007fe219d0c300 R15: 0000000000022000 [ 2248.769310] FAULT_INJECTION: forcing a failure. [ 2248.769310] name failslab, interval 1, probability 0, space 0, times 0 [ 2248.771054] CPU: 0 PID: 15659 Comm: syz-executor.5 Not tainted 5.10.183 #1 [ 2248.772001] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2248.773160] Call Trace: [ 2248.773530] dump_stack+0x107/0x167 [ 2248.774033] should_fail.cold+0x5/0xa [ 2248.774561] ? create_object.isra.0+0x3a/0xa20 [ 2248.775197] should_failslab+0x5/0x20 [ 2248.775729] kmem_cache_alloc+0x5b/0x310 [ 2248.776289] ? mark_held_locks+0x9e/0xe0 [ 2248.776856] create_object.isra.0+0x3a/0xa20 [ 2248.777449] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2248.778141] kmem_cache_alloc_bulk+0x168/0x320 [ 2248.778781] io_submit_sqes+0x6f76/0x85c0 [ 2248.779368] ? percpu_ref_tryget_many+0x166/0x2d0 [ 2248.780068] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2248.780765] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2248.781455] ? lock_downgrade+0x6d0/0x6d0 [ 2248.782032] ? find_held_lock+0x2c/0x110 [ 2248.782596] ? io_submit_sqes+0x85c0/0x85c0 [ 2248.783201] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2248.783875] ? wait_for_completion_io+0x270/0x270 [ 2248.784542] ? rcu_read_lock_any_held+0x75/0xa0 [ 2248.785191] ? vfs_write+0x354/0xa70 11:42:35 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 16) 11:42:35 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 6) 11:42:35 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x900, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) [ 2248.785695] ? fput_many+0x2f/0x1a0 [ 2248.786359] ? ksys_write+0x1a9/0x260 [ 2248.786863] ? __ia32_sys_read+0xb0/0xb0 [ 2248.787429] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2248.788137] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2248.788850] do_syscall_64+0x33/0x40 [ 2248.789360] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2248.790044] RIP: 0033:0x7fe21c796b19 [ 2248.790560] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2248.793078] RSP: 002b:00007fe219d0c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2248.794106] RAX: ffffffffffffffda RBX: 00007fe21c8a9f60 RCX: 00007fe21c796b19 [ 2248.795073] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2248.796056] RBP: 00007fe219d0c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2248.797036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2248.798006] R13: 00007ffd07aa720f R14: 00007fe219d0c300 R15: 0000000000022000 11:42:35 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x8, 0x0, 0x0, 0x0) 11:42:35 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r2, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r2, &(0x7f0000000040)='./file1\x00', 0x19f) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000040)) openat(r3, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x20d315) 11:42:35 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x500, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:42:35 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x4000, 0x0, 0x0, 0x0) 11:42:35 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, 0xffffffffffffffff, 0x0, 0x200f5ef, 0x0) [ 2248.822822] FAULT_INJECTION: forcing a failure. [ 2248.822822] name failslab, interval 1, probability 0, space 0, times 0 [ 2248.824487] CPU: 1 PID: 15667 Comm: syz-executor.0 Not tainted 5.10.183 #1 [ 2248.825331] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2248.826239] Call Trace: [ 2248.826535] dump_stack+0x107/0x167 [ 2248.826937] should_fail.cold+0x5/0xa [ 2248.827362] ? create_object.isra.0+0x3a/0xa20 [ 2248.827864] should_failslab+0x5/0x20 [ 2248.828284] kmem_cache_alloc+0x5b/0x310 [ 2248.828738] ? trace_hardirqs_on+0x5b/0x180 [ 2248.829236] create_object.isra.0+0x3a/0xa20 [ 2248.829726] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2248.830287] __kmalloc+0x16e/0x390 [ 2248.830693] iovec_from_user+0x36c/0x400 [ 2248.831144] __import_iovec+0x67/0x590 [ 2248.831582] __io_recvmsg_copy_hdr+0x26d/0x2f0 [ 2248.832088] ? __io_compat_recvmsg_copy_hdr+0x360/0x360 [ 2248.832671] ? __is_insn_slot_addr+0x123/0x290 [ 2248.833191] ? lock_downgrade+0x6d0/0x6d0 [ 2248.833650] io_recvmsg+0xa31/0xca0 [ 2248.834049] ? lock_chain_count+0x20/0x20 [ 2248.834503] ? io_sendmsg+0x790/0x790 [ 2248.834925] ? register_lock_class+0xbb/0x17b0 [ 2248.835429] ? mark_lock+0xf5/0x2df0 [ 2248.835838] ? is_dynamic_key+0x1e0/0x1e0 [ 2248.836319] ? __lock_acquire+0xbb1/0x5b00 [ 2248.836804] io_issue_sqe+0x35f1/0x7660 [ 2248.837264] ? lock_chain_count+0x20/0x20 [ 2248.837732] ? percpu_ref_put_many+0x153/0x2b0 [ 2248.838232] ? io_connect+0x610/0x610 [ 2248.838651] ? lock_acquire+0x197/0x470 [ 2248.839087] ? find_held_lock+0x2c/0x110 [ 2248.839547] __io_queue_sqe+0x90/0x9d0 [ 2248.839978] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2248.840577] ? trace_hardirqs_on+0x5b/0x180 [ 2248.841065] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2248.841658] ? io_issue_sqe+0x7660/0x7660 [ 2248.842118] ? io_submit_sqes+0x3b53/0x85c0 [ 2248.842595] io_submit_sqes+0x4461/0x85c0 [ 2248.843068] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2248.843616] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2248.844145] ? lock_downgrade+0x6d0/0x6d0 [ 2248.844600] ? find_held_lock+0x2c/0x110 [ 2248.845061] ? io_submit_sqes+0x85c0/0x85c0 [ 2248.845538] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2248.846073] ? wait_for_completion_io+0x270/0x270 [ 2248.846604] ? rcu_read_lock_any_held+0x75/0xa0 [ 2248.847114] ? vfs_write+0x354/0xa70 [ 2248.847525] ? fput_many+0x2f/0x1a0 [ 2248.847927] ? ksys_write+0x1a9/0x260 [ 2248.848350] ? __ia32_sys_read+0xb0/0xb0 [ 2248.848812] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2248.849391] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2248.849960] do_syscall_64+0x33/0x40 [ 2248.850371] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2248.850935] RIP: 0033:0x7fa0a6739b19 [ 2248.851343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2248.853363] RSP: 002b:00007fa0a3caf188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2248.854203] RAX: ffffffffffffffda RBX: 00007fa0a684cf60 RCX: 00007fa0a6739b19 [ 2248.854985] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2248.855768] RBP: 00007fa0a3caf1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2248.856554] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2248.857350] R13: 00007ffd62120f9f R14: 00007fa0a3caf300 R15: 0000000000022000 11:42:35 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x600, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:42:35 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0xf00, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:42:35 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) copy_file_range(0xffffffffffffffff, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r2, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r2, &(0x7f0000000040)='./file1\x00', 0x19f) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000040)) openat(r3, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x20d315) 11:42:35 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, 0xffffffffffffffff, 0x0, 0x200f5ef, 0x0) 11:42:35 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 17) 11:42:35 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0xf000, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:42:35 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x700, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:42:36 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) copy_file_range(0xffffffffffffffff, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r2, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r2, &(0x7f0000000040)='./file1\x00', 0x19f) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000040)) openat(r3, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x20d315) 11:42:36 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x0, 0x0) [ 2249.078107] FAULT_INJECTION: forcing a failure. [ 2249.078107] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2249.079611] CPU: 1 PID: 15689 Comm: syz-executor.0 Not tainted 5.10.183 #1 [ 2249.080393] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2249.081320] Call Trace: [ 2249.081645] dump_stack+0x107/0x167 [ 2249.082073] should_fail.cold+0x5/0xa [ 2249.082509] _copy_from_user+0x2e/0x1b0 [ 2249.082967] iovec_from_user+0x141/0x400 [ 2249.083435] __import_iovec+0x67/0x590 [ 2249.083869] __io_recvmsg_copy_hdr+0x26d/0x2f0 [ 2249.084376] ? __io_compat_recvmsg_copy_hdr+0x360/0x360 [ 2249.084958] ? __is_insn_slot_addr+0x123/0x290 [ 2249.085456] ? lock_chain_count+0x20/0x20 [ 2249.085919] io_recvmsg+0xa31/0xca0 [ 2249.086321] ? lock_chain_count+0x20/0x20 [ 2249.086771] ? io_sendmsg+0x790/0x790 [ 2249.087191] ? register_lock_class+0xbb/0x17b0 [ 2249.087695] ? mark_lock+0xf5/0x2df0 [ 2249.088122] ? is_dynamic_key+0x1e0/0x1e0 [ 2249.088620] ? __lock_acquire+0xbb1/0x5b00 [ 2249.089129] io_issue_sqe+0x35f1/0x7660 [ 2249.089623] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2249.090159] ? SOFTIRQ_verbose+0x10/0x10 [ 2249.090629] ? percpu_ref_put_many+0x153/0x2b0 [ 2249.091154] ? io_connect+0x610/0x610 [ 2249.091591] ? lock_acquire+0x197/0x470 [ 2249.092046] ? find_held_lock+0x2c/0x110 [ 2249.092528] ? __fget_files+0x26d/0x4c0 [ 2249.093008] ? lock_downgrade+0x6d0/0x6d0 [ 2249.093491] __io_queue_sqe+0x90/0x9d0 [ 2249.093937] ? io_issue_sqe+0x7660/0x7660 [ 2249.094420] io_submit_sqes+0x4461/0x85c0 [ 2249.094915] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2249.095431] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2249.095990] ? lock_downgrade+0x6d0/0x6d0 [ 2249.096426] ? find_held_lock+0x2c/0x110 [ 2249.096919] ? io_submit_sqes+0x85c0/0x85c0 [ 2249.097373] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2249.097927] ? wait_for_completion_io+0x270/0x270 [ 2249.098428] ? rcu_read_lock_any_held+0x75/0xa0 [ 2249.098961] ? vfs_write+0x354/0xa70 [ 2249.099346] ? fput_many+0x2f/0x1a0 [ 2249.099770] ? ksys_write+0x1a9/0x260 [ 2249.100175] ? __ia32_sys_read+0xb0/0xb0 [ 2249.100651] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2249.101202] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2249.101804] do_syscall_64+0x33/0x40 [ 2249.102197] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2249.102778] RIP: 0033:0x7fa0a6739b19 [ 2249.103169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2249.105290] RSP: 002b:00007fa0a3caf188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2249.106099] RAX: ffffffffffffffda RBX: 00007fa0a684cf60 RCX: 00007fa0a6739b19 [ 2249.106869] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2249.107644] RBP: 00007fa0a3caf1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2249.108427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2249.109225] R13: 00007ffd62120f9f R14: 00007fa0a3caf300 R15: 0000000000022000 11:42:48 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x900, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:42:48 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 18) 11:42:48 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x30000, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:42:48 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x0, 0x0) 11:42:48 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x80000, 0x0, 0x0, 0x0) 11:42:48 executing program 2: mlock2(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mknod$loop(&(0x7f0000000400)='./file0\x00', 0x6000, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x101982, 0x0) ioctl$LOOP_SET_STATUS(r1, 0x4c00, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0xe8, 0xb, 0x3f, 0x1d, 0x0, 0x9d9, 0x0, 0xd, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0xfffffff9, 0x1, @perf_config_ext={0x81, 0x400000000001}, 0xc4, 0x0, 0x0, 0x4, 0xfff, 0xfffffff7, 0x8, 0x0, 0x80000001, 0x0, 0x62}, 0xffffffffffffffff, 0x7, r1, 0x8) chown(0x0, 0xee00, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r0, 0xc0096616, &(0x7f0000000440)=ANY=[@ANYBLOB="0309000000000000000000eda577b74cf8c13c7ff04266e723a45091714b17c77fa0831f177b51fc819559a2eceea3893d94020bfc32e6f150be1df02846c27c63f23e6e07f6cf2af9fbe8212768ba373069b0c94a3b5d19178e98ac005e175953aaa4154ecaab6b328af6750291727132834c2c6d0fdcd98ebbea66d3643e21ad47eb31a8104674b6ade1951fe0be674d68c571162af56f9e816edd59f1fd12ed42a8b25dde2de8c6658b5a84e008b5578351814faa9d2e8f434760fa183b51ea7f4ab6d6ef7adc1245ef339e9957880ec5632fe655bb42cdefc124572813e08e8ab2ccb2398c9b8e4c12dc1ad896b18bcc3bed7843abfbefb66401a2f759c3f3e67f9ce3e3df6882511bfd762dd1cddb0250957e79cc735284a874636d8dbfa7760aa6e4111602e52709879c6d9bf6bccdaeecef613bbcecaef887202f9e89b5e11830dad2b6f9d71b8a555a6ea28ebbcb6fd0cca141337e26d57f0e7835ffbd375904c860ea4c37812adb43b0e2b5242b52dc00000000000000000000000000dff5628cb7f7a9f32b4f966d2ecefb025b320f7d14d748384c35f47411a2538384dc26bae4c11df89e9417ef9ec3b902480546c883c0e434709efc459d91fc443dc1ed7dc5c67646ef8439711107e05c792abd2aa60f1e8f11decfc65a103288adcf1d3463f009e6739aff83860b62a89e4ca41a625a4af50ae3c496319586752555301a2be5d27183362cf6468873b52d06e7d1aa7c950d34795e9bd9429d8b78ff8c8551f5fb4ddeff64ea58fc00d322d05c6788656f5eaa298410b977a19751"]) mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r2, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), &(0x7f00000000c0)='./file1/file0\x00', 0x5, 0x0, &(0x7f0000001900), 0x401, &(0x7f0000000140)={[], [{@fowner_lt={'fowner<', r2}}]}) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r3, &(0x7f0000000040)=0xb, 0x80000001) fallocate(0xffffffffffffffff, 0x0, 0xe65, 0x0) 11:42:48 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) copy_file_range(0xffffffffffffffff, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r2, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r2, &(0x7f0000000040)='./file1\x00', 0x19f) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000040)) openat(r3, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x20d315) 11:42:48 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 7) [ 2261.912117] FAULT_INJECTION: forcing a failure. [ 2261.912117] name failslab, interval 1, probability 0, space 0, times 0 [ 2261.914578] CPU: 0 PID: 15715 Comm: syz-executor.5 Not tainted 5.10.183 #1 [ 2261.915990] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2261.917682] Call Trace: [ 2261.917835] FAULT_INJECTION: forcing a failure. [ 2261.917835] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2261.918230] dump_stack+0x107/0x167 [ 2261.921433] should_fail.cold+0x5/0xa [ 2261.922221] ? create_object.isra.0+0x3a/0xa20 [ 2261.923163] should_failslab+0x5/0x20 [ 2261.923945] kmem_cache_alloc+0x5b/0x310 [ 2261.924782] ? mark_held_locks+0x9e/0xe0 [ 2261.925647] create_object.isra.0+0x3a/0xa20 [ 2261.926550] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2261.927595] kmem_cache_alloc_bulk+0x168/0x320 [ 2261.928541] io_submit_sqes+0x6f76/0x85c0 [ 2261.929409] ? percpu_ref_tryget_many+0x166/0x2d0 [ 2261.930418] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2261.931432] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2261.932426] ? lock_downgrade+0x6d0/0x6d0 [ 2261.933280] ? find_held_lock+0x2c/0x110 [ 2261.934123] ? io_submit_sqes+0x85c0/0x85c0 [ 2261.935017] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2261.936007] ? wait_for_completion_io+0x270/0x270 [ 2261.937017] ? rcu_read_lock_any_held+0x75/0xa0 [ 2261.937966] ? vfs_write+0x354/0xa70 [ 2261.938726] ? fput_many+0x2f/0x1a0 [ 2261.939467] ? ksys_write+0x1a9/0x260 [ 2261.940247] ? __ia32_sys_read+0xb0/0xb0 [ 2261.941094] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2261.942163] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2261.943213] do_syscall_64+0x33/0x40 [ 2261.943984] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2261.945044] RIP: 0033:0x7fe21c796b19 [ 2261.945811] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2261.949581] RSP: 002b:00007fe219d0c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2261.951132] RAX: ffffffffffffffda RBX: 00007fe21c8a9f60 RCX: 00007fe21c796b19 [ 2261.952580] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2261.954046] RBP: 00007fe219d0c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2261.955495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2261.956959] R13: 00007ffd07aa720f R14: 00007fe219d0c300 R15: 0000000000022000 [ 2261.958446] CPU: 1 PID: 15716 Comm: syz-executor.0 Not tainted 5.10.183 #1 [ 2261.959863] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2261.961580] Call Trace: [ 2261.962123] dump_stack+0x107/0x167 [ 2261.962876] should_fail.cold+0x5/0xa [ 2261.963665] _copy_to_user+0x2e/0x180 [ 2261.964459] simple_read_from_buffer+0xcc/0x160 [ 2261.965434] proc_fail_nth_read+0x198/0x230 [ 2261.966317] ? proc_sessionid_read+0x230/0x230 [ 2261.967246] ? security_file_permission+0x24e/0x570 [ 2261.968268] ? perf_trace_initcall_start+0x101/0x380 [ 2261.969352] ? proc_sessionid_read+0x230/0x230 [ 2261.970287] vfs_read+0x228/0x580 [ 2261.970999] ksys_read+0x12d/0x260 [ 2261.971719] ? vfs_write+0xa70/0xa70 [ 2261.972482] ? ksys_read+0x260/0x260 [ 2261.973280] do_syscall_64+0x33/0x40 [ 2261.974040] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2261.975081] RIP: 0033:0x7fa0a66ec69c [ 2261.975849] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 2261.979594] RSP: 002b:00007fa0a3caf170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2261.981144] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fa0a66ec69c [ 2261.982591] RDX: 000000000000000f RSI: 00007fa0a3caf1e0 RDI: 0000000000000006 [ 2261.984045] RBP: 00007fa0a3caf1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2261.985513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2261.986957] R13: 00007ffd62120f9f R14: 00007fa0a3caf300 R15: 0000000000022000 11:42:49 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x0, 0x0) 11:42:49 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0xf00, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:42:49 executing program 7: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r0, 0x0, 0xffffffffffffffff, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r2, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r2, &(0x7f0000000040)='./file1\x00', 0x19f) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000040)) openat(r3, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x20d315) 11:42:49 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000740)=[{&(0x7f0000010000)="eb3c906d6b66772e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x20600}], 0xa00201, &(0x7f0000000080)=ANY=[]) ioctl$FITRIM(r0, 0x40047211, &(0x7f0000000080)) bind$inet6(0xffffffffffffffff, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) sendmsg$AUDIT_MAKE_EQUIV(r1, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x28, 0x3f7, 0x10, 0x70bd25, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, [""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000001}, 0x8000) openat(r2, &(0x7f0000000040)='./file0\x00', 0x40400, 0x8) 11:42:49 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x34000, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:42:49 executing program 7: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r0, 0x0, 0xffffffffffffffff, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r2, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r2, &(0x7f0000000040)='./file1\x00', 0x19f) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000040)) openat(r3, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x20d315) 11:42:49 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0xf000, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:42:49 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:42:49 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x80000, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:42:49 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 8) [ 2262.495605] FAULT_INJECTION: forcing a failure. [ 2262.495605] name failslab, interval 1, probability 0, space 0, times 0 [ 2262.497914] CPU: 1 PID: 15750 Comm: syz-executor.5 Not tainted 5.10.183 #1 [ 2262.499265] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2262.500913] Call Trace: [ 2262.501473] dump_stack+0x107/0x167 [ 2262.502211] should_fail.cold+0x5/0xa [ 2262.502976] ? create_object.isra.0+0x3a/0xa20 [ 2262.503904] should_failslab+0x5/0x20 [ 2262.504676] kmem_cache_alloc+0x5b/0x310 [ 2262.505504] ? mark_held_locks+0x9e/0xe0 [ 2262.506323] create_object.isra.0+0x3a/0xa20 [ 2262.507207] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2262.508247] kmem_cache_alloc_bulk+0x168/0x320 [ 2262.509185] io_submit_sqes+0x6f76/0x85c0 [ 2262.510027] ? percpu_ref_tryget_many+0x166/0x2d0 [ 2262.511024] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2262.512017] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2262.513004] ? lock_downgrade+0x6d0/0x6d0 [ 2262.513811] ? find_held_lock+0x2c/0x110 [ 2262.514624] ? io_submit_sqes+0x85c0/0x85c0 [ 2262.515503] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2262.516473] ? wait_for_completion_io+0x270/0x270 [ 2262.517444] ? rcu_read_lock_any_held+0x75/0xa0 [ 2262.518362] ? vfs_write+0x354/0xa70 [ 2262.519112] ? fput_many+0x2f/0x1a0 [ 2262.519843] ? ksys_write+0x1a9/0x260 [ 2262.520596] ? __ia32_sys_read+0xb0/0xb0 [ 2262.521425] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2262.522468] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2262.523494] do_syscall_64+0x33/0x40 [ 2262.524250] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2262.525284] RIP: 0033:0x7fe21c796b19 [ 2262.526024] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2262.529678] RSP: 002b:00007fe219d0c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2262.531191] RAX: ffffffffffffffda RBX: 00007fe21c8a9f60 RCX: 00007fe21c796b19 [ 2262.532603] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2262.534031] RBP: 00007fe219d0c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2262.535456] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2262.536886] R13: 00007ffd07aa720f R14: 00007fe219d0c300 R15: 0000000000022000 11:42:49 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x30000, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:42:49 executing program 7: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r0, 0x0, 0xffffffffffffffff, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r2, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r2, &(0x7f0000000040)='./file1\x00', 0x19f) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000040)) openat(r3, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x20d315) [ 2267.298474] Bluetooth: hci3: command 0x0409 tx timeout [ 2269.346502] Bluetooth: hci3: command 0x041b tx timeout [ 2271.395471] Bluetooth: hci3: command 0x040f tx timeout [ 2272.355488] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2272.357228] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2272.360065] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 2272.387631] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2272.389325] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2272.391961] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 2273.442450] Bluetooth: hci3: command 0x0419 tx timeout 11:43:14 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x400300, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:43:14 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 9) 11:43:14 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x400000, 0x0, 0x0, 0x0) 11:43:14 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x2, 0x0, 0x0, 0x0, 0x0) 11:43:14 executing program 7: r0 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:43:14 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x34000, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:43:14 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) (fail_nth: 1) 11:43:14 executing program 2: r0 = syz_io_uring_setup(0x3157, &(0x7f0000000140)={0x0, 0x0, 0x0, 0xfffffffe}, &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)=0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0) r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000240), 0x38b500, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r4 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x100000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000200)=ANY=[@ANYBLOB="01000000010000001a000000", @ANYRES32=r4, @ANYBLOB="00000000000000002e2f66696c6530004f3373c2f9c62dd629892577ceb0da43aa021b"]) copy_file_range(0xffffffffffffffff, &(0x7f0000000280)=0x2, r4, &(0x7f00000002c0)=0x8, 0x323, 0x0) perf_event_open(&(0x7f0000000300)={0x5, 0x80, 0x5, 0xff, 0xac, 0x0, 0x0, 0x1010000000000, 0x82062, 0xc, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0xd5, 0x4, @perf_bp={&(0x7f00000001c0), 0x1}, 0x40000, 0x2, 0x400000, 0x9, 0x7, 0x81, 0x3, 0x0, 0x8b96, 0x0, 0x1}, 0xffffffffffffffff, 0xe, r4, 0x1) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) linkat(r3, &(0x7f0000000380)='./file0\x00', r3, &(0x7f00000003c0)='./file0\x00', 0x2000) socket$nl_xfrm(0x10, 0x3, 0x6) [ 2287.313488] FAULT_INJECTION: forcing a failure. [ 2287.313488] name failslab, interval 1, probability 0, space 0, times 0 [ 2287.316205] CPU: 0 PID: 16239 Comm: syz-executor.6 Not tainted 5.10.183 #1 [ 2287.317920] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2287.319757] Call Trace: [ 2287.320408] dump_stack+0x107/0x167 [ 2287.321240] should_fail.cold+0x5/0xa [ 2287.322212] ? alloc_pipe_info+0x10a/0x590 [ 2287.323158] should_failslab+0x5/0x20 [ 2287.324115] kmem_cache_alloc_trace+0x55/0x320 [ 2287.325162] alloc_pipe_info+0x10a/0x590 [ 2287.326222] splice_direct_to_actor+0x774/0x980 [ 2287.327260] ? _cond_resched+0x12/0x80 [ 2287.328152] ? inode_security+0x107/0x140 [ 2287.329076] ? pipe_to_sendpage+0x380/0x380 [ 2287.330049] ? selinux_file_permission+0x92/0x520 [ 2287.331117] ? do_splice_to+0x160/0x160 [ 2287.331997] ? security_file_permission+0x24e/0x570 [ 2287.333102] do_splice_direct+0x1c4/0x290 [ 2287.334032] ? splice_direct_to_actor+0x980/0x980 [ 2287.335088] ? selinux_file_permission+0x92/0x520 [ 2287.336144] ? security_file_permission+0x24e/0x570 [ 2287.337248] vfs_copy_file_range+0x4f8/0x1290 [ 2287.338275] ? generic_file_rw_checks+0x240/0x240 [ 2287.339332] ? __fget_files+0x296/0x4c0 [ 2287.340221] __do_sys_copy_file_range+0x193/0x420 [ 2287.341298] ? vfs_copy_file_range+0x1290/0x1290 [ 2287.342376] ? ksys_write+0x1a9/0x260 [ 2287.343304] ? __ia32_sys_read+0xb0/0xb0 [ 2287.344295] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2287.345587] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2287.346850] do_syscall_64+0x33/0x40 [ 2287.347764] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2287.349003] RIP: 0033:0x7fd102b50b19 [ 2287.349930] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2287.354390] RSP: 002b:00007fd1000c6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000146 [ 2287.356231] RAX: ffffffffffffffda RBX: 00007fd102c63f60 RCX: 00007fd102b50b19 [ 2287.357993] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005 [ 2287.358901] FAULT_INJECTION: forcing a failure. [ 2287.358901] name failslab, interval 1, probability 0, space 0, times 0 [ 2287.359547] RBP: 00007fd1000c61d0 R08: 000000000200f5ef R09: 0000000000000000 [ 2287.359598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2287.364990] R13: 00007fff63b3a90f R14: 00007fd1000c6300 R15: 0000000000022000 [ 2287.366600] CPU: 1 PID: 16244 Comm: syz-executor.5 Not tainted 5.10.183 #1 [ 2287.368055] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2287.369748] Call Trace: [ 2287.370297] dump_stack+0x107/0x167 [ 2287.371043] should_fail.cold+0x5/0xa [ 2287.371825] ? __io_uring_add_tctx_node+0x15c/0x520 [ 2287.372844] should_failslab+0x5/0x20 [ 2287.373627] kmem_cache_alloc_trace+0x55/0x320 [ 2287.374555] ? percpu_ref_tryget_many+0x166/0x2d0 [ 2287.375542] __io_uring_add_tctx_node+0x15c/0x520 [ 2287.376527] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 2287.377619] __do_sys_io_uring_enter+0x136d/0x1730 [ 2287.378619] ? lock_downgrade+0x6d0/0x6d0 [ 2287.379470] ? find_held_lock+0x2c/0x110 [ 2287.380302] ? io_submit_sqes+0x85c0/0x85c0 [ 2287.381201] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2287.382189] ? wait_for_completion_io+0x270/0x270 [ 2287.383183] ? rcu_read_lock_any_held+0x75/0xa0 [ 2287.384132] ? vfs_write+0x354/0xa70 [ 2287.384890] ? fput_many+0x2f/0x1a0 [ 2287.385636] ? ksys_write+0x1a9/0x260 [ 2287.386408] ? __ia32_sys_read+0xb0/0xb0 [ 2287.387235] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2287.388299] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2287.389362] do_syscall_64+0x33/0x40 [ 2287.390119] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2287.391155] RIP: 0033:0x7fe21c796b19 [ 2287.391912] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2287.395631] RSP: 002b:00007fe219ceb188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2287.397173] RAX: ffffffffffffffda RBX: 00007fe21c8aa020 RCX: 00007fe21c796b19 [ 2287.398972] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2287.400665] RBP: 00007fe219ceb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2287.402330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2287.403752] R13: 00007ffd07aa720f R14: 00007fe219ceb300 R15: 0000000000022000 11:43:14 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x80000, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:43:14 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0xf0ffff, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:43:14 executing program 7: r0 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:43:14 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:43:14 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) (fail_nth: 2) [ 2287.613047] FAULT_INJECTION: forcing a failure. [ 2287.613047] name failslab, interval 1, probability 0, space 0, times 0 [ 2287.615689] CPU: 0 PID: 16260 Comm: syz-executor.6 Not tainted 5.10.183 #1 [ 2287.617208] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2287.619268] Call Trace: [ 2287.619871] dump_stack+0x107/0x167 [ 2287.620770] should_fail.cold+0x5/0xa [ 2287.621627] ? create_object.isra.0+0x3a/0xa20 [ 2287.622740] should_failslab+0x5/0x20 [ 2287.623585] kmem_cache_alloc+0x5b/0x310 [ 2287.624592] create_object.isra.0+0x3a/0xa20 [ 2287.625600] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2287.626842] kmem_cache_alloc_trace+0x151/0x320 [ 2287.627868] alloc_pipe_info+0x10a/0x590 [ 2287.628877] splice_direct_to_actor+0x774/0x980 [ 2287.629921] ? _cond_resched+0x12/0x80 [ 2287.630881] ? inode_security+0x107/0x140 [ 2287.631788] ? pipe_to_sendpage+0x380/0x380 [ 2287.632844] ? selinux_file_permission+0x92/0x520 [ 2287.633928] ? do_splice_to+0x160/0x160 [ 2287.634878] ? security_file_permission+0x24e/0x570 [ 2287.635974] do_splice_direct+0x1c4/0x290 [ 2287.636883] ? splice_direct_to_actor+0x980/0x980 [ 2287.637930] ? selinux_file_permission+0x92/0x520 [ 2287.638997] ? security_file_permission+0x24e/0x570 [ 2287.640117] vfs_copy_file_range+0x4f8/0x1290 [ 2287.641121] ? generic_file_rw_checks+0x240/0x240 [ 2287.642286] ? __fget_files+0x296/0x4c0 [ 2287.643299] __do_sys_copy_file_range+0x193/0x420 [ 2287.644486] ? vfs_copy_file_range+0x1290/0x1290 [ 2287.645644] ? ksys_write+0x1a9/0x260 [ 2287.646564] ? __ia32_sys_read+0xb0/0xb0 [ 2287.647561] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2287.648844] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2287.650111] do_syscall_64+0x33/0x40 [ 2287.651013] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2287.652267] RIP: 0033:0x7fd102b50b19 [ 2287.653176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2287.657294] RSP: 002b:00007fd1000c6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000146 [ 2287.659151] RAX: ffffffffffffffda RBX: 00007fd102c63f60 RCX: 00007fd102b50b19 [ 2287.660678] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005 [ 2287.662314] RBP: 00007fd1000c61d0 R08: 000000000200f5ef R09: 0000000000000000 [ 2287.664036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2287.665768] R13: 00007fff63b3a90f R14: 00007fd1000c6300 R15: 0000000000022000 11:43:29 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x800000, 0x0, 0x0, 0x0) 11:43:29 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) (fail_nth: 3) 11:43:29 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x400300, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:43:29 executing program 7: r0 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:43:29 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x1000000, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:43:29 executing program 2: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x7, 0x1, 0x0, 0x4, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='net/packet\x00') dup3(r1, r0, 0x0) creat(&(0x7f00000001c0)='./file0\x00', 0x41) perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x7f, 0x66, 0x9e, 0x80, 0x0, 0xeb4, 0x40000, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x15f6, 0x4, @perf_bp={&(0x7f0000000000), 0xa}, 0x301, 0xb304, 0x3, 0x7, 0x8000, 0x7ff, 0x2, 0x0, 0x383}, 0xffffffffffffffff, 0x6, 0xffffffffffffffff, 0x1b) r2 = creat(&(0x7f0000000540)='./file0\x00', 0x0) pwrite64(r2, 0x0, 0x0, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x4fd, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000180)=[r3], 0x1) 11:43:29 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x2, 0x0, 0x0, 0x0) 11:43:29 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 10) [ 2302.423479] FAULT_INJECTION: forcing a failure. [ 2302.423479] name failslab, interval 1, probability 0, space 0, times 0 [ 2302.425838] CPU: 1 PID: 16270 Comm: syz-executor.6 Not tainted 5.10.183 #1 [ 2302.427222] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2302.428873] Call Trace: [ 2302.429408] dump_stack+0x107/0x167 [ 2302.430153] should_fail.cold+0x5/0xa [ 2302.430928] ? alloc_pipe_info+0x1e5/0x590 [ 2302.431777] should_failslab+0x5/0x20 [ 2302.432541] __kmalloc+0x72/0x390 [ 2302.433237] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2302.434281] alloc_pipe_info+0x1e5/0x590 [ 2302.435098] splice_direct_to_actor+0x774/0x980 [ 2302.436049] ? _cond_resched+0x12/0x80 [ 2302.436840] ? inode_security+0x107/0x140 [ 2302.437682] ? pipe_to_sendpage+0x380/0x380 [ 2302.438549] ? selinux_file_permission+0x92/0x520 [ 2302.439520] ? do_splice_to+0x160/0x160 [ 2302.440321] ? security_file_permission+0x24e/0x570 [ 2302.441345] do_splice_direct+0x1c4/0x290 [ 2302.442203] ? splice_direct_to_actor+0x980/0x980 [ 2302.443166] ? selinux_file_permission+0x92/0x520 [ 2302.444155] ? security_file_permission+0x24e/0x570 [ 2302.445202] vfs_copy_file_range+0x4f8/0x1290 [ 2302.446142] ? generic_file_rw_checks+0x240/0x240 [ 2302.447136] ? __fget_files+0x296/0x4c0 [ 2302.447961] __do_sys_copy_file_range+0x193/0x420 [ 2302.448959] ? vfs_copy_file_range+0x1290/0x1290 [ 2302.449919] ? ksys_write+0x1a9/0x260 [ 2302.450699] ? __ia32_sys_read+0xb0/0xb0 [ 2302.451534] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2302.452604] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2302.453681] do_syscall_64+0x33/0x40 [ 2302.454447] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2302.455497] RIP: 0033:0x7fd102b50b19 [ 2302.456263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2302.460032] RSP: 002b:00007fd1000c6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000146 [ 2302.461598] RAX: ffffffffffffffda RBX: 00007fd102c63f60 RCX: 00007fd102b50b19 [ 2302.463079] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005 [ 2302.464538] RBP: 00007fd1000c61d0 R08: 000000000200f5ef R09: 0000000000000000 [ 2302.466020] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2302.467470] R13: 00007fff63b3a90f R14: 00007fd1000c6300 R15: 0000000000022000 [ 2302.491259] FAULT_INJECTION: forcing a failure. [ 2302.491259] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2302.493711] CPU: 1 PID: 16279 Comm: syz-executor.5 Not tainted 5.10.183 #1 11:43:29 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0xf0ffff, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) [ 2302.495114] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2302.496988] Call Trace: [ 2302.497541] dump_stack+0x107/0x167 [ 2302.498289] should_fail.cold+0x5/0xa [ 2302.499070] _copy_from_user+0x2e/0x1b0 [ 2302.499887] __copy_msghdr_from_user+0x91/0x4b0 [ 2302.500834] ? __ia32_sys_shutdown+0x80/0x80 [ 2302.501751] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 11:43:29 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x2000000, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) [ 2302.502818] ? SOFTIRQ_verbose+0x10/0x10 [ 2302.503765] __io_recvmsg_copy_hdr+0xac/0x2f0 [ 2302.504687] ? __io_compat_recvmsg_copy_hdr+0x360/0x360 [ 2302.505775] ? lock_chain_count+0x20/0x20 [ 2302.506621] ? __is_insn_slot_addr+0x123/0x290 [ 2302.507545] ? lock_downgrade+0x6d0/0x6d0 [ 2302.508408] io_recvmsg+0xa31/0xca0 [ 2302.509160] ? io_sendmsg+0x790/0x790 [ 2302.509948] ? mark_lock+0xf5/0x2df0 [ 2302.510709] ? lock_chain_count+0x20/0x20 [ 2302.511553] ? lock_chain_count+0x20/0x20 [ 2302.512402] ? stack_trace_save+0x8c/0xc0 [ 2302.513237] ? stack_trace_consume_entry+0x160/0x160 [ 2302.514306] ? lock_acquire+0x197/0x470 [ 2302.515115] ? __lock_acquire+0xbb1/0x5b00 [ 2302.515978] io_issue_sqe+0x35f1/0x7660 [ 2302.516783] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2302.517851] ? SOFTIRQ_verbose+0x10/0x10 [ 2302.518669] ? lock_chain_count+0x20/0x20 [ 2302.519516] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2302.520564] ? io_connect+0x610/0x610 [ 2302.521332] ? lock_acquire+0x197/0x470 [ 2302.522150] ? find_held_lock+0x2c/0x110 [ 2302.522970] ? __fget_files+0x26d/0x4c0 [ 2302.523784] ? lock_downgrade+0x6d0/0x6d0 [ 2302.524626] __io_queue_sqe+0x90/0x9d0 [ 2302.525435] ? io_issue_sqe+0x7660/0x7660 [ 2302.526301] io_submit_sqes+0x4461/0x85c0 [ 2302.527175] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2302.528183] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2302.529154] ? lock_downgrade+0x6d0/0x6d0 [ 2302.530003] ? find_held_lock+0x2c/0x110 [ 2302.530824] ? io_submit_sqes+0x85c0/0x85c0 [ 2302.531712] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2302.532683] ? wait_for_completion_io+0x270/0x270 [ 2302.533673] ? rcu_read_lock_any_held+0x75/0xa0 [ 2302.534608] ? vfs_write+0x354/0xa70 [ 2302.535371] ? fput_many+0x2f/0x1a0 [ 2302.536113] ? ksys_write+0x1a9/0x260 [ 2302.536883] ? __ia32_sys_read+0xb0/0xb0 [ 2302.537727] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2302.538781] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2302.539827] do_syscall_64+0x33/0x40 [ 2302.540584] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2302.541626] RIP: 0033:0x7fe21c796b19 [ 2302.542379] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2302.546096] RSP: 002b:00007fe219d0c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2302.547644] RAX: ffffffffffffffda RBX: 00007fe21c8a9f60 RCX: 00007fe21c796b19 [ 2302.549078] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2302.550547] RBP: 00007fe219d0c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2302.551999] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2302.553439] R13: 00007ffd07aa720f R14: 00007fe219d0c300 R15: 0000000000022000 11:43:29 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x8, 0x0, 0x0, 0x0) 11:43:29 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:43:29 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x1000000, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:43:29 executing program 2: openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) ftruncate(0xffffffffffffffff, 0x404) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) ioctl$BTRFS_IOC_QUOTA_CTL(0xffffffffffffffff, 0xc0109428, &(0x7f0000000140)={0x0, 0x9}) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) fallocate(r1, 0x0, 0x0, 0x8800000) lseek(r1, 0x0, 0x3) dup2(r1, r0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) bind$bt_l2cap(r2, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x6}, 0xe) shutdown(r2, 0x1) preadv(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r3 = fsmount(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) r4 = openat(r3, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r4, 0x0, 0x100000001) 11:43:29 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0xf0ff7f, 0x0, 0x0, 0x0) 11:43:29 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) (fail_nth: 4) 11:43:29 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x3000000, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:43:29 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x2000000, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:43:29 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) [ 2302.788938] FAULT_INJECTION: forcing a failure. [ 2302.788938] name failslab, interval 1, probability 0, space 0, times 0 [ 2302.791467] CPU: 1 PID: 16310 Comm: syz-executor.6 Not tainted 5.10.183 #1 [ 2302.792884] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2302.794583] Call Trace: [ 2302.795131] dump_stack+0x107/0x167 [ 2302.795876] should_fail.cold+0x5/0xa [ 2302.796649] ? create_object.isra.0+0x3a/0xa20 [ 2302.797589] should_failslab+0x5/0x20 [ 2302.798371] kmem_cache_alloc+0x5b/0x310 [ 2302.799212] create_object.isra.0+0x3a/0xa20 [ 2302.800131] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2302.801168] __kmalloc+0x16e/0x390 [ 2302.801916] alloc_pipe_info+0x1e5/0x590 [ 2302.802742] splice_direct_to_actor+0x774/0x980 [ 2302.803692] ? _cond_resched+0x12/0x80 [ 2302.804492] ? inode_security+0x107/0x140 [ 2302.805337] ? pipe_to_sendpage+0x380/0x380 [ 2302.806227] ? selinux_file_permission+0x92/0x520 [ 2302.807228] ? do_splice_to+0x160/0x160 [ 2302.808048] ? security_file_permission+0x24e/0x570 [ 2302.809082] do_splice_direct+0x1c4/0x290 [ 2302.809940] ? splice_direct_to_actor+0x980/0x980 [ 2302.810936] ? selinux_file_permission+0x92/0x520 [ 2302.811956] ? security_file_permission+0x24e/0x570 [ 2302.812984] vfs_copy_file_range+0x4f8/0x1290 [ 2302.813933] ? generic_file_rw_checks+0x240/0x240 [ 2302.814916] ? __fget_files+0x296/0x4c0 [ 2302.815741] __do_sys_copy_file_range+0x193/0x420 [ 2302.816720] ? vfs_copy_file_range+0x1290/0x1290 [ 2302.817681] ? ksys_write+0x1a9/0x260 [ 2302.818447] ? __ia32_sys_read+0xb0/0xb0 [ 2302.819272] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2302.820333] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2302.821384] do_syscall_64+0x33/0x40 [ 2302.822157] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2302.823198] RIP: 0033:0x7fd102b50b19 [ 2302.823966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2302.827715] RSP: 002b:00007fd1000c6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000146 [ 2302.829282] RAX: ffffffffffffffda RBX: 00007fd102c63f60 RCX: 00007fd102b50b19 [ 2302.830754] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005 [ 2302.832229] RBP: 00007fd1000c61d0 R08: 000000000200f5ef R09: 0000000000000000 [ 2302.833708] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2302.835182] R13: 00007fff63b3a90f R14: 00007fd1000c6300 R15: 0000000000022000 [ 2304.802487] Bluetooth: hci3: command 0x0405 tx timeout 11:43:46 executing program 2: setsockopt$bt_BT_CHANNEL_POLICY(0xffffffffffffffff, 0x112, 0xa, 0x0, 0x0) 11:43:46 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x2000, 0x0, 0x0, 0x0) 11:43:46 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) (fail_nth: 5) 11:43:46 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 11) 11:43:46 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x4000000, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:43:46 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x3000000, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:43:46 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x1000000, 0x0, 0x0, 0x0) 11:43:46 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) [ 2319.873316] FAULT_INJECTION: forcing a failure. [ 2319.873316] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2319.875834] CPU: 1 PID: 16338 Comm: syz-executor.5 Not tainted 5.10.183 #1 [ 2319.877240] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2319.878937] Call Trace: [ 2319.879479] dump_stack+0x107/0x167 [ 2319.880229] should_fail.cold+0x5/0xa [ 2319.881027] _copy_from_user+0x2e/0x1b0 [ 2319.881867] __copy_msghdr_from_user+0x91/0x4b0 [ 2319.882811] ? __ia32_sys_shutdown+0x80/0x80 [ 2319.883734] __io_recvmsg_copy_hdr+0xac/0x2f0 [ 2319.884648] ? __io_compat_recvmsg_copy_hdr+0x360/0x360 [ 2319.885740] ? lock_chain_count+0x20/0x20 [ 2319.886588] ? __is_insn_slot_addr+0x123/0x290 [ 2319.887371] FAULT_INJECTION: forcing a failure. [ 2319.887371] name failslab, interval 1, probability 0, space 0, times 0 [ 2319.887513] ? lock_downgrade+0x6d0/0x6d0 [ 2319.887542] io_recvmsg+0xa31/0xca0 [ 2319.891358] ? lock_chain_count+0x20/0x20 [ 2319.892206] ? io_sendmsg+0x790/0x790 [ 2319.892989] ? register_lock_class+0xbb/0x17b0 [ 2319.893937] ? mark_lock+0xf5/0x2df0 [ 2319.894693] ? is_dynamic_key+0x1e0/0x1e0 [ 2319.895538] ? lock_chain_count+0x20/0x20 [ 2319.896387] ? __lock_acquire+0xbb1/0x5b00 [ 2319.897269] ? __lock_acquire+0xbb1/0x5b00 [ 2319.898142] io_issue_sqe+0x35f1/0x7660 [ 2319.898958] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2319.900019] ? SOFTIRQ_verbose+0x10/0x10 [ 2319.900849] ? percpu_ref_put_many+0x153/0x2b0 [ 2319.901769] ? io_connect+0x610/0x610 [ 2319.902546] ? lock_acquire+0x197/0x470 [ 2319.903350] ? find_held_lock+0x2c/0x110 [ 2319.904184] ? __fget_files+0x26d/0x4c0 [ 2319.904989] ? lock_downgrade+0x6d0/0x6d0 [ 2319.905846] __io_queue_sqe+0x90/0x9d0 [ 2319.906640] ? io_issue_sqe+0x7660/0x7660 [ 2319.907494] io_submit_sqes+0x4461/0x85c0 [ 2319.908364] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2319.909369] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2319.910371] ? lock_downgrade+0x6d0/0x6d0 [ 2319.911206] ? find_held_lock+0x2c/0x110 [ 2319.912032] ? io_submit_sqes+0x85c0/0x85c0 [ 2319.912913] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2319.913899] ? wait_for_completion_io+0x270/0x270 [ 2319.914881] ? rcu_read_lock_any_held+0x75/0xa0 [ 2319.915821] ? vfs_write+0x354/0xa70 [ 2319.916579] ? fput_many+0x2f/0x1a0 [ 2319.917319] ? ksys_write+0x1a9/0x260 [ 2319.918101] ? __ia32_sys_read+0xb0/0xb0 [ 2319.918929] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2319.919987] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2319.921030] do_syscall_64+0x33/0x40 [ 2319.921797] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2319.922830] RIP: 0033:0x7fe21c796b19 [ 2319.923581] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2319.927278] RSP: 002b:00007fe219d0c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2319.928809] RAX: ffffffffffffffda RBX: 00007fe21c8a9f60 RCX: 00007fe21c796b19 [ 2319.930251] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2319.931688] RBP: 00007fe219d0c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2319.933124] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2319.934572] R13: 00007ffd07aa720f R14: 00007fe219d0c300 R15: 0000000000022000 [ 2319.936037] CPU: 0 PID: 16341 Comm: syz-executor.6 Not tainted 5.10.183 #1 [ 2319.937427] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2319.939103] Call Trace: [ 2319.939636] dump_stack+0x107/0x167 [ 2319.940374] should_fail.cold+0x5/0xa [ 2319.941145] ? memcg_alloc_page_obj_cgroups+0x73/0x100 [ 2319.942209] should_failslab+0x5/0x20 [ 2319.942973] __kmalloc_node+0x76/0x420 [ 2319.943768] memcg_alloc_page_obj_cgroups+0x73/0x100 [ 2319.944790] memcg_slab_post_alloc_hook+0x1f0/0x430 [ 2319.945801] ? trace_hardirqs_on+0x5b/0x180 [ 2319.946675] __kmalloc+0x186/0x390 [ 2319.947400] alloc_pipe_info+0x1e5/0x590 [ 2319.948221] splice_direct_to_actor+0x774/0x980 [ 2319.949156] ? _cond_resched+0x12/0x80 [ 2319.949958] ? inode_security+0x107/0x140 [ 2319.950789] ? pipe_to_sendpage+0x380/0x380 [ 2319.951651] ? selinux_file_permission+0x92/0x520 [ 2319.952619] ? do_splice_to+0x160/0x160 [ 2319.953417] ? security_file_permission+0x24e/0x570 [ 2319.954441] do_splice_direct+0x1c4/0x290 [ 2319.955272] ? splice_direct_to_actor+0x980/0x980 [ 2319.956238] ? selinux_file_permission+0x92/0x520 [ 2319.957212] ? security_file_permission+0x24e/0x570 [ 2319.958231] vfs_copy_file_range+0x4f8/0x1290 [ 2319.959141] ? generic_file_rw_checks+0x240/0x240 [ 2319.960110] ? __fget_files+0x296/0x4c0 [ 2319.960928] __do_sys_copy_file_range+0x193/0x420 [ 2319.961911] ? vfs_copy_file_range+0x1290/0x1290 [ 2319.962858] ? ksys_write+0x1a9/0x260 [ 2319.963622] ? __ia32_sys_read+0xb0/0xb0 [ 2319.964442] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2319.965493] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2319.966537] do_syscall_64+0x33/0x40 [ 2319.967287] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2319.968312] RIP: 0033:0x7fd102b50b19 [ 2319.969058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2319.972732] RSP: 002b:00007fd1000c6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000146 [ 2319.974251] RAX: ffffffffffffffda RBX: 00007fd102c63f60 RCX: 00007fd102b50b19 [ 2319.975666] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005 [ 2319.977079] RBP: 00007fd1000c61d0 R08: 000000000200f5ef R09: 0000000000000000 [ 2319.978505] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2319.979919] R13: 00007fff63b3a90f R14: 00007fd1000c6300 R15: 0000000000022000 11:43:46 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x2000000, 0x0, 0x0, 0x0) 11:43:47 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0xa) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = creat(&(0x7f0000000180)='./file0\x00', 0x0) r3 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x1, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) openat(r2, &(0x7f0000000000)='/proc/self/exe\x00', 0x100, 0xd) fchdir(r2) sendfile(r1, r0, 0x0, 0x4000007ffffffc) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x24, &(0x7f00000000c0), 0x4) 11:43:47 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x4000000, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:43:47 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x5000000, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:44:01 executing program 2: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xb9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r1, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) dup2(r1, r0) ftruncate(r0, 0x4) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x13, r0, 0x0) syz_io_uring_setup(0x4, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000000), &(0x7f0000000140)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_SEND={0x1a, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0) creat(&(0x7f0000000040)='./file0\x00', 0x0) 11:44:01 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, 0x0, 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:44:01 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x20000000, 0x0, 0x0, 0x0) 11:44:01 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x5000000, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:44:01 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x4000, 0x0, 0x0, 0x0) 11:44:01 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x6000000, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:44:01 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) (fail_nth: 6) 11:44:01 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 12) [ 2334.230912] FAULT_INJECTION: forcing a failure. [ 2334.230912] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2334.232345] CPU: 0 PID: 16385 Comm: syz-executor.5 Not tainted 5.10.183 #1 [ 2334.233145] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2334.234095] Call Trace: [ 2334.234411] dump_stack+0x107/0x167 [ 2334.234835] should_fail.cold+0x5/0xa [ 2334.235280] _copy_from_user+0x2e/0x1b0 [ 2334.235745] __copy_msghdr_from_user+0x91/0x4b0 [ 2334.236275] ? __ia32_sys_shutdown+0x80/0x80 [ 2334.236781] __io_recvmsg_copy_hdr+0xac/0x2f0 [ 2334.237252] ? __io_compat_recvmsg_copy_hdr+0x360/0x360 [ 2334.237868] ? lock_chain_count+0x20/0x20 [ 2334.238312] ? __is_insn_slot_addr+0x123/0x290 [ 2334.238833] ? lock_downgrade+0x6d0/0x6d0 [ 2334.239289] io_recvmsg+0xa31/0xca0 [ 2334.239696] ? lock_chain_count+0x20/0x20 [ 2334.240139] ? io_sendmsg+0x790/0x790 [ 2334.240566] ? register_lock_class+0xbb/0x17b0 [ 2334.241088] ? tracing_generic_entry_update+0x1ed/0x270 [ 2334.241663] ? mark_lock+0xf5/0x2df0 [ 2334.242104] ? is_dynamic_key+0x1e0/0x1e0 [ 2334.242550] ? lock_chain_count+0x20/0x20 [ 2334.243014] ? __lock_acquire+0xbb1/0x5b00 [ 2334.243490] ? __lock_acquire+0xbb1/0x5b00 [ 2334.243972] io_issue_sqe+0x35f1/0x7660 [ 2334.244409] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2334.245263] ? SOFTIRQ_verbose+0x10/0x10 [ 2334.245725] ? percpu_ref_put_many+0x153/0x2b0 [ 2334.246235] ? io_connect+0x610/0x610 [ 2334.246670] ? lock_acquire+0x197/0x470 [ 2334.247097] ? find_held_lock+0x2c/0x110 [ 2334.247559] ? __fget_files+0x26d/0x4c0 [ 2334.247987] ? lock_downgrade+0x6d0/0x6d0 [ 2334.248464] __io_queue_sqe+0x90/0x9d0 [ 2334.248892] ? io_issue_sqe+0x7660/0x7660 [ 2334.249376] io_submit_sqes+0x4461/0x85c0 [ 2334.249860] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2334.250446] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2334.250991] ? lock_downgrade+0x6d0/0x6d0 [ 2334.251449] ? find_held_lock+0x2c/0x110 [ 2334.251915] ? io_submit_sqes+0x85c0/0x85c0 [ 2334.252385] ? perf_trace_run_bpf_submit+0xf5/0x190 [ 2334.252952] ? perf_trace_run_bpf_submit+0xf5/0x190 [ 2334.253508] ? perf_trace_preemptirq_template+0x266/0x400 [ 2334.254144] ? perf_trace_preemptirq_template+0x26d/0x400 [ 2334.254735] ? perf_trace_preemptirq_template+0x26d/0x400 [ 2334.255370] ? __traceiter_irq_enable+0xc0/0xc0 [ 2334.255864] ? __traceiter_irq_enable+0xc0/0xc0 [ 2334.256398] ? fput_many+0x2f/0x1a0 [ 2334.256806] ? trace_rcu_dyntick+0x2f/0x170 [ 2334.257290] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2334.257843] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2334.258430] do_syscall_64+0x33/0x40 [ 2334.258827] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2334.259409] RIP: 0033:0x7fe21c796b19 [ 2334.259808] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2334.261942] RSP: 002b:00007fe219d0c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2334.262821] RAX: ffffffffffffffda RBX: 00007fe21c8a9f60 RCX: 00007fe21c796b19 [ 2334.263626] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2334.264448] RBP: 00007fe219d0c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2334.265277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2334.266113] R13: 00007ffd07aa720f R14: 00007fe219d0c300 R15: 0000000000022000 11:44:01 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x7000000, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) [ 2334.295387] FAULT_INJECTION: forcing a failure. [ 2334.295387] name failslab, interval 1, probability 0, space 0, times 0 [ 2334.296733] CPU: 0 PID: 16390 Comm: syz-executor.6 Not tainted 5.10.183 #1 [ 2334.297492] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2334.298441] Call Trace: [ 2334.298738] dump_stack+0x107/0x167 [ 2334.299147] should_fail.cold+0x5/0xa [ 2334.299582] ? create_object.isra.0+0x3a/0xa20 [ 2334.300101] should_failslab+0x5/0x20 [ 2334.300525] kmem_cache_alloc+0x5b/0x310 [ 2334.300985] create_object.isra.0+0x3a/0xa20 [ 2334.301482] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2334.302067] __kmalloc+0x16e/0x390 [ 2334.302458] iter_file_splice_write+0x16d/0xc30 [ 2334.302993] ? atime_needs_update+0x600/0x600 [ 2334.303482] ? generic_splice_sendpage+0x140/0x140 [ 2334.304025] ? pipe_to_user+0x170/0x170 [ 2334.304451] ? _cond_resched+0x12/0x80 [ 2334.304891] ? avc_policy_seqno+0x9/0x70 [ 2334.305329] ? selinux_file_permission+0x92/0x520 [ 2334.305896] ? lockdep_init_map_type+0x2c7/0x780 [ 2334.306444] ? generic_splice_sendpage+0x140/0x140 [ 2334.306981] direct_splice_actor+0x10f/0x170 [ 2334.307486] splice_direct_to_actor+0x387/0x980 [ 2334.308010] ? pipe_to_sendpage+0x380/0x380 [ 2334.308478] ? do_splice_to+0x160/0x160 [ 2334.308925] ? security_file_permission+0x24e/0x570 [ 2334.309471] do_splice_direct+0x1c4/0x290 [ 2334.309942] ? splice_direct_to_actor+0x980/0x980 [ 2334.310463] ? selinux_file_permission+0x92/0x520 [ 2334.311000] ? security_file_permission+0x24e/0x570 [ 2334.311540] vfs_copy_file_range+0x4f8/0x1290 [ 2334.312056] ? generic_file_rw_checks+0x240/0x240 [ 2334.312579] ? __fget_files+0x296/0x4c0 [ 2334.313039] __do_sys_copy_file_range+0x193/0x420 [ 2334.313568] ? vfs_copy_file_range+0x1290/0x1290 [ 2334.314129] ? trace_rcu_dyntick+0x2f/0x170 [ 2334.314607] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2334.315209] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2334.315760] do_syscall_64+0x33/0x40 [ 2334.316183] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2334.316725] RIP: 0033:0x7fd102b50b19 [ 2334.317151] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2334.319173] RSP: 002b:00007fd1000c6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000146 [ 2334.320029] RAX: ffffffffffffffda RBX: 00007fd102c63f60 RCX: 00007fd102b50b19 [ 2334.320841] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005 [ 2334.321657] RBP: 00007fd1000c61d0 R08: 000000000200f5ef R09: 0000000000000000 [ 2334.322464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2334.323261] R13: 00007fff63b3a90f R14: 00007fd1000c6300 R15: 0000000000022000 11:44:01 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x6000000, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:44:01 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, 0x0, 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:44:01 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x80000, 0x0, 0x0, 0x0) 11:44:01 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x9000000, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:44:01 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x7000000, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:44:01 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 13) 11:44:01 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0xf000000, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:44:01 executing program 2: ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mount$cgroup(0x0, 0x0, &(0x7f0000000400), 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) getpid() getpgid(0x0) epoll_create(0x1) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000440)=0x0) pidfd_open(r1, 0x0) openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x401, 0x0) sendfile(r0, r2, 0x0, 0x100000001) 11:44:01 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x9000000, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) [ 2334.529926] FAULT_INJECTION: forcing a failure. [ 2334.529926] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2334.531463] CPU: 0 PID: 16418 Comm: syz-executor.5 Not tainted 5.10.183 #1 [ 2334.532267] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2334.533224] Call Trace: [ 2334.533532] dump_stack+0x107/0x167 [ 2334.533969] should_fail.cold+0x5/0xa [ 2334.534414] _copy_from_user+0x2e/0x1b0 [ 2334.534876] __copy_msghdr_from_user+0x91/0x4b0 [ 2334.535411] ? __ia32_sys_shutdown+0x80/0x80 [ 2334.535934] __io_recvmsg_copy_hdr+0xac/0x2f0 [ 2334.536456] ? __io_compat_recvmsg_copy_hdr+0x360/0x360 [ 2334.537077] ? lock_chain_count+0x20/0x20 [ 2334.537557] ? __is_insn_slot_addr+0x123/0x290 [ 2334.538099] ? lock_downgrade+0x6d0/0x6d0 [ 2334.538583] io_recvmsg+0xa31/0xca0 [ 2334.539001] ? lock_chain_count+0x20/0x20 [ 2334.539481] ? io_sendmsg+0x790/0x790 [ 2334.539919] ? register_lock_class+0xbb/0x17b0 [ 2334.540450] ? mark_lock+0xf5/0x2df0 [ 2334.540879] ? is_dynamic_key+0x1e0/0x1e0 [ 2334.541359] ? lock_chain_count+0x20/0x20 [ 2334.541845] ? __lock_acquire+0xbb1/0x5b00 [ 2334.542360] ? __lock_acquire+0xbb1/0x5b00 [ 2334.542856] io_issue_sqe+0x35f1/0x7660 [ 2334.543318] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2334.543919] ? SOFTIRQ_verbose+0x10/0x10 [ 2334.544390] ? percpu_ref_put_many+0x153/0x2b0 [ 2334.544914] ? io_connect+0x610/0x610 [ 2334.545355] ? lock_acquire+0x197/0x470 [ 2334.545812] ? find_held_lock+0x2c/0x110 [ 2334.546294] ? __fget_files+0x26d/0x4c0 [ 2334.546756] ? lock_downgrade+0x6d0/0x6d0 [ 2334.547239] __io_queue_sqe+0x90/0x9d0 [ 2334.547694] ? io_issue_sqe+0x7660/0x7660 [ 2334.548184] io_submit_sqes+0x4461/0x85c0 [ 2334.548682] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2334.549259] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2334.549818] ? lock_downgrade+0x6d0/0x6d0 [ 2334.550308] ? find_held_lock+0x2c/0x110 [ 2334.550786] ? io_submit_sqes+0x85c0/0x85c0 [ 2334.551289] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2334.551846] ? wait_for_completion_io+0x270/0x270 [ 2334.552405] ? rcu_read_lock_any_held+0x75/0xa0 [ 2334.552942] ? vfs_write+0x354/0xa70 [ 2334.553374] ? fput_many+0x2f/0x1a0 [ 2334.553797] ? ksys_write+0x1a9/0x260 [ 2334.554244] ? __ia32_sys_read+0xb0/0xb0 [ 2334.554717] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2334.555326] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2334.555928] do_syscall_64+0x33/0x40 [ 2334.556359] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2334.556952] RIP: 0033:0x7fe21c796b19 [ 2334.557384] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2334.559542] RSP: 002b:00007fe219d0c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2334.560424] RAX: ffffffffffffffda RBX: 00007fe21c8a9f60 RCX: 00007fe21c796b19 [ 2334.561251] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2334.562087] RBP: 00007fe219d0c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2334.562913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2334.563741] R13: 00007ffd07aa720f R14: 00007fe219d0c300 R15: 0000000000022000 11:44:16 executing program 2: io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0), 0x915f) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f0000000080)=ANY=[@ANYBLOB]) io_uring_enter(r3, 0x5396, 0x9af7, 0x0, &(0x7f00000001c0)={[0xc8d]}, 0x8) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x34, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x18, 0x11d, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xc1}]}]}]}, 0x34}}, 0x0) socket(0xf, 0x80000, 0x0) ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r0, 0x80489439, &(0x7f0000000200)) write$binfmt_elf64(r1, 0x0, 0xfdef) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) 11:44:16 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x7ffff000, 0x0, 0x0, 0x0) 11:44:16 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, 0x0, 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:44:16 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x9effffff, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:44:16 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0xf000000, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:44:16 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) (fail_nth: 7) 11:44:16 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 14) 11:44:16 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x400000, 0x0, 0x0, 0x0) [ 2349.571769] FAULT_INJECTION: forcing a failure. [ 2349.571769] name failslab, interval 1, probability 0, space 0, times 0 [ 2349.575039] CPU: 0 PID: 16437 Comm: syz-executor.6 Not tainted 5.10.183 #1 [ 2349.576613] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2349.578510] Call Trace: [ 2349.579118] dump_stack+0x107/0x167 [ 2349.579956] should_fail.cold+0x5/0xa [ 2349.580826] ? jbd2__journal_start+0x190/0x7e0 [ 2349.581886] should_failslab+0x5/0x20 [ 2349.582755] kmem_cache_alloc+0x5b/0x310 [ 2349.583688] jbd2__journal_start+0x190/0x7e0 [ 2349.584697] __ext4_journal_start_sb+0x214/0x390 [ 2349.585780] ext4_dirty_inode+0xbc/0x130 [ 2349.586726] ? ext4_setattr+0x2160/0x2160 [ 2349.587660] __mark_inode_dirty+0x492/0xd40 [ 2349.588634] generic_update_time+0x21c/0x370 [ 2349.589623] file_update_time+0x43a/0x520 [ 2349.590575] ? evict_inodes+0x420/0x420 [ 2349.591469] ? down_write_killable+0x180/0x180 [ 2349.592503] file_modified+0x7d/0xa0 [ 2349.593332] ext4_file_write_iter+0x906/0x18d0 [ 2349.594378] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2349.595382] ? kasan_save_stack+0x32/0x40 [ 2349.596300] ? kasan_save_stack+0x1b/0x40 [ 2349.597214] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2349.598359] ? iter_file_splice_write+0x16d/0xc30 [ 2349.599424] ? direct_splice_actor+0x10f/0x170 [ 2349.600436] ? splice_direct_to_actor+0x387/0x980 [ 2349.601511] ? do_splice_direct+0x1c4/0x290 [ 2349.602493] ? vfs_copy_file_range+0x4f8/0x1290 [ 2349.603536] ? __do_sys_copy_file_range+0x193/0x420 [ 2349.604660] do_iter_readv_writev+0x476/0x750 [ 2349.605669] ? new_sync_write+0x660/0x660 [ 2349.606611] ? selinux_file_permission+0x92/0x520 [ 2349.607720] do_iter_write+0x191/0x670 [ 2349.608600] ? trace_hardirqs_on+0x5b/0x180 [ 2349.609572] vfs_iter_write+0x70/0xa0 [ 2349.610448] iter_file_splice_write+0x762/0xc30 [ 2349.611499] ? generic_splice_sendpage+0x140/0x140 [ 2349.612605] ? avc_policy_seqno+0x9/0x70 [ 2349.613504] ? selinux_file_permission+0x92/0x520 [ 2349.614592] ? lockdep_init_map_type+0x2c7/0x780 [ 2349.615649] ? generic_splice_sendpage+0x140/0x140 [ 2349.616743] direct_splice_actor+0x10f/0x170 [ 2349.617733] splice_direct_to_actor+0x387/0x980 [ 2349.618800] ? pipe_to_sendpage+0x380/0x380 [ 2349.619768] ? do_splice_to+0x160/0x160 [ 2349.620655] ? security_file_permission+0x24e/0x570 [ 2349.621778] do_splice_direct+0x1c4/0x290 [ 2349.622729] ? splice_direct_to_actor+0x980/0x980 [ 2349.623788] ? selinux_file_permission+0x92/0x520 [ 2349.624853] ? security_file_permission+0x24e/0x570 [ 2349.625274] FAULT_INJECTION: forcing a failure. [ 2349.625274] name failslab, interval 1, probability 0, space 0, times 0 [ 2349.625955] vfs_copy_file_range+0x4f8/0x1290 [ 2349.626013] ? generic_file_rw_checks+0x240/0x240 [ 2349.626035] ? __fget_files+0x296/0x4c0 [ 2349.626095] __do_sys_copy_file_range+0x193/0x420 [ 2349.626119] ? vfs_copy_file_range+0x1290/0x1290 [ 2349.633762] ? ksys_write+0x1a9/0x260 [ 2349.634614] ? __ia32_sys_read+0xb0/0xb0 [ 2349.635513] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2349.636665] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2349.637805] do_syscall_64+0x33/0x40 [ 2349.638644] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2349.639768] RIP: 0033:0x7fd102b50b19 [ 2349.640584] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2349.644627] RSP: 002b:00007fd1000c6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000146 [ 2349.646302] RAX: ffffffffffffffda RBX: 00007fd102c63f60 RCX: 00007fd102b50b19 [ 2349.647860] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005 [ 2349.649421] RBP: 00007fd1000c61d0 R08: 000000000200f5ef R09: 0000000000000000 [ 2349.650998] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2349.652559] R13: 00007fff63b3a90f R14: 00007fd1000c6300 R15: 0000000000022000 [ 2349.654148] CPU: 1 PID: 16446 Comm: syz-executor.5 Not tainted 5.10.183 #1 [ 2349.655682] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2349.657494] Call Trace: [ 2349.658089] dump_stack+0x107/0x167 [ 2349.658896] should_fail.cold+0x5/0xa [ 2349.659728] ? create_object.isra.0+0x3a/0xa20 [ 2349.660730] should_failslab+0x5/0x20 [ 2349.661559] kmem_cache_alloc+0x5b/0x310 [ 2349.662465] ? mark_held_locks+0x9e/0xe0 [ 2349.663354] create_object.isra.0+0x3a/0xa20 [ 2349.664309] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2349.665415] kmem_cache_alloc+0x159/0x310 [ 2349.666333] xas_alloc+0x336/0x440 [ 2349.667109] xas_create+0x34a/0x10d0 [ 2349.667934] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2349.669084] xas_store+0x8c/0x1c40 [ 2349.669871] __xa_store+0x164/0x2d0 [ 2349.670685] ? xa_delete_node+0x280/0x280 [ 2349.671601] ? trace_hardirqs_on+0x5b/0x180 [ 2349.672547] xa_store+0x31/0x50 [ 2349.673275] __io_uring_add_tctx_node+0x1cf/0x520 [ 2349.674470] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 2349.675559] __do_sys_io_uring_enter+0x136d/0x1730 [ 2349.676555] ? lock_downgrade+0x6d0/0x6d0 [ 2349.677395] ? find_held_lock+0x2c/0x110 [ 2349.678252] ? io_submit_sqes+0x85c0/0x85c0 [ 2349.679137] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2349.680115] ? wait_for_completion_io+0x270/0x270 [ 2349.681095] ? rcu_read_lock_any_held+0x75/0xa0 [ 2349.682029] ? vfs_write+0x354/0xa70 [ 2349.682799] ? fput_many+0x2f/0x1a0 [ 2349.683544] ? ksys_write+0x1a9/0x260 [ 2349.684317] ? __ia32_sys_read+0xb0/0xb0 [ 2349.685145] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2349.686222] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2349.687270] do_syscall_64+0x33/0x40 [ 2349.688025] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2349.689062] RIP: 0033:0x7fe21c796b19 [ 2349.689818] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2349.693517] RSP: 002b:00007fe219ceb188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2349.695081] RAX: ffffffffffffffda RBX: 00007fe21c8aa020 RCX: 00007fe21c796b19 [ 2349.696532] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2349.697982] RBP: 00007fe219ceb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2349.699442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2349.700886] R13: 00007ffd07aa720f R14: 00007fe219ceb300 R15: 0000000000022000 11:44:16 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x9faa19e6, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:44:16 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x9effffff, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:44:16 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:44:16 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x800000, 0x0, 0x0, 0x0) 11:44:16 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0xe619aa9f, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:44:29 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:44:29 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0xe394e2ff, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:44:29 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0xf0ffffff, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:44:29 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x20000000, 0x0, 0x0, 0x0) 11:44:29 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 15) 11:44:29 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0xf0ff7f, 0x0, 0x0, 0x0) 11:44:29 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) (fail_nth: 8) 11:44:29 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x2, 0x0, 0x0) [ 2362.227912] FAULT_INJECTION: forcing a failure. [ 2362.227912] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2362.230628] CPU: 1 PID: 16480 Comm: syz-executor.5 Not tainted 5.10.183 #1 [ 2362.232100] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2362.233781] Call Trace: [ 2362.234333] dump_stack+0x107/0x167 [ 2362.235076] should_fail.cold+0x5/0xa [ 2362.235862] _copy_from_user+0x2e/0x1b0 [ 2362.236685] __copy_msghdr_from_user+0x91/0x4b0 [ 2362.237681] ? __ia32_sys_shutdown+0x80/0x80 [ 2362.238612] __io_recvmsg_copy_hdr+0xac/0x2f0 [ 2362.239537] ? __io_compat_recvmsg_copy_hdr+0x360/0x360 [ 2362.240623] ? lock_chain_count+0x20/0x20 [ 2362.241474] ? __is_insn_slot_addr+0x123/0x290 [ 2362.242432] ? lock_downgrade+0x6d0/0x6d0 [ 2362.243294] io_recvmsg+0xa31/0xca0 [ 2362.244046] ? lock_chain_count+0x20/0x20 [ 2362.244900] ? io_sendmsg+0x790/0x790 [ 2362.245679] ? register_lock_class+0xbb/0x17b0 [ 2362.246644] ? mark_lock+0xf5/0x2df0 [ 2362.247407] ? is_dynamic_key+0x1e0/0x1e0 [ 2362.248259] ? lock_chain_count+0x20/0x20 [ 2362.249117] ? __lock_acquire+0xbb1/0x5b00 [ 2362.250002] ? __lock_acquire+0xbb1/0x5b00 [ 2362.250899] io_issue_sqe+0x35f1/0x7660 [ 2362.251731] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2362.252810] ? SOFTIRQ_verbose+0x10/0x10 [ 2362.253646] ? percpu_ref_put_many+0x153/0x2b0 [ 2362.254597] ? io_connect+0x610/0x610 [ 2362.255381] ? lock_acquire+0x197/0x470 [ 2362.256192] ? find_held_lock+0x2c/0x110 [ 2362.257030] ? __fget_files+0x26d/0x4c0 [ 2362.257844] ? lock_downgrade+0x6d0/0x6d0 [ 2362.258705] __io_queue_sqe+0x90/0x9d0 [ 2362.259515] ? io_issue_sqe+0x7660/0x7660 [ 2362.260381] io_submit_sqes+0x4461/0x85c0 [ 2362.261261] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2362.262283] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2362.263270] ? lock_downgrade+0x6d0/0x6d0 [ 2362.264113] ? find_held_lock+0x2c/0x110 [ 2362.264951] ? io_submit_sqes+0x85c0/0x85c0 [ 2362.265838] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2362.266846] ? wait_for_completion_io+0x270/0x270 [ 2362.267833] ? rcu_read_lock_any_held+0x75/0xa0 [ 2362.268781] ? vfs_write+0x354/0xa70 [ 2362.269544] ? fput_many+0x2f/0x1a0 [ 2362.270300] ? ksys_write+0x1a9/0x260 [ 2362.271080] ? __ia32_sys_read+0xb0/0xb0 [ 2362.271918] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2362.272988] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2362.274067] do_syscall_64+0x33/0x40 [ 2362.274835] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2362.275904] RIP: 0033:0x7fe21c796b19 [ 2362.276464] FAULT_INJECTION: forcing a failure. [ 2362.276464] name failslab, interval 1, probability 0, space 0, times 0 [ 2362.276664] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2362.281509] RSP: 002b:00007fe219d0c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2362.283097] RAX: ffffffffffffffda RBX: 00007fe21c8a9f60 RCX: 00007fe21c796b19 [ 2362.284559] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2362.286027] RBP: 00007fe219d0c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2362.287486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2362.288969] R13: 00007ffd07aa720f R14: 00007fe219d0c300 R15: 0000000000022000 [ 2362.290513] CPU: 0 PID: 16492 Comm: syz-executor.6 Not tainted 5.10.183 #1 [ 2362.291290] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2362.292203] Call Trace: [ 2362.292498] dump_stack+0x107/0x167 [ 2362.292911] should_fail.cold+0x5/0xa [ 2362.293333] ? create_object.isra.0+0x3a/0xa20 [ 2362.293849] should_failslab+0x5/0x20 [ 2362.294278] kmem_cache_alloc+0x5b/0x310 [ 2362.294739] create_object.isra.0+0x3a/0xa20 [ 2362.295213] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2362.295782] __kmalloc+0x16e/0x390 [ 2362.296175] iter_file_splice_write+0x16d/0xc30 [ 2362.296693] ? atime_needs_update+0x600/0x600 [ 2362.297192] ? generic_splice_sendpage+0x140/0x140 [ 2362.297742] ? pipe_to_user+0x170/0x170 [ 2362.298177] ? _cond_resched+0x12/0x80 [ 2362.298635] ? avc_policy_seqno+0x9/0x70 [ 2362.299076] ? selinux_file_permission+0x92/0x520 [ 2362.299627] ? lockdep_init_map_type+0x2c7/0x780 [ 2362.300148] ? generic_splice_sendpage+0x140/0x140 [ 2362.300697] direct_splice_actor+0x10f/0x170 [ 2362.301177] splice_direct_to_actor+0x387/0x980 [ 2362.301700] ? pipe_to_sendpage+0x380/0x380 [ 2362.302172] ? do_splice_to+0x160/0x160 [ 2362.302634] ? security_file_permission+0x24e/0x570 [ 2362.303171] do_splice_direct+0x1c4/0x290 [ 2362.303637] ? splice_direct_to_actor+0x980/0x980 [ 2362.304158] ? selinux_file_permission+0x92/0x520 [ 2362.304704] ? security_file_permission+0x24e/0x570 [ 2362.305258] vfs_copy_file_range+0x4f8/0x1290 [ 2362.305764] ? generic_file_rw_checks+0x240/0x240 [ 2362.306306] ? __fget_files+0x296/0x4c0 [ 2362.306760] __do_sys_copy_file_range+0x193/0x420 [ 2362.307291] ? vfs_copy_file_range+0x1290/0x1290 [ 2362.307817] ? ksys_write+0x1a9/0x260 [ 2362.308232] ? __ia32_sys_read+0xb0/0xb0 [ 2362.308694] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2362.309263] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2362.309847] do_syscall_64+0x33/0x40 [ 2362.310268] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2362.310844] RIP: 0033:0x7fd102b50b19 [ 2362.311247] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2362.313271] RSP: 002b:00007fd1000a5188 EFLAGS: 00000246 ORIG_RAX: 0000000000000146 [ 2362.314099] RAX: ffffffffffffffda RBX: 00007fd102c64020 RCX: 00007fd102b50b19 [ 2362.314899] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005 [ 2362.315683] RBP: 00007fd1000a51d0 R08: 000000000200f5ef R09: 0000000000000000 [ 2362.316474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2362.317254] R13: 00007fff63b3a90f R14: 00007fd1000a5300 R15: 0000000000022000 11:44:29 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x1000000, 0x0, 0x0, 0x0) 11:44:29 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0xf0ffffff, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:44:29 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0xfffff000, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:44:29 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0xffe294e3, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:44:29 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x2000000, 0x0, 0x0, 0x0) 11:44:29 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0xffffff7f, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:44:29 executing program 2: ftruncate(0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) syz_open_procfs(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x800}, 0x0, 0x1, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, r1, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000280)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, 0xffffffffffffffff, 0x80, &(0x7f0000000200)=@in6={0xa, 0x0, 0x8, @private1, 0x8000}}, 0xfffff000) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') syz_open_dev$hiddev(0x0, 0x3, 0x200200) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8914, &(0x7f0000000140)={'lo\x00'}) dup2(0xffffffffffffffff, r2) preadv(r2, &(0x7f0000000080)=[{&(0x7f00000011c0)=""/121, 0x79}], 0x1, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) dup2(0xffffffffffffffff, r3) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0) fsetxattr$security_capability(r0, &(0x7f00000000c0), &(0x7f0000000180)=@v2={0x2000000, [{0x2, 0x1}, {0x8, 0xff}]}, 0x14, 0x0) 11:44:29 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 16) [ 2362.601366] FAULT_INJECTION: forcing a failure. [ 2362.601366] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2362.604060] CPU: 1 PID: 16518 Comm: syz-executor.5 Not tainted 5.10.183 #1 [ 2362.605471] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2362.607173] Call Trace: [ 2362.607721] dump_stack+0x107/0x167 [ 2362.608465] should_fail.cold+0x5/0xa [ 2362.609243] _copy_from_user+0x2e/0x1b0 [ 2362.610058] __copy_msghdr_from_user+0x91/0x4b0 [ 2362.611008] ? __ia32_sys_shutdown+0x80/0x80 [ 2362.611920] __io_recvmsg_copy_hdr+0xac/0x2f0 [ 2362.612821] ? __io_compat_recvmsg_copy_hdr+0x360/0x360 [ 2362.613896] ? lock_chain_count+0x20/0x20 [ 2362.614739] ? __is_insn_slot_addr+0x123/0x290 [ 2362.615657] ? lock_downgrade+0x6d0/0x6d0 [ 2362.616510] io_recvmsg+0xa31/0xca0 [ 2362.617237] ? lock_chain_count+0x20/0x20 [ 2362.618075] ? io_sendmsg+0x790/0x790 [ 2362.618856] ? register_lock_class+0xbb/0x17b0 [ 2362.619775] ? mark_lock+0xf5/0x2df0 [ 2362.620525] ? is_dynamic_key+0x1e0/0x1e0 [ 2362.621365] ? lock_chain_count+0x20/0x20 [ 2362.622252] ? __lock_acquire+0xbb1/0x5b00 [ 2362.623125] ? __lock_acquire+0xbb1/0x5b00 [ 2362.623986] io_issue_sqe+0x35f1/0x7660 [ 2362.624799] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2362.625863] ? SOFTIRQ_verbose+0x10/0x10 [ 2362.626714] ? percpu_ref_put_many+0x153/0x2b0 [ 2362.627628] ? io_connect+0x610/0x610 [ 2362.628408] ? lock_acquire+0x197/0x470 [ 2362.629211] ? find_held_lock+0x2c/0x110 [ 2362.630050] ? __fget_files+0x26d/0x4c0 [ 2362.630858] ? lock_downgrade+0x6d0/0x6d0 [ 2362.631707] __io_queue_sqe+0x90/0x9d0 [ 2362.632497] ? io_issue_sqe+0x7660/0x7660 [ 2362.633355] io_submit_sqes+0x4461/0x85c0 [ 2362.634243] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2362.635262] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2362.636230] ? lock_downgrade+0x6d0/0x6d0 [ 2362.637067] ? find_held_lock+0x2c/0x110 [ 2362.637890] ? io_submit_sqes+0x85c0/0x85c0 [ 2362.638784] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2362.639759] ? wait_for_completion_io+0x270/0x270 [ 2362.640746] ? rcu_read_lock_any_held+0x75/0xa0 [ 2362.641680] ? vfs_write+0x354/0xa70 [ 2362.642449] ? fput_many+0x2f/0x1a0 [ 2362.643178] ? ksys_write+0x1a9/0x260 [ 2362.643953] ? __ia32_sys_read+0xb0/0xb0 [ 2362.644808] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2362.645877] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2362.646937] do_syscall_64+0x33/0x40 [ 2362.647696] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2362.648740] RIP: 0033:0x7fe21c796b19 [ 2362.649498] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2362.653224] RSP: 002b:00007fe219d0c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2362.654782] RAX: ffffffffffffffda RBX: 00007fe21c8a9f60 RCX: 00007fe21c796b19 [ 2362.656232] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2362.657681] RBP: 00007fe219d0c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2362.659132] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2362.660582] R13: 00007ffd07aa720f R14: 00007fe219d0c300 R15: 0000000000022000 11:44:41 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x20000000, 0x0, 0x0, 0x0) 11:44:41 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:44:41 executing program 2: fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xc, 0xffffffffffffffff, 0x0) r0 = mq_open(&(0x7f0000005c00)='-@\x00', 0x42, 0x0, 0x0) mq_notify(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, @tid=0xffffffffffffffff}) mq_open(&(0x7f0000005c00)='-@\x00', 0x42, 0x0, 0x0) fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) r1 = mq_open(&(0x7f0000000080)='iso9660\x00', 0x40, 0x0, &(0x7f00000000c0)={0x2, 0x8, 0x80000000, 0x400}) pread64(0xffffffffffffffff, &(0x7f0000001100)=""/4095, 0xfff, 0x0) perf_event_open(&(0x7f0000000100)={0x4, 0x80, 0x76, 0x40, 0x3f, 0x4, 0x0, 0x9c4b, 0x64400, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x6, 0x4, @perf_bp={&(0x7f0000000040), 0x4}, 0x410, 0x6, 0x1, 0x8, 0xffffffffffff577f, 0xffffffff, 0xff, 0x0, 0x101}, 0x0, 0xa, 0xffffffffffffffff, 0x4) fallocate(r1, 0x0, 0x0, 0x18000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x20802, 0xce) r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap$perf(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x200000c, 0x810, r2, 0x100) ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40082404, &(0x7f0000000000)=0x200) fallocate(r3, 0x10, 0xefd0, 0x3) r4 = syz_open_procfs(0x0, &(0x7f0000000080)='smaps\x00') pread64(r4, &(0x7f0000001100)=""/4095, 0xfff, 0x0) 11:44:41 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x8, 0x0, 0x0) 11:44:41 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) (fail_nth: 9) 11:44:41 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 17) 11:44:41 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0xffffff9e, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:44:41 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0xfffff000, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:44:42 executing program 2: fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xc, 0xffffffffffffffff, 0x0) r0 = mq_open(&(0x7f0000005c00)='-@\x00', 0x42, 0x0, 0x0) mq_notify(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, @tid=0xffffffffffffffff}) mq_open(&(0x7f0000005c00)='-@\x00', 0x42, 0x0, 0x0) fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) r1 = mq_open(&(0x7f0000000080)='iso9660\x00', 0x40, 0x0, &(0x7f00000000c0)={0x2, 0x8, 0x80000000, 0x400}) pread64(0xffffffffffffffff, &(0x7f0000001100)=""/4095, 0xfff, 0x0) perf_event_open(&(0x7f0000000100)={0x4, 0x80, 0x76, 0x40, 0x3f, 0x4, 0x0, 0x9c4b, 0x64400, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x6, 0x4, @perf_bp={&(0x7f0000000040), 0x4}, 0x410, 0x6, 0x1, 0x8, 0xffffffffffff577f, 0xffffffff, 0xff, 0x0, 0x101}, 0x0, 0xa, 0xffffffffffffffff, 0x4) fallocate(r1, 0x0, 0x0, 0x18000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x20802, 0xce) r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap$perf(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x200000c, 0x810, r2, 0x100) ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40082404, &(0x7f0000000000)=0x200) fallocate(r3, 0x10, 0xefd0, 0x3) r4 = syz_open_procfs(0x0, &(0x7f0000000080)='smaps\x00') pread64(r4, &(0x7f0000001100)=""/4095, 0xfff, 0x0) [ 2375.036683] FAULT_INJECTION: forcing a failure. [ 2375.036683] name failslab, interval 1, probability 0, space 0, times 0 [ 2375.039226] CPU: 0 PID: 16548 Comm: syz-executor.6 Not tainted 5.10.183 #1 [ 2375.040670] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2375.042454] Call Trace: [ 2375.043011] dump_stack+0x107/0x167 [ 2375.043766] should_fail.cold+0x5/0xa [ 2375.044559] ? jbd2__journal_start+0x190/0x7e0 [ 2375.045503] should_failslab+0x5/0x20 [ 2375.046288] kmem_cache_alloc+0x5b/0x310 [ 2375.047152] jbd2__journal_start+0x190/0x7e0 [ 2375.048076] __ext4_journal_start_sb+0x214/0x390 [ 2375.049049] ext4_file_write_iter+0xdbf/0x18d0 [ 2375.050013] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2375.050962] ? kasan_save_stack+0x32/0x40 [ 2375.051816] ? kasan_save_stack+0x1b/0x40 [ 2375.052685] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2375.053732] ? iter_file_splice_write+0x16d/0xc30 [ 2375.054729] ? direct_splice_actor+0x10f/0x170 [ 2375.055664] ? splice_direct_to_actor+0x387/0x980 [ 2375.056645] ? do_splice_direct+0x1c4/0x290 [ 2375.057531] ? vfs_copy_file_range+0x4f8/0x1290 [ 2375.058488] ? __do_sys_copy_file_range+0x193/0x420 [ 2375.059523] do_iter_readv_writev+0x476/0x750 [ 2375.060445] ? new_sync_write+0x660/0x660 [ 2375.061292] ? selinux_file_permission+0x92/0x520 [ 2375.062308] do_iter_write+0x191/0x670 [ 2375.063134] ? trace_hardirqs_on+0x5b/0x180 [ 2375.064030] vfs_iter_write+0x70/0xa0 [ 2375.064810] iter_file_splice_write+0x762/0xc30 [ 2375.065792] ? generic_splice_sendpage+0x140/0x140 [ 2375.066812] ? avc_policy_seqno+0x9/0x70 [ 2375.067645] ? selinux_file_permission+0x92/0x520 [ 2375.068643] ? lockdep_init_map_type+0x2c7/0x780 [ 2375.069625] ? generic_splice_sendpage+0x140/0x140 [ 2375.070640] direct_splice_actor+0x10f/0x170 [ 2375.071548] splice_direct_to_actor+0x387/0x980 [ 2375.072507] ? pipe_to_sendpage+0x380/0x380 [ 2375.073393] ? do_splice_to+0x160/0x160 [ 2375.074203] ? security_file_permission+0x24e/0x570 [ 2375.075258] do_splice_direct+0x1c4/0x290 [ 2375.076108] ? splice_direct_to_actor+0x980/0x980 [ 2375.077093] ? selinux_file_permission+0x92/0x520 [ 2375.078091] ? security_file_permission+0x24e/0x570 [ 2375.079138] vfs_copy_file_range+0x4f8/0x1290 [ 2375.080070] ? generic_file_rw_checks+0x240/0x240 [ 2375.081070] ? __fget_files+0x296/0x4c0 11:44:42 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0xfffffff0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) [ 2375.081910] __do_sys_copy_file_range+0x193/0x420 [ 2375.083013] ? vfs_copy_file_range+0x1290/0x1290 [ 2375.083979] ? ksys_write+0x1a9/0x260 [ 2375.084758] ? __ia32_sys_read+0xb0/0xb0 [ 2375.085595] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2375.086684] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2375.087745] do_syscall_64+0x33/0x40 [ 2375.088516] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2375.089560] RIP: 0033:0x7fd102b50b19 [ 2375.090325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2375.094065] RSP: 002b:00007fd1000c6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000146 [ 2375.095635] RAX: ffffffffffffffda RBX: 00007fd102c63f60 RCX: 00007fd102b50b19 [ 2375.097083] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005 [ 2375.098551] RBP: 00007fd1000c61d0 R08: 000000000200f5ef R09: 0000000000000000 [ 2375.100003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2375.101456] R13: 00007fff63b3a90f R14: 00007fd1000c6300 R15: 0000000000022000 [ 2375.120185] FAULT_INJECTION: forcing a failure. [ 2375.120185] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2375.122653] CPU: 1 PID: 16546 Comm: syz-executor.5 Not tainted 5.10.183 #1 [ 2375.124070] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2375.125756] Call Trace: [ 2375.126304] dump_stack+0x107/0x167 [ 2375.127058] should_fail.cold+0x5/0xa [ 2375.127859] _copy_from_user+0x2e/0x1b0 [ 2375.128678] __copy_msghdr_from_user+0x91/0x4b0 [ 2375.129630] ? __ia32_sys_shutdown+0x80/0x80 [ 2375.130590] __io_recvmsg_copy_hdr+0xac/0x2f0 [ 2375.131523] ? __io_compat_recvmsg_copy_hdr+0x360/0x360 [ 2375.132612] ? lock_chain_count+0x20/0x20 [ 2375.133476] ? __is_insn_slot_addr+0x123/0x290 [ 2375.134407] ? lock_downgrade+0x6d0/0x6d0 [ 2375.135272] io_recvmsg+0xa31/0xca0 [ 2375.136014] ? lock_chain_count+0x20/0x20 [ 2375.136876] ? io_sendmsg+0x790/0x790 [ 2375.137679] ? register_lock_class+0xbb/0x17b0 [ 2375.138630] ? mark_lock+0xf5/0x2df0 [ 2375.139406] ? is_dynamic_key+0x1e0/0x1e0 [ 2375.140270] ? lock_chain_count+0x20/0x20 [ 2375.141146] ? __lock_acquire+0xbb1/0x5b00 [ 2375.142043] ? __lock_acquire+0xbb1/0x5b00 [ 2375.142919] io_issue_sqe+0x35f1/0x7660 [ 2375.143741] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2375.144830] ? SOFTIRQ_verbose+0x10/0x10 [ 2375.145667] ? percpu_ref_put_many+0x153/0x2b0 [ 2375.146621] ? io_connect+0x610/0x610 [ 2375.147402] ? lock_acquire+0x197/0x470 [ 2375.148230] ? find_held_lock+0x2c/0x110 [ 2375.149066] ? __fget_files+0x26d/0x4c0 [ 2375.149895] ? lock_downgrade+0x6d0/0x6d0 [ 2375.150768] __io_queue_sqe+0x90/0x9d0 [ 2375.151589] ? io_issue_sqe+0x7660/0x7660 [ 2375.152450] io_submit_sqes+0x4461/0x85c0 [ 2375.153321] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2375.154358] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2375.155354] ? lock_downgrade+0x6d0/0x6d0 [ 2375.156211] ? find_held_lock+0x2c/0x110 [ 2375.157045] ? io_submit_sqes+0x85c0/0x85c0 [ 2375.157955] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2375.158957] ? wait_for_completion_io+0x270/0x270 [ 2375.159973] ? rcu_read_lock_any_held+0x75/0xa0 [ 2375.160919] ? vfs_write+0x354/0xa70 [ 2375.161695] ? fput_many+0x2f/0x1a0 [ 2375.162447] ? ksys_write+0x1a9/0x260 [ 2375.163242] ? __ia32_sys_read+0xb0/0xb0 [ 2375.164075] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2375.165166] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2375.166219] do_syscall_64+0x33/0x40 [ 2375.167014] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2375.168062] RIP: 0033:0x7fe21c796b19 [ 2375.168831] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2375.172582] RSP: 002b:00007fe219d0c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2375.174168] RAX: ffffffffffffffda RBX: 00007fe21c8a9f60 RCX: 00007fe21c796b19 [ 2375.175625] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2375.177074] RBP: 00007fe219d0c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2375.178539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2375.180007] R13: 00007ffd07aa720f R14: 00007fe219d0c300 R15: 0000000000022000 11:44:42 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x7ffff000, 0x0, 0x0, 0x0) 11:44:42 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 18) 11:44:42 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) (fail_nth: 10) 11:44:42 executing program 2: fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xc, 0xffffffffffffffff, 0x0) r0 = mq_open(&(0x7f0000005c00)='-@\x00', 0x42, 0x0, 0x0) mq_notify(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, @tid=0xffffffffffffffff}) mq_open(&(0x7f0000005c00)='-@\x00', 0x42, 0x0, 0x0) fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) r1 = mq_open(&(0x7f0000000080)='iso9660\x00', 0x40, 0x0, &(0x7f00000000c0)={0x2, 0x8, 0x80000000, 0x400}) pread64(0xffffffffffffffff, &(0x7f0000001100)=""/4095, 0xfff, 0x0) perf_event_open(&(0x7f0000000100)={0x4, 0x80, 0x76, 0x40, 0x3f, 0x4, 0x0, 0x9c4b, 0x64400, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x6, 0x4, @perf_bp={&(0x7f0000000040), 0x4}, 0x410, 0x6, 0x1, 0x8, 0xffffffffffff577f, 0xffffffff, 0xff, 0x0, 0x101}, 0x0, 0xa, 0xffffffffffffffff, 0x4) fallocate(r1, 0x0, 0x0, 0x18000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x20802, 0xce) r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap$perf(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x200000c, 0x810, r2, 0x100) ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40082404, &(0x7f0000000000)=0x200) fallocate(r3, 0x10, 0xefd0, 0x3) r4 = syz_open_procfs(0x0, &(0x7f0000000080)='smaps\x00') pread64(r4, &(0x7f0000001100)=""/4095, 0xfff, 0x0) 11:44:42 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0xffffffff, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) [ 2375.497895] FAULT_INJECTION: forcing a failure. [ 2375.497895] name failslab, interval 1, probability 0, space 0, times 0 [ 2375.500452] CPU: 0 PID: 16564 Comm: syz-executor.6 Not tainted 5.10.183 #1 [ 2375.501929] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2375.503653] Call Trace: [ 2375.504196] dump_stack+0x107/0x167 [ 2375.504960] should_fail.cold+0x5/0xa [ 2375.505748] ? jbd2__journal_start+0x190/0x7e0 [ 2375.506708] should_failslab+0x5/0x20 [ 2375.507499] kmem_cache_alloc+0x5b/0x310 [ 2375.508343] jbd2__journal_start+0x190/0x7e0 [ 2375.509268] __ext4_journal_start_sb+0x214/0x390 [ 2375.510252] ext4_file_write_iter+0xdbf/0x18d0 [ 2375.511217] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2375.512163] ? kasan_save_stack+0x32/0x40 [ 2375.513018] ? kasan_save_stack+0x1b/0x40 [ 2375.513877] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2375.514932] ? iter_file_splice_write+0x16d/0xc30 [ 2375.515931] ? direct_splice_actor+0x10f/0x170 [ 2375.516873] ? splice_direct_to_actor+0x387/0x980 [ 2375.517830] ? do_splice_direct+0x1c4/0x290 [ 2375.518704] ? vfs_copy_file_range+0x4f8/0x1290 [ 2375.519620] ? __do_sys_copy_file_range+0x193/0x420 [ 2375.520618] do_iter_readv_writev+0x476/0x750 [ 2375.521522] ? new_sync_write+0x660/0x660 [ 2375.522362] ? selinux_file_permission+0x92/0x520 [ 2375.523375] do_iter_write+0x191/0x670 [ 2375.524177] ? trace_hardirqs_on+0x5b/0x180 [ 2375.525065] vfs_iter_write+0x70/0xa0 [ 2375.525827] iter_file_splice_write+0x762/0xc30 [ 2375.526812] ? generic_splice_sendpage+0x140/0x140 [ 2375.527843] ? avc_policy_seqno+0x9/0x70 [ 2375.528689] ? selinux_file_permission+0x92/0x520 [ 2375.529702] ? lockdep_init_map_type+0x2c7/0x780 [ 2375.530700] ? generic_splice_sendpage+0x140/0x140 [ 2375.531718] direct_splice_actor+0x10f/0x170 [ 2375.532633] splice_direct_to_actor+0x387/0x980 [ 2375.533594] ? pipe_to_sendpage+0x380/0x380 [ 2375.534508] ? do_splice_to+0x160/0x160 [ 2375.535327] ? security_file_permission+0x24e/0x570 [ 2375.536370] do_splice_direct+0x1c4/0x290 [ 2375.537225] ? splice_direct_to_actor+0x980/0x980 [ 2375.538211] ? selinux_file_permission+0x92/0x520 [ 2375.539231] ? security_file_permission+0x24e/0x570 [ 2375.540285] vfs_copy_file_range+0x4f8/0x1290 [ 2375.541219] ? generic_file_rw_checks+0x240/0x240 [ 2375.542215] ? __fget_files+0x296/0x4c0 [ 2375.543075] __do_sys_copy_file_range+0x193/0x420 [ 2375.544071] ? vfs_copy_file_range+0x1290/0x1290 [ 2375.545040] ? ksys_write+0x1a9/0x260 [ 2375.545826] ? __ia32_sys_read+0xb0/0xb0 [ 2375.546688] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2375.547763] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2375.548822] do_syscall_64+0x33/0x40 [ 2375.549599] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2375.550657] RIP: 0033:0x7fd102b50b19 [ 2375.551450] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2375.555218] RSP: 002b:00007fd1000c6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000146 [ 2375.556838] RAX: ffffffffffffffda RBX: 00007fd102c63f60 RCX: 00007fd102b50b19 [ 2375.558344] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005 [ 2375.559854] RBP: 00007fd1000c61d0 R08: 000000000200f5ef R09: 0000000000000000 [ 2375.561355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2375.562901] R13: 00007fff63b3a90f R14: 00007fd1000c6300 R15: 0000000000022000 [ 2375.611038] FAULT_INJECTION: forcing a failure. [ 2375.611038] name failslab, interval 1, probability 0, space 0, times 0 [ 2375.613999] CPU: 0 PID: 16565 Comm: syz-executor.5 Not tainted 5.10.183 #1 [ 2375.615497] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2375.617245] Call Trace: [ 2375.617802] dump_stack+0x107/0x167 [ 2375.618570] should_fail.cold+0x5/0xa [ 2375.619375] should_failslab+0x5/0x20 [ 2375.620148] kmem_cache_alloc_bulk+0x4b/0x320 [ 2375.621065] io_submit_sqes+0x6f76/0x85c0 [ 2375.621944] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2375.622966] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2375.623962] ? lock_downgrade+0x6d0/0x6d0 [ 2375.624804] ? find_held_lock+0x2c/0x110 [ 2375.625645] ? io_submit_sqes+0x85c0/0x85c0 [ 2375.626553] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2375.627626] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2375.628718] ? trace_hardirqs_on+0x5b/0x180 [ 2375.629595] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2375.630710] ? __x64_sys_io_uring_enter+0xd/0x1b0 [ 2375.631701] ? __sanitizer_cov_trace_pc+0x52/0x60 [ 2375.632688] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2375.633744] do_syscall_64+0x33/0x40 [ 2375.634512] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2375.635549] RIP: 0033:0x7fe21c796b19 [ 2375.636309] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2375.640030] RSP: 002b:00007fe219d0c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2375.641576] RAX: ffffffffffffffda RBX: 00007fe21c8a9f60 RCX: 00007fe21c796b19 [ 2375.643025] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2375.644472] RBP: 00007fe219d0c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2375.645912] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2375.647360] R13: 00007ffd07aa720f R14: 00007fe219d0c300 R15: 0000000000022000 11:44:42 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x2, 0x0, 0x0) [ 2380.514460] Bluetooth: hci2: command 0x0409 tx timeout [ 2382.563456] Bluetooth: hci2: command 0x041b tx timeout [ 2384.610462] Bluetooth: hci2: command 0x040f tx timeout [ 2385.328287] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2385.330353] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2385.333486] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 2385.384269] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2385.385953] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2385.388620] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 2386.658468] Bluetooth: hci2: command 0x0419 tx timeout [ 2391.394472] Bluetooth: hci3: command 0x0406 tx timeout 11:45:04 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) (fail_nth: 11) 11:45:04 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0xffffff7f, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:45:04 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 19) 11:45:04 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(0xffffffffffffffff, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r2, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r2, &(0x7f0000000040)='./file1\x00', 0x19f) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000040)) openat(r3, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x20d315) 11:45:04 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0xf, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:45:04 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:45:04 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x416, 0x0, 0x0) 11:45:04 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x8, 0x0, 0x0) 11:45:04 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x14, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) [ 2397.810138] FAULT_INJECTION: forcing a failure. [ 2397.810138] name failslab, interval 1, probability 0, space 0, times 0 [ 2397.811642] CPU: 0 PID: 17062 Comm: syz-executor.5 Not tainted 5.10.183 #1 [ 2397.812540] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2397.813593] Call Trace: [ 2397.813936] dump_stack+0x107/0x167 [ 2397.814408] should_fail.cold+0x5/0xa [ 2397.814902] ? create_object.isra.0+0x3a/0xa20 [ 2397.815484] should_failslab+0x5/0x20 [ 2397.815660] FAULT_INJECTION: forcing a failure. [ 2397.815660] name failslab, interval 1, probability 0, space 0, times 0 [ 2397.815965] kmem_cache_alloc+0x5b/0x310 [ 2397.815982] create_object.isra.0+0x3a/0xa20 [ 2397.815995] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2397.816014] kmem_cache_alloc_bulk+0x168/0x320 [ 2397.820661] io_submit_sqes+0x6f76/0x85c0 [ 2397.821202] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2397.821831] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2397.822446] ? lock_downgrade+0x6d0/0x6d0 [ 2397.822985] ? find_held_lock+0x2c/0x110 [ 2397.823503] ? io_submit_sqes+0x85c0/0x85c0 [ 2397.824055] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2397.824666] ? wait_for_completion_io+0x270/0x270 [ 2397.825279] ? rcu_read_lock_any_held+0x75/0xa0 [ 2397.825866] ? vfs_write+0x354/0xa70 [ 2397.826334] ? fput_many+0x2f/0x1a0 [ 2397.826805] ? ksys_write+0x1a9/0x260 [ 2397.827289] ? __ia32_sys_read+0xb0/0xb0 [ 2397.827806] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2397.828471] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2397.829126] do_syscall_64+0x33/0x40 [ 2397.829599] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2397.830245] RIP: 0033:0x7fe21c796b19 [ 2397.830733] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2397.833050] RSP: 002b:00007fe219d0c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2397.834011] RAX: ffffffffffffffda RBX: 00007fe21c8a9f60 RCX: 00007fe21c796b19 [ 2397.834922] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2397.835822] RBP: 00007fe219d0c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2397.836719] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2397.837619] R13: 00007ffd07aa720f R14: 00007fe219d0c300 R15: 0000000000022000 [ 2397.838546] CPU: 1 PID: 17064 Comm: syz-executor.6 Not tainted 5.10.183 #1 [ 2397.840107] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2397.841946] Call Trace: [ 2397.842523] dump_stack+0x107/0x167 [ 2397.843329] should_fail.cold+0x5/0xa [ 2397.844160] ? __iomap_dio_rw+0x1ee/0x1110 [ 2397.845080] should_failslab+0x5/0x20 [ 2397.845903] kmem_cache_alloc_trace+0x55/0x320 [ 2397.846908] __iomap_dio_rw+0x1ee/0x1110 [ 2397.847811] ? jbd2_journal_stop+0x188/0xdc0 [ 2397.848766] ? iomap_dio_bio_actor+0xef0/0xef0 [ 2397.849756] ? ext4_orphan_add+0x253/0x9e0 [ 2397.850693] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 2397.851760] ? ext4_empty_dir+0xae0/0xae0 [ 2397.852659] ? jbd2__journal_start+0xf3/0x7e0 [ 2397.853656] iomap_dio_rw+0x31/0x90 [ 2397.854449] ext4_file_write_iter+0xb26/0x18d0 [ 2397.855475] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2397.856451] ? kasan_save_stack+0x32/0x40 [ 2397.857339] ? kasan_save_stack+0x1b/0x40 [ 2397.858230] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2397.859335] ? iter_file_splice_write+0x16d/0xc30 [ 2397.860368] ? direct_splice_actor+0x10f/0x170 [ 2397.861344] ? splice_direct_to_actor+0x387/0x980 [ 2397.862374] ? do_splice_direct+0x1c4/0x290 [ 2397.863306] ? vfs_copy_file_range+0x4f8/0x1290 [ 2397.864303] ? __do_sys_copy_file_range+0x193/0x420 [ 2397.865388] do_iter_readv_writev+0x476/0x750 [ 2397.866359] ? new_sync_write+0x660/0x660 [ 2397.867261] ? selinux_file_permission+0x92/0x520 [ 2397.868321] do_iter_write+0x191/0x670 [ 2397.869171] ? trace_hardirqs_on+0x5b/0x180 [ 2397.870107] vfs_iter_write+0x70/0xa0 [ 2397.870937] iter_file_splice_write+0x762/0xc30 [ 2397.871959] ? generic_splice_sendpage+0x140/0x140 [ 2397.873020] ? avc_policy_seqno+0x9/0x70 [ 2397.873891] ? selinux_file_permission+0x92/0x520 [ 2397.874946] ? lockdep_init_map_type+0x2c7/0x780 [ 2397.875957] ? generic_splice_sendpage+0x140/0x140 [ 2397.877002] direct_splice_actor+0x10f/0x170 [ 2397.877941] splice_direct_to_actor+0x387/0x980 [ 2397.878944] ? pipe_to_sendpage+0x380/0x380 [ 2397.879867] ? do_splice_to+0x160/0x160 [ 2397.880713] ? security_file_permission+0x24e/0x570 [ 2397.881790] do_splice_direct+0x1c4/0x290 [ 2397.882679] ? splice_direct_to_actor+0x980/0x980 [ 2397.883708] ? selinux_file_permission+0x92/0x520 [ 2397.884740] ? security_file_permission+0x24e/0x570 [ 2397.885814] vfs_copy_file_range+0x4f8/0x1290 [ 2397.886791] ? generic_file_rw_checks+0x240/0x240 [ 2397.887829] ? __fget_files+0x296/0x4c0 [ 2397.888696] __do_sys_copy_file_range+0x193/0x420 [ 2397.889725] ? vfs_copy_file_range+0x1290/0x1290 [ 2397.890733] ? ksys_write+0x1a9/0x260 [ 2397.891542] ? __ia32_sys_read+0xb0/0xb0 [ 2397.892427] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2397.893539] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2397.894630] do_syscall_64+0x33/0x40 [ 2397.895440] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2397.896516] RIP: 0033:0x7fd102b50b19 [ 2397.897311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2397.901171] RSP: 002b:00007fd1000c6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000146 [ 2397.902790] RAX: ffffffffffffffda RBX: 00007fd102c63f60 RCX: 00007fd102b50b19 [ 2397.904294] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005 [ 2397.905792] RBP: 00007fd1000c61d0 R08: 000000000200f5ef R09: 0000000000000000 [ 2397.907299] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2397.908797] R13: 00007fff63b3a90f R14: 00007fd1000c6300 R15: 0000000000022000 11:45:04 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x416, 0x0, 0x0) 11:45:04 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0xc0, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:45:04 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0xffffff9e, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:45:04 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x2000, 0x0, 0x0) 11:45:04 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(0xffffffffffffffff, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r2, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r2, &(0x7f0000000040)='./file1\x00', 0x19f) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000040)) openat(r3, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x20d315) 11:45:04 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) (fail_nth: 12) 11:45:05 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0xec0, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:45:05 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x2000, 0x0, 0x0) [ 2398.040483] FAULT_INJECTION: forcing a failure. [ 2398.040483] name failslab, interval 1, probability 0, space 0, times 0 [ 2398.041875] CPU: 0 PID: 17083 Comm: syz-executor.6 Not tainted 5.10.183 #1 [ 2398.042696] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2398.043665] Call Trace: [ 2398.043994] dump_stack+0x107/0x167 [ 2398.044425] should_fail.cold+0x5/0xa [ 2398.044872] ? create_object.isra.0+0x3a/0xa20 [ 2398.045403] should_failslab+0x5/0x20 [ 2398.045854] kmem_cache_alloc+0x5b/0x310 [ 2398.046331] create_object.isra.0+0x3a/0xa20 [ 2398.046853] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2398.047439] kmem_cache_alloc_trace+0x151/0x320 [ 2398.047983] __iomap_dio_rw+0x1ee/0x1110 [ 2398.048464] ? jbd2_journal_stop+0x188/0xdc0 [ 2398.048971] ? iomap_dio_bio_actor+0xef0/0xef0 [ 2398.049503] ? ext4_orphan_add+0x253/0x9e0 [ 2398.049996] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 2398.050581] ? ext4_empty_dir+0xae0/0xae0 [ 2398.051059] ? jbd2__journal_start+0xf3/0x7e0 [ 2398.051567] iomap_dio_rw+0x31/0x90 [ 2398.051993] ext4_file_write_iter+0xb26/0x18d0 [ 2398.052507] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2398.053033] ? kasan_save_stack+0x32/0x40 [ 2398.053496] ? kasan_save_stack+0x1b/0x40 [ 2398.053979] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2398.054543] ? iter_file_splice_write+0x16d/0xc30 [ 2398.055117] ? direct_splice_actor+0x10f/0x170 [ 2398.055651] ? splice_direct_to_actor+0x387/0x980 [ 2398.056203] ? do_splice_direct+0x1c4/0x290 [ 2398.056708] ? vfs_copy_file_range+0x4f8/0x1290 [ 2398.057250] ? __do_sys_copy_file_range+0x193/0x420 [ 2398.057852] do_iter_readv_writev+0x476/0x750 [ 2398.058365] ? new_sync_write+0x660/0x660 [ 2398.058853] ? selinux_file_permission+0x92/0x520 [ 2398.059415] do_iter_write+0x191/0x670 [ 2398.059879] ? trace_hardirqs_on+0x5b/0x180 [ 2398.060383] vfs_iter_write+0x70/0xa0 [ 2398.060825] iter_file_splice_write+0x762/0xc30 [ 2398.061374] ? generic_splice_sendpage+0x140/0x140 [ 2398.061955] ? avc_policy_seqno+0x9/0x70 [ 2398.062424] ? selinux_file_permission+0x92/0x520 [ 2398.062968] ? lockdep_init_map_type+0x2c7/0x780 [ 2398.063519] ? generic_splice_sendpage+0x140/0x140 [ 2398.064084] direct_splice_actor+0x10f/0x170 [ 2398.064593] splice_direct_to_actor+0x387/0x980 [ 2398.065128] ? pipe_to_sendpage+0x380/0x380 [ 2398.065631] ? do_splice_to+0x160/0x160 [ 2398.066087] ? security_file_permission+0x24e/0x570 [ 2398.066690] do_splice_direct+0x1c4/0x290 [ 2398.067165] ? splice_direct_to_actor+0x980/0x980 [ 2398.067716] ? selinux_file_permission+0x92/0x520 [ 2398.068276] ? security_file_permission+0x24e/0x570 [ 2398.068863] vfs_copy_file_range+0x4f8/0x1290 [ 2398.069390] ? generic_file_rw_checks+0x240/0x240 [ 2398.069949] ? __fget_files+0x296/0x4c0 [ 2398.070416] __do_sys_copy_file_range+0x193/0x420 [ 2398.070992] ? vfs_copy_file_range+0x1290/0x1290 [ 2398.071530] ? ksys_write+0x1a9/0x260 [ 2398.071953] ? __ia32_sys_read+0xb0/0xb0 [ 2398.072420] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2398.073019] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2398.073705] do_syscall_64+0x33/0x40 [ 2398.074125] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2398.074742] RIP: 0033:0x7fd102b50b19 [ 2398.075174] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2398.077316] RSP: 002b:00007fd1000c6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000146 [ 2398.078203] RAX: ffffffffffffffda RBX: 00007fd102c63f60 RCX: 00007fd102b50b19 [ 2398.079033] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005 [ 2398.079860] RBP: 00007fd1000c61d0 R08: 000000000200f5ef R09: 0000000000000000 [ 2398.080682] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2398.081506] R13: 00007fff63b3a90f R14: 00007fd1000c6300 R15: 0000000000022000 11:45:05 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0xfffffff0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:45:18 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x4000, 0x0, 0x0) 11:45:18 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x4000, 0x0, 0x0) 11:45:18 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(0xffffffffffffffff, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r2, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r2, &(0x7f0000000040)='./file1\x00', 0x19f) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000040)) openat(r3, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, 0x0, 0x20d315) 11:45:18 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x33fe0, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:45:18 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0xffffffff, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:45:18 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 20) 11:45:18 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) (fail_nth: 13) 11:45:18 executing program 2: chdir(&(0x7f0000000040)='./file0\x00') write(0xffffffffffffffff, &(0x7f0000000240)="01", 0x1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) ftruncate(r0, 0x1000003) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000)) r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0xa, 0x4000010, r0, 0x0) r2 = syz_io_uring_setup(0x1d, &(0x7f00000001c0), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000040)=0x0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) syz_io_uring_submit(r3, r4, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x3}, 0x0) syz_io_uring_submit(r1, r4, &(0x7f0000000280)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r0, 0x0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000080)=""/104, 0x68}, {&(0x7f0000000100)}], 0x2, &(0x7f0000000180)=""/100, 0x64}, 0x0, 0x142, 0x0, {0x2}}, 0x2) write$binfmt_elf64(r0, &(0x7f00000001c0)=ANY=[], 0xfdef) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r6, &(0x7f0000000100)=ANY=[], 0xfdef) r7 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x76e) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0) [ 2411.563239] FAULT_INJECTION: forcing a failure. [ 2411.563239] name failslab, interval 1, probability 0, space 0, times 0 syz_io_uring_submit(r3, r4, &(0x7f0000000100)=@IORING_OP_WRITEV={0x2, 0x0, 0x4007, @fd=r7, 0x7e, &(0x7f0000001500)=[{&(0x7f00000002c0)="715711beaec688a31a52bfcfdfaa57d72d12da65fca52e1b770f81acedb17300b0c4aea618ec0c0c0c5082b8d62b384ee59c1c83284fa68457136894525f7026793f28c8fbe76f86bcebab978d54fccceb34e28c690fcb982cc6b821f66edaf8cea9ba6af1aedb053b6a798561b286eddf2e68671ffa12e65c7833c156252618e6b5132f37acf060ccea525826fcba6ce365cfe568ff3f69ff472d74a8b7ca5ea336b0ed86a8e41a9e7cebb796b1bf49170803795fe498e01449fb7e2d6c87dcd5c606e7fd3de7", 0xc7}, {&(0x7f00000003c0)="a1c873d2162549b0bee666bdcb5fca641157e23f000cb74f67bc95b6fea4a5cb4a6ecb8e98951b06ea94e2b865cf34eaeae9a5bee7694d92c4d6d2e3f5eea1e831aeabff64e44e0afbf9854d18f3ffaa058315db01ee5519879d9dceab3438161d9c3e703187fe5bccb5629e52a770e6378dd18235e47350c2e62f81b47f5432fe2be62cb597bc0b13588e5254b5555a59e65a849bac0294d3706ddda6116dd4", 0xa0}, {&(0x7f0000000480)="473e695db8cdadc054ef4d0188a85f90895e8ea3d6c018ba24e841976931e2275d46dc593bd0e4ae435f619c983fee880f8fe38175b0e7b51aeb86b317b05de734f4593fbfb70a120d5ad3f72ee0e9d818ec97a343a7c2a55a799beb5678b4c844106133a809ef84a226d1ba5920d37fc4266805683e4b26c5253f5ad0b4eafa47abd9a13541d5a1d33ddf68ebe20d01270eba5f2972c752f85a09a29aca3fae774a5eab3875257a28edc7c1a4b128d58166fc88caff2f3c0414b9c4454c43a78dda4fbab5d18621959e4017385f2228af3c190d3645204172d5d1d868722eaf5a83c7320221497bf1449b2639aa997d7af427eececac21e17f56e0715293991b25cc9bfddfacf169cf81e21ef8062bfe048ef2e0c5ee599cc60fb9d84407f8ac8d7442abf59e96861a94055fffe83419884c01b8203cccc1dc91b4c4830cd4285db7a18630119f680b3184d6c38a7cbc12cc203fa29a9b8ed13953e71b3419b5f05cbc50baac7bcb840d6141f17cedaee5df71647d8409b7503f2bc0db146cf3a3109ced54da64a652e258787445ca2c4a64e105223c77d85eddc5c53a279bec17025c362a3d1acead96e539e18f7ac36542025b21f73626172f067626c24fbeba7afad47b165ec0764df1dd69c2f82a89a919e2172673d1f3a430c62a72ab0c1455720f8cb28d9a7420abbc35218ed96c3d159f7d8f32c71e0e58358e75698e15e4231eac74f0f370bf5190c983f1492a0b1e3467b989ec1d131343e8bbfd2f068474afac1c184ec74d1e1d5111202c0ac4b95eda5896a1ce0fd72532be4b0f72f40cc2eda921f20d21f76a62e8b52de31de0eebd46ff79d9220ecc17aa5ee092b8a7bd1a7e9fda73a151ee7d043cafaeda9a2862465eca5f9d83f45013f2c21cbb732e72c8684fbd69f8bfbfb3a555e1db27e7fbc03c036ebe23c37e42c91961ee50ec85c35d5d859e50a3c3c7b91ab5913696b24482b2586c5c5cb52e03bbd9787c82ea1a31589332d498736ece92254ad18eb92d82a1247beafd2c197762e823bc7dff7133a7bffa22fee6fa951bf7ba48193c01e2033b0e4a58503019037f56f09ce1c521c1938a2893581bdd7ffdee60d3119045323f0d03a654f40cdeee15b67b4cd9c2d3c01e96a9361b46e0f0a757e901b02345abd4d395403c16c8587df4eb636217aaeb807361deda95ea41e1e0e96f0f9aa158eda34a0dfbf3eaea7f0bb09baeb0cf0bcb30f6d24398637f85996dab641b65ea2d89a5e665b0ca23e1868fc6f8cc695e54ed83dc942d8b0e1e63936b4f8a44e1723e8bbc93ebf31d835168099b384744e384e74deb0eebd5922e037711423e86d9756be7ed8da97771e1e1332e0006cfc9be4dd992dcf99b4aecfa06f3d18187bef3bfbcd06271b2b23826691dc3d5937ce46f42e635b1d7d938eeaa7759928575bf5d2682e6ac2e43f0624656c09faa20382bd7daf37e4571a2229417fb48f0a9f05f6597da87eaf8c2dbe96060cb7020ea6d795d2e9677f807dd91b0abc68800d4c11be1275b4662b6e49b8f4a9766579108c6df0573056e1d626aa63925b943c5f1e73868abde65008d6e50030b50aa8e7cde0f351de5f8b3736a158acde21f0f29b2cf629ee7e4354579c3b2d2b2f84adab71691cb8eed4050e85daa9a79257a20322793907f1ae1514c8d318776d8dc916471b1cf10fe720ebf0905116943afac81acdba1947d4f387216fbc5efe8c7e260249d2c84019a543791e86fa453be0e51cc64e9a50e795fb27f339efb806eb3735226444ceaaa23f695212293b73062b20bff97a028b5bea207c4df20d6298324df9dac3d54eaa2b6d91928fbf67cfd59eb96dcf6c2049c4cd5708e7bc54263be3439ffc2bc777c096c1185376b1e0686e0c016ba2465f74ed5685bb0baffcbbba10d1f159e8be2f68d9285a5b0aff148efd284da060aff279c67dcafd1e71e1db4a8569a4f38221db39232186440d360dade1333ac74004d3cf95adc78b84534f9b063464fcd46f5ad095eb7869d9b16dddefa3973c8a3c2f008861aec9758fac811d58250044060e72e8a751a22ea9d585c9c4e2cbf1dbd6fd800ecaa4a71e01a004b373ddafa9c8d8ce5f3698ebe5810eec11e0a81514d040b36b491d79a928f4763081891d4af4cc415013a0c2b475f5543d7ae42b3bf3edc6606189e8e5db0e7d529ce3c3cdff4365bb8a6320160a289051e2f462dc0c6dfd8e2aa44569036d52217d3bc1b802e67083d7f74ff4410a5ecb20ae2e099cd41b4f22bca60ecbca297efe313106e9877edd17008164ea25d3b630600c239c71d4cb5eddc77dc3c6e17f68c38af1712d5587690315cb5e84c935f5d2b21928e7f0262f2d1ca309f61461b3b7a15b0e8f3715bb149c4365c44f6c5fd3468d640346fa6589f646a2c50e46856d63349fc15b1d9e0de8e816373e04a92ed62a063e28f34f386f0e9d2764294f1902923383dba1febc3fd4152b8f83f7c8354be5f603fde4e4445c4e9dc6dae5e6b79aee79e746c3eb219c2262fc68de969ee61d0c43aededdb709d091e663259bd01ccb45045b9b5c5203b29628c5278f6ae43cbca2644708892260ddf0d16b8738dbfa926842ca0b8a622f5208a2091337e8ac3bd52989c22e8517a64f2c75c2ed975caffd56c328e7c6cec5442c0a5a1c5183367a8b3faf32cf5ec4e9a804da8b7ab42f0193332db3663630954d9fb1875748791512db903ef80efd81f5fd6d9249da403b66d810958aaf0b62b7a8122b8eb2944b42c4b8cf575436b5a8551d02ae678d5da105649d8443ca12afa63560dcfb1d8c593b0feec3329ca1e3f82b4fb1632a60ae385d6f7dbb7e5a9ef0901dd561c831a32c830f8e6f1b60f37fcb388f1b7ae17c67bd96b13a3e415e167022e69a77db950f387bce1d40bb2268239dac5906b495510c868d8f9a56c82f1676a7194b53ceff437a54a4b7499ca2d63933bc0b1bd9fc32ed0b304ceed079809c081caefdb16043b5b357a682892c265d2bb5ed8ce9c94b77a47a6be4c911a1fde18522105fe0ac0ec2d44b17e00fcd271c94e9f204ee60c63df7ef15cc9d66b697e8b2bd2c387896b6d388521389616a893db8fcec0a2b8580036cc8a1a32b772f1df6905d227e1f6055d88a61e8d919151630726243461dba7c27ede50862419f203b58bc7fcde2614a244a7b723026d10a51a4f65c50da4d47fcd197b5ab44779954518fdb54007974cfe00d5592ec2c6599deecb7c9c67453bf88bfc7c6599d93627546055d0338764884c6cc7aa5c2a8f69579a3f72091055c4565503e4da3eb81f904cec01a23b4f3c3a6e131a9aa2af5ed528a3f17907f333a4164d8211e2ac00800bd408e3ca9f726d4b6301b8a8103f5c09d81e0d815530e611fca0c7b38f89c6ac68155483660cf0a64e1bdc926897dabbb32afc058fd103e6f7ab264d8364d390d7882261ae8c08153d542b12a50f48837c2dac509db2a5b26c04916c513e186af39b09c2752993e6391c2d3de1a4c54860a44ed25990594bb042a9d4b90bbb11176167b7f65d0f1c094dcf6ce21cf8be933331892e071e92df9886f4b1f6380869b49e94ac8f1ce0547f41fb8d4bb299f71dfb084d686882081209ec1b0dca3a587201aab0967ddddc975c02af1047baba3e2470289f82bfb2c56a0df344fd08992bb532ea73f3d90a0f0b1ce4b3031613e3dd5a20f92b436ff070b735b991ad599ce87abe027ba0c9d673d990b3c70bd53f2c87aeb563d44d917b6025d9905f9194ffd18d1767685bc766581ed8eed764c0ee4e28c29fe20da89d7157a577def35865378a299b315a8ae6f6ff410496cfa84b37309b83a01f0de5e60270254ccec75316b8b64568284ecfe0351fcabd127dd2b070b1caadf617248f5ee792d0094cc19393d791462e321be873d94aa11d8b40e6b95316d58762cc4a88c4d07037fea06a0e4f3fb4a9783c527470c6eac0b1b4d55136a94f97c7711154832dea8bfd134890e386f613a9636ce331320eac2429d4198ee703f1e6995fc83ad84488d042d6b4c046a5c22fe61f2842aab2164df034fff3ef5e8d51889051fdb0c8562b7b2a5831de846222b6da4514851e39c0e2146349fee80663afba00e5242cdc18c6911feb222b7e99bbfad97d73dfc19ab55595d36c7b5d26062e77bf25cae9170c2d8a6320a30c985b3cc02cce1bd07c50687b3e3fe8c36c6d83078f4cd8afa372dab9add6f6a1d7b606255e89fd6acc58b8579ed84208fff25f7a0bbc22d276f138bd715818b9d2a99d1739a345faf5525174a7ce98f1548f9f5d477a12294fecef62b1685439a2856149d1485cade45f3e2ca4019bc94ad48d809cebca75ca842a0ee51cd25bc50552c629cb9e8edacf7cd8ea3f3748bd8e2c789e42497003ec1021189ae051c1437b6cb0e96b87ba6960ddd363163e49149815605b1466b4d2acc40ce443cdcf5d05ec0497b7d65133c892c0b3e6967c0ec1e81f4eed903b7b92bae117db8f62665eca58afee5b0088ef3092aae4f0e8a7bf4fc6860cfb86cd9fc999bc768a5832ead17ac549aec6713d26b5b680a38d4f80f651ca27b8b8e71e6ae6df09bf47460e46ce8b2217dc3b21901d7224982d47dbdfb5ae1b825a9dd5cfcf0734197f48113858e320f3b0c52a0b4d5365c15743f1328f1896ae603cec8b0fd91913d84b7ee051ee39ca64872d7af66187621f9887e16f2e0723f0fb17f4721c39ea893b199d4b5a0e48587af4ebc99312e98044544a58f9c4eb507e63547a305d7954a5f205b33f6fd4b0fa957347fe22531e0bdc404d31216a282467b00d881c9e7a9b9918dc4b1bd62b8a23d36d4c8c0b3ee0a19909ef13a4f999c4ac19b6d78009e8e1f31a1dfb01ba0f951191e519c218b23e8992ad28beadd73dbf87386d04d6f7c001ea88ac4afbbbbd83b8e839d802f894e882332b6529e0c96ef53a28b35a5794958b7003e89add4a5869dee56d6ef146f36afb673ade7d5b1cb248f0be5418114943857fb637b033b93c3a545a1fadcfd05e23cc380fee4f9d2bf0600e1c84042e00aae9030ed8a81abaf89c75816b430e2d3a9ded4d4f40cb41fd135f1815bdd67b6c88c37ca952b6dcc42529ece8b525596e2c754991387643e25ce5832d6b9dedaef4ca3da1e30b130331b1f8e403398fd568bfb1905d56dbac37c4e87f55ad8899df05b956511bc1a9416762f82c35f4a6c0e65a558918f03fa8510091a6db64987dee747672bedb510f951e36518045638dfeedda30bdbc8246db15941eef72fe24d3280eb511229d76a6296f0d206d0eff611da88fca67fcb6092518e4a9703a197ca8e2739a22dbd0a4b22c4fb3e469004f542d882b70356e47d3cdbbaf93494677b3cdadfdb79739e9661357e7df4080f683d789cd65a2c4bc9d0a7f3a9597c282b93d050543bc93ed5d9d8a65f8285391fa1d339ee9c4b7d3cb8fa211994f527a286edf5e3d668530a6e3f5638486eee361527911be00dd9461fe210e087a61dd3a639c85d9a9a3a429846feaa6845d65071a3cf2e42c2719fd77d46527b99fcd46ef0b53b8530e475d6050b4cb9fbdd000c14ac327fb83daa28c85678ff2ef19615f4152ac0329389564dc0fc52983ce5cd7caecef38ca544b003c14cfb5384ee9734d88abdee554e6e1d45c10a4584d078fcec2a93f3bf141b287e97b78d52aeb417bed16f407e4e9d6b1ee8893ef03166d8e9d40fa6bea8da42f59c1df7aca4ee94f2a1089f776fa02474e4cbc07e44ef17d253614ac00d1361542707b9b7cb2415b32a5a", 0x1000}, {&(0x7f0000001e00)="531f3017dc10cec6372abfa4f6c6ffe44e23315d5fc00ee7f3475ad7ddf3216d502731d0cf08a20e7837b81973e24d958b83d38f8f44d2693950ba54c025afd4221ce7f31c4b261cb89f0b87639a7b0383da260859f976c3dbf34f7eb70a1b8754075f1afb5a6dd0c87aa5d40cbb2266d1b46cc2144532a89537817874d1570c357a1eed5bc6828aa99c58534f8f8bc55f102b9bec9f3b1704fd2edf020eac3485e49bbea2864f9df46da2934d3a3cdc43c8f6cf5ffaa11a3589b906beaa69ee97de87c803c6f2f70746a7c2cbf45188690a2168706825379891c69ee509f7a10ef2464cd5fde58948fa6fbbc57650d1b18f1ca4c619f2ff30402afc2bccac57fee6672416fdca925320bc33f5ba8afe099db734b873da5cee70cced61001221a8496278ee63b651bf76fe5e2dc2715d480b2065653683dfe85712328c1279afcb0901c8989fac0fe1d52715810cef7f7c16c6406f4476b9ec08f44751a26f55db2939a88e9318189714e1ebc93546d4827620f40f22fcf3bdbd5e7c3d60c591a528ecb531037c47cf265261854e1877ee465aa594789a29c371f9f3ee89d1230b5ebb94e1c2f0adbad32b71a173ae83b1cb3717589f5abd8ea9a828c432b013e24f15afca3cfbad2fe2bc38bffc5492b7ed5787f7f55c08ec1d7068f45f7ea8d529077400ac4ef2b44660b92b8a4da8a5d03f419f59ec7dbe21842da91bc4bfeff75126ea4ae96bfc1c6abeefeae1c87f7d7d1fb269ac7fa912f12b747409276928864072a8a44035d745dc9320a9ec639de6806f9a08a5e5b21807fda5321282bdefec26e47b72f7baaa747c4d208c101f3008814f6bd02595ff810d2e87439fac2ea2513e0baee3abacea0e5186be790c8798699c7a0c5ff1ecbfdfeba297fbb346f0fcb230752b76d7d15f8bf5511479b77cfa036cb5988a7b138735223b93d53976f1ba9452c9cff95d8e6a8c54fd3267148d5786cba00951e37bbdfb028a11e53271c56f2337337db5e3e69881c84f112af5fde490e5b05b310a16088a0cd5dbb24e7a8006a54471c0f77f24ddb801c5f3133cc352f0e22663c8d7bfd28d418ee1c8eff7e0ea61b5d267e6f70787e5c6b0218b651ff5b523296859d878a7074681e5a560b4c551d4bd1fc5fc72318a90f6a898e03dd2fb762be58bc1b8deaaeabc7d5424519f546dde7d4e76e3a19e62b50519e3acb321b6d54129a41e72784447064ce1bef1e2c9f53c972c90e056e1e6162b9bf91fb0990eeb20722e08db8476fc1fed3a835e4f19815049eba31c19ac26809119cc3da864e3d83ac05b16414f1ba6134d8bbf9ffc1f77b59e515a16a9bb6874815bbd174bfffdbf687e37daf5a7a56f1de082f51b19c2917d78aa05f5556eb92de195b0ba16a9773ea9b504422d7145b3b73812e07f228df7d0677b6f2be8a344779e375f4ac8a2303c7395a6b603ea7e251b53c8d6765a709ec458e78023ac858a9389790417fada569c9591ec1c399401b1eee226bdeb8f66fe8e3d7642ad4dd235b9c91c9d6dd29c38fe91a2f78a948433b5a1b5333467881dec891669d2e372248117f9410d66dbf2c54c00ef84e0c81edfa5bf23f2249bf098f6b0b3cb8bd1e20e3d6946be96b86697548fbb6cd1d1658c2c2f940cd6ccef5bf41004c5d2ec9b654dbfb363cba892083f90a2f288d376b225b103654ae08c1ec39f867738e38a41ac2aa7ba544b7ffd67e7c616572d08a8259c85bc397506cf449122b2ce0fcc41d506bc5a8d31bf9a02a786e3e4a3b8670f460bfa8cb76131ff469927dd3e324c9a16a15d21cd09de6c2ac03b6c1471fcc5c9d71da063a48823fd3ccf8b8877ffcf85d179e48284f7caacf046e3b908496d609d99c32968c68b8fd0ad1f455ce2f8f92f47f86442b1dcb7f748529143f6b048417b26d3612c12cd66497a76aa967e797405c1a817ffb4780d4abc4427f7e9fef149954ca2a2e6d8650e7995eb4747ff989b9a2ce2717e9b116790dda59f2e0365b9ef20495c40ec70f83fcd479071b8f14deb81b6abd948355564275a7ae29c3697046a0a480e58744fa6a98a4cf44f5622d8c324d325108145681bac7f7d4457379baa2c66139383bf3608c61793450fb3c515fa7ccc637f5c352d5fe6c3254fa7fdaa4a6bc182389fb0224c1c4be880cc56a2f9b14da659e7b29ddd2f6b12cb40af7ce3b299d49e4196292bbdfbc3893f9bd73d9930c86c5aaf0e7e931891174ff28f87794c39661d27796ac35f17d8dc42782eaaf4fcd4846457583d621a8726175fe0b2dcc55b3bc0f1c9a34079eb72b89a6908e316b8e46f96ca726df4d3e5a38600fe80d82593d550cea1fb00f9cb9f32e1348f0312f9102b83ce6e05ea270299ba1fe8c0495e39c6966fbbcc713855281fdbff3777047c7283e946a4ec58d6096d40c2431a18c889a8717324aa9c73f7305748fddd5417c488300b17427bbec85b1b84d8db0d164b29eae9c402edf0014281f6cfff54909b94f3462852e680b471ee8cd0295249d192ada576891b5090b38afc6475c07326d572ce4f4dcbace2c1bd50d31d92cb3ddf8a5a12cd1f8b2f794b9a5febf66e9fd2515a8080c2b5a2a7822b527b3b6a7b4f5399d4eca480b1298a20d31d4bc1e0e079096a126594a4aa2df08d24b2c297a4f2530378a9f3213e4cdc9d00c74f32ed8f6c17968bd55c228c0520e5436de79699f83f6db867277dcbab701f094ddd993b019999bcf507f96cc35fb0323f6d0d7cc89d4ce38c444a97d7df089cf07dbc47b7fd48970cb75531a96680f27b26090162baaaae00ed0821b9d08ed75df0809270656d40e8159a1730ae0c56ea030cd02fa3b3dca7a03ad9b796406ceabcea57ee4f7df20d3a5e826e66c73f21d82b06ac37763d6737604a37c1268d79a34b744adb0e8d865bd8c1e270b31b6afe73c9c12471258ed1b6e7cdd21986ad77bd5cceb14a68cab8958ddf1d1f21fe35b665976a3445d8af1e73e5aaafb068c9621379e97ce94eca1deb0c5973cd6d0efd2c61893768088d55f7d34975d650a0c60f051f442725d7d3d7217bde97f17aefe853f657326313f65255727a9451eb7aae2a0f8e5f48efa1ca04128e4782b7a0f952d976dc3424b2ed6998e4158a97ab6f964fc364436cf7275d321ac88eba20fdc0a26f003275bf3848614bf089459976f536a04e3401ec88fade6363282b917c9269300c72ca4a291a42a81d816ed17ad61acbb57562c0239a01f47a33812ca6235f87d21a2d155eb9e56b43b1a4c172ab988f4c47d477228e52daee172215be99f4778185b7b221bfbfc5cbdff32e7fe0049f30eeeaed3ac0a9e030d1d662a621d19e3b690c3a8c5cdf72b0bc9328fc8ee951b5f9499dab440ffcf881fb7707890205cc7a015419508219e7f44280cb7baf54e34aca4ba6cbf1db40142f2b2022d23ed0569f236e370c724d36c4cc4a69d3b90cd40b9521a4d0aee510a13e148317b30f117279c19d215d4f276331a964653f0a80df51a27a8d4ba6ac2e89ff730ef8b78581b9d4c45efa6afa7b498d15562e445d5402c5582da5b8d71fde92b663ef0776b2cc98f919e7b140c26792162c2526146c360d88cb74e78a8fea991722fd58fabffa9703a29de5f8f0c8e3a36bf7938a6f5ebec43ad8e66abba6242c554790394ff630f21c2937de97b48623063460961fcee3d0cc16afceebc35d2393e046d029c4a4d00016cbedbc2d50f59ec3ac76c88ea8f2241e9488e899d4330427b8ec5994d46d6a9c769ccc6fc1e3978f8c2852c3378a039d84e5670c42f0edd5e3b500b11979e57889b8d18cfad26d3a0988ec2c028c562e7083ec2963b49e1991bcf27e7bcc538116af73b4b7fdff0102d92e5d861a11eecb5e248f93329bcd4798d6d725ecf0649b47733d8f1eb7351d8e5959da4fa3f5ece5ea649c836d88925753a75837d3c2f7a352ce09a144c337f7177cd1aa87606968e0bbba6c8c095a4ac659a0a66de0fe7e36fe81e9db8640c5f1e757ca1e6b2b9f18ed8886126b29084aa8a6200f2a612c04329b5bcda47c9126d8f10e56805262701347ef5413a72ae148e82578e9981ea0669977ee4956a9904c5ea6c57b494c196351b07c71ded98b26488d5e68d0394a5a446dc3506e8d637c22264759b498b28b09b65a191543db7482f74fce7c7713e6ec468f1dc3cda23b71c259154a5f1a77adcb70a9a415c27889e1ff07ea04ace9b84c055312da599dc28ac94c0211267a3eb903cc7b042e48ad0834f8e20edeef0b42877e1711e37ca317c83078cb729460615d888cbcb1c790e7c1f12cb0b134ce703c795d9dec744b28e5b8d398e16651205553d4a971d81af208d787cd9a8a1f1fab96893a9c69d42ef1138c2d0835728fe1920cc27ec6abb5c58865a7e8a503dfb557c97e0b0f00d4c5c802800b96e8ff4ad41a2e5ebfd20af507c014c9032a73157b271361eed1b39a607427083a7dbc75474415a3284f0143ab733915fd06bca80ffb4e384aeb826645d28bdf6e879ab5538abe84936e3f507e384b4c38af0febbbb03411be444e0eff9d683b71098027d6edec91460c72d82503068d6b6d4b8f1c206ca46b6badff938fd39d801cbd74be3f6c6e2e0b2d273fe9cf81e75dd6498ff5cec766d2b1a6b8dd4a1a20dff8176a3318c3fcf5888f51e849576c66ce9b661078e9b454e715327418da14e96c89ce35501b68409faafc67464d99645122582d0307f7f32be1d335ac5d2dbdbaecf32e6011c255c4938c5b006a97532ac5ff21651b59154fabb26d500c8529706847ae1c256346d496bc6b544e15382dc282cc31ab2f69596b5f70a1d08370b67c70c5ee6d02943e9499deaa2689235943b60c35fdfaf36d6c6f4a8c279e831928d21845f6de6afaadc771d7be7bc9543e31e4b19775a2c4bfa3e1a85f9428042292e5917cfae4bc38a61d3dced5e9f8ca7d7f7e39f0ecd2ee22711c69de1be9bc6df6ab92ecf9c915cfcdd92ee2eedf0de24ca3e891545287dbd89c5b8b9db8ef5ed3d042495e21802330f13007676f15db37d55434bf4f9edab102c10438d6783f7cd3f1739553ee003720029260efc09ca88feedef20aecad0e8ec18c53671e9d5c5c4bb4002724c4e1149c68704439040411dcb4d91df50b57cd94cbf9b1b251bcd32dac41d740d7621e84daf566eac5e49b90718c2c8d69554dbaa0368d81962b3d0ac5227231f32d0a2cefa31c4c06aa62574130865220c6e7df991904ec50788afba8b0b9f6d21733322a7d3870f1502354f7b330c2af487d6da67a142958604370698098cb7fb7aaab89073e7f4aa6477f4ead7e1cacce25774c915e3f0e9323a789f1307d625b871a709ac4f9b8bc2ef67d6e5f0ee85bad48b57ca43298a0d13756d0a5d0bf2725d50a9a89749f92e48e86986c201d8b6b623a888e4603c8c91c60a79874a1e03e6e2e50c7f398ac213f5c2195e77ed4d4a11e50d5adff0917bdf90c1949d67c90751f629cf7136b23c21e66a6e0010efb357c6187af6d1cc70ed23d696fdd55af3afa9a9517c3caa5878193570ab4f03d326d477f3420150003d1113629f4b0a3e61ef258e5ae9a3234fdf10445679f8a37e9aa8f0f7a66bb24ac06c312ad21317f33c3de030db593e411f75b6b632224b95b9ae57f1f0d76879bcc49ec2e049792a6d43c96f58a0b73dac2ebf83c21872e1b4084ae45381449148c4118fb56f4af9aa5d5144b44901d9af75ea0c8ee82259d89c29612feb30d61781b2680bf1928120abbd617493847d91b9048b16887b9fd0ebc1b59300f", 0x1000}, {&(0x7f0000001480)="d0133d5a5a404b33520bc68102ba093296bae6be4a1c89180d35e9443f0d38263665b45702b78ffe5db7faa3f1a9124b93f52172d81b13d751fbcae4ad6d2140e6c910", 0x43}], 0x5, 0x12, 0x0, {0x3, r8}}, 0x3) [ 2411.564898] CPU: 0 PID: 17106 Comm: syz-executor.5 Not tainted 5.10.183 #1 [ 2411.565952] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2411.567153] Call Trace: [ 2411.567524] dump_stack+0x107/0x167 [ 2411.568038] should_fail.cold+0x5/0xa [ 2411.568573] ? create_object.isra.0+0x3a/0xa20 [ 2411.569212] should_failslab+0x5/0x20 [ 2411.569743] kmem_cache_alloc+0x5b/0x310 [ 2411.570310] ? mark_held_locks+0x9e/0xe0 [ 2411.570893] create_object.isra.0+0x3a/0xa20 [ 2411.571506] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2411.572212] kmem_cache_alloc_bulk+0x168/0x320 [ 2411.572849] io_submit_sqes+0x6f76/0x85c0 [ 2411.573460] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2411.574170] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2411.574865] ? io_submit_sqes+0x85c0/0x85c0 [ 2411.575479] ? __mutex_unlock_slowpath+0xec/0x600 [ 2411.576153] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2411.576810] ? wait_for_completion_io+0x270/0x270 [ 2411.577510] ? rcu_read_lock_any_held+0x75/0xa0 [ 2411.578156] ? vfs_write+0x354/0xa70 [ 2411.578675] ? fput_many+0x2f/0x1a0 [ 2411.579176] ? ksys_write+0x1a9/0x260 [ 2411.579706] ? __ia32_sys_read+0xb0/0xb0 [ 2411.580300] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2411.581164] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2411.581880] do_syscall_64+0x33/0x40 [ 2411.582393] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2411.583116] RIP: 0033:0x7fe21c796b19 [ 2411.583636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2411.586174] RSP: 002b:00007fe219d0c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2411.587269] RAX: ffffffffffffffda RBX: 00007fe21c8a9f60 RCX: 00007fe21c796b19 [ 2411.588251] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2411.589244] RBP: 00007fe219d0c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2411.590221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2411.591254] R13: 00007ffd07aa720f R14: 00007fe219d0c300 R15: 0000000000022000 [ 2411.596683] FAULT_INJECTION: forcing a failure. [ 2411.596683] name failslab, interval 1, probability 0, space 0, times 0 [ 2411.599156] CPU: 1 PID: 17110 Comm: syz-executor.6 Not tainted 5.10.183 #1 [ 2411.600588] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2411.602376] Call Trace: [ 2411.602935] dump_stack+0x107/0x167 [ 2411.603694] should_fail.cold+0x5/0xa [ 2411.604488] ? __iomap_dio_rw+0x1ee/0x1110 [ 2411.605362] should_failslab+0x5/0x20 [ 2411.606149] kmem_cache_alloc_trace+0x55/0x320 [ 2411.607113] __iomap_dio_rw+0x1ee/0x1110 [ 2411.607968] ? jbd2_journal_stop+0x188/0xdc0 [ 2411.608880] ? iomap_dio_bio_actor+0xef0/0xef0 [ 2411.609832] ? ext4_orphan_add+0x253/0x9e0 [ 2411.610699] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 2411.611739] ? ext4_empty_dir+0xae0/0xae0 [ 2411.612594] ? jbd2__journal_start+0xf3/0x7e0 [ 2411.613517] iomap_dio_rw+0x31/0x90 [ 2411.614275] ext4_file_write_iter+0xb26/0x18d0 [ 2411.615315] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2411.616247] ? kasan_save_stack+0x32/0x40 [ 2411.617101] ? kasan_save_stack+0x1b/0x40 [ 2411.617954] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2411.619011] ? iter_file_splice_write+0x16d/0xc30 [ 2411.620004] ? direct_splice_actor+0x10f/0x170 [ 2411.620947] ? splice_direct_to_actor+0x387/0x980 [ 2411.621940] ? do_splice_direct+0x1c4/0x290 [ 2411.622836] ? vfs_copy_file_range+0x4f8/0x1290 [ 2411.623801] ? __do_sys_copy_file_range+0x193/0x420 [ 2411.624838] do_iter_readv_writev+0x476/0x750 [ 2411.625776] ? new_sync_write+0x660/0x660 [ 2411.626622] ? selinux_file_permission+0x92/0x520 [ 2411.627739] do_iter_write+0x191/0x670 [ 2411.628533] ? trace_hardirqs_on+0x5b/0x180 [ 2411.629411] vfs_iter_write+0x70/0xa0 [ 2411.630188] iter_file_splice_write+0x762/0xc30 [ 2411.631187] ? generic_splice_sendpage+0x140/0x140 [ 2411.632211] ? avc_policy_seqno+0x9/0x70 [ 2411.633044] ? selinux_file_permission+0x92/0x520 [ 2411.634024] ? lockdep_init_map_type+0x2c7/0x780 [ 2411.634999] ? generic_splice_sendpage+0x140/0x140 [ 2411.635985] direct_splice_actor+0x10f/0x170 [ 2411.636886] splice_direct_to_actor+0x387/0x980 [ 2411.637827] ? pipe_to_sendpage+0x380/0x380 [ 2411.638710] ? do_splice_to+0x160/0x160 [ 2411.639525] ? security_file_permission+0x24e/0x570 [ 2411.640541] do_splice_direct+0x1c4/0x290 [ 2411.641379] ? splice_direct_to_actor+0x980/0x980 [ 2411.642344] ? selinux_file_permission+0x92/0x520 [ 2411.643335] ? security_file_permission+0x24e/0x570 [ 2411.644371] vfs_copy_file_range+0x4f8/0x1290 [ 2411.645297] ? generic_file_rw_checks+0x240/0x240 [ 2411.646282] ? __fget_files+0x296/0x4c0 [ 2411.647121] __do_sys_copy_file_range+0x193/0x420 [ 2411.648111] ? vfs_copy_file_range+0x1290/0x1290 [ 2411.649071] ? ksys_write+0x1a9/0x260 [ 2411.649849] ? __ia32_sys_read+0xb0/0xb0 [ 2411.650676] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2411.651755] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2411.652837] do_syscall_64+0x33/0x40 [ 2411.653595] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2411.654616] RIP: 0033:0x7fd102b50b19 [ 2411.655376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2411.659090] RSP: 002b:00007fd1000c6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000146 [ 2411.660641] RAX: ffffffffffffffda RBX: 00007fd102c63f60 RCX: 00007fd102b50b19 [ 2411.662084] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005 [ 2411.663546] RBP: 00007fd1000c61d0 R08: 000000000200f5ef R09: 0000000000000000 [ 2411.664993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2411.666426] R13: 00007fff63b3a90f R14: 00007fd1000c6300 R15: 0000000000022000 11:45:18 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x100020, &(0x7f0000000900)=ANY=[]) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, 0x0) unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x11, r2, 0x71d7b000) ioctl$AUTOFS_IOC_PROTOSUBVER(0xffffffffffffffff, 0x80049367, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x2020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x50b400, 0xc) r3 = open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0) epoll_create1(0x80000) mkdirat(r3, &(0x7f0000000200)='./file0\x00', 0x86) 11:45:18 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x2000029c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:45:18 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x80000, 0x0, 0x0) 11:45:18 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:45:18 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x80000, 0x0, 0x0) 11:45:18 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, 0xffffffffffffffff, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:45:18 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x7ffff000, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:45:18 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 21) 11:45:18 executing program 2: sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f00000011c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001100)={0x58, 0x3, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x58}, 0x1, 0x0, 0x0, 0x87141bc0c1d0595e}, 0x20000080) getxattr(0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x5}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = fork() ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2c) ptrace(0x10, r0) ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000040)) sendmsg$IPSET_CMD_FLUSH(r1, &(0x7f00000012c0)={&(0x7f0000001200)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000001280)={&(0x7f0000001240)={0x24, 0x4, 0x6, 0x904, 0x0, 0x0, {0x1, 0x0, 0x6}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0x4000040) tkill(0x0, 0x2c) openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x107100, 0x0) r2 = syz_open_procfs(r0, &(0x7f0000000000)='net/mcfilter6\x00') pread64(r2, &(0x7f0000000080)=""/4095, 0xfff, 0x303) 11:45:18 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) (fail_nth: 14) [ 2411.899471] FAULT_INJECTION: forcing a failure. [ 2411.899471] name failslab, interval 1, probability 0, space 0, times 0 [ 2411.901442] CPU: 0 PID: 17152 Comm: syz-executor.6 Not tainted 5.10.183 #1 [ 2411.902242] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2411.903213] Call Trace: [ 2411.903531] dump_stack+0x107/0x167 [ 2411.903970] should_fail.cold+0x5/0xa [ 2411.904419] ? create_object.isra.0+0x3a/0xa20 [ 2411.904970] should_failslab+0x5/0x20 [ 2411.905415] kmem_cache_alloc+0x5b/0x310 [ 2411.905892] ? _raw_spin_unlock_irq+0x1f/0x30 [ 2411.906422] create_object.isra.0+0x3a/0xa20 [ 2411.906951] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2411.907537] kmem_cache_alloc+0x159/0x310 [ 2411.908027] ext4_init_io_end+0x23/0x180 [ 2411.908502] ext4_writepages+0x8ec/0x3350 [ 2411.908995] ? unwind_next_frame+0x13ef/0x1a90 [ 2411.909526] ? find_held_lock+0x2c/0x110 [ 2411.910015] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2411.910578] ? __is_insn_slot_addr+0x14c/0x290 [ 2411.911121] ? __kernel_text_address+0x9/0x40 [ 2411.911642] ? unwind_get_return_address+0x55/0xa0 [ 2411.912210] ? create_prof_cpu_mask+0x20/0x20 [ 2411.912739] ? stack_trace_save+0x8c/0xc0 [ 2411.913234] ? stack_trace_consume_entry+0x160/0x160 [ 2411.913826] ? kasan_save_stack+0x32/0x40 [ 2411.914320] ? kasan_save_stack+0x1b/0x40 [ 2411.914826] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2411.915443] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2411.916012] do_writepages+0xee/0x2a0 [ 2411.916456] ? page_writeback_cpu_online+0x20/0x20 [ 2411.917024] ? lock_acquire+0x197/0x470 [ 2411.917475] ? create_object.isra.0+0x3ad/0xa20 [ 2411.918042] ? lock_release+0x680/0x680 [ 2411.918502] ? find_held_lock+0x2c/0x110 [ 2411.919008] __filemap_fdatawrite_range+0x24b/0x2f0 [ 2411.919605] ? delete_from_page_cache_batch+0xa30/0xa30 [ 2411.920219] ? mark_held_locks+0x9e/0xe0 [ 2411.920698] ? trace_hardirqs_on+0x5b/0x180 [ 2411.921200] filemap_write_and_wait_range+0x65/0x100 [ 2411.921784] __iomap_dio_rw+0x552/0x1110 [ 2411.922262] ? iomap_dio_bio_actor+0xef0/0xef0 [ 2411.922789] ? ext4_orphan_add+0x253/0x9e0 [ 2411.923308] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 2411.923875] ? ext4_empty_dir+0xae0/0xae0 [ 2411.924355] ? jbd2__journal_start+0xf3/0x7e0 [ 2411.924482] FAULT_INJECTION: forcing a failure. [ 2411.924482] name failslab, interval 1, probability 0, space 0, times 0 [ 2411.924893] iomap_dio_rw+0x31/0x90 [ 2411.927552] ext4_file_write_iter+0xb26/0x18d0 [ 2411.928082] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2411.928599] ? kasan_save_stack+0x32/0x40 [ 2411.929079] ? kasan_save_stack+0x1b/0x40 [ 2411.929562] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2411.930143] ? iter_file_splice_write+0x16d/0xc30 [ 2411.930698] ? direct_splice_actor+0x10f/0x170 [ 2411.931237] ? splice_direct_to_actor+0x387/0x980 [ 2411.931798] ? do_splice_direct+0x1c4/0x290 [ 2411.932295] ? vfs_copy_file_range+0x4f8/0x1290 [ 2411.932849] ? __do_sys_copy_file_range+0x193/0x420 [ 2411.933423] do_iter_readv_writev+0x476/0x750 [ 2411.933932] ? new_sync_write+0x660/0x660 [ 2411.934403] ? selinux_file_permission+0x92/0x520 [ 2411.934980] do_iter_write+0x191/0x670 [ 2411.935424] ? trace_hardirqs_on+0x5b/0x180 [ 2411.935934] vfs_iter_write+0x70/0xa0 [ 2411.936386] iter_file_splice_write+0x762/0xc30 [ 2411.936941] ? generic_splice_sendpage+0x140/0x140 [ 2411.937499] ? avc_policy_seqno+0x9/0x70 [ 2411.937974] ? selinux_file_permission+0x92/0x520 [ 2411.938526] ? lockdep_init_map_type+0x2c7/0x780 [ 2411.939086] ? generic_splice_sendpage+0x140/0x140 [ 2411.939644] direct_splice_actor+0x10f/0x170 [ 2411.940162] splice_direct_to_actor+0x387/0x980 [ 2411.940697] ? pipe_to_sendpage+0x380/0x380 [ 2411.941204] ? do_splice_to+0x160/0x160 [ 2411.941672] ? security_file_permission+0x24e/0x570 [ 2411.942268] do_splice_direct+0x1c4/0x290 [ 2411.942750] ? splice_direct_to_actor+0x980/0x980 [ 2411.943308] ? selinux_file_permission+0x92/0x520 [ 2411.943887] ? security_file_permission+0x24e/0x570 [ 2411.944489] vfs_copy_file_range+0x4f8/0x1290 [ 2411.944999] ? generic_file_rw_checks+0x240/0x240 [ 2411.945571] ? __fget_files+0x296/0x4c0 [ 2411.946048] __do_sys_copy_file_range+0x193/0x420 [ 2411.946600] ? vfs_copy_file_range+0x1290/0x1290 [ 2411.947146] ? ksys_write+0x1a9/0x260 [ 2411.947583] ? __ia32_sys_read+0xb0/0xb0 [ 2411.948055] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2411.948667] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2411.949272] do_syscall_64+0x33/0x40 [ 2411.949691] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2411.950278] RIP: 0033:0x7fd102b50b19 [ 2411.950700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2411.952869] RSP: 002b:00007fd1000c6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000146 [ 2411.953725] RAX: ffffffffffffffda RBX: 00007fd102c63f60 RCX: 00007fd102b50b19 [ 2411.954537] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005 [ 2411.955373] RBP: 00007fd1000c61d0 R08: 000000000200f5ef R09: 0000000000000000 [ 2411.956212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2411.957044] R13: 00007fff63b3a90f R14: 00007fd1000c6300 R15: 0000000000022000 [ 2411.957909] CPU: 1 PID: 17156 Comm: syz-executor.5 Not tainted 5.10.183 #1 [ 2411.959326] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2411.960987] Call Trace: [ 2411.961523] dump_stack+0x107/0x167 [ 2411.962257] should_fail.cold+0x5/0xa [ 2411.963040] ? create_object.isra.0+0x3a/0xa20 [ 2411.963958] should_failslab+0x5/0x20 [ 2411.964713] kmem_cache_alloc+0x5b/0x310 [ 2411.965516] ? mark_held_locks+0x9e/0xe0 [ 2411.966332] create_object.isra.0+0x3a/0xa20 [ 2411.967222] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2411.968256] kmem_cache_alloc_bulk+0x168/0x320 [ 2411.969182] io_submit_sqes+0x6f76/0x85c0 [ 2411.970039] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2411.971046] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2411.972016] ? lock_downgrade+0x6d0/0x6d0 [ 2411.972847] ? find_held_lock+0x2c/0x110 [ 2411.973656] ? io_submit_sqes+0x85c0/0x85c0 [ 2411.974600] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2411.975708] ? wait_for_completion_io+0x270/0x270 [ 2411.976796] ? rcu_read_lock_any_held+0x75/0xa0 [ 2411.977839] ? vfs_write+0x354/0xa70 [ 2411.978679] ? fput_many+0x2f/0x1a0 [ 2411.979508] ? ksys_write+0x1a9/0x260 [ 2411.980362] ? __ia32_sys_read+0xb0/0xb0 [ 2411.981278] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2411.982451] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2411.983627] do_syscall_64+0x33/0x40 [ 2411.984463] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2411.985609] RIP: 0033:0x7fe21c796b19 [ 2411.986443] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2411.990541] RSP: 002b:00007fe219d0c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2411.992246] RAX: ffffffffffffffda RBX: 00007fe21c8a9f60 RCX: 00007fe21c796b19 [ 2411.993835] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2411.995439] RBP: 00007fe219d0c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2411.997029] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2411.998615] R13: 00007ffd07aa720f R14: 00007fe219d0c300 R15: 0000000000022000 11:45:33 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x400000, 0x0, 0x0) 11:45:33 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) (fail_nth: 15) 11:45:33 executing program 2: r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_config_ext, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0xfffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = dup(r1) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000600)="7540f6c9af04200000", 0x9}], 0x1, 0x0, 0xfffffffe) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) r4 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x10000, 0x0) openat(r4, &(0x7f0000000640)='./file1\x00', 0x480, 0x0) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_WIPHY(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="f5000000", @ANYRES16=r5, @ANYRESOCT=r0], 0x28}}, 0x0) fcntl$getownex(r1, 0x10, &(0x7f0000000340)={0x0, 0x0}) r7 = openat2(r2, &(0x7f00000003c0)='./file1\x00', &(0x7f0000000400)={0x280, 0x41}, 0x18) clone3(&(0x7f0000000440)={0x92821000, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000280), {0x35}, &(0x7f00000002c0)=""/25, 0x19, &(0x7f0000000300)=""/1, &(0x7f0000000380)=[0xffffffffffffffff, r6], 0x2, {r7}}, 0x58) sendmsg$ETHTOOL_MSG_COALESCE_SET(r3, &(0x7f00000005c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000329bd7000ffdbdf251400000005000c000100000008000a00ff7f0000080002000000a84e1a79120007000000080016003f000000"], 0x3c}, 0x1, 0x0, 0x0, 0x4000800}, 0x804) r8 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) r9 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r9, 0x0, r8, 0x0, 0x200f5ef, 0x0) ftruncate(r9, 0x8b) sendto(0xffffffffffffffff, &(0x7f0000000000)="d4f8dfaa394996add3afd1da13fac83014b8e5c45afa1a1f3ed44d2f6eaf6b5f9203bf69ab683862", 0x28, 0x0, &(0x7f0000000140)=@nl=@unspec={0x0, 0xff00, 0x0, 0xf5ffffff}, 0x80) pwritev(0xffffffffffffffff, &(0x7f0000000a40)=[{&(0x7f00000006c0)="613af31dcee48e14e99b39d3761843292ee9c13881fa6c7273fb69119c1d9b26d8c5f23cace555c49707d2acb15fe6db", 0x30}, {&(0x7f0000000700)="14051060f824cab533b3ead804de2ea509489d87ef09dc4777fc7dec5b0d79ed9e28a6f69dd75a0e4d48a7ea48ebf01553a6f6cc85832e6f0855c767621a2b43552a1eb6810f0635a9d3a2c65a49b58c6cb7ee20dde3", 0x56}, {&(0x7f0000000780)="1116f4a9adfdf9edd32155f8c3170ef977ee14a7ee8c6e68a2b76b75d495b5fb3585d7d3ad35670d83531a9f7f7ddf570c3a5c71bb2a0c881f38438f6c5483f281f5709f77f027235d4e292a83e1210ab9f6a0ebfd4260d981ce08fd3b5c1ed4a8915f880e900ee78682943ec29d263be216b9d9d419b5914da591ccae5a8a0ba1531f2441970b58b961bb6c8fc2b2e16bc164b3521d993e4c6049d6295a04fb4d4acc61071e8761b001debc56dd938854523e42", 0xb4}, {&(0x7f0000000840)="9f5996ab817ceab2b507e3c345edc3acc352cfd8199fd89515df887c835586080aebb4dd2c02197cba3db679504868de08cab1799595bae1ed306ad3aedce3e4cdd78effc291ff4ba3951e161b3d8ac1b320e0c32e1ae2d5bad4a1383b07a6d3fe870c9c56a105f9e29453ac", 0x6c}, {&(0x7f00000008c0)="7e96a608a9ff6ec10a953d9434cb33c8c764d8b97e1e2197566efd51ba94d7332b33836445d47931219883bdd0f6349387a478a6a783dcaa85964b56f897b5c9b386117d1fe78b5adfef702fad94a308a48360ae560cf005958971205ca38791399aec5972847eba07bee01338d8ab87f8615c445299f0e0beea021e00327680c47d02e39319ba17221b9019cf727306f6985b673b59df72965a64e06b55", 0x9e}, {&(0x7f0000000980)="0d600b73607f420ac28399132580e0e17ba8e1e4c2b4d8ac0c2e22b2aa6d17be8904572650286b2a19d7d9dd52163ba58bee2075119c6866934c1746ed6733f7eadd3786238d4732fe8e6d23f449e2930951a7cfcd0a6259d138c1fd45b4f545fba57ea973b0b05242897f9b9714a3f2248d738e2d2dddca605da4f64ff7761ef2828e3a8d2457412910c4ac044964a0e222a442297652e633af77677df32d805bc5", 0xa2}], 0x6, 0x200, 0x9) 11:45:33 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x400000, 0x0, 0x0) 11:45:33 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x2, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:45:33 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0xfffffdef, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:45:33 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, 0xffffffffffffffff, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:45:33 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 22) [ 2426.405744] FAULT_INJECTION: forcing a failure. [ 2426.405744] name failslab, interval 1, probability 0, space 0, times 0 [ 2426.408258] CPU: 0 PID: 17166 Comm: syz-executor.6 Not tainted 5.10.183 #1 [ 2426.409651] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2426.411304] Call Trace: [ 2426.411853] dump_stack+0x107/0x167 [ 2426.412599] should_fail.cold+0x5/0xa [ 2426.413372] ? ext4_init_io_end+0x23/0x180 [ 2426.414228] should_failslab+0x5/0x20 [ 2426.415076] kmem_cache_alloc+0x5b/0x310 [ 2426.415907] ext4_init_io_end+0x23/0x180 [ 2426.416753] ext4_writepages+0xee9/0x3350 [ 2426.417612] ? unwind_next_frame+0x13ef/0x1a90 [ 2426.418554] ? find_held_lock+0x2c/0x110 [ 2426.419416] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2426.420435] ? __is_insn_slot_addr+0x14c/0x290 [ 2426.421366] ? __kernel_text_address+0x9/0x40 [ 2426.422271] ? unwind_get_return_address+0x55/0xa0 [ 2426.423269] ? create_prof_cpu_mask+0x20/0x20 [ 2426.424208] ? stack_trace_save+0x8c/0xc0 [ 2426.425056] ? stack_trace_consume_entry+0x160/0x160 [ 2426.426101] ? kasan_save_stack+0x32/0x40 [ 2426.426948] ? kasan_save_stack+0x1b/0x40 [ 2426.427806] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2426.428856] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2426.429849] do_writepages+0xee/0x2a0 [ 2426.430637] ? page_writeback_cpu_online+0x20/0x20 [ 2426.431661] ? lock_acquire+0x197/0x470 [ 2426.432281] FAULT_INJECTION: forcing a failure. [ 2426.432281] name failslab, interval 1, probability 0, space 0, times 0 [ 2426.432468] ? create_object.isra.0+0x3ad/0xa20 [ 2426.432494] ? lock_release+0x680/0x680 [ 2426.432517] ? find_held_lock+0x2c/0x110 [ 2426.436479] __filemap_fdatawrite_range+0x24b/0x2f0 [ 2426.437492] ? delete_from_page_cache_batch+0xa30/0xa30 [ 2426.438577] ? mark_held_locks+0x9e/0xe0 [ 2426.439423] ? trace_hardirqs_on+0x5b/0x180 [ 2426.440318] filemap_write_and_wait_range+0x65/0x100 [ 2426.441350] __iomap_dio_rw+0x552/0x1110 [ 2426.442187] ? iomap_dio_bio_actor+0xef0/0xef0 [ 2426.443131] ? ext4_orphan_add+0x253/0x9e0 [ 2426.443998] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 2426.444999] ? ext4_empty_dir+0xae0/0xae0 [ 2426.445834] ? jbd2__journal_start+0xf3/0x7e0 [ 2426.446764] iomap_dio_rw+0x31/0x90 [ 2426.447528] ext4_file_write_iter+0xb26/0x18d0 [ 2426.448459] ? __switch_to_asm+0x34/0x60 [ 2426.449291] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2426.450227] ? io_schedule_timeout+0x140/0x140 [ 2426.451162] ? direct_splice_actor+0x10f/0x170 [ 2426.452146] ? splice_direct_to_actor+0x387/0x980 [ 2426.453259] ? vfs_copy_file_range+0x4f8/0x1290 [ 2426.454214] ? __do_sys_copy_file_range+0x193/0x420 [ 2426.455267] do_iter_readv_writev+0x476/0x750 [ 2426.456193] ? new_sync_write+0x660/0x660 [ 2426.457054] ? selinux_file_permission+0x92/0x520 [ 2426.458052] do_iter_write+0x191/0x670 [ 2426.458853] vfs_iter_write+0x70/0xa0 [ 2426.459632] iter_file_splice_write+0x762/0xc30 [ 2426.460595] ? generic_splice_sendpage+0x140/0x140 [ 2426.461602] ? avc_policy_seqno+0x9/0x70 [ 2426.462420] ? selinux_file_permission+0x92/0x520 [ 2426.463430] ? lockdep_init_map_type+0x2c7/0x780 [ 2426.464394] ? generic_splice_sendpage+0x140/0x140 [ 2426.465383] direct_splice_actor+0x10f/0x170 [ 2426.466279] splice_direct_to_actor+0x387/0x980 [ 2426.467234] ? pipe_to_sendpage+0x380/0x380 [ 2426.468115] ? do_splice_to+0x160/0x160 [ 2426.468918] ? security_file_permission+0x24e/0x570 [ 2426.469946] do_splice_direct+0x1c4/0x290 [ 2426.470785] ? splice_direct_to_actor+0x980/0x980 [ 2426.471762] ? selinux_file_permission+0x92/0x520 [ 2426.472744] ? security_file_permission+0x24e/0x570 [ 2426.473786] vfs_copy_file_range+0x4f8/0x1290 [ 2426.474716] ? generic_file_rw_checks+0x240/0x240 [ 2426.475729] ? __fget_files+0x296/0x4c0 [ 2426.476576] __do_sys_copy_file_range+0x193/0x420 [ 2426.477565] ? vfs_copy_file_range+0x1290/0x1290 [ 2426.478526] ? ksys_write+0x1a9/0x260 [ 2426.479313] ? __ia32_sys_read+0xb0/0xb0 [ 2426.480141] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2426.481210] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2426.482267] do_syscall_64+0x33/0x40 [ 2426.483026] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2426.484181] RIP: 0033:0x7fd102b50b19 [ 2426.485130] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2426.489193] RSP: 002b:00007fd1000c6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000146 [ 2426.490719] RAX: ffffffffffffffda RBX: 00007fd102c63f60 RCX: 00007fd102b50b19 [ 2426.492218] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005 [ 2426.493671] RBP: 00007fd1000c61d0 R08: 000000000200f5ef R09: 0000000000000000 [ 2426.495164] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2426.496634] R13: 00007fff63b3a90f R14: 00007fd1000c6300 R15: 0000000000022000 [ 2426.498144] CPU: 1 PID: 17174 Comm: syz-executor.5 Not tainted 5.10.183 #1 [ 2426.499002] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2426.499999] Call Trace: [ 2426.500337] dump_stack+0x107/0x167 [ 2426.500779] should_fail.cold+0x5/0xa [ 2426.501234] ? create_object.isra.0+0x3a/0xa20 [ 2426.501786] should_failslab+0x5/0x20 [ 2426.502243] kmem_cache_alloc+0x5b/0x310 [ 2426.502727] ? mark_held_locks+0x9e/0xe0 [ 2426.503218] create_object.isra.0+0x3a/0xa20 [ 2426.503741] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2426.504354] kmem_cache_alloc_bulk+0x168/0x320 [ 2426.504892] io_submit_sqes+0x6f76/0x85c0 [ 2426.505398] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2426.505993] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2426.506564] ? lock_downgrade+0x6d0/0x6d0 [ 2426.507058] ? find_held_lock+0x2c/0x110 [ 2426.507543] ? io_submit_sqes+0x85c0/0x85c0 [ 2426.508093] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2426.508675] ? wait_for_completion_io+0x270/0x270 [ 2426.509272] ? rcu_read_lock_any_held+0x75/0xa0 [ 2426.509837] ? vfs_write+0x354/0xa70 [ 2426.510308] ? fput_many+0x2f/0x1a0 [ 2426.510740] ? ksys_write+0x1a9/0x260 [ 2426.511219] ? __ia32_sys_read+0xb0/0xb0 [ 2426.511731] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2426.512360] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2426.512999] do_syscall_64+0x33/0x40 [ 2426.513458] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2426.514060] RIP: 0033:0x7fe21c796b19 [ 2426.514509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2426.516676] RSP: 002b:00007fe219d0c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2426.517571] RAX: ffffffffffffffda RBX: 00007fe21c8a9f60 RCX: 00007fe21c796b19 [ 2426.518411] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2426.519255] RBP: 00007fe219d0c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2426.520127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2426.521009] R13: 00007ffd07aa720f R14: 00007fe219d0c300 R15: 0000000000022000 11:45:33 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x3, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:45:33 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, 0xffffffffffffffff, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:45:33 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x800000, 0x0, 0x0) 11:45:33 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x6, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:45:33 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x800000, 0x0, 0x0) 11:45:33 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x0, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:45:33 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0xf0ff7f, 0x0, 0x0) 11:45:47 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0xf0ff7f, 0x0, 0x0) 11:45:47 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x8, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:45:47 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x4, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:45:47 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) (fail_nth: 16) 11:45:47 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x0, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:45:47 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x1000000, 0x0, 0x0) 11:45:47 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 23) 11:45:47 executing program 2: timerfd_gettime(0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000011c0)=ANY=[@ANYBLOB="2800e2ff9000010000000006000000870e6344ed0575dc00000000000c00008008000d00acfdf705"], 0x28}}, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r1, 0x84009422, &(0x7f00000000c0)={0x0, 0x0, {0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}}) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fd/4\x00') prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000500)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000e7e000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000f12000/0x3000)=nil, &(0x7f0000cbb000/0x4000)=nil, &(0x7f0000fef000/0x11000)=nil, &(0x7f00000004c0)="6275f24451d0693bd7a9be5b1dd43a63d8d2987b292e6961202269b19d3024693bcc8a55d173addb1128833a77ce492f09a04c5c64046afd59ad205223", 0x3d}, 0x68) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) dup(r2) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000)={0x0, 0x3, 0x0, 0xf94}) r3 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r4, 0x0, r3, 0x0, 0x200f5ef, 0x0) ioctl$sock_ipv6_tunnel_SIOCADD6RD(r3, 0x89f9, &(0x7f0000000600)={'syztnl2\x00', &(0x7f0000000580)={'ip6tnl0\x00', 0x0, 0x2f, 0x80, 0x26, 0x20, 0x0, @private2, @remote, 0x1, 0x8000, 0x20, 0x8001}}) unshare(0x48020200) [ 2440.158082] FAULT_INJECTION: forcing a failure. [ 2440.158082] name failslab, interval 1, probability 0, space 0, times 0 [ 2440.160397] CPU: 0 PID: 17231 Comm: syz-executor.6 Not tainted 5.10.183 #1 [ 2440.161797] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2440.163493] Call Trace: [ 2440.164043] dump_stack+0x107/0x167 [ 2440.164793] should_fail.cold+0x5/0xa [ 2440.165570] ? create_object.isra.0+0x3a/0xa20 [ 2440.166506] should_failslab+0x5/0x20 [ 2440.167295] kmem_cache_alloc+0x5b/0x310 [ 2440.168130] ? _raw_spin_unlock_irq+0x1f/0x30 [ 2440.169049] create_object.isra.0+0x3a/0xa20 [ 2440.169946] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2440.170980] kmem_cache_alloc+0x159/0x310 [ 2440.171852] ext4_init_io_end+0x23/0x180 [ 2440.172669] ext4_writepages+0x8ec/0x3350 [ 2440.173512] ? unwind_next_frame+0x13ef/0x1a90 [ 2440.174439] ? find_held_lock+0x2c/0x110 [ 2440.175297] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2440.176289] ? __is_insn_slot_addr+0x14c/0x290 [ 2440.177217] ? __kernel_text_address+0x9/0x40 [ 2440.178118] ? unwind_get_return_address+0x55/0xa0 [ 2440.179102] ? create_prof_cpu_mask+0x20/0x20 [ 2440.180051] ? stack_trace_save+0x8c/0xc0 [ 2440.180888] ? stack_trace_consume_entry+0x160/0x160 [ 2440.181929] ? kasan_save_stack+0x32/0x40 [ 2440.182761] ? kasan_save_stack+0x1b/0x40 [ 2440.183601] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2440.184626] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2440.185609] do_writepages+0xee/0x2a0 [ 2440.186380] ? page_writeback_cpu_online+0x20/0x20 [ 2440.187372] ? lock_acquire+0x197/0x470 [ 2440.188171] ? create_object.isra.0+0x3ad/0xa20 [ 2440.189124] ? lock_release+0x680/0x680 [ 2440.189944] ? find_held_lock+0x2c/0x110 [ 2440.190786] __filemap_fdatawrite_range+0x24b/0x2f0 [ 2440.191831] ? delete_from_page_cache_batch+0xa30/0xa30 [ 2440.192924] ? mark_held_locks+0x9e/0xe0 [ 2440.193764] ? trace_hardirqs_on+0x5b/0x180 [ 2440.194645] filemap_write_and_wait_range+0x65/0x100 [ 2440.195704] __iomap_dio_rw+0x552/0x1110 [ 2440.196551] ? iomap_dio_bio_actor+0xef0/0xef0 [ 2440.197484] ? ext4_orphan_add+0x253/0x9e0 [ 2440.198350] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 2440.199368] ? ext4_empty_dir+0xae0/0xae0 [ 2440.200221] ? jbd2__journal_start+0xf3/0x7e0 [ 2440.201151] iomap_dio_rw+0x31/0x90 [ 2440.201908] ext4_file_write_iter+0xb26/0x18d0 [ 2440.202856] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2440.203798] ? kasan_save_stack+0x32/0x40 [ 2440.204645] ? kasan_save_stack+0x1b/0x40 [ 2440.205498] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2440.206525] ? iter_file_splice_write+0x16d/0xc30 [ 2440.207517] ? direct_splice_actor+0x10f/0x170 [ 2440.208434] ? splice_direct_to_actor+0x387/0x980 [ 2440.209406] ? do_splice_direct+0x1c4/0x290 [ 2440.210278] ? vfs_copy_file_range+0x4f8/0x1290 [ 2440.211229] ? __do_sys_copy_file_range+0x193/0x420 [ 2440.212250] do_iter_readv_writev+0x476/0x750 [ 2440.213164] ? new_sync_write+0x660/0x660 [ 2440.214009] ? selinux_file_permission+0x92/0x520 [ 2440.215021] do_iter_write+0x191/0x670 [ 2440.215848] ? trace_hardirqs_on+0x5b/0x180 [ 2440.216735] vfs_iter_write+0x70/0xa0 [ 2440.217546] iter_file_splice_write+0x762/0xc30 [ 2440.218512] ? generic_splice_sendpage+0x140/0x140 [ 2440.219551] ? avc_policy_seqno+0x9/0x70 [ 2440.220377] ? selinux_file_permission+0x92/0x520 [ 2440.221389] ? lockdep_init_map_type+0x2c7/0x780 [ 2440.222354] ? generic_splice_sendpage+0x140/0x140 [ 2440.223375] direct_splice_actor+0x10f/0x170 [ 2440.224277] splice_direct_to_actor+0x387/0x980 [ 2440.225233] ? pipe_to_sendpage+0x380/0x380 [ 2440.226123] ? do_splice_to+0x160/0x160 [ 2440.226932] ? security_file_permission+0x24e/0x570 [ 2440.227980] do_splice_direct+0x1c4/0x290 [ 2440.228829] ? splice_direct_to_actor+0x980/0x980 [ 2440.229807] ? selinux_file_permission+0x92/0x520 [ 2440.230800] ? security_file_permission+0x24e/0x570 [ 2440.231839] vfs_copy_file_range+0x4f8/0x1290 [ 2440.232762] ? generic_file_rw_checks+0x240/0x240 [ 2440.233759] ? __fget_files+0x296/0x4c0 [ 2440.234590] __do_sys_copy_file_range+0x193/0x420 [ 2440.235627] ? vfs_copy_file_range+0x1290/0x1290 [ 2440.236598] ? ksys_write+0x1a9/0x260 [ 2440.237380] ? __ia32_sys_read+0xb0/0xb0 [ 2440.238219] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2440.239324] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2440.240379] do_syscall_64+0x33/0x40 [ 2440.241151] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2440.242194] RIP: 0033:0x7fd102b50b19 [ 2440.242986] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2440.246705] RSP: 002b:00007fd1000c6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000146 [ 2440.248271] RAX: ffffffffffffffda RBX: 00007fd102c63f60 RCX: 00007fd102b50b19 [ 2440.249717] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005 [ 2440.251172] RBP: 00007fd1000c61d0 R08: 000000000200f5ef R09: 0000000000000000 [ 2440.252620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2440.254073] R13: 00007fff63b3a90f R14: 00007fd1000c6300 R15: 0000000000022000 [ 2440.274361] FAULT_INJECTION: forcing a failure. [ 2440.274361] name failslab, interval 1, probability 0, space 0, times 0 [ 2440.277048] CPU: 0 PID: 17227 Comm: syz-executor.5 Not tainted 5.10.183 #1 [ 2440.278464] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2440.280177] Call Trace: [ 2440.280728] dump_stack+0x107/0x167 [ 2440.281504] should_fail.cold+0x5/0xa [ 2440.282302] ? create_object.isra.0+0x3a/0xa20 [ 2440.283395] should_failslab+0x5/0x20 [ 2440.284172] kmem_cache_alloc+0x5b/0x310 [ 2440.284999] ? mark_held_locks+0x9e/0xe0 [ 2440.285835] create_object.isra.0+0x3a/0xa20 [ 2440.286727] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2440.287786] kmem_cache_alloc_bulk+0x168/0x320 [ 2440.288722] io_submit_sqes+0x6f76/0x85c0 [ 2440.289594] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2440.290608] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2440.291612] ? lock_downgrade+0x6d0/0x6d0 [ 2440.292460] ? find_held_lock+0x2c/0x110 [ 2440.293288] ? io_submit_sqes+0x85c0/0x85c0 [ 2440.294169] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2440.295147] ? wait_for_completion_io+0x270/0x270 [ 2440.296144] ? rcu_read_lock_any_held+0x75/0xa0 [ 2440.297088] ? vfs_write+0x354/0xa70 [ 2440.297854] ? fput_many+0x2f/0x1a0 [ 2440.298595] ? ksys_write+0x1a9/0x260 [ 2440.299389] ? __ia32_sys_read+0xb0/0xb0 [ 2440.300219] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2440.301286] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2440.302340] do_syscall_64+0x33/0x40 [ 2440.303108] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2440.304165] RIP: 0033:0x7fe21c796b19 [ 2440.304921] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2440.308642] RSP: 002b:00007fe219d0c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2440.310184] RAX: ffffffffffffffda RBX: 00007fe21c8a9f60 RCX: 00007fe21c796b19 [ 2440.311648] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2440.313093] RBP: 00007fe219d0c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2440.314540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2440.316025] R13: 00007ffd07aa720f R14: 00007fe219d0c300 R15: 0000000000022000 11:45:47 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x5, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:45:47 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x500, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:45:47 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x1000000, 0x0, 0x0) 11:45:47 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x6, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:46:04 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) (fail_nth: 17) 11:46:04 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:46:04 executing program 2: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @broadcast, 'veth1\x00'}}}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x8, 0x18012, r0, 0x8000000) r5 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r5, 0x0) write$bt_hci(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0xfdef) io_uring_setup(0x5204, &(0x7f0000000040)={0x0, 0xa8a, 0x20, 0x1, 0xfffffffc}) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:46:04 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x7, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:46:04 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x2000000, 0x0, 0x0) 11:46:04 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x2000000, 0x0, 0x0) 11:46:04 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 24) 11:46:04 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x0, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) [ 2457.600385] FAULT_INJECTION: forcing a failure. [ 2457.600385] name failslab, interval 1, probability 0, space 0, times 0 [ 2457.602143] CPU: 0 PID: 17271 Comm: syz-executor.5 Not tainted 5.10.183 #1 [ 2457.603041] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2457.604129] Call Trace: [ 2457.604486] dump_stack+0x107/0x167 [ 2457.604956] should_fail.cold+0x5/0xa [ 2457.605452] ? create_object.isra.0+0x3a/0xa20 [ 2457.606044] should_failslab+0x5/0x20 [ 2457.606538] kmem_cache_alloc+0x5b/0x310 [ 2457.607070] ? mark_held_locks+0x9e/0xe0 [ 2457.607607] create_object.isra.0+0x3a/0xa20 [ 2457.608181] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2457.608837] kmem_cache_alloc_bulk+0x168/0x320 [ 2457.609429] io_submit_sqes+0x6f76/0x85c0 [ 2457.610047] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2457.610773] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2457.611418] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2457.612188] ? _raw_spin_unlock_irq+0x1f/0x30 [ 2457.612770] ? trace_hardirqs_on+0x5b/0x180 [ 2457.613400] ? io_submit_sqes+0x85c0/0x85c0 [ 2457.614029] ? _raw_spin_unlock_irq+0x1f/0x30 [ 2457.614682] ? finish_task_switch+0x126/0x5d0 [ 2457.615331] ? finish_task_switch+0xef/0x5d0 [ 2457.615978] ? __switch_to+0x572/0xf70 [ 2457.616545] ? __switch_to_asm+0x3a/0x60 [ 2457.617131] ? __switch_to_asm+0x34/0x60 [ 2457.617729] ? __schedule+0x82c/0x1ea0 [ 2457.618308] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2457.619075] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2457.619852] ? trace_hardirqs_on+0x5b/0x180 [ 2457.620281] FAULT_INJECTION: forcing a failure. [ 2457.620281] name failslab, interval 1, probability 0, space 0, times 0 [ 2457.620474] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2457.620492] ? __io_uring_cancel+0x20/0x20 [ 2457.620517] do_syscall_64+0x33/0x40 [ 2457.624634] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2457.625353] RIP: 0033:0x7fe21c796b19 [ 2457.625896] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2457.628443] RSP: 002b:00007fe219d0c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2457.629529] RAX: ffffffffffffffda RBX: 00007fe21c8a9f60 RCX: 00007fe21c796b19 [ 2457.630536] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2457.631564] RBP: 00007fe219d0c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2457.632573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2457.633577] R13: 00007ffd07aa720f R14: 00007fe219d0c300 R15: 0000000000022000 [ 2457.634616] CPU: 1 PID: 17275 Comm: syz-executor.6 Not tainted 5.10.183 #1 [ 2457.636054] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2457.637752] Call Trace: [ 2457.638298] dump_stack+0x107/0x167 [ 2457.639053] should_fail.cold+0x5/0xa [ 2457.639846] ? jbd2__journal_start+0x190/0x7e0 [ 2457.640785] should_failslab+0x5/0x20 [ 2457.641565] kmem_cache_alloc+0x5b/0x310 [ 2457.642411] jbd2__journal_start+0x190/0x7e0 [ 2457.643325] __ext4_journal_start_sb+0x214/0x390 [ 2457.644324] ext4_writepages+0x102d/0x3350 [ 2457.645205] ? unwind_next_frame+0x13ef/0x1a90 [ 2457.646155] ? find_held_lock+0x2c/0x110 [ 2457.647014] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2457.648030] ? __is_insn_slot_addr+0x14c/0x290 [ 2457.648968] ? __kernel_text_address+0x9/0x40 [ 2457.649880] ? unwind_get_return_address+0x55/0xa0 [ 2457.650999] ? create_prof_cpu_mask+0x20/0x20 [ 2457.652078] ? stack_trace_save+0x8c/0xc0 [ 2457.653052] ? stack_trace_consume_entry+0x160/0x160 [ 2457.654272] ? kasan_save_stack+0x32/0x40 [ 2457.655233] ? kasan_save_stack+0x1b/0x40 [ 2457.656200] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2457.657384] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2457.658522] do_writepages+0xee/0x2a0 [ 2457.659433] ? page_writeback_cpu_online+0x20/0x20 [ 2457.660575] ? lock_acquire+0x197/0x470 [ 2457.661501] ? create_object.isra.0+0x3ad/0xa20 [ 2457.662602] ? lock_release+0x680/0x680 [ 2457.663537] ? find_held_lock+0x2c/0x110 [ 2457.664498] __filemap_fdatawrite_range+0x24b/0x2f0 [ 2457.665659] ? delete_from_page_cache_batch+0xa30/0xa30 [ 2457.666895] ? mark_held_locks+0x9e/0xe0 [ 2457.667871] ? trace_hardirqs_on+0x5b/0x180 [ 2457.668890] filemap_write_and_wait_range+0x65/0x100 [ 2457.670074] __iomap_dio_rw+0x552/0x1110 [ 2457.671064] ? iomap_dio_bio_actor+0xef0/0xef0 [ 2457.672115] ? ext4_orphan_add+0x253/0x9e0 [ 2457.673300] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 2457.674431] ? ext4_empty_dir+0xae0/0xae0 [ 2457.675581] ? jbd2__journal_start+0xf3/0x7e0 [ 2457.676756] iomap_dio_rw+0x31/0x90 [ 2457.677595] ext4_file_write_iter+0xb26/0x18d0 [ 2457.678632] ? __switch_to_asm+0x34/0x60 [ 2457.679664] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2457.680717] ? io_schedule_timeout+0x140/0x140 [ 2457.681777] ? direct_splice_actor+0x10f/0x170 [ 2457.682830] ? splice_direct_to_actor+0x387/0x980 [ 2457.683955] ? vfs_copy_file_range+0x4f8/0x1290 [ 2457.685032] ? __do_sys_copy_file_range+0x193/0x420 [ 2457.686199] do_iter_readv_writev+0x476/0x750 [ 2457.687245] ? new_sync_write+0x660/0x660 [ 2457.688222] ? selinux_file_permission+0x92/0x520 [ 2457.689367] do_iter_write+0x191/0x670 [ 2457.690275] ? trace_hardirqs_on+0x5b/0x180 [ 2457.691286] vfs_iter_write+0x70/0xa0 [ 2457.692178] iter_file_splice_write+0x762/0xc30 [ 2457.693277] ? generic_splice_sendpage+0x140/0x140 [ 2457.694412] ? avc_policy_seqno+0x9/0x70 [ 2457.695339] ? selinux_file_permission+0x92/0x520 [ 2457.696468] ? lockdep_init_map_type+0x2c7/0x780 [ 2457.697557] ? generic_splice_sendpage+0x140/0x140 [ 2457.698685] direct_splice_actor+0x10f/0x170 [ 2457.699710] splice_direct_to_actor+0x387/0x980 [ 2457.700782] ? pipe_to_sendpage+0x380/0x380 [ 2457.701776] ? do_splice_to+0x160/0x160 [ 2457.702690] ? security_file_permission+0x24e/0x570 [ 2457.703854] do_splice_direct+0x1c4/0x290 [ 2457.704807] ? splice_direct_to_actor+0x980/0x980 [ 2457.705906] ? selinux_file_permission+0x92/0x520 [ 2457.707019] ? security_file_permission+0x24e/0x570 [ 2457.708190] vfs_copy_file_range+0x4f8/0x1290 [ 2457.709228] ? generic_file_rw_checks+0x240/0x240 [ 2457.710335] ? __fget_files+0x296/0x4c0 [ 2457.711268] __do_sys_copy_file_range+0x193/0x420 [ 2457.712382] ? vfs_copy_file_range+0x1290/0x1290 [ 2457.713459] ? ksys_write+0x1a9/0x260 [ 2457.714324] ? __ia32_sys_read+0xb0/0xb0 [ 2457.715249] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2457.716447] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2457.717620] do_syscall_64+0x33/0x40 [ 2457.718466] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2457.719641] RIP: 0033:0x7fd102b50b19 [ 2457.720484] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2457.724636] RSP: 002b:00007fd1000c6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000146 [ 2457.726354] RAX: ffffffffffffffda RBX: 00007fd102c63f60 RCX: 00007fd102b50b19 [ 2457.727969] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005 [ 2457.729579] RBP: 00007fd1000c61d0 R08: 000000000200f5ef R09: 0000000000000000 [ 2457.731189] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2457.732930] R13: 00007fff63b3a90f R14: 00007fd1000c6300 R15: 0000000000022000 [ 2457.734673] EXT4-fs (sda): ext4_writepages: jbd2_start: 9223372036854775807 pages, ino 16027; err -12 11:46:04 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(0x0, 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:46:04 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 25) 11:46:04 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x2, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:46:04 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x8, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) [ 2457.824634] FAULT_INJECTION: forcing a failure. [ 2457.824634] name failslab, interval 1, probability 0, space 0, times 0 [ 2457.827390] CPU: 1 PID: 17286 Comm: syz-executor.5 Not tainted 5.10.183 #1 [ 2457.828925] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2457.830743] Call Trace: [ 2457.831313] dump_stack+0x107/0x167 [ 2457.832098] should_fail.cold+0x5/0xa [ 2457.832905] ? create_object.isra.0+0x3a/0xa20 [ 2457.833874] should_failslab+0x5/0x20 [ 2457.834734] kmem_cache_alloc+0x5b/0x310 [ 2457.835600] ? mark_held_locks+0x9e/0xe0 [ 2457.836495] create_object.isra.0+0x3a/0xa20 [ 2457.837420] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2457.838510] kmem_cache_alloc_bulk+0x168/0x320 [ 2457.839492] io_submit_sqes+0x6f76/0x85c0 [ 2457.840456] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2457.841569] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2457.842595] ? lock_downgrade+0x6d0/0x6d0 [ 2457.843477] ? find_held_lock+0x2c/0x110 [ 2457.844343] ? io_submit_sqes+0x85c0/0x85c0 [ 2457.845570] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2457.846863] ? wait_for_completion_io+0x270/0x270 [ 2457.848170] ? rcu_read_lock_any_held+0x75/0xa0 [ 2457.849364] ? vfs_write+0x354/0xa70 [ 2457.850337] ? fput_many+0x2f/0x1a0 [ 2457.851299] ? ksys_write+0x1a9/0x260 [ 2457.852332] ? __ia32_sys_read+0xb0/0xb0 [ 2457.853415] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2457.854299] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2457.855138] do_syscall_64+0x33/0x40 [ 2457.855790] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2457.856643] RIP: 0033:0x7fe21c796b19 [ 2457.857255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2457.860294] RSP: 002b:00007fe219d0c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2457.861536] RAX: ffffffffffffffda RBX: 00007fe21c8a9f60 RCX: 00007fe21c796b19 [ 2457.862701] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2457.863895] RBP: 00007fe219d0c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2457.865044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2457.866242] R13: 00007ffd07aa720f R14: 00007fe219d0c300 R15: 0000000000022000 11:46:04 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x16040000, 0x0, 0x0) 11:46:04 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x16040000, 0x0, 0x0) 11:46:04 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x3, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:46:04 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x9, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:46:19 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x20000000, 0x0, 0x0) 11:46:19 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 26) 11:46:19 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(0x0, 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:46:19 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) (fail_nth: 18) 11:46:19 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x4, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:46:19 executing program 2: sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x0, 0x20, 0x70bd2b, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x84}, 0x80c0) syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef", 0x3a, 0x400}], 0x8010, &(0x7f00000004c0)=ANY=[]) 11:46:19 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0xf, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:46:19 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x20000000, 0x0, 0x0) 11:46:19 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x7ffff000, 0x0, 0x0) [ 2472.082433] FAULT_INJECTION: forcing a failure. [ 2472.082433] name failslab, interval 1, probability 0, space 0, times 0 [ 2472.083973] CPU: 1 PID: 17321 Comm: syz-executor.6 Not tainted 5.10.183 #1 [ 2472.084891] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2472.085976] Call Trace: [ 2472.086332] dump_stack+0x107/0x167 [ 2472.086813] should_fail.cold+0x5/0xa [ 2472.087318] ? create_object.isra.0+0x3a/0xa20 [ 2472.087939] should_failslab+0x5/0x20 [ 2472.088440] kmem_cache_alloc+0x5b/0x310 [ 2472.088982] create_object.isra.0+0x3a/0xa20 [ 2472.089558] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2472.090222] kmem_cache_alloc+0x159/0x310 [ 2472.090787] jbd2__journal_start+0x190/0x7e0 [ 2472.091379] __ext4_journal_start_sb+0x214/0x390 [ 2472.092027] ext4_writepages+0x102d/0x3350 [ 2472.092595] ? unwind_next_frame+0x13ef/0x1a90 [ 2472.093207] ? find_held_lock+0x2c/0x110 [ 2472.093766] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2472.094419] ? __is_insn_slot_addr+0x14c/0x290 [ 2472.095024] ? __kernel_text_address+0x9/0x40 [ 2472.095614] ? unwind_get_return_address+0x55/0xa0 [ 2472.096254] ? create_prof_cpu_mask+0x20/0x20 [ 2472.096862] ? stack_trace_save+0x8c/0xc0 [ 2472.097403] ? stack_trace_consume_entry+0x160/0x160 [ 2472.098081] ? kasan_save_stack+0x32/0x40 [ 2472.098625] ? kasan_save_stack+0x1b/0x40 [ 2472.099180] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2472.099862] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2472.100089] FAULT_INJECTION: forcing a failure. [ 2472.100089] name failslab, interval 1, probability 0, space 0, times 0 [ 2472.100496] do_writepages+0xee/0x2a0 [ 2472.100515] ? page_writeback_cpu_online+0x20/0x20 [ 2472.100526] ? lock_acquire+0x197/0x470 [ 2472.100538] ? create_object.isra.0+0x3ad/0xa20 [ 2472.100560] ? lock_release+0x680/0x680 [ 2472.105788] ? find_held_lock+0x2c/0x110 [ 2472.106336] __filemap_fdatawrite_range+0x24b/0x2f0 [ 2472.107010] ? delete_from_page_cache_batch+0xa30/0xa30 [ 2472.107750] ? mark_held_locks+0x9e/0xe0 [ 2472.108306] ? trace_hardirqs_on+0x5b/0x180 [ 2472.108882] filemap_write_and_wait_range+0x65/0x100 [ 2472.109572] __iomap_dio_rw+0x552/0x1110 [ 2472.110128] ? iomap_dio_bio_actor+0xef0/0xef0 [ 2472.110740] ? ext4_orphan_add+0x253/0x9e0 [ 2472.111300] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 2472.111955] ? ext4_empty_dir+0xae0/0xae0 [ 2472.112499] ? jbd2__journal_start+0xf3/0x7e0 [ 2472.113089] iomap_dio_rw+0x31/0x90 [ 2472.113572] ext4_file_write_iter+0xb26/0x18d0 [ 2472.114183] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2472.114786] ? kasan_save_stack+0x32/0x40 [ 2472.115319] ? kasan_save_stack+0x1b/0x40 [ 2472.115884] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2472.116553] ? iter_file_splice_write+0x16d/0xc30 [ 2472.117201] ? direct_splice_actor+0x10f/0x170 [ 2472.117814] ? splice_direct_to_actor+0x387/0x980 [ 2472.118448] ? do_splice_direct+0x1c4/0x290 [ 2472.119012] ? vfs_copy_file_range+0x4f8/0x1290 [ 2472.119630] ? __do_sys_copy_file_range+0x193/0x420 [ 2472.120291] do_iter_readv_writev+0x476/0x750 [ 2472.120890] ? new_sync_write+0x660/0x660 [ 2472.121449] ? selinux_file_permission+0x92/0x520 [ 2472.122097] do_iter_write+0x191/0x670 [ 2472.122627] ? trace_hardirqs_on+0x5b/0x180 [ 2472.123201] vfs_iter_write+0x70/0xa0 [ 2472.123719] iter_file_splice_write+0x762/0xc30 [ 2472.124339] ? generic_splice_sendpage+0x140/0x140 [ 2472.124993] ? avc_policy_seqno+0x9/0x70 [ 2472.125526] ? selinux_file_permission+0x92/0x520 [ 2472.126170] ? lockdep_init_map_type+0x2c7/0x780 [ 2472.126797] ? generic_splice_sendpage+0x140/0x140 [ 2472.127440] direct_splice_actor+0x10f/0x170 [ 2472.128028] splice_direct_to_actor+0x387/0x980 [ 2472.128646] ? pipe_to_sendpage+0x380/0x380 [ 2472.129212] ? do_splice_to+0x160/0x160 [ 2472.129740] ? security_file_permission+0x24e/0x570 [ 2472.130402] do_splice_direct+0x1c4/0x290 [ 2472.130948] ? splice_direct_to_actor+0x980/0x980 [ 2472.131577] ? selinux_file_permission+0x92/0x520 [ 2472.132213] ? security_file_permission+0x24e/0x570 [ 2472.132878] vfs_copy_file_range+0x4f8/0x1290 [ 2472.133479] ? generic_file_rw_checks+0x240/0x240 [ 2472.134116] ? __fget_files+0x296/0x4c0 [ 2472.134657] __do_sys_copy_file_range+0x193/0x420 [ 2472.135283] ? vfs_copy_file_range+0x1290/0x1290 [ 2472.135918] ? ksys_write+0x1a9/0x260 [ 2472.136419] ? __ia32_sys_read+0xb0/0xb0 [ 2472.136960] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2472.137641] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2472.138323] do_syscall_64+0x33/0x40 [ 2472.138814] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2472.139488] RIP: 0033:0x7fd102b50b19 [ 2472.139984] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2472.142414] RSP: 002b:00007fd1000c6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000146 [ 2472.143414] RAX: ffffffffffffffda RBX: 00007fd102c63f60 RCX: 00007fd102b50b19 [ 2472.144362] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005 [ 2472.145293] RBP: 00007fd1000c61d0 R08: 000000000200f5ef R09: 0000000000000000 [ 2472.146214] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2472.147147] R13: 00007fff63b3a90f R14: 00007fd1000c6300 R15: 0000000000022000 [ 2472.148120] CPU: 0 PID: 17328 Comm: syz-executor.5 Not tainted 5.10.183 #1 [ 2472.149660] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2472.151495] Call Trace: [ 2472.152089] dump_stack+0x107/0x167 [ 2472.152907] should_fail.cold+0x5/0xa [ 2472.153755] ? create_object.isra.0+0x3a/0xa20 [ 2472.154769] should_failslab+0x5/0x20 [ 2472.155624] kmem_cache_alloc+0x5b/0x310 [ 2472.156519] ? mark_held_locks+0x9e/0xe0 [ 2472.157418] create_object.isra.0+0x3a/0xa20 [ 2472.158386] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2472.159508] kmem_cache_alloc_bulk+0x168/0x320 [ 2472.160530] io_submit_sqes+0x6f76/0x85c0 [ 2472.161477] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2472.162569] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2472.163636] ? lock_downgrade+0x6d0/0x6d0 [ 2472.164546] ? find_held_lock+0x2c/0x110 [ 2472.165442] ? io_submit_sqes+0x85c0/0x85c0 [ 2472.166393] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2472.167457] ? wait_for_completion_io+0x270/0x270 [ 2472.168536] ? rcu_read_lock_any_held+0x75/0xa0 [ 2472.169556] ? vfs_write+0x354/0xa70 [ 2472.170368] ? fput_many+0x2f/0x1a0 [ 2472.171168] ? ksys_write+0x1a9/0x260 11:46:19 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0xf0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) [ 2472.172017] ? __ia32_sys_read+0xb0/0xb0 [ 2472.173077] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2472.174228] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2472.175362] do_syscall_64+0x33/0x40 [ 2472.176219] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2472.177386] RIP: 0033:0x7fe21c796b19 [ 2472.178199] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2472.182158] RSP: 002b:00007fe219d0c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2472.183805] RAX: ffffffffffffffda RBX: 00007fe21c8a9f60 RCX: 00007fe21c796b19 [ 2472.185335] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2472.186892] RBP: 00007fe219d0c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2472.188464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2472.190019] R13: 00007ffd07aa720f R14: 00007fe219d0c300 R15: 0000000000022000 11:46:19 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x300, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:46:19 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x7ffff000, 0x0, 0x0) 11:46:19 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x5, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:46:19 executing program 2: r0 = syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_SEND={0x1a, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x24bd490d9570db7f}, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r4, 0x0, r3, 0x0, 0x200f5ef, 0x0) setsockopt$inet6_IPV6_DSTOPTS(r4, 0x29, 0x3b, &(0x7f00000001c0)={0x33, 0x1f, '\x00', [@generic={0x3f, 0xf0, "62c9e50b0542282607839b811e0b8c1aaf48b27fccc0549df3a419d1ecd70eb1b881ee446536a98814351b78270fbbb21266b9dd4a96c5088102013a77164de658e0b4f910b8853e62aef4a3dcf77958ce213b056c6e1e8e3ce1d67229bb9cb7706680abebf492544ebf2b758764dabe90feb1e625b1e958da197afb810848bf3c8e57283d05528590550813594a4d1002f09568f98d60e7468061a5ab407b02c582a2f10bcbb169200558b9f6567ed4c88cd551f372e36b1931ee2018f92a70b3b89f12d93c9c7d5d7f4caf91f326d5c94892dcea8196572187093bd73bfe7fbb39361148bf2dd02d51e62acaa65500"}, @pad1, @pad1]}, 0x100) openat(r4, &(0x7f0000000100)='./file1\x00', 0x843, 0x140) io_uring_enter(r0, 0x76d3, 0x0, 0x0, 0x0, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r6, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) signalfd4(r6, &(0x7f0000000340)={[0x3]}, 0x8, 0x180800) ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000040)) dup(r5) setxattr$trusted_overlay_nlink(&(0x7f0000000140)='./file1\x00', &(0x7f00000002c0), &(0x7f0000000300)={'U+', 0x7ff}, 0x16, 0x5) 11:46:19 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 27) 11:46:19 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x7ffffffff000, 0x0, 0x0) [ 2472.398224] FAULT_INJECTION: forcing a failure. [ 2472.398224] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2472.399764] CPU: 1 PID: 17354 Comm: syz-executor.5 Not tainted 5.10.183 #1 [ 2472.400531] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2472.401445] Call Trace: [ 2472.401745] dump_stack+0x107/0x167 [ 2472.402151] should_fail.cold+0x5/0xa [ 2472.402583] _copy_from_user+0x2e/0x1b0 [ 2472.403029] __copy_msghdr_from_user+0x91/0x4b0 [ 2472.403556] ? __ia32_sys_shutdown+0x80/0x80 [ 2472.404077] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2472.404709] ? SOFTIRQ_verbose+0x10/0x10 [ 2472.405169] __io_recvmsg_copy_hdr+0xac/0x2f0 [ 2472.405637] ? __io_compat_recvmsg_copy_hdr+0x360/0x360 [ 2472.406225] ? lock_chain_count+0x20/0x20 [ 2472.406684] ? __is_insn_slot_addr+0x123/0x290 [ 2472.407184] ? lock_downgrade+0x6d0/0x6d0 [ 2472.407664] io_recvmsg+0xa31/0xca0 [ 2472.408083] ? io_sendmsg+0x790/0x790 [ 2472.408576] ? mark_lock+0xf5/0x2df0 [ 2472.409074] ? lock_chain_count+0x20/0x20 [ 2472.409588] ? lock_chain_count+0x20/0x20 [ 2472.410046] ? stack_trace_save+0x8c/0xc0 [ 2472.410509] ? stack_trace_consume_entry+0x160/0x160 [ 2472.411038] ? lock_acquire+0x197/0x470 [ 2472.411487] ? __lock_acquire+0xbb1/0x5b00 [ 2472.411987] io_issue_sqe+0x35f1/0x7660 [ 2472.412437] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2472.413023] ? SOFTIRQ_verbose+0x10/0x10 [ 2472.413480] ? lock_chain_count+0x20/0x20 [ 2472.413946] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2472.414532] ? io_connect+0x610/0x610 [ 2472.414963] ? lock_acquire+0x197/0x470 [ 2472.415401] ? find_held_lock+0x2c/0x110 [ 2472.415870] ? __fget_files+0x26d/0x4c0 [ 2472.416318] ? lock_downgrade+0x6d0/0x6d0 [ 2472.416789] __io_queue_sqe+0x90/0x9d0 [ 2472.417236] ? io_issue_sqe+0x7660/0x7660 [ 2472.417713] io_submit_sqes+0x4461/0x85c0 [ 2472.418195] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2472.418749] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2472.419288] ? lock_downgrade+0x6d0/0x6d0 [ 2472.419753] ? find_held_lock+0x2c/0x110 [ 2472.420210] ? io_submit_sqes+0x85c0/0x85c0 [ 2472.420696] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2472.421192] ? wait_for_completion_io+0x270/0x270 [ 2472.421726] ? rcu_read_lock_any_held+0x75/0xa0 [ 2472.422245] ? vfs_write+0x354/0xa70 [ 2472.422660] ? fput_many+0x2f/0x1a0 [ 2472.423061] ? ksys_write+0x1a9/0x260 [ 2472.423479] ? __ia32_sys_read+0xb0/0xb0 [ 2472.423954] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2472.424533] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2472.425107] do_syscall_64+0x33/0x40 [ 2472.425521] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2472.426095] RIP: 0033:0x7fe21c796b19 [ 2472.426513] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2472.428540] RSP: 002b:00007fe219d0c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2472.429375] RAX: ffffffffffffffda RBX: 00007fe21c8a9f60 RCX: 00007fe21c796b19 [ 2472.430174] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2472.430967] RBP: 00007fe219d0c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2472.431766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2472.432551] R13: 00007ffd07aa720f R14: 00007fe219d0c300 R15: 0000000000022000 11:46:19 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x6, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:46:19 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x500, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:46:32 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(0x0, 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:46:32 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(0x0, 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:46:32 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x7, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:46:32 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x7ffffffff000, 0x0, 0x0) 11:46:32 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) (fail_nth: 19) 11:46:32 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x8000000000000, 0x0, 0x0) 11:46:32 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x600, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:46:32 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 28) [ 2485.559970] FAULT_INJECTION: forcing a failure. [ 2485.559970] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2485.562558] CPU: 1 PID: 17382 Comm: syz-executor.5 Not tainted 5.10.183 #1 [ 2485.563997] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2485.565719] Call Trace: [ 2485.566288] dump_stack+0x107/0x167 [ 2485.567074] should_fail.cold+0x5/0xa [ 2485.567960] _copy_from_user+0x2e/0x1b0 [ 2485.568828] __copy_msghdr_from_user+0x91/0x4b0 [ 2485.569831] ? __ia32_sys_shutdown+0x80/0x80 [ 2485.570820] __io_recvmsg_copy_hdr+0xac/0x2f0 [ 2485.571894] ? __io_compat_recvmsg_copy_hdr+0x360/0x360 [ 2485.573125] ? lock_chain_count+0x20/0x20 [ 2485.574061] ? __is_insn_slot_addr+0x123/0x290 [ 2485.575143] ? lock_downgrade+0x6d0/0x6d0 [ 2485.576061] io_recvmsg+0xa31/0xca0 [ 2485.576844] ? lock_chain_count+0x20/0x20 [ 2485.577814] ? io_sendmsg+0x790/0x790 [ 2485.578637] ? mark_lock+0xf5/0x2df0 [ 2485.579451] ? lock_chain_count+0x20/0x20 [ 2485.580372] ? __lock_acquire+0xbb1/0x5b00 [ 2485.581308] ? __lock_acquire+0xbb1/0x5b00 [ 2485.582228] io_issue_sqe+0x35f1/0x7660 [ 2485.583100] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2485.584216] ? SOFTIRQ_verbose+0x10/0x10 [ 2485.585096] ? percpu_ref_put_many+0x153/0x2b0 [ 2485.586075] ? io_connect+0x610/0x610 [ 2485.586893] ? lock_acquire+0x197/0x470 [ 2485.587761] ? find_held_lock+0x2c/0x110 [ 2485.588646] ? __fget_files+0x26d/0x4c0 [ 2485.589509] ? lock_downgrade+0x6d0/0x6d0 [ 2485.590412] __io_queue_sqe+0x90/0x9d0 [ 2485.591254] ? io_issue_sqe+0x7660/0x7660 [ 2485.592167] io_submit_sqes+0x4461/0x85c0 [ 2485.593090] ? __do_sys_io_uring_enter+0x6b5/0x1730 [ 2485.594156] __do_sys_io_uring_enter+0x6b5/0x1730 [ 2485.595189] ? lock_downgrade+0x6d0/0x6d0 [ 2485.596080] ? find_held_lock+0x2c/0x110 [ 2485.596955] ? io_submit_sqes+0x85c0/0x85c0 [ 2485.597884] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2485.598921] ? wait_for_completion_io+0x270/0x270 [ 2485.599980] ? rcu_read_lock_any_held+0x75/0xa0 [ 2485.600973] ? vfs_write+0x354/0xa70 11:46:32 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x700, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) [ 2485.601773] ? fput_many+0x2f/0x1a0 [ 2485.602651] ? ksys_write+0x1a9/0x260 [ 2485.603466] ? __ia32_sys_read+0xb0/0xb0 [ 2485.604351] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2485.605477] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2485.606583] do_syscall_64+0x33/0x40 [ 2485.607386] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2485.608504] RIP: 0033:0x7fe21c796b19 [ 2485.609299] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2485.613229] RSP: 002b:00007fe219d0c188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2485.614864] RAX: ffffffffffffffda RBX: 00007fe21c8a9f60 RCX: 00007fe21c796b19 [ 2485.616395] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004 [ 2485.617920] RBP: 00007fe219d0c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2485.619448] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2485.620993] R13: 00007ffd07aa720f R14: 00007fe219d0c300 R15: 0000000000022000 [ 2485.631858] FAULT_INJECTION: forcing a failure. [ 2485.631858] name failslab, interval 1, probability 0, space 0, times 0 [ 2485.634506] CPU: 1 PID: 17380 Comm: syz-executor.6 Not tainted 5.10.183 #1 [ 2485.636020] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2485.637900] Call Trace: [ 2485.638549] dump_stack+0x107/0x167 [ 2485.639335] should_fail.cold+0x5/0xa [ 2485.640163] ? jbd2__journal_start+0x246/0x7e0 [ 2485.641139] should_failslab+0x5/0x20 [ 2485.641954] kmem_cache_alloc+0x5b/0x310 [ 2485.642832] jbd2__journal_start+0x246/0x7e0 [ 2485.643796] __ext4_journal_start_sb+0x214/0x390 [ 2485.644822] ext4_writepages+0x102d/0x3350 [ 2485.645743] ? unwind_next_frame+0x13ef/0x1a90 [ 2485.646741] ? find_held_lock+0x2c/0x110 [ 2485.647721] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2485.648772] ? __is_insn_slot_addr+0x14c/0x290 [ 2485.649769] ? __kernel_text_address+0x9/0x40 [ 2485.650802] ? unwind_get_return_address+0x55/0xa0 [ 2485.651872] ? create_prof_cpu_mask+0x20/0x20 [ 2485.652852] ? stack_trace_save+0x8c/0xc0 [ 2485.653749] ? stack_trace_consume_entry+0x160/0x160 [ 2485.654852] ? kasan_save_stack+0x32/0x40 [ 2485.655836] ? kasan_save_stack+0x1b/0x40 [ 2485.656726] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2485.657817] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2485.658955] do_writepages+0xee/0x2a0 [ 2485.659877] ? page_writeback_cpu_online+0x20/0x20 [ 2485.660951] ? lock_acquire+0x197/0x470 [ 2485.661800] ? create_object.isra.0+0x3ad/0xa20 [ 2485.662801] ? lock_release+0x680/0x680 [ 2485.663650] ? find_held_lock+0x2c/0x110 [ 2485.664590] __filemap_fdatawrite_range+0x24b/0x2f0 [ 2485.665661] ? delete_from_page_cache_batch+0xa30/0xa30 [ 2485.666795] ? mark_held_locks+0x9e/0xe0 [ 2485.667678] ? trace_hardirqs_on+0x5b/0x180 [ 2485.668632] filemap_write_and_wait_range+0x65/0x100 [ 2485.669723] __iomap_dio_rw+0x552/0x1110 [ 2485.670684] ? iomap_dio_bio_actor+0xef0/0xef0 [ 2485.671662] ? ext4_orphan_add+0x253/0x9e0 [ 2485.672612] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 2485.673671] ? ext4_empty_dir+0xae0/0xae0 [ 2485.674559] ? jbd2__journal_start+0xf3/0x7e0 [ 2485.675598] iomap_dio_rw+0x31/0x90 [ 2485.676395] ext4_file_write_iter+0xb26/0x18d0 [ 2485.677395] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2485.678436] ? kasan_save_stack+0x32/0x40 [ 2485.679336] ? kasan_save_stack+0x1b/0x40 [ 2485.680247] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2485.681339] ? iter_file_splice_write+0x16d/0xc30 [ 2485.682370] ? direct_splice_actor+0x10f/0x170 [ 2485.683356] ? splice_direct_to_actor+0x387/0x980 [ 2485.684466] ? do_splice_direct+0x1c4/0x290 [ 2485.685390] ? vfs_copy_file_range+0x4f8/0x1290 [ 2485.686387] ? __do_sys_copy_file_range+0x193/0x420 [ 2485.687467] do_iter_readv_writev+0x476/0x750 [ 2485.688462] ? new_sync_write+0x660/0x660 [ 2485.689353] ? selinux_file_permission+0x92/0x520 [ 2485.690522] do_iter_write+0x191/0x670 [ 2485.691453] ? trace_hardirqs_on+0x5b/0x180 [ 2485.692399] vfs_iter_write+0x70/0xa0 [ 2485.693226] iter_file_splice_write+0x762/0xc30 [ 2485.694261] ? generic_splice_sendpage+0x140/0x140 [ 2485.695384] ? avc_policy_seqno+0x9/0x70 [ 2485.696308] ? selinux_file_permission+0x92/0x520 [ 2485.697398] ? lockdep_init_map_type+0x2c7/0x780 [ 2485.698425] ? generic_splice_sendpage+0x140/0x140 [ 2485.699494] direct_splice_actor+0x10f/0x170 [ 2485.700509] splice_direct_to_actor+0x387/0x980 [ 2485.701583] ? pipe_to_sendpage+0x380/0x380 [ 2485.702574] ? do_splice_to+0x160/0x160 [ 2485.703520] ? security_file_permission+0x24e/0x570 [ 2485.704739] do_splice_direct+0x1c4/0x290 [ 2485.705633] ? splice_direct_to_actor+0x980/0x980 [ 2485.706720] ? selinux_file_permission+0x92/0x520 [ 2485.707781] ? security_file_permission+0x24e/0x570 [ 2485.708867] vfs_copy_file_range+0x4f8/0x1290 [ 2485.709846] ? generic_file_rw_checks+0x240/0x240 [ 2485.710885] ? __fget_files+0x296/0x4c0 [ 2485.711859] __do_sys_copy_file_range+0x193/0x420 [ 2485.712882] ? vfs_copy_file_range+0x1290/0x1290 [ 2485.713969] ? ksys_write+0x1a9/0x260 [ 2485.714791] ? __ia32_sys_read+0xb0/0xb0 [ 2485.715655] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2485.716742] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2485.717873] do_syscall_64+0x33/0x40 [ 2485.718688] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2485.719762] RIP: 0033:0x7fd102b50b19 [ 2485.720511] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2485.724331] RSP: 002b:00007fd1000c6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000146 [ 2485.725949] RAX: ffffffffffffffda RBX: 00007fd102c63f60 RCX: 00007fd102b50b19 [ 2485.727411] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005 [ 2485.728911] RBP: 00007fd1000c61d0 R08: 000000000200f5ef R09: 0000000000000000 [ 2485.730518] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2485.732015] R13: 00007fff63b3a90f R14: 00007fd1000c6300 R15: 0000000000022000 [ 2485.733661] EXT4-fs (sda): ext4_writepages: jbd2_start: 9223372036854775807 pages, ino 16015; err -12 11:46:32 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x900, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:46:32 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x8000000000000, 0x0, 0x0) 11:46:33 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0xf00, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:46:33 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x40000000000000, 0x0, 0x0) 11:46:33 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) (fail_nth: 20) [ 2486.444396] syz-executor.6 (17380) used greatest stack depth: 22912 bytes left 11:46:33 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2486.571564] FAULT_INJECTION: forcing a failure. [ 2486.571564] name failslab, interval 1, probability 0, space 0, times 0 [ 2486.574052] CPU: 0 PID: 17416 Comm: syz-executor.6 Not tainted 5.10.183 #1 [ 2486.575580] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2486.577326] Call Trace: [ 2486.577874] dump_stack+0x107/0x167 [ 2486.578641] should_fail.cold+0x5/0xa [ 2486.579423] ? create_object.isra.0+0x3a/0xa20 [ 2486.580374] should_failslab+0x5/0x20 [ 2486.581150] kmem_cache_alloc+0x5b/0x310 [ 2486.581976] ? mark_held_locks+0x9e/0xe0 [ 2486.582807] create_object.isra.0+0x3a/0xa20 [ 2486.583698] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2486.584731] kmem_cache_alloc+0x159/0x310 [ 2486.585577] jbd2__journal_start+0x246/0x7e0 [ 2486.586478] __ext4_journal_start_sb+0x214/0x390 [ 2486.587437] ext4_writepages+0x102d/0x3350 [ 2486.588304] ? unwind_next_frame+0x13ef/0x1a90 [ 2486.589237] ? find_held_lock+0x2c/0x110 [ 2486.590088] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2486.591085] ? __is_insn_slot_addr+0x14c/0x290 [ 2486.592029] ? __kernel_text_address+0x9/0x40 [ 2486.592933] ? unwind_get_return_address+0x55/0xa0 [ 2486.593919] ? create_prof_cpu_mask+0x20/0x20 [ 2486.594853] ? stack_trace_save+0x8c/0xc0 [ 2486.595694] ? stack_trace_consume_entry+0x160/0x160 [ 2486.596738] ? kasan_save_stack+0x32/0x40 [ 2486.597573] ? kasan_save_stack+0x1b/0x40 [ 2486.598419] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2486.599451] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2486.600567] do_writepages+0xee/0x2a0 [ 2486.601558] ? page_writeback_cpu_online+0x20/0x20 [ 2486.602806] ? lock_acquire+0x197/0x470 [ 2486.603851] ? create_object.isra.0+0x3ad/0xa20 [ 2486.604945] ? lock_release+0x680/0x680 [ 2486.605766] ? find_held_lock+0x2c/0x110 [ 2486.606668] __filemap_fdatawrite_range+0x24b/0x2f0 [ 2486.607743] ? delete_from_page_cache_batch+0xa30/0xa30 [ 2486.608823] ? mark_held_locks+0x9e/0xe0 [ 2486.609660] ? trace_hardirqs_on+0x5b/0x180 [ 2486.610588] filemap_write_and_wait_range+0x65/0x100 [ 2486.611618] __iomap_dio_rw+0x552/0x1110 [ 2486.612458] ? iomap_dio_bio_actor+0xef0/0xef0 [ 2486.613389] ? ext4_orphan_add+0x253/0x9e0 [ 2486.614245] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 2486.615242] ? ext4_empty_dir+0xae0/0xae0 [ 2486.616087] ? jbd2__journal_start+0xf3/0x7e0 [ 2486.617002] iomap_dio_rw+0x31/0x90 [ 2486.617735] ext4_file_write_iter+0xb26/0x18d0 [ 2486.618666] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2486.619563] ? kasan_save_stack+0x32/0x40 [ 2486.620404] ? kasan_save_stack+0x1b/0x40 [ 2486.621229] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2486.622243] ? iter_file_splice_write+0x16d/0xc30 [ 2486.623197] ? direct_splice_actor+0x10f/0x170 [ 2486.624125] ? splice_direct_to_actor+0x387/0x980 [ 2486.625088] ? do_splice_direct+0x1c4/0x290 [ 2486.625950] ? vfs_copy_file_range+0x4f8/0x1290 [ 2486.626881] ? __do_sys_copy_file_range+0x193/0x420 [ 2486.627895] do_iter_readv_writev+0x476/0x750 [ 2486.628799] ? new_sync_write+0x660/0x660 [ 2486.629632] ? selinux_file_permission+0x92/0x520 [ 2486.630618] do_iter_write+0x191/0x670 [ 2486.631407] ? trace_hardirqs_on+0x5b/0x180 [ 2486.632286] vfs_iter_write+0x70/0xa0 [ 2486.633051] iter_file_splice_write+0x762/0xc30 [ 2486.633999] ? generic_splice_sendpage+0x140/0x140 [ 2486.634987] ? avc_policy_seqno+0x9/0x70 [ 2486.635816] ? selinux_file_permission+0x92/0x520 [ 2486.636790] ? lockdep_init_map_type+0x2c7/0x780 [ 2486.637742] ? generic_splice_sendpage+0x140/0x140 [ 2486.638728] direct_splice_actor+0x10f/0x170 [ 2486.639609] splice_direct_to_actor+0x387/0x980 [ 2486.640559] ? pipe_to_sendpage+0x380/0x380 [ 2486.641429] ? do_splice_to+0x160/0x160 [ 2486.642225] ? security_file_permission+0x24e/0x570 [ 2486.643231] do_splice_direct+0x1c4/0x290 [ 2486.644076] ? splice_direct_to_actor+0x980/0x980 [ 2486.645048] ? selinux_file_permission+0x92/0x520 [ 2486.646015] ? security_file_permission+0x24e/0x570 [ 2486.647031] vfs_copy_file_range+0x4f8/0x1290 [ 2486.647945] ? generic_file_rw_checks+0x240/0x240 [ 2486.648927] ? __fget_files+0x296/0x4c0 [ 2486.649751] __do_sys_copy_file_range+0x193/0x420 [ 2486.650719] ? vfs_copy_file_range+0x1290/0x1290 [ 2486.651673] ? ksys_write+0x1a9/0x260 [ 2486.652450] ? __ia32_sys_read+0xb0/0xb0 [ 2486.653265] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2486.654319] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2486.655351] do_syscall_64+0x33/0x40 [ 2486.656105] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2486.657130] RIP: 0033:0x7fd102b50b19 [ 2486.657880] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2486.661523] RSP: 002b:00007fd1000c6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000146 [ 2486.663036] RAX: ffffffffffffffda RBX: 00007fd102c63f60 RCX: 00007fd102b50b19 [ 2486.664471] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005 [ 2486.665905] RBP: 00007fd1000c61d0 R08: 000000000200f5ef R09: 0000000000000000 [ 2486.667330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2486.668763] R13: 00007fff63b3a90f R14: 00007fd1000c6300 R15: 0000000000022000 [ 2491.298633] Bluetooth: hci3: command 0x0409 tx timeout [ 2493.346495] Bluetooth: hci3: command 0x041b tx timeout [ 2495.395441] Bluetooth: hci3: command 0x040f tx timeout [ 2495.671574] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2495.672901] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2495.674988] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 2495.716954] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2495.719251] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2495.722925] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 2497.442529] Bluetooth: hci3: command 0x0419 tx timeout [ 2501.986475] Bluetooth: hci2: command 0x0406 tx timeout 11:46:58 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0xf000, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:46:58 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x8, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:46:58 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) (fail_nth: 21) 11:46:58 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x40000000000000, 0x0, 0x0) 11:46:58 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:46:58 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x80000000000000, 0x0, 0x0) 11:46:58 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x9, 0x10010, r0, 0x10000000) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r5, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x1, 0x0, @fd_index=0x9, 0x0, &(0x7f0000000140)=[{&(0x7f0000000500)=""/4096, 0x1000}, {&(0x7f0000001500)=""/4096, 0x1000}], 0x2, 0x4, 0x1, {0x0, r6}}, 0xf1) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:46:58 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(0x0, 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) [ 2511.316633] FAULT_INJECTION: forcing a failure. [ 2511.316633] name failslab, interval 1, probability 0, space 0, times 0 [ 2511.318513] CPU: 0 PID: 17889 Comm: syz-executor.6 Not tainted 5.10.183 #1 [ 2511.319501] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2511.320603] Call Trace: [ 2511.320960] dump_stack+0x107/0x167 [ 2511.321446] should_fail.cold+0x5/0xa [ 2511.321967] ? ext4_alloc_io_end_vec+0x1f/0x120 [ 2511.322591] should_failslab+0x5/0x20 [ 2511.323104] kmem_cache_alloc+0x5b/0x310 [ 2511.323651] ext4_alloc_io_end_vec+0x1f/0x120 [ 2511.324267] ext4_writepages+0x17a5/0x3350 [ 2511.324844] ? unwind_next_frame+0x13ef/0x1a90 [ 2511.325473] ? find_held_lock+0x2c/0x110 [ 2511.326042] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2511.326714] ? __is_insn_slot_addr+0x14c/0x290 [ 2511.327345] ? __kernel_text_address+0x9/0x40 [ 2511.327964] ? unwind_get_return_address+0x55/0xa0 [ 2511.328646] ? create_prof_cpu_mask+0x20/0x20 [ 2511.329272] ? stack_trace_save+0x8c/0xc0 [ 2511.329832] ? stack_trace_consume_entry+0x160/0x160 [ 2511.330530] ? kasan_save_stack+0x32/0x40 [ 2511.331087] ? kasan_save_stack+0x1b/0x40 [ 2511.331650] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2511.332339] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2511.332986] do_writepages+0xee/0x2a0 [ 2511.333497] ? page_writeback_cpu_online+0x20/0x20 [ 2511.334152] ? lock_acquire+0x197/0x470 [ 2511.334690] ? create_object.isra.0+0x3ad/0xa20 [ 2511.335312] ? lock_release+0x680/0x680 [ 2511.335850] ? find_held_lock+0x2c/0x110 [ 2511.336410] __filemap_fdatawrite_range+0x24b/0x2f0 [ 2511.337096] ? delete_from_page_cache_batch+0xa30/0xa30 [ 2511.337807] ? mark_held_locks+0x9e/0xe0 [ 2511.338357] ? trace_hardirqs_on+0x5b/0x180 [ 2511.338950] filemap_write_and_wait_range+0x65/0x100 [ 2511.339633] __iomap_dio_rw+0x552/0x1110 [ 2511.340216] ? iomap_dio_bio_actor+0xef0/0xef0 [ 2511.340834] ? ext4_orphan_add+0x253/0x9e0 [ 2511.341405] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 2511.342051] ? ext4_empty_dir+0xae0/0xae0 [ 2511.342608] ? jbd2__journal_start+0xf3/0x7e0 [ 2511.343223] iomap_dio_rw+0x31/0x90 [ 2511.343715] ext4_file_write_iter+0xb26/0x18d0 [ 2511.344353] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2511.344969] ? kasan_save_stack+0x32/0x40 [ 2511.345527] ? kasan_save_stack+0x1b/0x40 [ 2511.346089] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2511.346779] ? iter_file_splice_write+0x16d/0xc30 [ 2511.347420] ? direct_splice_actor+0x10f/0x170 [ 2511.348048] ? splice_direct_to_actor+0x387/0x980 [ 2511.348688] ? do_splice_direct+0x1c4/0x290 [ 2511.349271] ? vfs_copy_file_range+0x4f8/0x1290 [ 2511.349892] ? __do_sys_copy_file_range+0x193/0x420 [ 2511.350576] do_iter_readv_writev+0x476/0x750 [ 2511.351175] ? new_sync_write+0x660/0x660 [ 2511.351737] ? selinux_file_permission+0x92/0x520 [ 2511.352417] do_iter_write+0x191/0x670 [ 2511.352953] ? trace_hardirqs_on+0x5b/0x180 [ 2511.353527] vfs_iter_write+0x70/0xa0 [ 2511.354047] iter_file_splice_write+0x762/0xc30 [ 2511.354678] ? generic_splice_sendpage+0x140/0x140 [ 2511.355349] ? avc_policy_seqno+0x9/0x70 [ 2511.355903] ? selinux_file_permission+0x92/0x520 [ 2511.356550] ? lockdep_init_map_type+0x2c7/0x780 [ 2511.357175] ? generic_splice_sendpage+0x140/0x140 [ 2511.357827] direct_splice_actor+0x10f/0x170 [ 2511.358393] splice_direct_to_actor+0x387/0x980 [ 2511.359020] ? pipe_to_sendpage+0x380/0x380 [ 2511.359593] ? do_splice_to+0x160/0x160 [ 2511.360135] ? security_file_permission+0x24e/0x570 [ 2511.360820] do_splice_direct+0x1c4/0x290 [ 2511.361385] ? splice_direct_to_actor+0x980/0x980 [ 2511.362032] ? selinux_file_permission+0x92/0x520 [ 2511.362686] ? security_file_permission+0x24e/0x570 [ 2511.363375] vfs_copy_file_range+0x4f8/0x1290 [ 2511.363967] ? generic_file_rw_checks+0x240/0x240 [ 2511.364635] ? __fget_files+0x296/0x4c0 [ 2511.365191] __do_sys_copy_file_range+0x193/0x420 [ 2511.365850] ? vfs_copy_file_range+0x1290/0x1290 [ 2511.366487] ? ksys_write+0x1a9/0x260 [ 2511.366986] ? __ia32_sys_read+0xb0/0xb0 [ 2511.367536] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2511.368257] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2511.368960] do_syscall_64+0x33/0x40 [ 2511.369467] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2511.370157] RIP: 0033:0x7fd102b50b19 [ 2511.370659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2511.373147] RSP: 002b:00007fd1000c6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000146 [ 2511.374173] RAX: ffffffffffffffda RBX: 00007fd102c63f60 RCX: 00007fd102b50b19 [ 2511.375142] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005 [ 2511.376094] RBP: 00007fd1000c61d0 R08: 000000000200f5ef R09: 0000000000000000 [ 2511.377050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2511.378009] R13: 00007fff63b3a90f R14: 00007fd1000c6300 R15: 0000000000022000 11:46:58 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x30000, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:46:58 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x9, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:46:58 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0xf0ff7f00000000, 0x0, 0x0) 11:46:58 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) syz_io_uring_setup(0x1d, &(0x7f00000001c0)={0x0, 0x4a4b, 0x0, 0x0, 0x18}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f0000000180)=0x0) r6 = syz_open_dev$tty1(0xc, 0x4, 0x1) syz_io_uring_submit(r4, r5, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd=r6, 0x0, 0x0, 0x0, 0x3}, 0x0) syz_io_uring_submit(r1, r5, &(0x7f0000000140)=@IORING_OP_SPLICE={0x1e, 0x3, 0x0, @fd_index=0x2, 0x47e3, {0x0, r0}, 0x7, 0x0, 0x0, {0x0, 0x0, r0}}, 0xca17) r7 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r7, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:46:58 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0xf, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:46:58 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x34000, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:46:58 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0xf0ffffff7f0000, 0x0, 0x0) 11:46:58 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) (fail_nth: 22) 11:46:58 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) ioctl$sock_inet6_udp_SIOCOUTQ(r3, 0x5411, &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2511.757469] FAULT_INJECTION: forcing a failure. [ 2511.757469] name failslab, interval 1, probability 0, space 0, times 0 [ 2511.760052] CPU: 1 PID: 17929 Comm: syz-executor.6 Not tainted 5.10.183 #1 [ 2511.761526] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2511.763341] Call Trace: [ 2511.763915] dump_stack+0x107/0x167 [ 2511.764716] should_fail.cold+0x5/0xa [ 2511.765530] ? create_object.isra.0+0x3a/0xa20 [ 2511.766498] should_failslab+0x5/0x20 [ 2511.767315] kmem_cache_alloc+0x5b/0x310 [ 2511.768193] create_object.isra.0+0x3a/0xa20 [ 2511.769174] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2511.770259] kmem_cache_alloc+0x159/0x310 [ 2511.771149] ext4_alloc_io_end_vec+0x1f/0x120 [ 2511.772120] ext4_writepages+0x17a5/0x3350 [ 2511.773028] ? unwind_next_frame+0x13ef/0x1a90 [ 2511.774007] ? find_held_lock+0x2c/0x110 [ 2511.774911] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2511.775951] ? __is_insn_slot_addr+0x14c/0x290 [ 2511.776941] ? __kernel_text_address+0x9/0x40 [ 2511.777894] ? unwind_get_return_address+0x55/0xa0 [ 2511.778932] ? create_prof_cpu_mask+0x20/0x20 [ 2511.779909] ? stack_trace_save+0x8c/0xc0 [ 2511.780806] ? stack_trace_consume_entry+0x160/0x160 [ 2511.781896] ? kasan_save_stack+0x32/0x40 [ 2511.782771] ? kasan_save_stack+0x1b/0x40 [ 2511.783647] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2511.784741] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2511.785777] do_writepages+0xee/0x2a0 [ 2511.786591] ? page_writeback_cpu_online+0x20/0x20 [ 2511.787622] ? lock_acquire+0x197/0x470 [ 2511.788469] ? create_object.isra.0+0x3ad/0xa20 [ 2511.789456] ? lock_release+0x680/0x680 [ 2511.790295] ? find_held_lock+0x2c/0x110 [ 2511.791160] __filemap_fdatawrite_range+0x24b/0x2f0 [ 2511.792232] ? delete_from_page_cache_batch+0xa30/0xa30 [ 2511.793350] ? mark_held_locks+0x9e/0xe0 [ 2511.794224] ? trace_hardirqs_on+0x5b/0x180 [ 2511.795143] filemap_write_and_wait_range+0x65/0x100 [ 2511.796245] __iomap_dio_rw+0x552/0x1110 [ 2511.797128] ? iomap_dio_bio_actor+0xef0/0xef0 [ 2511.798096] ? ext4_orphan_add+0x253/0x9e0 [ 2511.799005] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 2511.800056] ? ext4_empty_dir+0xae0/0xae0 [ 2511.800934] ? jbd2__journal_start+0xf3/0x7e0 [ 2511.801896] iomap_dio_rw+0x31/0x90 [ 2511.802672] ext4_file_write_iter+0xb26/0x18d0 [ 2511.803664] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2511.804638] ? kasan_save_stack+0x32/0x40 [ 2511.805518] ? kasan_save_stack+0x1b/0x40 [ 2511.806400] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2511.807469] ? iter_file_splice_write+0x16d/0xc30 [ 2511.808508] ? direct_splice_actor+0x10f/0x170 [ 2511.809471] ? splice_direct_to_actor+0x387/0x980 [ 2511.810493] ? do_splice_direct+0x1c4/0x290 [ 2511.811410] ? vfs_copy_file_range+0x4f8/0x1290 [ 2511.812407] ? __do_sys_copy_file_range+0x193/0x420 [ 2511.813480] do_iter_readv_writev+0x476/0x750 [ 2511.814442] ? new_sync_write+0x660/0x660 [ 2511.815322] ? selinux_file_permission+0x92/0x520 [ 2511.816394] do_iter_write+0x191/0x670 [ 2511.817232] ? trace_hardirqs_on+0x5b/0x180 [ 2511.818165] vfs_iter_write+0x70/0xa0 [ 2511.818984] iter_file_splice_write+0x762/0xc30 [ 2511.820001] ? generic_splice_sendpage+0x140/0x140 [ 2511.821064] ? avc_policy_seqno+0x9/0x70 [ 2511.821933] ? selinux_file_permission+0x92/0x520 [ 2511.822965] ? lockdep_init_map_type+0x2c7/0x780 [ 2511.823971] ? generic_splice_sendpage+0x140/0x140 [ 2511.825034] direct_splice_actor+0x10f/0x170 [ 2511.825975] splice_direct_to_actor+0x387/0x980 [ 2511.826975] ? pipe_to_sendpage+0x380/0x380 [ 2511.827895] ? do_splice_to+0x160/0x160 [ 2511.828753] ? security_file_permission+0x24e/0x570 [ 2511.829833] do_splice_direct+0x1c4/0x290 [ 2511.830720] ? splice_direct_to_actor+0x980/0x980 [ 2511.831745] ? selinux_file_permission+0x92/0x520 [ 2511.832796] ? security_file_permission+0x24e/0x570 [ 2511.833878] vfs_copy_file_range+0x4f8/0x1290 [ 2511.834845] ? generic_file_rw_checks+0x240/0x240 [ 2511.835882] ? __fget_files+0x296/0x4c0 [ 2511.836770] __do_sys_copy_file_range+0x193/0x420 [ 2511.837810] ? vfs_copy_file_range+0x1290/0x1290 [ 2511.838814] ? ksys_write+0x1a9/0x260 [ 2511.839627] ? __ia32_sys_read+0xb0/0xb0 [ 2511.840533] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2511.841656] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2511.842761] do_syscall_64+0x33/0x40 [ 2511.843557] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2511.844660] RIP: 0033:0x7fd102b50b19 [ 2511.845456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2511.849390] RSP: 002b:00007fd1000c6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000146 [ 2511.851005] RAX: ffffffffffffffda RBX: 00007fd102c63f60 RCX: 00007fd102b50b19 [ 2511.852539] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005 [ 2511.854049] RBP: 00007fd1000c61d0 R08: 000000000200f5ef R09: 0000000000000000 [ 2511.855554] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2511.857076] R13: 00007fff63b3a90f R14: 00007fd1000c6300 R15: 0000000000022000 11:47:11 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(0x0, 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:47:11 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0xf0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:47:11 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:47:11 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x80000, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:47:11 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x100000000000000, 0x0, 0x0) 11:47:11 executing program 5: r0 = perf_event_open(&(0x7f0000000300)={0x0, 0x80, 0xff, 0x9, 0x1, 0x9, 0x0, 0x5, 0x80, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x400, 0x2, @perf_config_ext={0x2, 0x80000000}, 0x10094, 0x9, 0x7f, 0x5, 0x1ff, 0x400, 0xfff, 0x0, 0xff, 0x0, 0x5}, 0xffffffffffffffff, 0xd, 0xffffffffffffffff, 0x9) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000380)=0x0) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r4, 0x0, 0x0}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r1, 0x0) r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000) syz_io_uring_submit(r6, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x907, &(0x7f0000000140)={0x0, 0xb44, 0x1, 0x1, 0x3c4, 0x0, r1}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0)=0x0, &(0x7f0000000200)) r8 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) io_submit(0x0, 0x1, &(0x7f00000006c0)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x8, 0x0, 0xffffffffffffffff, 0x0}]) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r9}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_EPOLL_CTL=@del={0x1d, 0x5, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x1}, 0x9d) syz_io_uring_submit(r5, 0x0, &(0x7f0000000280)=@IORING_OP_FSYNC={0x3, 0x5, 0x0, @fd_index=0x8, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r9}}, 0x8) r10 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r10, 0x0, r8, 0x0, 0x200f5ef, 0x0) r11 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) syz_io_uring_submit(r7, r3, &(0x7f0000000240)=@IORING_OP_WRITE_FIXED={0x5, 0x4, 0x2007, @fd=r8, 0x3, 0x3ff, 0x400, 0x1, 0x1, {0x0, r11}}, 0x3) 11:47:11 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x80000000000000, 0x0, 0x0) 11:47:11 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) (fail_nth: 23) [ 2524.595579] FAULT_INJECTION: forcing a failure. [ 2524.595579] name failslab, interval 1, probability 0, space 0, times 0 [ 2524.598017] CPU: 1 PID: 17945 Comm: syz-executor.6 Not tainted 5.10.183 #1 [ 2524.599421] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2524.601149] Call Trace: [ 2524.601714] dump_stack+0x107/0x167 [ 2524.602461] should_fail.cold+0x5/0xa [ 2524.603238] ? ext4_alloc_io_end_vec+0x1f/0x120 [ 2524.604248] should_failslab+0x5/0x20 [ 2524.605054] kmem_cache_alloc+0x5b/0x310 [ 2524.605906] ext4_alloc_io_end_vec+0x1f/0x120 [ 2524.606828] ext4_writepages+0x17a5/0x3350 [ 2524.607687] ? unwind_next_frame+0x13ef/0x1a90 [ 2524.608677] ? find_held_lock+0x2c/0x110 [ 2524.609537] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2524.610535] ? __is_insn_slot_addr+0x14c/0x290 [ 2524.611529] ? __kernel_text_address+0x9/0x40 [ 2524.612698] ? unwind_get_return_address+0x55/0xa0 [ 2524.613949] ? create_prof_cpu_mask+0x20/0x20 [ 2524.615229] ? stack_trace_save+0x8c/0xc0 [ 2524.616344] ? stack_trace_consume_entry+0x160/0x160 [ 2524.617523] ? kasan_save_stack+0x32/0x40 [ 2524.618416] ? kasan_save_stack+0x1b/0x40 [ 2524.619279] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2524.620368] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2524.621348] do_writepages+0xee/0x2a0 [ 2524.622130] ? page_writeback_cpu_online+0x20/0x20 [ 2524.623120] ? lock_acquire+0x197/0x470 [ 2524.623928] ? create_object.isra.0+0x3ad/0xa20 [ 2524.624894] ? lock_release+0x680/0x680 [ 2524.625728] ? find_held_lock+0x2c/0x110 [ 2524.626593] __filemap_fdatawrite_range+0x24b/0x2f0 [ 2524.627618] ? delete_from_page_cache_batch+0xa30/0xa30 [ 2524.628727] ? mark_held_locks+0x9e/0xe0 [ 2524.629582] ? trace_hardirqs_on+0x5b/0x180 [ 2524.630455] filemap_write_and_wait_range+0x65/0x100 [ 2524.631504] __iomap_dio_rw+0x552/0x1110 [ 2524.632373] ? iomap_dio_bio_actor+0xef0/0xef0 [ 2524.633291] ? ext4_orphan_add+0x253/0x9e0 [ 2524.634152] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 2524.635146] ? ext4_empty_dir+0xae0/0xae0 [ 2524.635993] ? jbd2__journal_start+0xf3/0x7e0 [ 2524.636907] iomap_dio_rw+0x31/0x90 [ 2524.637656] ext4_file_write_iter+0xb26/0x18d0 [ 2524.638604] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2524.639518] ? kasan_save_stack+0x32/0x40 [ 2524.640374] ? kasan_save_stack+0x1b/0x40 [ 2524.641209] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2524.642229] ? iter_file_splice_write+0x16d/0xc30 [ 2524.643202] ? direct_splice_actor+0x10f/0x170 [ 2524.644107] ? splice_direct_to_actor+0x387/0x980 [ 2524.645109] ? do_splice_direct+0x1c4/0x290 [ 2524.645981] ? vfs_copy_file_range+0x4f8/0x1290 [ 2524.646923] ? __do_sys_copy_file_range+0x193/0x420 [ 2524.647938] do_iter_readv_writev+0x476/0x750 [ 2524.648861] ? new_sync_write+0x660/0x660 [ 2524.649695] ? selinux_file_permission+0x92/0x520 [ 2524.650696] do_iter_write+0x191/0x670 [ 2524.651497] ? trace_hardirqs_on+0x5b/0x180 [ 2524.652417] vfs_iter_write+0x70/0xa0 [ 2524.653198] iter_file_splice_write+0x762/0xc30 [ 2524.654159] ? generic_splice_sendpage+0x140/0x140 [ 2524.655162] ? avc_policy_seqno+0x9/0x70 [ 2524.655974] ? selinux_file_permission+0x92/0x520 [ 2524.656961] ? lockdep_init_map_type+0x2c7/0x780 [ 2524.657930] ? generic_splice_sendpage+0x140/0x140 [ 2524.658902] direct_splice_actor+0x10f/0x170 [ 2524.659801] splice_direct_to_actor+0x387/0x980 [ 2524.660765] ? pipe_to_sendpage+0x380/0x380 [ 2524.661646] ? do_splice_to+0x160/0x160 [ 2524.662556] ? security_file_permission+0x24e/0x570 [ 2524.663669] do_splice_direct+0x1c4/0x290 [ 2524.664531] ? splice_direct_to_actor+0x980/0x980 [ 2524.665502] ? selinux_file_permission+0x92/0x520 [ 2524.666489] ? security_file_permission+0x24e/0x570 [ 2524.667513] vfs_copy_file_range+0x4f8/0x1290 [ 2524.668449] ? generic_file_rw_checks+0x240/0x240 [ 2524.669434] ? __fget_files+0x296/0x4c0 [ 2524.670261] __do_sys_copy_file_range+0x193/0x420 [ 2524.671266] ? vfs_copy_file_range+0x1290/0x1290 [ 2524.672220] ? ksys_write+0x1a9/0x260 [ 2524.672990] ? __ia32_sys_read+0xb0/0xb0 [ 2524.673811] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2524.674863] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2524.675905] do_syscall_64+0x33/0x40 [ 2524.676674] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2524.677708] RIP: 0033:0x7fd102b50b19 [ 2524.678469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2524.682160] RSP: 002b:00007fd1000c6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000146 [ 2524.683713] RAX: ffffffffffffffda RBX: 00007fd102c63f60 RCX: 00007fd102b50b19 [ 2524.685186] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005 [ 2524.686608] RBP: 00007fd1000c61d0 R08: 000000000200f5ef R09: 0000000000000000 [ 2524.688041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2524.689509] R13: 00007fff63b3a90f R14: 00007fd1000c6300 R15: 0000000000022000 11:47:11 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x200000000000000, 0x0, 0x0) 11:47:11 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x400300, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:47:11 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0xf0ff7f00000000, 0x0, 0x0) 11:47:11 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x300, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:47:11 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0xf0ffff, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:47:25 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0xf0ffffff7f0000, 0x0, 0x0) 11:47:25 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x500, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:47:25 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:47:25 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x1000000, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:47:25 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x16040000ffffffff, 0x0, 0x0) 11:47:25 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) getsockopt$IP_SET_OP_GET_BYINDEX(r0, 0x1, 0x53, &(0x7f0000000140)={0x7, 0x7, 0x3}, &(0x7f0000000180)=0x28) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r4, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r1, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000) io_setup(0x5, &(0x7f0000000700)=0x0) r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='fd/3\x00') io_submit(r6, 0x1, &(0x7f00000006c0)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x8, 0x0, r7, 0x0}]) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r10 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(r8, r9, &(0x7f0000000100)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r10}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_EPOLL_CTL=@del={0x1d, 0x4, 0x0, r7, 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x1, {0x0, r10}}, 0x9d) syz_io_uring_submit(0x0, r3, &(0x7f00000001c0)=@IORING_OP_MADVISE={0x19, 0x5, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x64, 0x0, {0x0, r10}}, 0x8) flock(r4, 0x2) syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:47:25 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) (fail_nth: 24) 11:47:25 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:47:25 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x2000000, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:47:25 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x600, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) [ 2538.603867] FAULT_INJECTION: forcing a failure. [ 2538.603867] name failslab, interval 1, probability 0, space 0, times 0 [ 2538.606802] CPU: 0 PID: 18002 Comm: syz-executor.6 Not tainted 5.10.183 #1 [ 2538.608282] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2538.610069] Call Trace: [ 2538.610647] dump_stack+0x107/0x167 [ 2538.611440] should_fail.cold+0x5/0xa [ 2538.612259] ? create_object.isra.0+0x3a/0xa20 [ 2538.613249] should_failslab+0x5/0x20 [ 2538.614065] kmem_cache_alloc+0x5b/0x310 [ 2538.614943] ? entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2538.616125] create_object.isra.0+0x3a/0xa20 [ 2538.617120] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2538.618246] __kmalloc+0x16e/0x390 [ 2538.619043] ext4_find_extent+0xa3d/0xd30 [ 2538.619964] ext4_ext_map_blocks+0x1c8/0x5850 [ 2538.620963] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2538.622118] ? SOFTIRQ_verbose+0x10/0x10 [ 2538.622988] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2538.624109] ? SOFTIRQ_verbose+0x10/0x10 [ 2538.624994] ? __lock_acquire+0x1657/0x5b00 [ 2538.625938] ? ext4_ext_release+0x10/0x10 [ 2538.626829] ? ext4_map_blocks+0x5e0/0x1970 [ 2538.627781] ? lock_release+0x680/0x680 [ 2538.628659] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 2538.629699] ? lock_downgrade+0x6d0/0x6d0 [ 2538.630590] ? __unwind_start+0x523/0x7e0 [ 2538.631502] ? down_write+0xe0/0x160 [ 2538.632299] ? down_write_killable+0x180/0x180 [ 2538.633318] ext4_map_blocks+0x652/0x1970 [ 2538.634227] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 2538.635193] ? trace_hardirqs_on+0x5b/0x180 [ 2538.636146] ? kmem_cache_alloc+0x2a6/0x310 [ 2538.637091] ext4_writepages+0x19bf/0x3350 [ 2538.638011] ? unwind_next_frame+0x13ef/0x1a90 [ 2538.638998] ? find_held_lock+0x2c/0x110 [ 2538.639913] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2538.640987] ? __is_insn_slot_addr+0x14c/0x290 [ 2538.641990] ? __kernel_text_address+0x9/0x40 [ 2538.642956] ? unwind_get_return_address+0x55/0xa0 [ 2538.644013] ? create_prof_cpu_mask+0x20/0x20 [ 2538.645014] ? stack_trace_save+0x8c/0xc0 [ 2538.645931] ? stack_trace_consume_entry+0x160/0x160 [ 2538.647057] ? kasan_save_stack+0x32/0x40 [ 2538.647958] ? kasan_save_stack+0x1b/0x40 [ 2538.648873] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2538.649997] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2538.651059] do_writepages+0xee/0x2a0 [ 2538.651903] ? page_writeback_cpu_online+0x20/0x20 [ 2538.652987] ? lock_acquire+0x197/0x470 [ 2538.653845] ? create_object.isra.0+0x3ad/0xa20 [ 2538.654847] ? lock_release+0x680/0x680 [ 2538.655703] ? find_held_lock+0x2c/0x110 [ 2538.656596] __filemap_fdatawrite_range+0x24b/0x2f0 [ 2538.657683] ? delete_from_page_cache_batch+0xa30/0xa30 [ 2538.658826] ? mark_held_locks+0x9e/0xe0 [ 2538.659715] ? trace_hardirqs_on+0x5b/0x180 [ 2538.660671] filemap_write_and_wait_range+0x65/0x100 [ 2538.661770] __iomap_dio_rw+0x552/0x1110 [ 2538.662669] ? iomap_dio_bio_actor+0xef0/0xef0 [ 2538.663654] ? ext4_orphan_add+0x253/0x9e0 [ 2538.664577] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 2538.665640] ? ext4_empty_dir+0xae0/0xae0 [ 2538.666530] ? jbd2__journal_start+0xf3/0x7e0 [ 2538.667509] iomap_dio_rw+0x31/0x90 [ 2538.668296] ext4_file_write_iter+0xb26/0x18d0 [ 2538.669319] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2538.670301] ? kasan_save_stack+0x32/0x40 [ 2538.671197] ? kasan_save_stack+0x1b/0x40 [ 2538.672094] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2538.673206] ? iter_file_splice_write+0x16d/0xc30 [ 2538.674259] ? direct_splice_actor+0x10f/0x170 [ 2538.675242] ? splice_direct_to_actor+0x387/0x980 [ 2538.676277] ? do_splice_direct+0x1c4/0x290 [ 2538.677231] ? vfs_copy_file_range+0x4f8/0x1290 [ 2538.678241] ? __do_sys_copy_file_range+0x193/0x420 [ 2538.679339] do_iter_readv_writev+0x476/0x750 [ 2538.680311] ? new_sync_write+0x660/0x660 [ 2538.681204] ? selinux_file_permission+0x92/0x520 [ 2538.682267] do_iter_write+0x191/0x670 [ 2538.683113] ? trace_hardirqs_on+0x5b/0x180 [ 2538.684049] vfs_iter_write+0x70/0xa0 [ 2538.684882] iter_file_splice_write+0x762/0xc30 [ 2538.685903] ? generic_splice_sendpage+0x140/0x140 [ 2538.686967] ? avc_policy_seqno+0x9/0x70 [ 2538.687836] ? selinux_file_permission+0x92/0x520 [ 2538.688897] ? lockdep_init_map_type+0x2c7/0x780 [ 2538.689918] ? generic_splice_sendpage+0x140/0x140 [ 2538.690972] direct_splice_actor+0x10f/0x170 [ 2538.691919] splice_direct_to_actor+0x387/0x980 [ 2538.692931] ? pipe_to_sendpage+0x380/0x380 [ 2538.693881] ? do_splice_to+0x160/0x160 [ 2538.694738] ? security_file_permission+0x24e/0x570 [ 2538.695832] do_splice_direct+0x1c4/0x290 [ 2538.696732] ? splice_direct_to_actor+0x980/0x980 [ 2538.697762] ? selinux_file_permission+0x92/0x520 [ 2538.698806] ? security_file_permission+0x24e/0x570 [ 2538.699894] vfs_copy_file_range+0x4f8/0x1290 [ 2538.700891] ? generic_file_rw_checks+0x240/0x240 [ 2538.701938] ? __fget_files+0x296/0x4c0 [ 2538.702820] __do_sys_copy_file_range+0x193/0x420 [ 2538.703863] ? vfs_copy_file_range+0x1290/0x1290 [ 2538.704888] ? ksys_write+0x1a9/0x260 [ 2538.705708] ? __ia32_sys_read+0xb0/0xb0 [ 2538.706606] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2538.707736] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2538.708859] do_syscall_64+0x33/0x40 [ 2538.709662] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2538.710784] RIP: 0033:0x7fd102b50b19 [ 2538.711590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2538.715536] RSP: 002b:00007fd1000c6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000146 [ 2538.717185] RAX: ffffffffffffffda RBX: 00007fd102c63f60 RCX: 00007fd102b50b19 [ 2538.718714] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005 [ 2538.720241] RBP: 00007fd1000c61d0 R08: 000000000200f5ef R09: 0000000000000000 [ 2538.721782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2538.723310] R13: 00007fff63b3a90f R14: 00007fd1000c6300 R15: 0000000000022000 11:47:25 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x2000000000000000, 0x0, 0x0) 11:47:25 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x100000000000000, 0x0, 0x0) 11:47:25 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x3000000, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:47:25 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x700, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:47:25 executing program 5: r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r4, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r1, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000) syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_TEE={0x21, 0x1, 0x0, @fd=r0, 0x0, 0x0, 0x8000000, 0x0, 0x0, {0x0, r6, r4}}, 0x8000) syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_NOP={0x0, 0x3}, 0x5) io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:47:25 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x900, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:47:26 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0xffffffff00000416, 0x0, 0x0) 11:47:26 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x4000000, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:47:38 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0xf00, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:47:38 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x80000}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) r4 = syz_open_dev$vcsu(&(0x7f0000000140), 0x2, 0x2a080) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x20010, r4, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r5, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:47:38 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) (fail_nth: 25) 11:47:38 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x40000000000000, 0x0, 0x0) 11:47:38 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x200000000000000, 0x0, 0x0) 11:47:38 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x5000000, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:47:38 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x2) 11:47:38 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) [ 2551.739282] FAULT_INJECTION: forcing a failure. [ 2551.739282] name failslab, interval 1, probability 0, space 0, times 0 [ 2551.741908] CPU: 0 PID: 18057 Comm: syz-executor.6 Not tainted 5.10.183 #1 [ 2551.743425] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2551.745261] Call Trace: [ 2551.745853] dump_stack+0x107/0x167 [ 2551.746658] should_fail.cold+0x5/0xa [ 2551.747497] ? ext4_mb_new_blocks+0x64d/0x45b0 [ 2551.748513] should_failslab+0x5/0x20 [ 2551.749353] kmem_cache_alloc+0x5b/0x310 [ 2551.750280] ext4_mb_new_blocks+0x64d/0x45b0 [ 2551.751252] ? ext4_es_insert_extent+0xb10/0xb10 [ 2551.752299] ? mark_held_locks+0x9e/0xe0 [ 2551.753215] ? trace_hardirqs_on+0x5b/0x180 [ 2551.754165] ? ext4_cache_extents+0x148/0x2d0 [ 2551.755152] ? ext4_discard_preallocations+0xd80/0xd80 [ 2551.756308] ? ext4_ext_search_right+0x2e3/0xbd0 [ 2551.757377] ext4_ext_map_blocks+0x1d68/0x5850 [ 2551.758393] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2551.759534] ? SOFTIRQ_verbose+0x10/0x10 [ 2551.760415] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2551.761575] ? SOFTIRQ_verbose+0x10/0x10 [ 2551.762465] ? __lock_acquire+0x1657/0x5b00 [ 2551.763420] ? ext4_ext_release+0x10/0x10 [ 2551.764329] ? ext4_map_blocks+0x5e0/0x1970 [ 2551.765305] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 2551.766353] ? lock_downgrade+0x6d0/0x6d0 [ 2551.767256] ? __unwind_start+0x523/0x7e0 [ 2551.768198] ? down_write_killable+0x180/0x180 [ 2551.769228] ext4_map_blocks+0x652/0x1970 [ 2551.770145] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 2551.771110] ? trace_hardirqs_on+0x5b/0x180 [ 2551.772044] ? kmem_cache_alloc+0x2a6/0x310 [ 2551.773012] ext4_writepages+0x19bf/0x3350 [ 2551.773942] ? unwind_next_frame+0x13ef/0x1a90 [ 2551.775222] ? find_held_lock+0x2c/0x110 [ 2551.776153] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2551.777238] ? __is_insn_slot_addr+0x14c/0x290 [ 2551.778257] ? __kernel_text_address+0x9/0x40 [ 2551.779247] ? unwind_get_return_address+0x55/0xa0 [ 2551.780325] ? create_prof_cpu_mask+0x20/0x20 [ 2551.781351] ? stack_trace_save+0x8c/0xc0 [ 2551.782262] ? stack_trace_consume_entry+0x160/0x160 [ 2551.783386] ? kasan_save_stack+0x32/0x40 [ 2551.784280] ? kasan_save_stack+0x1b/0x40 [ 2551.785198] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2551.786313] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2551.787395] do_writepages+0xee/0x2a0 [ 2551.788224] ? page_writeback_cpu_online+0x20/0x20 [ 2551.789297] ? lock_acquire+0x197/0x470 [ 2551.790170] ? create_object.isra.0+0x3ad/0xa20 [ 2551.791202] ? lock_release+0x680/0x680 [ 2551.792068] ? find_held_lock+0x2c/0x110 [ 2551.792975] __filemap_fdatawrite_range+0x24b/0x2f0 [ 2551.794057] ? delete_from_page_cache_batch+0xa30/0xa30 [ 2551.795219] ? mark_held_locks+0x9e/0xe0 [ 2551.796115] ? trace_hardirqs_on+0x5b/0x180 [ 2551.797090] filemap_write_and_wait_range+0x65/0x100 [ 2551.798201] __iomap_dio_rw+0x552/0x1110 [ 2551.799115] ? iomap_dio_bio_actor+0xef0/0xef0 [ 2551.800098] ? ext4_orphan_add+0x253/0x9e0 [ 2551.801030] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 2551.802083] ? ext4_empty_dir+0xae0/0xae0 [ 2551.802972] ? jbd2__journal_start+0xf3/0x7e0 [ 2551.803945] iomap_dio_rw+0x31/0x90 [ 2551.804752] ext4_file_write_iter+0xb26/0x18d0 [ 2551.805765] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2551.806743] ? kasan_save_stack+0x32/0x40 [ 2551.807633] ? kasan_save_stack+0x1b/0x40 [ 2551.808539] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2551.809640] ? iter_file_splice_write+0x16d/0xc30 [ 2551.810673] ? direct_splice_actor+0x10f/0x170 [ 2551.811669] ? splice_direct_to_actor+0x387/0x980 [ 2551.812724] ? do_splice_direct+0x1c4/0x290 [ 2551.813674] ? vfs_copy_file_range+0x4f8/0x1290 [ 2551.814695] ? __do_sys_copy_file_range+0x193/0x420 [ 2551.815785] do_iter_readv_writev+0x476/0x750 [ 2551.816769] ? new_sync_write+0x660/0x660 [ 2551.817658] ? selinux_file_permission+0x92/0x520 [ 2551.818727] do_iter_write+0x191/0x670 [ 2551.819574] ? trace_hardirqs_on+0x5b/0x180 [ 2551.820527] vfs_iter_write+0x70/0xa0 [ 2551.821350] iter_file_splice_write+0x762/0xc30 [ 2551.822397] ? generic_splice_sendpage+0x140/0x140 [ 2551.823485] ? avc_policy_seqno+0x9/0x70 [ 2551.824360] ? selinux_file_permission+0x92/0x520 [ 2551.825427] ? lockdep_init_map_type+0x2c7/0x780 [ 2551.826454] ? generic_splice_sendpage+0x140/0x140 [ 2551.827521] direct_splice_actor+0x10f/0x170 [ 2551.828478] splice_direct_to_actor+0x387/0x980 [ 2551.829503] ? pipe_to_sendpage+0x380/0x380 [ 2551.830430] ? do_splice_to+0x160/0x160 [ 2551.831297] ? security_file_permission+0x24e/0x570 [ 2551.832392] do_splice_direct+0x1c4/0x290 [ 2551.833301] ? splice_direct_to_actor+0x980/0x980 [ 2551.834342] ? selinux_file_permission+0x92/0x520 [ 2551.835385] ? security_file_permission+0x24e/0x570 [ 2551.836475] vfs_copy_file_range+0x4f8/0x1290 [ 2551.837466] ? generic_file_rw_checks+0x240/0x240 [ 2551.838512] ? __fget_files+0x296/0x4c0 [ 2551.839392] __do_sys_copy_file_range+0x193/0x420 [ 2551.840436] ? vfs_copy_file_range+0x1290/0x1290 [ 2551.841465] ? ksys_write+0x1a9/0x260 [ 2551.842288] ? __ia32_sys_read+0xb0/0xb0 [ 2551.843165] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2551.844272] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2551.845393] do_syscall_64+0x33/0x40 [ 2551.846192] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2551.847282] RIP: 0033:0x7fd102b50b19 [ 2551.848089] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2551.851991] RSP: 002b:00007fd1000c6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000146 [ 2551.853608] RAX: ffffffffffffffda RBX: 00007fd102c63f60 RCX: 00007fd102b50b19 [ 2551.855131] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005 [ 2551.856651] RBP: 00007fd1000c61d0 R08: 000000000200f5ef R09: 0000000000000000 [ 2551.858172] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2551.859690] R13: 00007fff63b3a90f R14: 00007fd1000c6300 R15: 0000000000022000 11:47:38 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x16040000ffffffff, 0x0, 0x0) 11:47:38 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x6000000, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:47:38 executing program 2: syz_emit_ethernet(0x72, &(0x7f0000000000)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv4={0x800, @udp={{0x17, 0x4, 0x0, 0x0, 0x64, 0x0, 0x0, 0x0, 0x2f, 0x0, @local, @remote, {[@end, @lsrr={0x83, 0xb, 0x94, [@private=0xa010100, @initdev={0xac, 0x1e, 0x1, 0x0}]}, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x14, 0xcd, 0x3, 0x3, [{@multicast2, 0x1c}, {@empty}]}, @ssrr={0x89, 0x23, 0xf1, [@local, @dev={0xac, 0x14, 0x14, 0x30}, @local, @loopback, @remote, @private=0xa010101, @private=0xa010100, @remote]}]}}, {0x0, 0x0, 0x8}}}}}, 0x0) 11:47:38 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x8) 11:47:38 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:47:39 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='net/rt6_stats\x00') r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000016c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f00000017c0)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000001780)={&(0x7f0000001700)={0x7c, r1, 0x100, 0x70bd2d, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_DURATION={0x8, 0x57, 0x9}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x4}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x401}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x67}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x53}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x4}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x1ff}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x3b}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xf}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x3a9}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x170}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x25}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x8}]]}, 0x7c}, 0x1, 0x0, 0x0, 0x400c820}, 0x40000) r2 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sysvipc/sem\x00', 0x0, 0x0) r3 = syz_io_uring_setup(0x3a75, &(0x7f0000000140)={0x0, 0x3, 0x1, 0x3}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000080)=0x0) r6 = syz_mount_image$nfs(&(0x7f0000000100), &(0x7f00000001c0)='./file0\x00', 0x75e, 0x5, &(0x7f00000003c0)=[{&(0x7f0000000200)="96bae4046b7e1ecf70a6ea62efa50ea44c909aeaebdeafbfa68f54febf71f18f75dffdc1f612b4240f98a38520", 0x2d, 0x3}, {&(0x7f0000000300)="f46cf1411741867ff31cc77d5310b3820ff90b16d2d981fef0bed1988b01250cb13c6752ac31577eb0f651c320d11baa66070609a6ee5f4acbbb4f8db852b0be84479245a945ca859ce94ebc0cb793e2396221a37708a4d90e1f2ff857b0d4c005f2bee4fa8db4734e81d9f143ad4c43d1361094a880a75b2efcd65473e4cd929eacb0a880e8897ce44b94759b610934f730306ab23a4cfb10e0f0c6d323e5f32d3e", 0xa2, 0x9}, {&(0x7f0000000240)="e21fd32a279364b134dc28098c782f76cda8b410b51c0bb83f533c6c63ae13c7a8c8c91309c7d3e188e3903c574d931ac460c868fd11ab758b99bd8c2e75048fd377e23739ce9801ade2f354337df268270121f08ba3ffc1a85c7568b51dca355b", 0x61, 0xfffffffffffffffb}, {&(0x7f0000000500)="bf5eea01c422c9b751e6b398003495e4baee88516ed0639c2bcb0515c1527b8b484f23876b9023c5e61232985dfc3fd7fcc54187c92e09136b778233f8d56d573df372634d532fd954ba9e1172c0ff7e03fdc67b18130c34f747f007b3836b8d8faeed138a5f9be3778c9aeff29072af3d892370fc4a95941b1178af238833c4991323e254d86d7d336fd80969e4f999bd2950f7919e16dba1b25eaab1f20c59fc4e21789686feac2d679ef03b43ffd0462c62cae0dfa83a115e184eeccf95a253d69d486661da9b7afb0939b6e8bf510db4e842e1ee5981", 0xd8, 0xfff}, {&(0x7f0000000600)="68e78da4f0bb3ee28f557219e50b576a72baf7ba05b4aa75d183cb5e70f51e4bf70c55df95cd63a6c3c999b90437bc753f669a29afe4e7a0979c6cb2b3b32b9573b35e767241785ba000ac302b4beede77852a0114545bf23059530ef3fb0b5de40de92e422fd8f5a8d5ec425e985534f9e3406ff656a7ca519481b90b95d6d7487909d2ddcd8249161365bfd2e03cdf44923a55eca7985eb599599879b9e47783bbc705e522d464296ea7d0c6094258ee67f0c2bb3a3f266ceba3461a3d3531f4d1a0be45d4f863336ab7e5cb3df6dbd6ebe408d79e7015ea330c7a0f64efac0a260fdb7f8e8543e6e18b7c454bd4bf26c54bad6e11165c126eae19f0bcbfee343df1cf4948908c8f77632bca70b55eb676496fc4c4e66576f407a7f60e15e4e2a230c463bac45f91dc3b0bb2ad6182f90ad3fea75fe16c6d96aa219d957314c2d3815e8a774ce5b14211f74c70405a0a774331ed5579b22a390159131e9f225c6aed52033645e6962f1bfc6a6964c17bae4345182707728d3450c402bc8256f81bacf8c1dc093fcb85296574fa1e274618dda5fda9d2980a688ff1072104c34ad4b5003bffd930bbb1d931943efa6b41b1c4db715ca4085cffdbfe0eb97ca5a64196c91776d851982ceb224a1804b04a08ddd4b58cc40017b6d54574792b0a663587c880643860087ba5bcb799875fa854bba3f7900735666e155015596fb713ff33c8e0ddea1fc6f76748d7190cb780d353cd71fca73a3e8284bd2718922ef43d74f69d2b62d6a0baf3d7ed2270dfc5c14b6bd6c1d2134c6172de5f884aaae85be56f78a2681a235656fc2f517db6f6b12d031bf321d11b9dc68dbe27d5a841981c34ed2b3708079c52e7656b8812dc5325f306adab166a618e8bf189b55bced18ed8127bcdca3b26ed55fcbe32c2bd92445bdca97da1dc3738dd19a08f91daa48f4fe676057398b798ba3cf6007b4875d6ca5497f10a8a0fbfcc2da09bde782ae0070b4a514ddd4941399763ed7588e7b18d20be402ae61ae6f6b720f04c2a53dabba137d6da147c76a825b0586f9ca18a737018c2edfa61131f759c100a1a705aa0c6cbf431a30d3fdc5957b25d1e03c2ee022004560b6a3e82850c4b0088209299a16960daa4f5674ffa1ef4681ad9454c940e414c0aac34033cdcce7b06d49ccaf95b04b9f4d8deb82933487170340953818fff7b88d27046b8ef40b2f4e880774bab80b1487fc890fd74858b1e8b08e1f8d490aefd0e4448f57a506bb50d1888adca0d3df2a56c4039530bae65a1cf3638f3e83b61e6488bea70d3f4963ef1cfd3298e2ee3ee2f854e59fa9a091ed67ca55f282fac9911acd8db195ce636c7d9019a7e8739a50c2a359161178dbb6ff82e12bcdf812e0e43f61abae69135df726a29fe0cb0107f5af1d547366507f8d86574cfe043a36d7ec92973a34452a1c6724a497e9fd392a85d700752bcdf4bccfd6ad451317f0c4d95d6fd589fb5cdd965db729d82f68c889b89bd950966f4472566697791793adcc825285a9ea1a2c5b1cc6f49c8b068ec9cc43b77d0c178935a01916b280a28f31299ea5b71a3fde9316baec672f01a4760c4a7c08548b5f174f2e5be34cd3cf0a990a37ac89381a60d5aaa3068f0e6316a665a152c0078ee4a80dd5a9f6584cbc984fdf30a4a1148d9a00e0c92b7e278dc6726c9a5c3410cc2f5faaaccaa7beead23023b332552c4a7dc682fccfe81771761eef6b00b2acd87acb0e8e9c731fdb3eaed2fe81c948273fbddf8056f830a0228dc7778d591bb1ce7cbdb44e9ed99fa806722dbf457df4e6ae76798db5da975caa5bc181a1cf55d6454d38e5ea0bf48f94f7f7c9ce656164eb7b29a73b8a3b1834c863f5043ed98a60658b768ed43a98bd6e7e9e322967ffc417df40822608c2195c5fb281512de73ba6aaadbcfde88adcf56e82a623e5f4f32347967e6814bc4f6095f3392000a36c2b930b073a054abc530e017e1575bd4cd8ab49b1c370e9df8bd540ee015b44ea7b5dd9cf4230e39e160eac9ca72494f39d2327d1dadff11f56e28139e92d7d81c97de02fd9b681c191bb1263a8db842a64229953b796233af21c73b074a98388a653e104776f167cca303c894d89795eaa38d56086a50bf9952d1b852cc765c373ede4efa6d7ad61d73b66aa564e4aa16afc9736e3cf3f51a7040b270fc3f769a9401a98836858e278cf3dff41e90dcec8d799a89d551aa10dc3bec951469d32d39e0a9b7afbd6b69ddbc1fc3ae1696b2b66937c3de19f1c23befe1bc870b4fdd84216186eb8a00c5d9189cef875c27f2593d3d842c4e8fff8c3533f65fa933a064b385b47c58491d95bf2c0cf7db7cd345b0bc390f2a1141cf97d55f07bdc54c5f04ef77e55d37f7965ff6d491e224976f65468890e849b1b122635d2574daba61dd5a702f46e96d671125fdd0fe869f8e88f9495d600fdd9f646718ae809e01da106585e50906ad77b548e214a54369f3562542b2dc4c7df8a47cb6df5875ef89081222d1ef4eb2a49de3002b6d8468c9f5c0c6d7d4a19fc336f876675ade54e25945611c5ff5314e96927618d9a8a6679282209f977485d8981dad7cca40c4d555aa983dc03ed9f9f8cf6e091046cb33a863b3b9d79ae3e2b34edadf95e271f6a056d1be5f80149e3047c10af2f3b775607e0afbb630bdddf335924decb0fb80b8defdcc269d0f7c291c8a0dae61e53bd76c2965ffa4cf5de60219a49de2d58bae9e00e29b00f92ab2b96cdf03fe43406726500407f2fdf3bf7409b2059d8e424b3524103eb8a099db85a2bd74a70f33c9c4dcbbf43df3cc9aa3250706c13fcf3ffc9a9e09253fbdb746be73834d28b6762c9c938202c30286955e97634cf8468f4a4850ebbdad68c26eef002e9248220626bf21e3e5bcdbb83c76d804891c47cbf35c2ef4eebd51e971862eaa00217e7795bfc44f0e17f88a9ddd0f50640de477daf91207631788a02df54411b5e3522b5e15e9fc5a91abb14a9ce4654885a981a2d12e8ff50d9a4c58b3bf8aac913b6a0f93c4b37af05450a14401818d87b91fe8b58f8adebdb0bde8532229d83e741b42b34e76367a4b68be30f3e0dc9ac6e48e1be7d168818c7ca9b1303b50993ec2717d19d45d3ce90c6e41772ee18264a2ee12da05cccb1590aefc66daf7f6cc7fcf6273a03d44d5ccd2e44bf0150bc3b97d40340411d3b2f9a79b0184da06f08b790bc5af4af4d793164d7c38d0ac2ca5ee12facb7a9923f95a2640bbfabc5e8c18db319a9c6fd0cb1f9463dbe9f4257c7756060b504cce00b50d745ea318a4411551bc3ed18d21b8012006cdabdb31e3fd7ac9cafd86cc406cb28252b957640aba8cd55f855cbb05570c4eba013eec644e2f0538afff2f8eb2760969ce117b6a487aa6d02fb84493c2bf0d9ddf8fea80cc2bf2b9e4c887e7c7b91ea927f41a3b40884c040fb655ce6a651e63edae941fb380748d5030721bd7c8413aab10432a9847f382b54a34da56894612ad4739959330dc99e8fc6c30ce79346ae556e2e3aceac80bc2a9bf4a23fce916d578afaa7c9c8810b0b96df257e093add651e22fe3e33fd9d46fb9b5124b39e45a65b48e8c5ca7c6a975a790fff5517a7b111453f6f219ecc86d5897020d2bdd493d0893b12819e93a354b556ddc080aea1cbde959334a44fe1de77226bd13359d7258a1dcb45be17e8f45677775a454f562525e8091fdcb8eff0d619f0315cf4b00e7ae530b78930ced1e2af5573ae102234512246f12eaf48bb76b048a7a938616dd6ec6766e958d80a2b519f16a0dbe5d07803f907a01d1dc5224c5d60a82b70c6bf4355290b01b985782c4af77d34640daf2359d7ccf1efbe2bdb7bc2d89bf5592e6fcc7d7e8904f978d8d1514f3a3e8b1492858e3578a3d4c0d74cffac1f29e76ca983c74a7c87367a89d4625c1554a94f15ecb13bf8bfc222c224ac070489d35704bcbb5a85b60eb636643878a7d9828250ca5300502928116d2772433fde0b30265d0f8e5b8defe079468e723d416bdd8f524c9562e10021d3ab9cd1e16aed63b2a8d385c17b0168e0d2842ee3b8efed1ada164a5d655225bb5f3ad7401220840707a5c7764b2f86888dfbf108ba98cff8a84a51402ddb83ebe583324d528a0bc682b7a6336c38b6c7878e91eac2a57f3c082b53f23ae39a4d61fbe16e9f04104fb085b78889d1dbfd64729c4da1b1626800ab2150cd79eae8f1269781233a428223ad52cce4d899534c125fc9b3abfda60a29707a0d4e25a4d9ab3f3828e687d741b12c81f112514c7927921b50cdab653e440845d1e41d10dbba91370ea694871d35864effe17f9f464846c808bc7ceb83e4d6af38f3b42edad5534d1b72dbc56e83f19016fc3509007e20a89dfc360ed2edcba8f782822037d7fbd9c83c03a747e357a109c0259fece67a46ff8ddb91f69670ccbd16629da470c9c54f01d8b2d54670d1b7ee62251076d29861575fe338a6725e5bd49fb75b3bd094d933d3e28a36de04a4e32261ac7631e419311f9f0b36f79801d35b22a8cae879104cc33a71b6433cf6815b0197a73b4783b4ec195f8d4ea7795ffbdc2ec1674c4c2ca6931f89ebe022b029306caf36c9c5745c8983524c9b785b98d20ae55ab1278a98651ce372487438afc4bb7a87251890fa80eef1de3a57236eaead215302e21011008e3955c1db4a00681848ff0534adc9ee5eea2775fd2bbceb522ed43c11272c3969026ddba8a1cc85801a0f91d83005615393fc9564d7d371f8ac8d4a8ffaa5b9d62d5a42ef720c668293fd50730751e05883dc07632c825a4be3eaf41a5682885d412c26db734cc6c61d18a347d1529305d5969a09d95b899763a6a093918dbcf2b6f1f03e3c4de645dd7921f0a6b3362f2fa9bf14d6c6de0e8e679cc17ce3b87280f862a96ac42db6c7bea1590d579d50bc13b88f1c4cba3c6ee74d6807cbf3cf26f389c70fd879d81fca21e51c154edd70da19bbb69c1ec39eec9943d14aef312985b8d43f2320609cd01d66a6c6908060e5ad3c1e7601b0acd9162928d0ab06a67a581c3310d311396f04c4447821abbf8a234bb632f18ebfda124f773ffd9ba1b70c4e967f090da1e887e81edd2662d97c7b29de46a630bf522888501757227025fdb7b6244ca98ac7de183b6fe40dde633c270c82d81123cafbf7078e6f15eec2dbe8d2bbd8a292abe3b09742167d23e0652a8f9217ac295a241623a6c126f765ad963ed25bf7b80c44acd99050aabe6ff972b05c85be31a7315df44e0b1986c0a37f4a76a3b478c5572a9d1eda5ee35db5790bf8689e708cfda321b03cd3c19dcb96e1416d211f0758a4c7eaf49a41755f6e66b733b5a8a49355b8feaf75bb858efcee2848850582f5ca6360461628b1879c2f61dbfb5905e06a39e13856c39ddc2e97100db8fbf45cdb15423028455df3b8080f4f948885bb216ae797bb979fbcd364f6afa0c5799f869c00b34fe84d2f67e77879fe586310127073ea19e521f0a3c9930210b7e47ac972d10648f0aa7d111654d16e0c9da9fe293bee1d63a04e863764ab2100390fa9c0f5dd594d54cff7a5ce0df776cecd1aecd0ab18daff9906f7152231abcb32641b94fa55239cda8569b0db0885029c3f5293668df5015f6b8f16ef29bb921a38bfe4a69ef59e33d00194b2879f7cefbdad256c1b8b1a3928c5d2ce75b723d4df05c4b6126a6b97a4f27ad8c0c7cfaaea2284ddbb8c31a38bbc4cfd012edaa54a18ff2dcf2f7a9a55b3bc26c6fc924472be2be2d71e9b6af2504", 0x1000, 0x9e}], 0x410, &(0x7f0000001600)={[{'-\\}^:-$'}, {'^'}, {'/proc/sysvipc/sem\x00'}, {'\x00'}, {'\x00'}, {'$-,\\]'}], [{@pcr={'pcr', 0x3d, 0x1}}, {@smackfsdef={'smackfsdef', 0x3d, '/proc/sysvipc/sem\x00'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '}\x8b'}}]}) close_range(r2, r6, 0x2) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r7, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r3, 0x0) r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r3, 0x8000000) syz_io_uring_submit(r8, r5, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r3, 0x58ab, 0x0, 0x0, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001800)={'veth0_to_team\x00'}) 11:47:39 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x7000000, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:47:39 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x416) [ 2552.310047] nfs: Unknown parameter '-\}^:-$' [ 2552.384652] nfs: Unknown parameter '-\}^:-$' [ 2556.898473] Bluetooth: hci3: command 0x0409 tx timeout [ 2558.946463] Bluetooth: hci3: command 0x041b tx timeout [ 2560.994574] Bluetooth: hci3: command 0x040f tx timeout [ 2561.853031] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2561.855014] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2561.858658] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 2561.917968] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2561.919745] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2561.922661] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 2563.042485] Bluetooth: hci3: command 0x0419 tx timeout 11:48:07 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x2922, 0xd14a, 0x1, &(0x7f0000000140)={[0xa8]}, 0x8) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:48:07 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:48:07 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x9000000, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:48:07 executing program 2: r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) sendmsg$802154_raw(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)="cee20d49e79e44361aa637e97acf8642ea", 0x11}}, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000027c0)={{{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in=@multicast2}}, &(0x7f00000028c0)=0xe8) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000080)={0x0}, &(0x7f00000000c0)=0xc) sendmsg$nl_generic(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x11c, 0x1a, 0x101, 0x0, 0x0, {0xff}, [@nested={0x105, 0x25, 0x0, 0x1, [@generic="caff25b868a39ed4f2a98bedf9e7f94d9628c4586ab630065adb5ce99324b2bc290f13aaa1b375a91e26c2e7647f0d4d4129cf29156cafb37b67d8609b9d63f634ad9faeaf176fa600eceb94d94b06860dea939978653564f61cfdf4d594a7aae471765651af4f", @typed={0x4, 0x12}, @typed={0xa, 0x59, 0x0, 0x0, @str='*)#$&\x00'}, @typed={0x8, 0x43, 0x0, 0x0, @uid=0xee00}, @generic="ba4c73269591ea34f14ad506aceac7dd54d3156932a0d02341122f6cbaa54dc8b4d0b01ac37d2225ed37bacfd3e71c9180b14c5d116c85a770f26c96ebae790c221badd433486d34cfe813c7c7efa569409a5bf71d579de88755b8666c240f1543c8d56c3addf242adebf601e0af1c3546ab", @typed={0x8, 0x30, 0x0, 0x0, @u32=0x100}, @typed={0x8, 0x37, 0x0, 0x0, @pid=r4}]}]}, 0x11c}}, 0x0) perf_event_open(&(0x7f0000008d80)={0x0, 0x80, 0x4, 0xff, 0x7, 0x20, 0x0, 0x5, 0x0, 0x8, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x47, 0x0, @perf_config_ext={0x1, 0x2}, 0x4841, 0x7fff, 0x5, 0x5, 0x401, 0x80, 0x3f, 0x0, 0x3cb0d5ef, 0x0, 0x9}, r4, 0x6, 0xffffffffffffffff, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(0xffffffffffffffff, 0x89f7, &(0x7f0000002980)={'syztnl2\x00', &(0x7f0000002900)={'sit0\x00', 0x0, 0x29, 0xd6, 0x7, 0x5, 0x6e, @loopback, @mcast1, 0x7, 0x40, 0xfffff801, 0x5d}}) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000008b80)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x4, @loopback, 0x10001}, 0x1c, &(0x7f00000000c0)=[{&(0x7f0000000080)='e', 0x1}], 0x1, &(0x7f00000001c0)=[@rthdr={{0x78, 0x29, 0x39, {0x3a, 0xc, 0x2, 0x9, 0x0, [@empty, @local, @mcast1, @local, @private1, @mcast1]}}}, @hopopts={{0xa8, 0x29, 0x36, {0x84, 0x11, '\x00', [@calipso={0x7, 0x58, {0x1, 0x14, 0xc9, 0x5, [0x7ff, 0x6, 0x5, 0x1000, 0x100, 0x0, 0x4, 0x101, 0x200, 0x0]}}, @ra={0x5, 0x2, 0xc746}, @ra={0x5, 0x2, 0x7}, @ra={0x5, 0x2, 0xd70}, @enc_lim={0x4, 0x1, 0x9}, @ra={0x5, 0x2, 0x87b}, @hao={0xc9, 0x10, @dev={0xfe, 0x80, '\x00', 0x31}}, @jumbo={0xc2, 0x4, 0x5}, @jumbo={0xc2, 0x4, 0x42f}, @enc_lim={0x4, 0x1, 0x60}]}}}, @rthdr_2292={{0x28, 0x29, 0x39, {0x0, 0x2, 0x1, 0xf2, 0x0, [@dev={0xfe, 0x80, '\x00', 0x2b}]}}}], 0x148}}, {{&(0x7f0000000140)={0xa, 0x4e23, 0x20, @remote, 0x1}, 0x1c, &(0x7f0000002340)=[{&(0x7f0000000340)="f152f99f72b1f82bd32ea0f115e8b402f3b7a0d2346e2eec0c15af663f178ed41a0e2af91312ba25f3ccaa200ecd7a93722149267dce1a120633ae64eb85ad441907862e82ae1bf797a86f46fffb81a1e71fba0fa10b247952adad77966896d054eef248f27a557a6415b2a7523f398c44cd0d4939c67da68533688fc664083bd8939e764b50efb480cba19ab5d0173e9e349c51f19132cf34888bb36e6f48b06c7b3b2b8c716ed323145ba4e235d874c71a3693df4d01b1302549b13e32510f6cc63b0e249ad9b00ed069bde6e5cd79249d40d4c02bf34827b81d41875c4e0fb347d659780374f6134a89041a9071d0f15b65ed03424a6476cd93f14c0820f0c4e9d347357656fac873b49d4776d15d3591df16538494df60cfacef76966aefd1fafa39c9d68959ababc007c591d64d9184cd2ccb9b197d218207d32b7c1c2bf1a9f18e804f40b071b401d937f81a7a5354ec3308fa271ef3d93437ac216861f4b2939f56d4f8e4462e38aa781f6ff84108735a471d7bbb87ef78dd03d95c033355f733c0f62e2bdec4cbd3330cdd5b31082c25187951f9514f0975e28ccf0729edda28af7521338c44af433af6ecc9df91964b28872060d184f1a60d11eee125d48ac4b94dd2c56f9fe85b71508322e0d59cf29a01f9eda5d7b247fd8db39cc84780def3aa6f5cb0453f302a691b52ca2ae95ed46c828b0367b8c6f4590aeac70d31dc4795adacd95a54bf72922727302e18364c29eda5c40fc08e671c8961998ef19510fc937505ee43188ccde3d46881970cdfdd108afe272d15c589204b1becc32ba7944978e10efa20c42d7413e1c69df7821b4262d5d1835e7b66390bcd4df45ee50126fb4c93cb492061245c189585c80e84c005f9f69577c206f389076c01876d01426e87321086ab7e6cce257c7c7401da08345f8c29b758e050f662b737aed43471e9a1c0950970632eb727e3fc7b33d4ef74e039bb46acd1c740b7d1d988c57e018476842c43e6479e32af331dc38a37f357f9d82eafc0798c5cb57e4be7428ab679b94672671714cc51d064997270257aa3e53cf9aea0731a87cd055576cf4340a69f5e0c9afcccced105fda010294846ded1220c93f1c4a294ee6c3c3dd125dafc762ecda6733595aefeda62b2c10444ba2e222fca74dbdd971c3fda0f0f53d323d5872c48a6375912a780dac66ef1f8c04675ff4628e41d38fdb50ed36dd9150bd68a6fcad54dc36e9dac6448e27ae186caf98341e08a51f55712cf4e9f98dd6cb1b9fd5a089954850ed499cc22867f64f08f063b03c8a95d78160bfdc4428a79e9616560af725ba44b4feb40a9fc5264c2d5f8422ad9c5236aba8352502cb836a319e334651bca09482b2c21a640398974ee622f1c424bd188a666debab962d11cc4ab61bb9ed4bd65e1a46360948407c8c3bb55f4e71cf53eab8c48e8925906e7947f34a48c3cf91964517dfdf0a3122a910519aceaaef4a68fc25a5dfc0eb67dba7d7de475e682698a5ed73fcb137fd42975ca3426d15df57fb9555d3060f5006d535a348f2da7c1059daf7c91dfd78b8d4e20a1b122201fd85d215c1b9ed11a9b3472d9500b4e6615ec5afd5b7ed91b9718d7e65eae5dfc8f42754476efe6750e110f0ec35eb977ee1faf2baf23dc94decfc3e429e46f71d20041616cff6172eaafca6977dc8b24150e8d1807a55f4b6dbfe1c6e97e28f23faed041cff79ef88e1f18a44e35ddb8ef8291d71131b22c3890a53b58a5d2754ab29923e8afc1bc84750ead8911704e051b68b8c3eec25e457b04410c9437759c907897d17d26c85ecc2cb9239e43d93b26c01dd807393fa3da2c066bcdf4caf3ec16fcff74199757d4ec604a1d5d28c3534d915154088eab693ef670d19c01b471a162f644cdc646918ddf0178a2c28ef1297bd7d44531f91bf3ce4e17faad167b6df3bc387f3697284bec6f83271ec0e9876aa2f96ff4272e26377ce4fabaa353be80d757f407e83e8b0c7c0dac385f42047989311e08a4d985eaeb5a7bf952fe2f02ffd3f864c02676fb3e3b8bf04b986e32592c45d67231d8ae87afd94032e97c662e137be9bb37942e8a571cd55688914b2256c2987bcfffa2f5448df0883d2229b57de26b2a93993e8fdeb4a70f16d520a24c9f50c2c078d657e789875902e0aa433dd723c3a62b769db1e08661dc3974ea3540fcc1a1f7057e4608fd5c8e76ecd50eaa5223d83f47d0751620f71492573589e908fa86f12eab1ba5038fa20e06f42371cc390d25dccb2d367da518d235e6fd0d90829b8574fbf7b74d4fd7dabcd4ddbcdab12dc0800a47315efe94795d96cf62103bb0d5359b6429b7e01a46847958772a72a4129b1efe4d84197a938994572b1d7db273b2ddd9022cf1b49f35da7e318b5cff0d1517931b8096017ac1e2d65e86b3e0c8271d5e5b644d6df48ad02b47e10be40b28bad516ef2c8ce6d7e5082e1302931ef3dde854ac17cbcc073b08cbd0a98adec301afbb7b0f3769d14d9112c13bed77c223ff5086a75078411f03bf8a008c29f0b3e30b9f95e71ae74fa28944e2a46c14f5c5a32035321d086c892ece1bd946453b5bfff780ee65871e873be2e3c81398eda3ea60d391377b06f7456e7d08347b401c69aa1ef75ad1f4b681b6483d4f317103a3d30d1db0a3b30cc66b5caf54a8123ed1f3730ff4b2c30e1d60b5dd332c4eff12244b149079d2b066b9e527111f52f88cec0b2dac98d881e72294b09b826dbaff02f6badc89cd611e72ae0a92742b7f9b911e1b2f770920b02aa650cd5c2c124032fc04f437f9610df6aefecd38aa457d1c4dd4d89784401f6e0f311c870cb490b942ea0cbd2fda0f16518e9f9a008a20b3ee1b455638591170a92f75ca1d7ca80d793e3a68a545f6d2e8b1e9b5feafef9c1f1683d16e65da31bcd83ab1a08c233e89124e49facb8c447c76d3f66c129afaa8c67d405f2e21a99e1b7c3b8ac84b8735a3181a0501f365767c07a377a14af977a8b1dac8a648072ef6df8b62caa3c3acfea29e0eccd9445c74b4ece3518a04af46929ad9f308880d53b5d2ef1b3c2d81eafccac16e614038f42504a165200a38de6cc602bcb86040d656bd3bf7fc1b8f1a34a0bb4a4e2130b98d67b0a338a41ac8f0c387dbf1a10e347e8d6ce3ccea68f8d70454c5fa615867d1d8a45d703ec775628b065b7148a68333699cd3fd5d36945852f0fb6a911322cd3a865a38aa33d673a0155bf78dc9c4417d7403b611678d5020d56ae46e70b7448c5d39fd3f0ff4ff1c3f04cba9b3b0d9061459143c0a14a153fdb547e616c801f586b77b50cb6fea335129de8fd79b6ab1dfc0beb2c675cdb8492affca337cde7eeb45445bbf9e7565ac17c22f53ee3f2ba2c727f249efead1de8731489358e7926e6e6a39aac7e6f1419711bbe9c989aab18671bf36cd4fff2307c224625399f02eee13bd1ce6721a51fc5144094c8d12a88bc6f39b705972bd472a3568745197daa4a21b13eaeb28563d01975e7febfe6a537745c2ca6ba3cf4e464e5063dd91cc3dd640fa5daa9b127225af3f8c9320d8b682bc5358ee353c6c155670b8a3866129c0088be32d31d3d71eff42afa53af5855c2e64105f410233cda6975b396cfd1094d42c97045a4085958bbe3d13719f9d6cf944042bf97d4cfa7aa881e9834b92766211e2ab25941c235718324f0da91770be3bd72d190d603f301d77366a3bff73acce0bcb06115b9ba9f9a847fbfb9452be9af9071aaaa3eaabe13ca33dda91644709cdc15837b9b8ed21ce0a871f92acf34cf910e1bdcddc8e32bdc0f5bc4c811a85b30eae2d44b0603fde8f24b97a7648603401771c4562c7c111ef04b3f2853e9c4d4a2219064f592b4800b4617e684f1ab588faf52f825e0b136bce50f458278c54654496d8d654a20536ccac096b572bf6276b0a73b35ea464913485f8c1bb9abf1ef1f1f4cd562dc775de7e5e444f22bf83e97b21f84eb8cf1656de2d2a77f654d3e71cf4d4dcdb16e9a550cafbfdcd049b59203be7edf29016b7cf10dc346fa68f3254ef95a1fedbea855748f0acf66a349b21ffae3779e56cd568e2c1a494af78427505ee09f45ef5aa6df210db3a1e2ca170f6c90b603e35a435f8d462b29a15471f764c9d5cba43b897efce6e5baa20bf0d7e9fceb523c4903f9ae37763362c610a9c5db4299c6f9fb57aff478f536c58d92d0fe4dd1d5d7a69fed635e7d599ae8fde74b5b5003c92ccdbe5cf2e861f28a94a4fe3b212da6f23ccb7131700a7c99206eb6b2794bd1d55c2b38ff4dc53884c59fd38a73cf664bbc0c6873e9d1179685bb8bcaa317639c04ceb5c2bf432dc391b2a36cb7f5e4f83207957390ee8d9267db857cda3cd81aa5572ec4262f7a3356342243fb9a7b5e2260af55a77a0adcc46eb267a86b0ee6e51cc2f8c5edbcc9e6a460559a1624caf18517b90249b087340fef0e61f1f615bc41126b5f4f17b7643ac85642dcbf2ba01c73d723f796c260681884973afd542a2f21866dd9393941af1f41f453e8f4a0d51df5106d0b5db31d5b70005316ea8af591e4f90503ac24acd7a2b5f07ab9f2927cd525b597db374d6098d2519580fbcbc702eeff04451798a55f2593e17243022ee9cefdf56e1623870b2bc9afa01cfbf030c28e264976f941e29e88a796ad6dc3942038b81cdfdb93c173660afdf310827bb40152dbeca2379cd9a36292c458a87a976164be28874557ecb34bfcdeb70930cc109dd09a8dbc46b39721e75027cff41a7a78e7c0cb7e52a758654be4e7d36ec82e3aa217fa4908a0bba36e62f0c67efab4fccc06cc173cccf80e0aaf367743b130d172a6c8fb6bffd75fd8e863b087a88dc0d6f4b1f889c4dd31bbcb6ff94410d9999a80df374185f2b7ee51ed662bef60fe88229bbefd009cb95d83aba484986a2f1b48a684f9d6ddb99506954eecec8d3c540b153c1d9210a759eaf0461eb7ffcca737d803647c3c94f50e31e6e0b443610bb9e17e60f3512d606f29e7d98bdaeecd58131ed93764dd994e547223a3989ec01f423bdbb998740f4691d6c8cae5b64aedce1975a74b1caaeb566f0fd55eea40c3380d8790a2c02051115b90dc99fc096316b2668593b578b85ff8794b48b9ce3f41402592956c7e0299171db952ff3e779445f2120da411585d5bcd3fefb4c05d93b4fc200457a82d28c385b218788e8eaa28cf32b1e0401234ba18323ed3394e3c45d5a8d7e1f5301737d6a722c1171b1705f414403b641c7ac590ce1bb65df94346efbc84d9ad0b14e62c09ac2ae53c82f159132567aad29b64a6ce58e1632b27b4f6ebdcf365d628f09e3bf434908ec36b8efa413c47765ed76a065ec23d0f506c9aaf6980bf143fb844c9ed8ca2aac92372b4ec55ce457d2f08469728a1eab3931f3c5e4f589ed0397b38a734c37ce6e4f1dc24426691b3670c7e62c0fd985e56ebc74cdc0866a2695dfed993f1e97887332b822503227ffb1a8ec1f8022cea21ee303533c274b890baf7618220b78123eebe3a3c19dbd62d4746617fcf0a1b55c9682d0b9721eac91fce82cba16285209e9f82a71c00d5936ae726d6a115c40205727ebecf071b758638d00f6dc6fa72f96cdacf422cf00b4251100a81e29979ad4c799c204bffd98dbf08cdde48324be7ab5ff34cadc183d0d1067821a143cfce41213006e159ef15e79fdb982c1693a4ce4ba5ebc996a0a92bfcdb2942774d306c3bfcf7b76fa2e843afe9431c46a1e28d6757d2ac7a5ba7b5c865bf4e69b6341f7e39d979ea0", 0x1000}, {&(0x7f0000001340)="5a271587fad79fce5e355edddbd260864fb4fd8a9048702737e2d66d7d22efc4b1a08c5abb2c3186c31ea3a4d931d916fd55de367d98a9448e2843d1a5986f57d9f50253bc369430dce8226f6ec34439631a162f35cdd77223972aba29ef83d0cbc6d9d23910d1474c7e6fd90eaae6ea8d39ed9701cc1416fa3082d6c667ff4d32039c7c83a97a927e7772eff94b0cee29e4ebf0720058ed948d1db341dc4a5405e8216388b9baaf08ae47d97cd097d73c92b620d2e6bfbf3081065615745f95994f6dbda02f2703161524b9b722154bad919c461ec4c8cb030d5f2f17d47cbed13e640587b6170979019727cf0610409fdd29653365e77670452e782a66553d0bda2323fb2d96977191c74de90c01053c8dda90d769946e04bc97ede6bf91a3d057a1344280ec84ecaf48c3e41e87dbe7829592236623c992b5619f2925cfb1e12801706ea9e66ea0728015c12902e2e2f8a03c85affb792566d52606214eb8869be9857f53901b998cb2612af1d6afdfa54bbe40f6849e08d2e9956eee97802aacd0760a338536662c5782886f541fce55d13f9a67accecfa6c2fbfaa9c22511355cfe2e5ee3fbae314a8088b6436251f589d7bf1f3b8b697bccf46a78b9c39253ba092abcdfea30f18f5f8cc3e6cd00aaacaedef85712f00687db121baf154289014476b49174bf26dd60e43ce67d67ef67fb9f5b7db0cc7dc194bfabf69c1d84604d24ad1be6ab3a2247b63877bcc026ee6020e03faa97dfa7653f4886ffbebf4e44cb244d4eccc15501f8797e5e56647f16074843ac54672542f26858856f194700b14c3c9947bc7d0759a482560cd50e9dd4afa0ca0b3811203238505d09f8809a13247d59ae8343b1f866a79d6d842579cdf07ac8fe70fa30841ab687506cff07eb727c48bcac77c2c6480495d509e24d0fb377135faafdfd1bf7c72e14d1a88d752f9789b6f11531bf3fe22640276592cb05d10793d9ec74700b860e282ac7c2e79166880ad855db9e516347fc7feabcd63fd2d91bb3c756c78b1019d19d273057588ad68a62f580271e09d9fa2d797445cea22601ddda1e3d2f91eb658852f0b45a0b865e14573d655783322fd4a53334e46c4c68b19037bb16ce100b2ee38e9047e456bfbb995e87549333905b056c0894ef515c2cf06dd674374f9cbb6906cc1f52bcaeeb8ef54803a9f862997e7a6699c3adde7535a76eaee28e3030f80aca6a46115cd286fb2d333d8deae4885703a793811546712a70890a77f50eb968f9b97466774634de4e0bf59d0ae5ff226d0f3c0efd1e4ba1e896fae5bed67a50f7f5211886e0bfbf261dd9aa27b50d2d3c71a8bcef8c171c520df869c129ace5e55c216a93463a176546bb66b474e908b96c2f6f5af36ec3c936d18ef3cdf6f5f05b75390673364fc51cabdf6ea2dcc29704265a7c4c5df029e9441a0f562ba8d229ca50574c5e62d58091e3e1ef60120ff0e574022b08c1b61f1a1585eadecfef13cf9d3df7111dfaa2e4cebab8dcc186e75ad45c4697ac79376ad6bd929f7b209a08af773a8dd5aabdf29e3e04b709624acf1e396f804ea03ea0c77cc3e6a327817f6ee700bdece0e56ba2b41e9119ea0a14def10338c543b332fc4c3828547b50f660436b4769a3efe861dc7524c0b13c66c8cd9c882647a69165b651e6b06faaa883cb7a25a5456aec07bbcc744e0097c02d519801f1f7777ae3a2a74f2052bacb5740333e1083faaa65ede7a27ad560241fdb8d76bf311bcd0bd2b37bd57b35b4ec1bd2b5340ccecca797d61a05a9686fd5e3047051478d4abfb0163052f12e8ddc4c927e1c2f0c10844274e9f7ada3305d2a44c0ce6e5b8fb90da9b248a37678ef4c5706a7131966179570a6b40fc1edea51054dd8a90bbbb56be1e8331a11bee43652c7beca831064033707e44ac2c00a8c5159ca043ca9572791f46b636dd02e3290ade6a52371cf9c22f71b8894cde81f78387803aef577d098ad2260cf61d49a8b62bf1ad7e7c35752a431e86aa2528d34d91ededb3e851c467cf0e004f914b45c91d02af19ef4fe35cb4c49325787f90122945427f81d38b4d63eb947a91cffd7932e25350464c72bfe53c7e63ce19db25eaf998d72a073a6509c344ac69b650f6cc4ca26b9d7f1d2d6e9e4b744b10a66739dcb06b48a7e112711fbcb80f5b5a3c3976f20377174bd446dc39aea7d6864aed02a2775d1adef5ace53cf0ec4a3655b251429c2442df7b26bb4d2e5d3e3ba1acfdee5a859e48b66960f84faf35d875513f454ea295848a47f37406b3a319442f0a80f9e1fbb2edfda0d14131857ebb32e4b951f8b4788a3035c49e1d25a3b526305c039f7b97af2e62f57320bdf3196321ae77db02fac593309bba3be1a3137dbf784ada456f7cdc5ccf11a198d1a0983dcd07a7d89d350de3ab022328434aa320fcab81bb8e5d9f3cec9a13f87b6ee0379bfcaad3cc9cdc149ce259a1f379dd7e25831519cf0807aa4bd467f4ce51c029e82ef4f15976701d89a139438ee36b36a5c8c7029d88345938d3b102c300cb908b80d6f57f26027a9bbf8d28db695bb0eea04da18c4dd97278ef12bb0a67431cbd48d63b95069302e78eeea5219248d41e23594f7a9cc2da068bf00a598ef269eab8c402fff910ffe7e5adef7cdd99ca13f139b40889a95aec51db8cdafb172fdb893e194a4268d7e3e723d5d17b9228adb4f2d34f9d04779d4392e2960e3667d6bd7ce675f2e01a81c4283102d0a3f3ed69ce99217e07345c8a0da10e1f0025f07e9b1db5ddc18888dfca76ae6e50ebf8528a10f7e3fb44c0bdf55c3321a4f568199543daf0061889cb1c1b8c02ff1b16e369b45e9ec2e90aba2bf2681f7b7afc91c89a3412168e54610d4b32603fadddd070b9691884705d2afc8f0c9bf60a409518aa5f424cd78eb1435124ec460e101d546232d31196e52d7f8a921e5baf0134ecb061718a57e64708edd0f550ebf3e75000909ec9e7af51454f9beddefb4faba2767cd92b1e5e51ac9671936bb2d52350b5156108cdb7f740f81bb6449bdd9b0885885f65d309942861c7b80db9a738a41d0ee73795c8c0215a2b93dce4c4c1f7d24e76484195fa71ce94430c14b26c5bb5acef63e86a20f9f0b6641ff932900f432369718b4b003d16f53d29811fe26a4e0bb38ea2d9ca553921e1431a3df107029b2819bfe2ede39901696200f8f7853cf2f952fb8baa791f24ef34ad92f1e65489f1df6e93469bcf15d5dee3c5d6e73807106ed59ff5f9deebda9e0cb575a91dfe670c3f7280434fc9afccf2b5d24096f7fe8f396192a9cec00513d1fabae1110f0ef7be794edf63047f9c7132264ebbc8691bc63c5e3bd74f911f490ae8e8a98710bc5398e894c433072484b406ae4ffea12263e21f546f973d23f733bc18cfdb17eba47d35102c616767333c2b4c94c361d1eec21c4f32d90ad4cb027d644913a1ea2f14a77542fc6467eb181e11626f01405edd8604db5d96bce6cd866f5baebddf5bde080076de503e23ea7c4417dcccb46ddd169d08121c6cf51a5dfbb480648b6289fd9036a4c409f0cf30c4569fafafb70375d0899737c148be75ee0b3fd303d4bfa3eb8bffc8e31207619b07d281262be8a0f799ee160bdf6250e49d15d898f7a55a6ca83d4cb6965f4f96a0f1f9bbdced67dc86717ea5250c4b261b970e0708f48dae25c1bf203ac5646f4fbfc1e7f268953137828ffa99030ab072dddef7603739997e378f4eed198ba241c21b81097e8567a16029117519dca10d824b78b1152560895bed4b3404981e4ba2fcbed0c1eccfb24abd16786818dbae165db9b825cb0a202829f6d8a2528df4d7dd99997059f70130db5fa796ca848e4b9a1faeb07a2c766eb959921a2e3b84ccb77b97531ef02c2d22ec0bbef2f1dc77429fbdf2057854c02fd6042dce6b0a9bc80a4432bb57cbca81a8ceb2c70302cce7e135a1854474cca35c73a51a2b8aea93cb6e05b9a491e00fb215b206b4be71541c713c15b7ecd707971bb1dcaef040947b62b20a938e898056f487664221d91ba99ebac100edefd37fae2c91781904ea0982a36d9cd314f65cc33cbbb8f9318f208b38f464571d5173c06fea32c7934cb4875631087548c58bf462c29990b8ce4b0399c1d531412d1bc7475a63a8fc1174ea43bee4208e6fbf35fef5b91d5a9aab281fa14fc431d72e589ea6d4a4172213f60661a249b14772f1c18b0c051594312282152e2a18555013ae450a832f7dfdf1be14e9c3b382a08d4e32ee16aca86bf8cc633b618394561826fb97c53e492161da4148416fa4ead88192078ebc85e72efba7fe4430226cc0ecc43962041d46cecba660920b899a29fa0465da48c9ff9966162072e21e33ac91f61e917b25b1f987c91dd9f9340cb169bd812f54dbf6f56052314842938126254bccd1c178d2bd049b5aa825a11c3e140aaca7fc18ceb9368ef99c9bf8185424d7c39b7a67ab092c309e426d1930d611548748903c3469e1c2d945c20f6beb33f9639b9a64ab387b664846bff65228027d75fab7031a6967f1e4b5efbeaa849a5e4568df328d03cd50d8d2442c6031535f29a2730e925b2f9fdfd9d8f0348c8d63dcce10a69dafb7e9b68e4329da79e05f429ccea82f03272e9e35a0fec6b5155c7e91035b792dd59c25761e9a0cce3102a9ae12f801573ce461707b567d9d3b0f96ef5c461f5788e2b93f2f9fda038b715274fc23bbf748f82ccf5b551ba44835992291c45142b866324da5ce29f29f83d295d41ae3b3ff001dedf9df483a8fd4c82ce75f1029b0b81dfbc9fb5233fd285e99c9b2be84425900174b8214c1484f85874bb776d462eb20d99c5e1dca6ad99634ff96d8d71ee41d655a0434f2a2c044d7dd1baee674854162d61903e341862b3cb743f356098c54282a2f947eb98a868ae4b095bdd704c4f9ac3c71e730534776e7ffbdc5f831a7f633b7ecd01b9626ccff3795f88c381528af54f4974f2704859c6bba37618d2b07bb6ee121d454084eae338272c21b5f1ca56034b5aace79c92bae8388cf2550575d4ce2ab7505a6c0c036ee17b8df3e12b7ee584f184714ac839d68a16ca71cc1948fb3784895f481f2fa257a0c22bbe051fbe269d7364c35db0dbd2db5e3c7b5d20be650fe275900df058ccdf537418d82e4b7c9cc975374a2de8e0bc1af0c5e2e36bc4f08269a62a700818a2aa2eb1ba0e5ac1ed5be29de513b50ecea936e12f7d00aafc0896b015aa18050903cbe16a966b59ea033ffa9a3c4110f38b5cd93f6574f293f0e67fca589f107e1542479c9366db87956327293b379cc4cc09160f1c49096bef3fec1de8308da069684050f649e0e24a2dec6f9239187bb658dd7380b303880b2c29efa37a4259da9d3dafe0d86f39f4a5ecf41b8acfa64a6c13edb5fe4cf13e037590bb8a250d9a7f7a483cd7e460a9eb829df62921db798a90712ec7ae5b2f5152543213d108b13356feb6ef993d79b22c32a11fd5ca89a686cdf18a107c655c74f91442b82b9db69e65feeca1763a7c57c08e06cc9a256a7cce40071e2c95376bfcac22606fe7aee2bedf83a47b05aab968662f7ca7257723660cc99e4546ed0cb92b28e09432cd103e121c29a33931f4f2c4e658f60be2ab7e5e19135736850e708b3fdc1b756b1978f589b3c518d9821bf540e3350f17b6ffbedf7a5f80eed8e2a1a87ecb77daa3dcf0f8efb704528ee68a76a27ce140bee19345730ce797abbd2981a161d0cc863f03bfe81bebbef79e2ed9dada1e1d1fe0a927c408e15d54", 0x1000}], 0x2}}, {{&(0x7f0000002380)={0xa, 0x4e22, 0x7f, @mcast2, 0x5}, 0x1c, &(0x7f0000002780)=[{&(0x7f00000023c0)="09d89dc216ba761655b1e45dcc1485c0773ca0cc77aa190fd58aeadb61ae0cedc90ddf7efd9d0f6bc84bf67f7b70dcd13de5bd6302ef2fe14dcfab81a32c723428a3f2d1a6895b2f7082598d0796fbb4c4f8a39ddfffa4d236392ae0b3c72ab917072edb4ec9e80bbed03fd3e37c4325326712a9094abc94fe033fd1ae2b30fc772c0c19ca3fe54b90c5ab6a24bad9c9dbb5dccd6ecf3b586cfbf60b3a4dfce4b979352fbe04f2230de38e64c0d1c45980cdd5411dd4eb98af772701580920dc9bf5f84eb568", 0xc6}, {&(0x7f00000024c0)="80a547c3aa544ded2f774be132e8fe39752cbda90bebb3f653d8016a88503d3f58f01d66bab24684ae5a6b09868f6e9a3c344909aa2320be3f619112d45a251a385311686ad9ffa7eb22cbae854db02fd1673d3b3f9539c40047ccf6664e93522e658718118ee55c0201846af2b89a3a6e9663926826db1e2e24c0d893aab9065b6a2afbeb684918894dde5343808450", 0x90}, {&(0x7f0000002580)="1d79c4c2622027f4f03331b8a43fea5e36b27d1a535580e007806b08e08859e559b16ece35aecc6f1e035fff4c2aa1f56f13291d9ded6689708bceeb172beb16e7f2fbe0e8074b14386a7c5db8dbe2a4edf92d7f89357fe0e8276b22a0b509058727de8ef8c513c34ed6ff147844aaf512961b3d063e2e2943a82d1f56868c87f342096d604566fc5952bd27da55ea97d722007566bb6bb284867e9021746707d3657892c1e32f4843ec2738ec65b30eece59b1c0f7643b420f85fd0c7961a93cf49fe1e73b3d3ba776baece5190a133c37a425421dfeb06c39495276e2d4d82a6f9bab6", 0xe4}, {&(0x7f0000002680)="5fd9a1f030027961316a691df94d7054db32cd1f43a4af83840db2b27121b64b6399ca5ad53635a8c7f9a3393cff02ec9f9f0a4307428e1a4c0c42a0462733d37e7d17eb3353d708d5563682abb4f312cf5e4de4adcff8ab4422e14852c090be0c13cbba3e6d70b8f2ade2a6c0d98ba52a14dd3db396e3bb966c18b24487b711cdaad13229f3df88ed81cb4c10f50b6f1d0e0a6afe17b71558204392936a1257f96928f3bee502f1b042cc0be4233d12d5cc94aa2922d16025e4d307baef9ceb2ab777a98c74afd928d998bff95f97254c1d2f84d7b014670b180dc1361207c4f91d59f7", 0xe4}], 0x4, &(0x7f00000029c0)=[@pktinfo={{0x24, 0x29, 0x32, {@private1={0xfc, 0x1, '\x00', 0x1}, r1}}}, @pktinfo={{0x24, 0x29, 0x32, {@loopback, r5}}}, @tclass={{0x14, 0x29, 0x43, 0x9}}, @dontfrag={{0x14, 0x29, 0x3e, 0x9}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x3}}, @rthdr_2292={{0x78, 0x29, 0x39, {0x87, 0xc, 0x2, 0x4b, 0x0, [@remote, @remote, @private0={0xfc, 0x0, '\x00', 0x1}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast2]}}}], 0x110}}, {{&(0x7f0000002b00)={0xa, 0x4e20, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x5}, 0x1c, &(0x7f0000003d80)=[{&(0x7f0000002b40)="d09cc88437130ae9d019d9a33dacf4ec6f524a3f49f2630505764e1e115391f06e7dd452229949417eb4604fb827b8be735a73221c43fc1b5b0979a1334bc775403107a14b794d76ddf5d01f4791f831b4e75907aa87443d2f14256e402495f413ac66dc0da4f34ae8661e19b5ec0122944c14d90da1fdf02044af5076ab9952", 0x80}, {&(0x7f0000002bc0)="600e5dbbcf968c8f36ee05240e30fef96697b5cb1b49d1365e4ae3fdde284c92769c15", 0x23}, {&(0x7f0000002c00)="2abc2d1751d1612d8890df6067b49f041ba5045b7660112eb4e5b8824dac9b8cbe3059e3fc4c17277207dcab69864132304e79a6aea50bcca01fa1a24dd8700dcd4e34e93059396c85153139482deaba211b19219b4d75d191d9da051bd9afd4fdcf66b59c21c03fddb0943e75807ba2c3c6bc49fd8680929a67287dfc8847c09ce266", 0x83}, {&(0x7f0000002cc0)="48013c27a5854c8c28c96b362b9cc81cc32d90687e8d1b5bb331b329bc34c7b5dacc3a9a2f95095e50688d389d2b2bb435448ab3eeb2d4aa159d54f9f975fa1332e03e63dd869919a2231040b7d9af4c9847e069435ee55211582b5cbd12adbda11776817c57feae28ad73cbb3cddb530f0de6eb58d080fa49699411e58d828bf7c07fdba64871966b0c3867156d56b6d5321b6df9f0ebd3ea626ff7348e37af0f14956372acbbc9a45b79ae170b3d59909a215bee56351124b31638dd55a4ebebdaaea70c3f37838086412be95ce67982f1aaf64ce35feb1725555f972bc2752629bcf4e3e2f02413d37c2e599016782f2e522e43e44affe9d1782f386252de870028f8aebd5fee0a89b2e6cb99d8efe2e01a8a3d7e98fed9edac0926c51f88de3ebbb1d78845441361b620741d6448867795bed143a0f22f694131764a201723888fcafce016d9af8bec730b4c06ea82afb4918677cfda9757845ff8de916dbff2bb0386875a00ad1bd1cd9008da22fed21e17ccf6a5748c1e7e931244c50c08f666ed95df14bd295e8f03510922779fa4265ce94b3bbc7ed22b511d016e784a2246f57b9beddcf42e12c06ddf28892c7437f572cf678b5f31ebaf9c1d304b8a8f9387f3a422505af6e97482c0538214386d2544224bf907aa436e423b2e48a70b828a57b397ffef33ca5aba0e8cd3a3da0f7577308e8cb1d203d51155dd2e9fa1362fd9ad6b8b311a1ff1d5e7075eaa281fc99afc96d0fbd7d8e6d0fcf2115c67f64bc486ab83b9fb08c52bc2129459701796b6f261f51811301dd5113e2487632729fd47c31c95f330fe7a74d0a0aabdf0b747f8695d9a4c6d534561274fecbfd75916d304f8a4028db0fcc1fa559b505b3991a1e20e3261458e0157beb5ef386c4eadd655f5dd19561bbf3ef9fb5192aa55a069892a5b7d5788784c1d5457de0803e28265dedf8e12e22bcc4d06bf2b8b8a5360edff341f8bcfd31a9dc9a0a2f6b44c707e9039d3fc9e7d77703f58707aeb58739e6bbaef07cf02044b4a429314136db6b8b7063f1259db98f2047ac3797c7a428781615f2bfee9f1bd9be8393e812133f933e82b801be04eaf6dc8c1fd24850fbe8f3f4752fc4779d2f33859cf2b09d28016573d02c243b6767502065e432e2471c3a80f5ba0f1ed3838be1664fb78a71775c8943f8aadec896e53da916b0e4746aced0d226960cd5257a0d2b69e75a7e773e74c3239ec1d510930074a14d8afd2dde6500cb4751b49d893560132c1d6e5f66fe981b9ac659f442d84f63e914dc9845f1f4acd66df561c84e05ca635b64239b647f163d57f37a0040c6f8e7ab25dfd3564ed0bc0bd3a0df87b2e1211ae619a1a05ed1bd8ad3d9b9bbfbac3aaf2e50aafb7660fe243847936bf5e0fcb6d30c7c94af258d9247cebee68effd5fa97236893191305a49113d26c0b8f417671e7bb0741f98de117be9101f2eb05189be5864d3db1d38119939fd5b49f0c8a860198529bcd4bd9afce62ba57e134e55cc87c19aab45fd72ff1e808590b5f6c62361f7736915af7dc1dc13cd8bdc2b0733c947cc6a50df8b1a291089096a1979d377c60cfff850672bfc7fbf9c519a0b77e34bbf330236de2ead7127520e9a83338bd9ef16387687afa249abecb82523cbfe08a00657caea8a27a754aef48555695e778f1dc541368000da7497a49f9f14dc86249a36c5fccf235fdb6586617eaa0200c314eaccba12d65d54b4bfb4f4bd93fb5f94ee7397632cd4080e6799ffe7c22406d3264ddb3ed50be014fe7854978b4521d36ba5f679d4c9f66cd280c58752c49c14bdfca84fd168b24a0c540566529b3b44f2b37bda1c8c06d37b20cf19f82b61725895a950f2aa7747a16366141a088df8bed909e53f7a40b9ecc9060cd2c7d3f386deef7679e1f9010af87e4885c0227152076c19aa15514fac0f243a1bf4c7e84b9f8ff8e3eb0dad8f79d70912bf19094672235a64564feba5231a21ce204e8177b9ac5431b4cf6a81330c47db9a34900726aec06eb8ada665603d989493472ab4435458dd0139c0bc3ccb02566b9af87d93938e21d391130c4b8712fb29b85d86531706ff2aa9f03d35335c91520c7789051593a62d5f8776969aeb2c7d7d18405313db90b1ca47a0b4628446e16fd33a06a3f8c3b668874ab4bb8e4ed23685a9eadc977de03885e684dec2bdb6b2a7d47a37b6484c97c45cbab6a0805888571da0f11776db46c97d6d05dac8af9270549b192286b20887120f932ddd65fae6d1e355f4d3a86a3e19953c3c960459044ed0ef2d9c3a99ee197216f9f8fadfbb5064835629c94401a035ce7d9fefcfe4205c38c9f63e34fd7637d9f08f3c7bedc7e16e0a860ad46339faf0a2e369cb947fe9b8cad5b745856148576d3e4f044a3f85e88ad33c448ad26c9307df60fd980a3f5d7e69660aa4d9360f43c9636a9249e5bf900ee16fe3ae18c26a5ebb5cbb946582c477267db88bc168bf35806945ed11b5b8dc521a17ad9a6198f3cc83d4e32bde3a83e55fbfccf51ec1fbd6fe35147086a3d3374d0c26e9c89714726d6d4aa5b900f65946bee7652ee0c280ca9c748f8c0e139d01577951774a9ce0ed76cbb4031deb7fe9ae627d55c7fece83b8bd30daef2e66c7070067a71e73ff38658bc85c2abdca143cbede1d8e0132191600f720c1954f85a5421ed86994343ed26fcb3e9fe32f9cc022704fc6a901612879caac2b736e86d660dd4bf4f91c343ac6d0c6ae84c7c4c12c4007c36ab75c52736f5f32abcfb8507ddf90dc2d60c05652ac9e92a0258bf199f7a7affba7484837993841697614991eb03f2202e26cb1046c4023e65dcc1507c93a918aac3cd37540bab4794791ffeb980844596a10716b9cd123718af87f77ea32f52b3bf737173784bb3cbda51bfb98f7742c95cf7cc8a8ffa777654b5a58aefcc4c0cdd0f3c162abb92ba04a84f41bc1c033cff754a18a23333b732477ed133da4c719f82dcade9094ceb6c68962c5019ba96da1bdbe61299da596ee12bbbbf6f5f1a984e150675fda0bf650fbc09ca0db44b3daed9038ad680d2d14e260f9be59c11c8c5b7360e3b57a29f81a2d274a18753b71b6c493ec33de7cf599e5f40b2959f302061d1cc49a56ef05dd57697c9dc7c3bbab23629cfc6c45bdd2c293d988d60d1b10bad502c75be4272c276774469fcb8c69a570622e7f9d748bd1f8a1cf5e7ecf34927376c62ebbc00610f76c1dfa5641bcbc2e0b8f6bbfccf347430546935db450f65427a55fb614cbec0bf2125629d3017775b5ed2146617e510adcc0d79728186187390d88e648f9721b185a7f1d896459432623e0a859d5455ddaf7409c14e56556430085558bd1114fac31714aeedc59a81914792d75937f8186fd72a8a3b62e4505fcd5f3a315fb84530a675e16cf870a67563351b43760ef7d625b0f504e7d1d46c1060e848d33d7435a39af93570f777dcf3464d75b9783ef49e6f9f42fe69e831a9aa583f5018c137e2892598dcf794682656a2bc4bc74f77ed0e1d9bca24324324bf1eb00f09bfd6ebd15e08adcf974e5f6f8a44a9c762d1d4800f30633529bd69c0674d4681cec9aeb93b896045921fb8ef27ced4718bad6d457a9b42b1c60b75e240f49d3d81f33a754b407fc94e6c7cbeba7aec293bbeeb99e720b9aafb61f6336e07f2f912cdea344482d85a2ab206b55fc4fc3acaca307bcf1ffa413f8a06a72a8456d4ea13461510d8082377ab58a7ed503bc4445d86c68820614dd6355d11e49702b76f5b39341246b5f2dec7c61204efcc3f74814d83752d73133c393f77dd5a85222afb0325364f2d9a05082342a8672a1707c0a7432dc5e35a00b4c85faee3a20991f99b788b7b390103b29b188b73fb0f7820427ad74a9f52f535278b565ec615d4f3c32abce6af44fac315f5fd34bf9aff5bf8b497053eac0aeef0fef12d271e78ea359b9b7b8991f857952929f59c97345468eee99d5b2c9f378ea93d0d356c3b582999002cc17c718cdfc1cf6d2ddac61f641c2656fdcff5b42abf317ce1537da5ab94607177bfdde36bcd7c1b177d1608b5d7279dba0fc69dadb2b5c0c462fc9a7fa4878ae2db0a3645f3665ef887394359216a203d4a9ddda6b9f49c10fae579b01406afa7bcaca859b339d9b7b0837cd4abb5a86f3983b7563a91ac017db52c831619bab1b5856a43b50531b052d19f04c4639c9491ca0d5d7c0fc98c14da2ed55620f35064eb4857afb8d6dbba69691415a3fe5f8960c111d559eb3c30402e9633e7dfbb35d8587a32decc6dcdec0ab4b82f94c873b11b240e4ec07233c092f6e1ea080ca688fe254e74aaa556131759d4ee99e561d3a201fd587a0e6dcf16ed9e77c684ff94c59e216578d484e428663734ca5103bf963bfe71ce76eda1b1e0c214d426951e5523a503db3454355225bad4c3b6916d37b3d31ac29cd646c4c1e15097d34c2f7f7cd5819a32401069effa4fca3ca8e6702886f8038c7a8a73c8a471d9e97bb70a9c5124d0b55ca9d113a734b05aa32e92ebc7bb3cc2ca8e6da1293e8df299fb8a6ca5ff9dd6dc37f5a84236040be13f9c116e395c169a7617b425ac6bb01c3d12b53adc3b9dc06260e56d86823136aa386a3c36cb9e4b15929d366c69e13e5126e316b5161ab0c18da21b516af2f77f07d0579d53fe88b8ef2ffb075d3ecd7bd46ddc6568e789f477e624a7cd620d5b515dd42226a4474fae8fe540179ae9246eca9d615389868e0181c4d907197a34bc40e4803b9ea988a743132dd41f4bc6c59c3933316966499a6677c7538021841f4414d22af9bd3e7aedc1265e65aef90260ddc8a759c13abfa3ab7ebbb47283ae28b9d2c7067da83a02e0171136be35b641e7f425de5289fe8fef0b7fa9df3fd1c9cdce1634230255657418bc7028869a6067d2d2a9d8d33434d8b6f89dc927994d2276c400d376b79a2fcd18ef0627859f77bd31d34feddf392e45d9b64df9d3cca9d6fd26834a2284fc0d2e4eeddf03fb9405fe8c11c7fa4e52dedb9364e5a75184c2c693dfdd44a3bbd603108851b2ccd5894db6c027cdb383979beef8dad9506d95e17dc1a8c9de172808325d45a2f106ab0de11db063c433d39fa10bba36342478ad83c9a524357994944cf1d2beff2fb0edf97aa44d6f62b7e657d066eac3db09a5652a09407c508fc3fa092fb95dc8cf87810cd4984fcc5b1bc03950faffc957d71518e8284e1b6203bb593821df9e32a74bea961e7137ba6814f64471b4b3b66b1380147ab0a4c32204b8246386cd99026a697538104a37df4ded604a6d7b3a7fa8f09d951595609a34bd38947ecebca914113d66a1e9fa09c1c586400c978b49bc6db3a673aaf82f556d588624f18a9c59d0545dc9c9bc57d17d70cacbb6c0d8b90a8f69238cd0d1659eff425d51129992cbd57586d9cfd1f45014631106319fe82cd7dbe36fff57b82c0b80142c9933b1e0229e375499593eec95bfef37d2394906b04d9a209db4cdf2229d4ce94a935e4557473f96d4978bbbf9b3068c73af76b269c43866cfe6a3d3a4c4c73933e13f59a1ef75242df1d1556a7d8d8fff73ced0bb547d8fe3f5f4e4982b98611ce16da32a79ed27227b8de01589065fd9c150d481d9319f1bc9b3ebbbe0aae7f51fc16d1a7af27808435398c7788858f892bfa8d462f946a8ad8e46efc12836228440e3b041309441250cc85b614e4185b316cc5b4056c8fb30b7f78bc82800bd59ac465c43958f1aa20e953f1253f307becf5c35c9d1e2762c706807d1229", 0x1000}, {&(0x7f0000003cc0)="18c3ec441da757e9a8d383c64c415237d19837fa553e2bee81bd5b3eade3814efc60c10fa3939a595a20fd839fb29cfb6fc02a79a3482e8471de08143f5265e5b00f10ea068fc3129b3a984221fafde633b99fb030599f51fed6ec6988fda3a7f9e702d57d002aeef8ead05225d1ab1a2d8237ff69d3c505f17085b74388dd0817f347f98512f84f1af1acc50011e90bb02c76fe371cb6f7d609f04a8c74dd33bf511f14bf975639a1ad68", 0xab}], 0x5, &(0x7f0000003e00)=[@flowinfo={{0x14, 0x29, 0xb, 0x9c50}}, @hoplimit={{0x14}}], 0x30}}, {{&(0x7f0000003e40)={0xa, 0x4e24, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x100}, 0x1c, &(0x7f00000051c0)=[{&(0x7f0000003e80)="c8e44ea3b0f70f8d19dacdacc78013100270c69307bde7bd0e9b0b10cf858a12f6a2308b5effcf572284484561419b1c409e0a2754c5d0e327b5f215459b274ba2bd311a70b117d2934ba7035599f5da4746e6be24b6627f472a36c8fcbf2589f02fe3834d9c48773a01b59cc71468c5455b7d8ac4814ddef58da7a148b714a5", 0x80}, {&(0x7f0000003f00)="5f6e544a942aa38b110c4d2e79e5534508fccca2fb267477a638d4727badafb0ec131cb90dc91d5765ad49ff67b4ce4c6f7935671c6d731ccce902615fd77244c67b59a946ce60259f6f6c819472b671395912c76b485a5c95a580be029374eef9db8ef95bcb3ebba12bae9741d57b6f0dfa520bbbf5a5ae8bea4134a575d6f0ada50a7617adad792e9259f1e25ec9", 0x8f}, {&(0x7f0000003fc0)="ad93249a62f761c5", 0x8}, {&(0x7f0000004000)="4fbe2ed142870ee3d3e043bb374f09c04b8219b811ee88fb51b0ca78d9cbcb7300af9b1caab7ee14f162b9051e8aad7817287446fe880d483f58ffac70e44d005ac002683f308cfd44acee6f20ee694573442109c27e18346cfd5e52bbef7730ccc6d990b4ac18f8f7b979ecbfef0ffe4def8555acafa68265c3da85674b781cfba2ae83b6e04df0f786368649cb6fccd6cdad348bc5b9b57d8948d008f57883d892d761afcc9a4ccd7d8406d279c574fa120a86e77657907987ffd6d0c90bd29249a2dac257b56e65305c3112a5aaacfa7e45401fad3913894d76ba0aff749c3346012750823014d3e8eda710fd3a83c06783b6aeb6f481c8da237766ae10e8b868ba876c7d8ac7e3eb810c205c107751fc26298c8a5cb3807eb9af735c0f2f8880a56dcd8ff722f495c20e6d1ff258e1f4ce94c4ac8a69e78122a0cf480a765c66cb243e0e1527230c04c72c84f54f7120540a2626ed9b9950bcbdf5aa0060e8a3cf800891d53ab8b543bf93560bb7ced6ed2e56858f40aee9cebf87e63ab1bb7f09f507c38239cd0dc62f1f5d26c063e161d23a185f951a2e4e32466f555ffbba50fad0d33cf3b633260fe471bbbdde561d9be2fcaa8fda741eccbee71ee276897278da320a813404990c23fe42f025d7519fa76452dbe3dcd694058421585cab6a585dd8bb0330e0b323040966296b80b57b5cb79f9e88f0b4d7aa725c11f5042eff0f58fdc2e1ed7992e3e743829f2aa2149a33e9d3213f80278cde5fa4ec3ff502b885e627f13c1fe55e0b9de4abf78d9fc0d94becc8a220ad4fa1c4672fd2a2739e3ac3381660afb4f9c12a693f9946d4d2d232af8a1b6eca816a34440d9ff29691350ac07bdc0bf40dff6b4ce2025ce16e908c26eb832d1c8b5eca0c6769f398e5449a81a268efed49345e52da30c5087e140cc192cdb937146c5d8081654aa002c716a441099e6e20b0b5c9a41cc31278e807a9f11485e1fe5ba18784b7e7d248fbf5a1485360ddbbcee56bd1fcdf1e2881b570440e8a00589c1b3e93d35b077ff5554a61196320607451f82509dff51e168d398d78b1bc197c8c3fbb42e16447f6046c1b0cf7875070e65623008b157567e8764ae1c34a5befbad5cb4205656b4fa14e037d7193cd378b5923318014b0f298707568f72ae4d3a7d02aac1edd22f0ed1ed5b54a31aa892484cfb288502a92bc8b1239d8166309aae3d1fa21b2515d99169b0b278e2791e1854034c97e21eee88a3e348c7e511c2ef3cc886f297165b280bbad919a3c7db7ab0135fdb8446fad8102c508bf3554aabbb9a6550416943c2fce9794e6bb09bccfa1d57070c6ef62aff4fec7931921109d6c749ccba44d23c05f34d419380913705e72e53d58d83ba38b1713e8c4f67fa1ebdbf2e7e2abba837d0b3eaa5e7e5c7e20f5a69620df8a7079b04baa8fb5d44cb37603b0c95b0a446cb387962dd53a6b95d9dec461f185dee139d8b66f6e535ce09579664880e81d7be3eee7489ee0dfad1de1accabe2b852ada127618ee8fe7058d8adeec6bf5c950288bfb334bfc1351e0277b95c18e760e8a8cf5a4069b1a89fdb197a827549e798cccbcfda68c4a0e740fbbe53b30bb561b32b36d8636cdc5353681030715dac75e1aeb8aee01d9eb5a273002bc527a23dc5ae13c01e5e67da3a89cf208a8c4e2b279028160bdea55ff7b27d64943c64a3d611550ef4eca6e936c01a5d0b0de8bfff3d493846ef3a0c8550b5c31740e438d515f7702167ada520aca82f359de0b7a045d1d22485ad1b1e470fbee6d4d5037425316bcffdde46a95a85d3683cc79181e6c5a447e796976887c98d005fb59f19586f2cf5dbe227dac26c05693ce324217948454da2559c0b4a1e7fef02d2b06e4468364dd73b3092560a11f098d9e8efb72eb69e7b4f0e483a8f57aa4824102e4a578c08ab85532456e719a2ea9820512dd668a5dbf1a151327ff919d9e7f3cd628abb77c588c13d97b0b87893439c7af00eaf8e059ff4649e6749b788a42be88ffbf32bf2c8609384a21f0db27306e0e056a6086b49805f4d22eaf93bafdbac8dd0c2b448fe577b2cd857060ded271cb89a732758efe37128def8e5bef12177e44f0c1783b7b10f1c6710fb22fbcd4288edc2eae17afd70a4f3a30745ba3143a39b1c8de010027b5fb04381d3ce4e51efe5dd38ba0b354db5c98c0e577ca40ab388e6be2ebed06422dcabc9164302d0bce90053fbb3008ba04fffbf91ee5452adb8a03f6c6004ba7964da2816e396ab042c5dfe3fd68599f45402c8f833dea388a28c0b59a2af4954c04ffbe1036c998127ab22b209234f6a660f77810e35bbc814cb9e73e55937b5ba7e7ae19826e241fc68b972a756ec0a33a360cb40f4b3ec7ee7adfe5e6892436526a65c8b3cebabc4abb45100cad85ce0baf66e9b2bd63b20b067a0fb14a9d9cfa834d0d47ca76c68498765203f5329808b52cb7fa0525380fdd003bc435b915950568224e2d030933f19b6395a340f483c389d50c17b5648fc2152bba5873fd57e2f4570e1d16bb9a6fb233017b4f8b4448fe687946fb6feeab9df9341f56812d499e7177be143ebcfc5f82b342119f5e3ecad4f1818c82d1a680190d3bd33cf758da0598e9a247fed35ec777e4bca385baefd2a67cbdc6fec4bdc767fe02fd7cc3f8089b5c5792cfa7391f11b3712d1d09fb1702cc508ae1d7704e9d3e5bb7fcf3c6aa52faef40d627de40fe0935625a9815da1f67b4a784a4ff4b339acf62c243c3ab420abe2a30d62fd0ca6a3219b0f6eda6cb9773327cd4749a43521cf6683a59e9efc49aca3c69c69524c4729c2e9722cd4a1ef2227e00f00266dd703e1f91ea657fa9050f31f037ff810e1b2db10d90abe1d62cc23bf31d216dceee61e55eebba441b1c20c41576ad30ae2ba2aceb9df211d7fb22e7defe98aab348d4fca527d1d945cfa3a1633a9b3146ad460f8938b189f60205003537db92a50983ae106e87a9190f69b17fbd30f1188a0d6c6cb47e19d323530fddd55fef2de0c1dba3f6d4b7c47b1a9a8965711c425b9bbe613bc3494694e5feb292262554e13beaae6e2b440d9ae08f2093a15658435ab3f611abf07dd67a44ccedde8ba5a08205db064f45cfa9798767a168a5d3e00f8e52c701957a95e6ebe67159c45fb636196f07237063a9ede4a8f507cf3af87ceee04a3d44ab45e68323a71b29a0201984ddb1a43b6e3eb9ae162a66712680ab742c46f9b1bd71f48a10d51e88a6456e9816d6437a9b93767e80032acff29cfa114b489d77a8cd28273f2528f8ce4b2525f9f8e4bc889d7fbb5d31028edd4c518a285c22d6fe7ddf80a19efed0ea5c434c78ac87df8c0036f79b98cd7ed39a8c4637e67b9e5f7d9f2bc6aa78886515e1f060c3c29c308ebec3c210d6da3eb8240ada0b701bb33369c637839a9173c388e45dd3b3815d8551e15d34466937f33f7ab4835fadd1906c86103aa1dc2a943bb28dfbaa9592c5d44da29464c34849263df4adaccb0396a83e452f0866a7d05cd2875b625ded0d648d2406820d368dd43f14870af0c0ed8bc555f693462af1f56fb48b9d3834eb1c0d6164a6255e027ab19ab7d00bef15c25dad615e00408943ef38d7890370e8a1cab9e1a088bac0f56585bda1dbedcd0f4bf21b477cece804346b34376211720a91edd44aed6a6a7abd47c64202afab1c7fab6097dfff1b6be2748edbccdb0eafcfb8a1200cec180d51dc248d5d0b4e3b2915bd059b6d347fea32f12b96ba8042b4a274db27b407c1cc8d53d5999752759cc25bbb8a2313b5ca31abe4b5ea56d5cd00d3b4e03ebad3121d0f5caa846386861938c7ec72baa150e93c2d79bd3a42eb44402bb9663701a7660c157db9e6d5b122018391a30925c934c96571461e3032a3b64b4bc1428ebe0e4aa4a9f2d20c16204b2bd7ee717783ad40cc178ba07dac58f64deb8984a4ec81607b1b0eae30e8fa40ef4cc6e10856b8e9fda0b5699c2afe150631e04f1895b63a6d039856d3883b13a6003ff0d9656ca92e0585dbb1b841faea817569d7e57fa879e3a8f8f52e3808fdea0d84ef576eec01b041685932aa11d1be60aa9098296d40993dcf98c0a5d629c6525ab02427209e29f082ccbb2d3f8cf8376746cb32cf69d363e3a782daca6da973d92cbbc5710f5e37160dd2cec4e999d6749ddd265481e332cad7776bfea39f3d82064cbea4eee8aaba5a211ee6b79a87fe01d93764da8cf75c650995bcc991ce4827626b29a8450b77a998c2f9dcc24ac814ffd4a4e418a5b0e468b53d47bf0f4a27ec91c1cc022f44b4694b67b563ca2eec2c060dee9da8f7278de6f9d37780c53632e82bf60ee0e3fcd27c5f043895ec1ffd0365b500375ea7e159077cae013d229ff018985a11fde4f88ebe20dc8e1330eeec7699eef210a007aed44014736ad88b711ce0adcfc4055792df2e5ced8835890f3ff8f1c603c6069308121148a399c970b271b081df9a52a1465ee48647c036e1c9fb8bf600cebfd674bc79e13c9bb2006a327a466e74955624b7d814ed9674810774be095396b93266a4e9b54257116c02205df1e2998f188b0b90b74bd3e3704c02f936e5e36fdf248224cf06e933cb62fa950d3a11077d70e47d989015b4b541c33f9880146bf47e8300d5ff9346abb859cf6e7b7de43b6a1e8679e35c44fbed6c5065b5cacda21353271e6b7fd5683487abd7eae26cce12b23aaf826d9d3efda8aff4b6951fd400f1a842bab553c669d6fc1e67904a98a4533ef190fb30ea95c18b2d1d130544ba950f4e0597de2fb88e248f70bcf8fefcbfca9817575aebec38ef5bffac0098822bf43ef5deee720ce0ae5b622dc41c9939f36060384f04deb609075567d56547469ed560ad2cdf0fce8166a8b80fb9c1f631e2b8221b5a794eda723c9cad9d540ec55c0344056183b8b627628540cb0325049346da817fac9b5e2d8aa23f6542525deb686ffa030e75f37c03a111ae6c1cba8c16d21c0334365e78b4bcecd2eb1a5756c54bda26c5a0fb55a553e330de185a7572ddba9a2d9c8c9a45f3e9e3df095b097f2f1be9e9d5160bbfd7e9b459adda261f45b73a43c17e083df3772897a38083d7e4d9c7e643b4279e4e5818b0c23c7156ba8af7ab817cac02d04588e0636389187d8cf2b697f0cfe1875f6cf91d5f3d3a329eeb1d55361cb7fea3f1d1743f8fcf493f85e1fb19d257d229609cbac0e05df2e253280c170c034486cc99473b30820029689c39c706ec4ef6948523d4b2054f99a378fec19107af67e3fad5699cbb4393383b261e9e78932e8ccbb1fc4e928c534559757eb9ed691949dd156da72d104b33f05c1d3dc7dc4385c426d9a5ab9f51c4ff9a6bf44ac278856be5fdf628c8d28735af7ccced4a13108ac32f44ed39cde19b84a94eeb5f8649d4c7cd9ccc8449bcbb8a8d6e33d50b74ef6fc1a6dc639f67ebe30cfcee2eb60d377e7de11053101935d9ceb81a4571e80d143c11988b9a1a8a25db353c0942d69cb0973c049c6543517bf0f72ae70bafa667dd46e65d78795e07fca699af2972c0213ccbbd109bd272c92d21fe23ccb6a40c23c2fc6d883c2e91efcf6776a6295144fd7b96b1b94c29242a7f9c4edd2b1fd739cc2cb3eabe2a2767e51af192b0299571da49e37e52329d8e314effad64a3c46e81f3152f7f702b811e4b782bb0b7c0f0f12d80ff5f2507d0e1e7b286b283d175cee07c142ae9fa6473a59d418acb63fb3952d87e6193810114ac5a7c397c9cc7b51843234cd50f21b8689ae7671f50", 0x1000}, {&(0x7f0000005000)="f39b519a51ac0cd42c2a8a6ed95a14774d03f65819b71810733a4ec74c5a2a15d767aedcdf600f9d00dd222af10a93b42c5644509352837406175c03646b015c72b260ba857b81881f3a21eff6250919be3792dfdd1536ea13caeab901705c760146624f7412bb7d826483209a475b10744adf93f1d16b14764c6359248ffaa6d5346e7fe2b98e1ebf", 0x89}, {&(0x7f00000050c0)="8db5533520a965cea6d12d4fe1d6bd8f83615149b8a5a1551bf7496d7a5e8cce89d3ac0ce7cf9ba869b9452ff2f17fd8e3543dcb329a117b89fdd9f074d8c86b78a14ee410d3286c3c13d4266e7e1ffabf01f8ce09e5b163b10050c19b31c7aea0150188ec7cf75f541208c3143e770fe63882f9ab7b5e72f4ae9a4c9726b3191b9eb1bfdd38f4c6190b9976ed76089fdc808724c281f45276577ef554f8ff75a0f206c9679b664848d3abd21586480828e7325b87b38cf3cc603fcd8717a11f32a9583b29544ee564d466e00f690fe8bd92f28d637bf31d6d4c490bf688b9597aa84cc0166832465b7101", 0xeb}], 0x6, &(0x7f0000005240)=[@hopopts_2292={{0x78, 0x29, 0x36, {0x32, 0xc, '\x00', [@hao={0xc9, 0x10, @private0}, @calipso={0x7, 0x48, {0x3, 0x10, 0xff, 0x4, [0x5, 0x20, 0x38d8, 0xb5c2, 0x40, 0xc3c, 0x893, 0x2]}}, @ra={0x5, 0x2, 0x800}]}}}, @rthdr_2292={{0x98, 0x29, 0x39, {0x1, 0x10, 0x3, 0x1, 0x0, [@private0={0xfc, 0x0, '\x00', 0x1}, @mcast1, @private1={0xfc, 0x1, '\x00', 0x1}, @private1, @remote, @loopback, @empty, @ipv4={'\x00', '\xff\xff', @empty}]}}}], 0x110}}, {{&(0x7f0000005380)={0xa, 0x4e20, 0x1, @mcast1, 0x8}, 0x1c, &(0x7f0000006480)=[{&(0x7f00000053c0)="610438ec6aeeb7e9fc1b36dfc46271d945de47c82ee74a5c80054f4f02e5cfde00757ed3899c1585c9dab5ef36f13f65324bd67aeea09171a9930a99d7e842d10a409159d40cd4855dbc46444f06b4a4be2427c44511a66a0e01c856bb8c0c3230840565de130be51ff3c8e263bde397929a39a2ab450edca016d28285212d8ce379282e42d8f6f4870fe0454a7e95c94048f4248178ba0e3f135d1a0eb8f466640406864d3336419f2eb56002ba1bf64c27dfc2efab5df97725dfed89b7c2bb2a58a9022aa31ec40a92f9c129225885d5e6515b1e2bd0130496a0df1ae32fcc8746b4a2e6184e34b553f9f050c590bb345e323aa67587ce036deb3fb2571558f1dc05e7a99a106b2162cb1d9bb9db0e796beaea501cef07aa984dfe8d64787262315a3e2883fa521f9444c65ee91e52d7acf1dd467d4aafd1600169095190f1241084cb4107ac2be896091338b369caf5cdc186ac4a63537ab1b545baeff9ba6d25c08e0d8de4513d2487115fe3743e8eb7389259ab734ab3a70a6a0295673cd2bcee8887101a75bcaf7fe16a42b4201a47f41b4baf2540ff7e97999fc527e28956b0266adce9bcf873a4f91bac354c158592863fb0dd23f1258e0fd897f0437d8e179f554ac25391d9bb0af50c817dacc5bba3e3e9401ada652375e696eb9f339719550370ec600c9b83be8d2537c0882f00f706bca2069db2fb8e7d4c6be16688cdfbdd11ceed1e9a0b164c1a4b4d578e3902344055c08e24fc6a15cf4409ba3233fac31bb30b49fee4a75badded758697009d316095c5a910c2602dc514aea00d7dc673a8f44c249a8dfdd135e5c23e34de1c8d802a077e53703ec4d5ecacf2eba2c746334606fb19079a82bc93e99b5edee7657e964578c7489f62fc174b40c8ac12f6f303d256896415c42fb9988a937dd291882c309c74857caad14be60aca0c828203582fd45c2e7a05369e506b11bf5371147f8bdc1ca5f8527de65d11beb71994a95fc16ba07f1cdbc2f83deb730c3e564266369645b412c229964f6d4f3fe7cdadec82abaaa6ef47c5f2ce828bc9acebe7e2b7469b59177828b9cc48eb54e2a3dfd42355312fd499843b708464abda63a0b4612fe8795ce0fd675a5009164a65305605287e6268c6d551af00c8d5125942eb8a1e9deff8b8a79651e0d0b5721224bbeaf53825dec929785a91c3a7e52ef0992b2ae885b36f26b4f3829cbf77bd94423024203d3bcc85bd735b9190a48646bdff8bcaf1edd209e2c70f3f4167271aa09f89c53d27214819921a5ead03e791f029e26d1a093ec3320a90c7478e4d5436a5a13da810b33780a8b22324d138b74af33b28b7dd7990ed70bc63f28831c63851c44d22942fa666c1d09ad451c0d9549a321240a8734f8013fcc3fb7d4ffdae312e945c684e142b3abebf03eaea11bdd46c15349331c5ee982984f2777b77a779f1863d13eaccfa1225715f5fe0860ef67c362eb9539dcc14520e5a007688d9c1fce097da24f8c833a60a4754de66ddfc676fdccbc780d89b1096191c212f43b5324a86b24c24a01941f041214c328e970abe2ffaa5774fd0d7718179020dd272cbec5d576823fc2de722cff38d199d248ffac18a201d1160969b3dc25fc6fb4dddc640accbcf7f696e0fcc82d7bcd049a05c255aec45f6c99f982520bcebde14b4606afb3f2495704f7ee3d51e776bb509116c7ce69fe4738464ea7b147ece461c42c33a8a1d7a88df9b5b6806c80bb1291cec858046f1a79a7cadcb44d4abab23a62804c82cd81ab77a968cf56c2e3ab5b40107399a0a35f4cb3185fe323182309a9f49d9d02649a9d8e8738bfb038396977e8f81d11a0bc0ec8ae40940577a96fb52fa7c4bcba7875e3ca042dccf7017b1036a03bb482582e5f21502baf989a71e5f2481ca4f5b16da42f50413e69a508b61feeb05f0f904a6d2f5012055e3d83a92b98ee0f7c435834be529b66ef26b45393e44df7e4c370d6d2523d32ec592e263886f71bc12297bad97054b4119ebcdbef9545221604a2381eea78397d581c63aee8464a0889d477d44214616f90d4a23ca11e428280cfee6a16960a79fd5464d38f2a4033015150970b1c27e4a011e20a5446cd479c810f27272a767957656341ddda9d90bf64780956d34fe8e183dbf66d80a2778d20f08e3e13c11df686dc4b43eca32bc5919ac7a4d39357cbaf86808eac740d2bd9c611a39c44cd7d0b92bae35f892ea96a53e5bbd5dea998ce793c63a0c6fc87b82db7cadf11dee147419517e3ef606d486d0dc26b09f659eeba190ea705268e01951be7cab8dd8108daf4cbbd518267a5406c38b0026d219f6e3e6474b0559d29f83b27df3886be2f32f6e371d0324568e623b9c01df96357fbe3b09481cdcb84287deb658f0735462800b2e047b73508b54ce11261aa283a1c0e065c43577fa1ec08f41f3c8e2d55a918bfe1e120f4acce263cb0685278aa6c07d561414a9db52e76937bd104c0051caec64c3d6428984a3ca2f42f107f1aba12053c46378941b784d814b59a2fe7328ee8b6d7a66e7c5d4175b4ce11ae0d4dabb44134dc7213384b0f90b7f41bf8e32f2165540206e08f467e2457565e4bd4eabe527903d674460732069090e4fb4ec6bf312172733121fc0e8dc2bc3a2157b52eb7864fad2161ccf1e6842dff02e258b6100c9fc41d88cddb9803f146f9f1d311dd5d0e90305480013d28abdcd7cf1503212f28cb81f4fd69f3d73901ce65d23297f42860a589374e6858b76a484944ff548a323b6fb479be29ce3410ec6616b012f0d802a238055fe7719e2dd265b4fc15d987afb35f3ea45b0f624381e98e65b6c6a591ca7e21646e9cc2819fe2f3fff02363e1578f9fca478c70c19cf4b2f4e962420660b634b5dc72872de3c8a2594f45cf0b0115f9983a84466ed124d4ad2a3858765de673d7802dcc6513e0ddd6f575362ec2ab446836745806fe023776efadf0841608b771f49eafbcc28db1c45ce339684f7e9dda81ef7114bff2bb4662a9af9263bf5f10cfaab943166d9aa1d1e34ce047e905a0843d50dc868370052b1e37798a2f2c6a1f6580fdd8b3d4329b0c0778e3151056e0e7c179561433b6ca1eb7e1f838bfdc7ad2b88042647cb521f86271ceb24ca3585eb2a5256157eb047b1934d08b9c447606503ceae031d30294577e420f70b66155933e9c11ca29ad6a76b1a8ef871edce1cd927578cc0035e90c0d78ed37e18167001a7c82938780beeee80ad47a055a4fc2b6ea9ca7933ca0974bbbad984716879bc149f1cfff9da7c471f8090a19d5c9b29b18eae3b58f4b2c044483222340d3a676d21bb53e173f12eb5c393ebf393b355d22adc984b453d689ce52abaca0051dc976d593ee0a936d7a1fd356b2901c1f58474eda721d09182cefa53513dee059c691c122dcd5ae55601992f89557795949bfb5a4d65a2d251809d0ad50c176c3cbd1c27227ab9ee37bbfeb4817e770ccbcc81cd365d83c91e802f5474c9e370cdad7f792343c70a584d29aa43227855eb5887d1868f8a43f36bd9e663447684d492ebdf10f31102587d3c311aede0d326a0eb114ec58d636f7a6a5587af616e29cf748aa64f45e4ab197af3ca03939d14963c081e811b3f95d9c8492a4d48f60ae1c004db98314a23a83c00c80b8b5b56d26fdeee4d8255778d036ae6528370d3484a74f9a7c34ddf78365e791c003544559c51aa6617b216a7bfc04864ca9fdd152d4a2b2e6f65937400307871e27320092192ee233da9f6e90196c9136d68af17d1bfc05aa757f7513627db641aa466da76e9717510bdc180b5efa2f0ab080584bf72b93834bb13b21c042a1ef703285588387ce0be50732f95cc6c90659848bae8462360e88cef5a8620516f7577b2247729964178851ec6dd73b29707861e438f88343862f1dc965e9088699c76625fd02f08d1b3888099de31af1969f87897e4268df0a10b72e306581d34cae97250174fecb5c57cf1864e35295ffecdff6aabbac86632ae8c9e938c809ab24cc4b8e4ed4504edb93e54af4776ed64bf4517ef1279b4f4ed6ff6858558a47f6c982ac51a78583884255e5bb4769f9c01ed1c8ec4c9b6450632c3ff5015ed50e60e76ef967de537e4114e4d94a1e0fb9e87cf26119cb8af84b98789b32415ae972a3db60d18b50d77ac4f93686be89e72118885dadae5763f73951491e346a3f0ea206157cdfe65ad4808ecc6ce2a60c39a95aec719261785f2606500f56e526b2cbda89f6803f27b4be9add76e4f7501e0ce46a4e6f126ce86b7f666c93a3cac1219adccfdd71ac48269a133ac9fd5c9337e86f2a9c2bffb348f4e5fa0161625c4fa552a7401c9bf8ba2377b1200b59896f1d93a83a3c01dba1b308157a1a5da16874c324a42aa361a5674f6d0f72f86efa09805e0560736366a85ba3557b08b6030393dd7f7186467ca5c1d24ba12a93c1cb56b59ce3ce39d904225c81a3cb0a81914ad55e4f5eae00b0d29ad6ed35bd7de7bbb3ebf3f6b8c4d5f15a03d4c4270f7ae046f1f0e2711cce26015b79671df74a2bfa4dc02dcffe29e0c747c2de2d7adea3030e2a78cd723555cf6add68116177a8c862d54091158396548b09d90dcbc388cfa56c01e6f04072e1452c70172fe7d68ea1f6bf9dc7201894b78f3dbec57a7c819f7bee85f3c97996774323220d19c570532823e76ae6dcb4293a2fe2ecba6f3d35813331ada5baaf015be6ee0bd30888b6c9eb91a01c298da978867bd1e1b6f8c0c38ded4978ee3186f27c41da61f706aad4486cc78e6fd506d6d81d6bfcf90d7a3de97c0049c24d39f5029134456b72e79029b476e227941ffa394f9436c92211f3b3e79ebd56b75b6d83c2b43c3dd039893728973878dc45fbb9804cccbc0c01c687db02b94c60304fc915a500a17c9640c7e2d97424b1485243eaca48f1b17ed50283b4ba714ac107e0aff5672b3e685f8da50d6837b4a5793e4f7f5ade861be1175476efceb56344f255002ddc54599db8995f8b72b43b2f9e13f38fb862df79718396fda7d61e9fb0564622272bd8037228d63de7ae01b652c5282395a557adfda3763753bf5b3674d93dd82c019fade15938fdb41095270db2c894ca89c8dd7da92c7e920d84fa9692603b30250b2dabf96db0e582d450b49ddbb730d578571c6e07dac939d2636a1006da26953979f13271e644c4af9b51523787ecac8f8388e3d8ed9347a07883a86d28df045e13cf549aa6d3d0d1b80feb367861e2fbdcebdc8fe6a6884e3d69b38acc2ac16d7429ed845e5ca2db3805cc1838de21ee1c8643879a476f5373e505b520fd8e954c0fdc87d616f2ee8c116141403c898ec70d8d56df020da1db36bb363b0dca7a1199db2a6749d189286b02cfe173cd443b0fd568858dce2da34c955e1e8a06220d4870ad77c5ee98fccd2a34ea25365551d1e55d2b0d528c69c7b33cd1ebf87b973e12260c8bdec934443f9cc5a7d16ea094d19aaadefa3d053e3d999f236b7f877a45c94412499cc2b85b0ddcbccfa1fab29fc2e7465cc6f873c2b7a12783fd9b3e8755e48ff273024556cb75185c166cab9ed72b954520958a5d263f10a2757a152800017b3dc027f4548a23219fc7ec0119cc89d859c34dfae94c2e7e0cb64349b26affbbac5e275bd5b083daa4ff57f12a3747ab9598deca3a1183abc5b117d0fd25ae2f66698cc3793b7f420f814834ad99de8e7160714ec69e7e117513c5efa4c6cebb48095b5c8287f2470f9001ec9c9576c87a20523d1103715d090e0b1de8", 0x1000}, {&(0x7f00000063c0)="d520718e16de50d008db2590fd2a1ec186f679abc3925f298e95e2f7de4e95e0b2cbcab8460e1b5806d992ebb502f5c1ef22bb8a446d79", 0x37}, {&(0x7f0000006400)="273af35d0d5e1a29dc1931cd520102e4f10a1143711b30e94d18fe7d350795d3132289dcaa95481318bd9ce54d477e31fa3eb5bea8a3ea29e7db822ef777b709f8c6e39b8b3c2a6c2d4752f1f0c9d880f32341a7920f003756b95490ba492ccd73e56ec9b20cadaa78ebd6a07c03f7", 0x6f}], 0x3, &(0x7f00000064c0)=[@rthdr_2292={{0x68, 0x29, 0x39, {0x2f, 0xa, 0x0, 0xf9, 0x0, [@empty, @local, @dev={0xfe, 0x80, '\x00', 0x36}, @loopback, @mcast1]}}}, @tclass={{0x14, 0x29, 0x43, 0x4}}], 0x80}}, {{&(0x7f0000006540)={0xa, 0x4e22, 0x9, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x7}, 0x1c, &(0x7f0000006600)=[{&(0x7f0000006580)="0fe64fb2b4b483baef71fbf119a3b2261f5649e1924c25944fa58392fb8a4906764337dcde6555eb0218d44010af1208daec03cfe9b755a3704dbd51a3828e0285ef821ce5d217736e161c4bc64b188ebe5a25e0475f3c7efda279eadb8cbe757277505758230f2d61b788085fb42cb6784d", 0x72}], 0x1, &(0x7f0000006640)=[@hopopts_2292={{0x138, 0x29, 0x36, {0x87, 0x23, '\x00', [@jumbo={0xc2, 0x4, 0x8001}, @generic={0x4, 0x65, "c14a866c1f6d277848d6c9e6589ec9608d7a857a30ab6be1f2145c485ffb38ed86b9dcacc2efb2c7314c8aea267f13a855100ed2a51d3ba277c8000192a25a07341b27ad90551f03d7c8332f80c98e608ea6c12bf0bb475641d1a0a5b45e62fbab66f6b6f7"}, @ra={0x5, 0x2, 0x5}, @padn={0x1, 0x1, [0x0]}, @calipso={0x7, 0x10, {0x0, 0x2, 0xff, 0x4, [0x7d4]}}, @calipso={0x7, 0x30, {0x0, 0xa, 0x9, 0x5, [0x81, 0x3, 0x47af, 0x8, 0x1]}}, @generic={0xba, 0x61, "cf796b1445fc7c4447361c7899acddea840de2c92b76d40410038de5c6e79e559fc1cb83ea556a5a67472fb1c0fcfd4c8c50c720603449a02a8bd5498f552dd8790aad12320140df834815959cc8eb6a21da16c6d71f5501250f5a833aa928a9b1"}]}}}, @rthdr={{0x88, 0x29, 0x39, {0x2b, 0xe, 0x0, 0x8, 0x0, [@mcast2, @private1={0xfc, 0x1, '\x00', 0x1}, @private1, @private0, @mcast1, @mcast1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}]}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x3}}, @rthdr={{0x88, 0x29, 0x39, {0x4, 0xe, 0x2, 0x7f, 0x0, [@remote, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @private0={0xfc, 0x0, '\x00', 0x1}, @private1, @mcast1, @empty, @private1]}}}], 0x260}}, {{&(0x7f00000068c0)={0xa, 0x4e24, 0x9, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x3ff}, 0x1c, &(0x7f0000008980)=[{&(0x7f0000006900)="0a2ff07d5fa07d2f4a82d7524c3c22cc471b0eb14958ec09a6c2dbe07de60e79cc2097fa1ec3d2a373821f1eedd1", 0x2e}, {&(0x7f0000006940)="7eaf31c3750bf5a688780dbdabe9a35ecf10eaba00ead92b3c0a027390c32ca685b51f4bb8fecce6f9a25e08c57cd996c988a4b02d4199b8172bca7159a3f6fc98ef93c418425b21ce5238e604d77538c114b70b350b1249795324c8c12d8f8b17266e9b219584be56167c7129d7d46896ca02f8c9bdda4f0c0afcb65e28f135815da209361863364325bebce52024c435d7dcf1a73aa4714401d9c419004da353091dd1c526c36a66291dbf785a1e04871607d11ae7452a377f8e273b71c226b94711440920586764667d9e6d1ac0ccb2bd3f32f5659d64f0f274e209bff4cfafe44fe05b4be3260079ab940b90e68692a8311bb2b118cf196fff39269bcc85e37132ab2a4219bc29b40066ae3bfd164a8a2416ea2db27c580af56eee85de4aa233067c30549dd29053168325533d1806323fb7e7af607e571a032d8231901f9345ccece749b93264f5154f7e3b6d22736df4a3c8a52721096ca7d8a8d05a5f8e2c6f1e5364bdd346779fb119894defbf60c79827f7de141383eff57cd6e90669d6aa8540de527717f7741e9174eec955d75fc719919c9de06ccf6f51d783fbfd43696e19152739209b4bb6fc4cf464e58d742a4c23c8ad3060050cef74930162865f0fc16dd19e4c21e249482b300958b518685dbaf75eb8f9d355ec68693f0ada04ec5ce1306e92492a831b51c99ef048bcefeae9064a540d2ad366852dd60d501ac350ce16f2400508f9334d5381f4ce731ee86bfaefe4a81e435f46bd3a8ced1ffc0d8df2b335f3bd74911c8f0e3b2093a7f95f9e1faae39f52a5f19a5826b77c98a3f155225a3898ea3bfbfeb1b68d6490bf8abc3c5283e2e6233ed2ebd2a43169aebd4baf9a162a53c24b2e2a6f78e76f092d8ff9dd48eb2f75452fd2a5deac7f97f4ded8b6718cb572566db38e0e87d7c6d9966aa2e269cec2887187b8e89b770974b36aef1952d347c710450fb54e9f7a2c5ea18c44640de38cd80b8b532995bfd1e21fc4acd12ee4c3dc2acc647e28cd9cbcdea849d841713a61b266fbbf4f81c0f03b8476b6b876112d9e17e6cbab260053746f6b0e448469f51da80e198216ad546c7472cda32d858ab5ec152234ab95f84d72cf2d446bf5740dc805127d3e40d35f5562468b5d1f1270f7cb1f1562aaf1e2a6aad6c73385ec3ff38b00eff2dd859f995578abe38c782c0058d32f49bcc06f925a71bf860781e223e9398fd3d947e6f153ea912220551c76f7bb1b976039a3ba908518d9a096d15e76f417c3a6ff204cf3cc1083b25e3605e596942ef77235f3ba9f0ee7037500f95bfb6e20800cfb5fb731e8092faae4f5ac8c631c3096bcd797f1faa3a1269e727fd3a20337ffa4182cf57d96307b986c52ec518d9ee5f5a3b3a14e05ceca460176eabf072013d4d61d6769b56003b789c5c2d8e01d5ed1a753e6088ff90d2be18154e5c14e397310ba220b9178cedaaa1c3866a6de5a84cc7a7ebc17c187ec3c4c24e4a27d33456f551875709bffccc3e06e7037369f8c5928b833f3c65f1d4afcb77cf69218842cd02df118fd24dd88b07aead9f827d9adc429de311062867d1b1c23fe60af01759b53a50cd98875b0960821fbcdc82b8e0f9649d8e05ae20a95f3c9a88a146f977804163569afd1f1f11dee7662c6aa04ec4672021e0b84ed827d3985841acd6d8ba5da0ae5b52c8e5decbbf9ddbd5e7f429e5427dc1b7c8926163a2067e031d301ebb345d2cb961759eedccf9330dded035c6ac3c603217618d284456b769c672f6913a472815955884eb1989e8ab5b63feb29f127e8bc9f243ccb4d94874eeafa272dd0a03e1ce03020ce1120efc6b874c705976984592ed3b2f73788fe1e309ea96280f4ec5451ba75f2805e5bdc8e47968ab0d14e65c88230ef312871230210e02e442165760316a8de7c4a0788f03a15b25b0d1acdeba13291982d659c4b7a675764bbc64f9ba050c7b9f6ae21d0a2dfbf9b80e7507bc3144662ce2c1d8ed49af469eb5052ae2aaa55739a6cba196e3f389c21a9a35df2e110cbfb0160007c9729fe7a4b0cdcc1b1c7f546f4ad27df4a2be18bc7d816c7ecbf9440c3aeb16ad3c1747cf891734441ae9b5a0b9bc15819c454dca3290c0b71b283ceb37dd1b914df1d21fc09060dac017cb8a06956073d501619727ab551f76e32a59ae96de728f5599c0bdd692b8859fce3505fe5dcf5cbcff73eb19bb3d2240510c508f2aef15e351301f0ac1b243f951d7ea1d2d2ecae304b3bedca3c797d13933331faf6b04cebb489d72b8a5a110d90fa1977e8197027514c47f757fb692db6bd17421246a62a29e8c5e92308d970f2b13216ca367f19eca8029cc085f244ec3c1d76e9184f5a9a4daa31ea334c7d025b864547078ebbc8089b4f65a6a1e88c1e988b47605836c0fe3153d7ddba09f2d5ae242a5bc93a6000c928f9e5af27a4476a487b8456056901776e1ee9e78d5c6c51bd48b4aba1cf5f0327670dea38b0c9a313c66f4f2d04ad951b2af9e8144979b869172c16fe29a5ea8b8446328696850ef5fce14836cb4600d7a10cf14cef04192c0c3c4fd1751894038066a9c0dc152360d1903b9d9b8d550a8a90a1b736edb20b4e18b525393578087f9f6aaa0cb9e6d03ce69120b2a4917618ed121b9d49e971e520a273d37028fc6856a7a595dee5149e16e910666e2c7717250d891c7d758c0a17dd0faf8316999c1b3f616e11e2d1bf2db7740540fabd11b20551a0c9cb650d73c921a900152c61da6574ee255d9626754caf213e0bb1f74423ebef140fd2a0f9bb66508de9d3866875e76f8f21298c81bf8501b09b6978c09ea6d5c6170c273a20d6ecba7d3b83654bb6ba79fb26583d1d96f1220d2dd2bd8185a46be31153fe0b70d7a70a87fd3bc5e416a9793401412a90493682ab3d4b3c787a44adee3f27c2d3fea45cc8c461a0310f9eb584ffcdb0ccca078cd9452e0203cc77d67c7a95e41741c59a617c3c13706bb3be6c1f2e36d622423c86b5801b224b760fed0e8cfcab932c59e36e8720b8b587b6d199db7a3e7eb1da5485c1528bf5f4c4c10969e5e04f170adf4a3b2b1d4e246f237e694df1119f2f31bedcb05de00fe3b4be6d5e02b0f20b36378ec59984d1c3c116595f7daa812c9f8672e7f56e089d46af979d9dfb683562ad6171d9a9075721184724e44e16770ddb5fd96799a2a5eb600b9aac2d034c5bee6b058be3f33d01257795ba2496eb676ecfe24d1140bf422de6f9e59e8c7173d374a50da43df72b71ab34cb6e08fae264b745b8b9c5cea38fca7c8b91125e7c91ed73e1bfe48c2873962c2cd576127bb1aceefd9d615cfe38ab6e802bcd2ef4e73067b3cd708b9debc9c3e8c5d6e1c55b64515dea231dd698362c607c0ccdc0cce706b2a85a6b0bce56c3c8f19404fbf05fd310bccfb3c30de8adef5713b55abb2e822ea0195495514407806ea5229470ecf3610b0130be3c338e86268aa7afd02886bd16c6df1f9a4f8e10a7426923234aaa63e36d42a8e2b8cd33eed37d94f52e177cd3531c3b5c98a8040b27df4d87baea8e571f936138f657d36764af13281bc147797b7364181780a0ec28c15d0ef4bca554ae584a74ee993ebb39c24d41d444d1736fd6e5b779951a24a93e68b7f6609422b30f98252c12855958dc814bda9fb447daee5a254f507d3b2d7cd63c2f9449a8d7f1b463936d19e653b196e0fc62a8769987b43b564160a238fb01b168b50c1fb181de9cf6399a8fcf5dde002048680663571e18c3c77696ffb80b0b096081f65549aa33912ac16c4e5cc95c9090e3ae7153b390beb478f6e4ecfb89be324fa67795cf2b365b484508079fd1845c5e15ca6e50ed7309b1c962105d2fec4ad23326b4eeac97fb223d0025d7ab430260eb9a3fdb845cf64be4c828035648b90d70971525a54279f81c16072a89b3d839b2c74311cb86e8697397966defd978a1565c3032d2761a3092f75ef8ecd38e4077176f6ea4d46b43bfe7d949bf28c9b2d910b6867d551790825a0becca28d0099b79d428df4911609bd065b7e024423856ecc64e66c0fb7e8187896b4142ba773ce5d8172bf84e91afd2ba2065c24a74e835dbb59b343be0ec14abce7556765a4917dcf28ad1c2a8a38ab2c29546d8022dd407e7e9954e5888f47b49f87feb2065827ebc4160bdff377fc90d754a8e2e450b708c5efe3edf4525d8d42bf072ffbf31148198ef1e201e26ce620322e1478232a1078619d386bd9722dd45369ef32d9e3183446f60edb641fb15367f53be2f9e5d4cc4314b4e5f9a22e431d9775a27c42d666aacc3e79d3eaa77167c14e43be38580445a0d0ef31a46679576968e68367ccb816187c172fc1b8242973772aeb9c0512671075a173d7bcf78d7a59d06f64c121e255923b762a793a6b4b728292fda0d1f361d79c54ae48dd3a26bbbb4ca51de66e660e7a642e59760fee80e25952f4d05c43709cb721ffcf4a994bee4bf1b922f304e608a2b7d62c5d5eb980d59af011f9d561b007f0bfe9d34fa20dd1c2f2d373912898505cbb8798cc893f75736e150ae79a452e816a90ad8f204c7cdc0abe2a05ee11740268a3de1fd92b04010b078d28aaef07c05ce834c8ae8aada50baca4d8f6a8576a22ee7a5b79448764965146e31cd3b120a58a6c76302308352ed0a78a942324c95aca363281dd1bc93589dc6f409f0a4dd7cfb73db29aea93372f34e0bd67104787653e049c9b41d2429637d83c4c298d3c6c644f7220ced9544ae1dbdec224041d21731e515341c1cf255981d7539be8c31467fee6aef6c40a694079f90105bb8d3674b44c218e5fc24558017f3de043bd26bef3e5f269503d4227108f7f0a4bcdf25bd5c6ece9a4598e847c1d1ba9617478b96de8712e2828f4b30fdf2ec6637ec22df6d510ca36a95ee32b794100f710dfb33030478d06e62da9e4029760d087b6c554ddb3aa3835be01e804bf5c30f9be0b33b46a98c339b813a7b2d39a33f9a155c4fb8bdb2c1394f18a6185e01c09badd2c51d17c6328bc5d26e684d042080a234f6a90ea010b0ec4858ef670a20c19c1663e84fe63e2c48bce71330be07e19eddba5d5b50b1ba8cc7d4c96e94e2bdacf1d37668e6a06899c46a3905bead0a461a0227c169395976f96b1c86452572ab8e8c0cda6283869e187fbbb4e436a2ad5b632a4d74ec8500a11693ab57c24e4afddaadf894b07d85dc428aeffa867d69a261ed18e6e72a4529cb20356c7334b7ca5a63641bad64be426a78336129befc42be08b6ecefa2c668aac33dd0f40a8e8e9a211b5e82d17c4f1a5dd6f6a6d10be3422999a81e742612a70b9c9509fc250113319a5635b28c2f7e0a777225d571cc4c49a0598d5338d8567cad45a1dccf0f7c2cd4ece0f87361a22b1e2ab939277665bd744ea882393f76c05163ae2a589539be76ce4cf2514a2970308e945da29aa813286097b6fed26ad78f358d8b2e29c56537ac0a7b071c315a3f10c3c96263861cedb24bb5d7ca91a54c101653d1a91c33ab135644d21f3c9d681bf1c8d6d4ac5ec96eba204c9321705f92603216898412d481e7e0d30b78889823cd162e93c78fca1dbe14fb09a00522c3c04cc261c56ddaae2a95480215ee60763e8a669ce08f7f800d02fcdbb7a337bf93703deaadad74f79383a966f9ba1ff5a45b56d351b2071782d7519443f96111c811c04a4268be9d7c41e52e0997af59742fba816fe2cbdfee1ef94d0038a18ebab16b50545e2b22e8d88436cb42e2e531c4bb3c6089d03f82cf2b2af6b33b8f38", 0x1000}, {&(0x7f0000007940)="7bde8ee3b083217968eccd59de1b7fa6717361f92a2d11d2961f333f2a7511dee052a05cfc19f17a00a47bcfcfa2e87de28318f9e65994ad35905cffac719b28809de2203d11874533deaa6c91b988c8532ad3bbc4428d2a0ea4a889dc8edf39bcfb44089b03dc34a7512e6774ff0fd0e7e062853b74a7a8d4e61c7ae17907020a2f766a8657d86542a6c3d0cd0766c58986d61408a18fb31f9b3385e9ea19f3a9baf20207ac1b7c966c876d6240cca015fa22617c9325c0f9a512e244ee5931804a47b79508b4941f33f3e88f32b421375b4ea5c8c26ab14f3f03238e2bf915e5d3fd7943ac6064c6349aca4db6f42a580a4b1ac4af412ef90912d7f0c052565e7be85210ff1e4588cca9e1614498af541586ad57d795c8850582d756041c92d70cc997acb65c8fdd0e9159159b425d2780ab2eb034f247f6ade91cab9eb164a9b76ff8f259bb36d954ba1638d3e701e5f5ec8ba37750fd0684425997e94fc186c9f91fae158db69a3f323de67f28874de55cdcbe9ad5470c3786bbf3a229d5351e8d6d014291d90314f7df4444dd8d1ef7e2c21f5d22690b8fb7da249fb083f834992d59dac0cb5188b7254ebfbec5517329ad23533f3cecf6ffe89f78ca50b3e97b0a41509f9d4891c9e0f8728220c14a6705cc9011549942f6b4345193798f1209793b10c580a0afb542adf4c8daa565530a7b40881808fdf42d3b8ba1a1d8cc02de9e6e153be919ffb7324693a30965926b296294613fe9de71f3218eda1712b202ee3d069f60345ef70711868b75a3ebb8b5a6045dc87e9d4b0b81eb96bc52a39407346bbd8ad8931be067db12ee79f6f2c71d84b1e914e3f2cba5fe62df73d89c0ec4f0b9ead4dd21741690c134e8c3234cc0e824d6ce7f5db3f75d09d9ed4258f5af14d5eb8706565ddb1f0b584d1873c695f0c6695f13a350df6c5d2b01181fd3a7a35548b5fb4894ac6804aecbf05e6fe605cf70fa1194b32df87ac1967bc4b0ff87e68e1a5e73e7ae48b131156eb67fe9f87483640caa5aff758d5037b5ed5da4f554fb5d12c4bb9b171cff6527111acac4e41cd4359e2cc7e7729597685bb796bc1f84906a576e072bb69cfb2d7e72c32e0ee0fbfb43a58b7814ee511d2773ddf6b39432d16da3a843c63566b87bc558ef55de6457ec2300266b5f721c2f65150aca916349ea02ffab43a1076d6843496365c79daf83db33bd398ed6cc06f2e6630c7e93f644366355537866202f73a48c76be6dab342591a967cdfe7f6fdaa94fc532682794f8f555848a851cf28de8f70a83d5a4b1f50f40c9c2c8460acd82ccc91b24764c7638e15153178dbb9623a5a9d98b0e9232e46defcda8eb9e74fd9da00ea337f713dcb5465f1d72395e8546941e15d5511510847ed0bf826ff910c2fc887a4450ee378d948532f9d54b7f0e00e3b23837646c1f0f51999380ecdb96156dd3f9845deb8c39e5be448baef6d3a81584780acf3958df9f18056fce126077a0a9dcf3b628ac395e5557e9b7853290f58be606bf3721d3d93fe0f38b8ad88f0594a605e1ebdbccd1b37d976fee2e12c786918475a3a18310a3e60bd658844c7ec654e2ca6fd7c69f2141f6698648a2f65c04e966c53e6d652b690f6d7a43ecaa1c64b245ab1c1e0ab8b73516df061843cfb43215e48b11d62d192426f8a581e216f08418d0222e43b9ba0e275234b6defe1741f2759bc1c52bb39b7f87dc907db7ac83a9c2a5a2d791cc385e5c22736e8e00ebef70e58e34a27568e9725b321b246b332c351cdccbe8324905e9d72c5c9c1d95305b95b8959d52cc7ceed557b6defacce3cc70cddb41f70366f2ab06107e67adb156654dcf6083f48a36dd61c273f75fb818ea8af40ecf8558c786e4dcac5436f32bb6fc701443b48dadd92dee084fa2a2d65421390051fbbd4f6ff4633a32d3ccc95e7063390e342e2c0db3a232ddff8ca1593d7e3e2159cf056765487909fa6e4283c517bc49b5d4603adcd5c8caa891aa8c73d31ea62e675ccf2250020887b36c177c9127e81c4b20a9987c8cbab632c1272d1943955d6d895e6c1f9299ccb8d60ab0050fc0acf48b5eb249d4434ea447c91327e65b273f0bfd9afd28ecd114532972a15600a6e1ae2154db9622f9e044f46f1450940250e17cde07bfd661436cffdea412f200cbd1b3f250d2e994ce11ade8cf2258e8f02297afe2c4712cb151bb3d76c6e06c000392baaa48767b89669dc56a429ae17ad1cafb7798c50d703c97ba49777ec8951bc30f5e20fd426d80bf3b2e6aea8f349cadbde0263fb30ec1e6a5bacc803ed75465dcc85dbe90be5902432ea8c4bd2b01d422371a3cac38e480f95584adf06b307c070e246dbf221a7ce21b6ea5013a06f03067bccf8ae0b37d65b3b41131b840ecd4b6f708e9738e38e82f0ebf580a7933711e0d112f59d34438d0ff4f6cb5f2d6dc337375633b909ca9d1460629333c2d550f4ebeaa13e2b42f3e90f5c8a183f8a8b761db317d3172342b588c1685e8c765248fc838dd6c55cb9d2d74bbfbf6635ff5f844ef31659b42985f201a53ff8792f16713db0969d3721483bed770cdb214668e481aef56f492ce42fe3fc822770148aa3366eb6ff5d167e0aa8454d503e620e2ccf1428c1963a37cc083b26d471fac7bb62d9e033855d98137667d09f3639cdaf323807e8fc1e6b2cfe730825a755b300b70e724a6d2a4b19d4ff4096397962e7af5c5236f7507240906b7f21458b4625a60ebd817edf65e2333ae1434de38b75e716034d4b66504b0cf812735500ee9cbd4b2d1ff9c223d43ed84172cd5a3fb0d9dd1b311c376f1581f711c571e563c6de4a6be55b4651afbda896d19031ddaf64f54a056884de5be5d2571a549aac0e98f9e95ad035c1375d7372f8043f1de45fbf905996e0f328ae245596382f28ec4fcc53b15a052580c15a6b1b2d16635b5b822d37dfa596fabfee36e68af3d53605c6e18c896e9cfe8e0eeea7752976aa414aae0de0921fce3fb66d1b40aa5f6430f5e426bbd75967d8c55666097f19510843f4beb08783169278815b8d5280d07a4753bbc0588c71ecfeac33c05bed2ab95d684ea11143f931720bf05db305b3bea325dddb8ec86ed9f217b017379b2a5c8e0aa144657e0ee57cf5cd11405786b6c3346d98f82e6428823e604feadcd7a892eb5152d44e6fa6fef583a63f0e0a8468251ad664824e2c44fee246543c3fc8ffe22a071230b1b36e07a9d81bfec64d602d105093d5e16779e11455c41b2a95c1ed67ddd121b6b7f516aa09f50030e9fce3d3e6a6e5e9f40d41b3696f567f2ff8d62e5e7e758813f51d306c11f24dfc99bd602bb8b4f384d82dc161f101984dd8ee04df3ee76e66ec8b54f9ce260a2828100ab7b3796b7def2c930a902eae57574f984031d95b0d08cdcf851ff05701aed12beff8b3609daf53a2a1f647028f6fb6ace8b478706e7f261c584aff1389604cc5552f1bfc3e7ed23a525bdfc4d7e774bc08134ad099f0d689aaeef2fdf44cb18ffedc78e476b61c2c06deff89cebebc308c04251cd730a7d5c5f2eb83d62aed487b9dfe136ee7853f0d0926bd56e69f1c7b48b522a99b66446d9c89d23e768160f97d0463eca4a1558d6391d5ec40bd7886a0eed2d979fd36154450c875c2e1d729f1a5509ef977d40449b5ea0df53df01b45cc77e105d2b3a8cd3624b99bee3164b02e2330bac6bd6249b15743369f15e4fa049ac5dbe2826c1dffaa922733ce3a907634d1e9e49f9417a285b9b881b6ebbaec279fc38554b2338c7e7aab18a9ad75b29aa56813fad5e86b5bd92ed6a0d176f3735ed485dea6772c4cd960fc300b75b3067f4d16ab45def5406e377e3d6774ed4ba29b8a12e4b1b010babc0e2093517b13a5e066d008c43ffb41f8fb721771f31b6d0811a98e97bf79d1226a8c990886121b73647821a31d94e14e698e69bf872f957ad7d2e202ccd5507cb47aab33a78f24b15b8d7c08b6e6503917c5c6778be9e0e261c2a5e4fa48a910be4670b505075507ea3d10f22c096b512434bb68615c5f948d2e1302443a42231004649d83e8bcefe82917d4fcff24abb5f543a561d1914854aed961000ec77056ffb9badb7c14b6e048467748956c7f9f019f6c572e39f883ee84a4488c72ad9c685dd1a4d034d186eec418b2bc6740d96728130dd68fc2a8801cd83657e5869ef269867a784b7ca5f7dfb81f7a25c775db7ef2d419f2faa200696bd92d687e3235e0d0e05b3adf3e94a3135017780a545e526cac881c73bfebfff91b319a2324db6acae290bab0bab3afc5aa4ee987cf53311178e481419fbcc320c6a7052e03cead85bbc5ae67b53a2ec1c794ccd538bc8de614418ffb4b066c7f06ab2311c916924f5bf2affd0e68a1956eb8f755514a5a95c1dc480ceda0200c85f22448a99fc2a98bd043d4c38a3739bf9b20d14f8b5d29c02d84232455b5a1a72b65a61cbf6248095e86329de2026b36ec5f74e8ed90989db4f601ed059ca74fce684e56b90344cce627b1cc88283a8e4681b0adb7ae1a4985e607952fabfa4d7c4855724e2746463e8156701ad9de2f799e84ac83ec7e2140443dff0215df52a1a15985b07be537b603d79a36181bf192e5ea252de0dd08802ec023f0d83f81cac280b3f1d414f751f0306e95d46b44f46060d3f6526e3e3165409f513adc0283bfd5c7dac8e427f831a7ece58bb87124de735b6b439ad16e61388a99ebeee28250caf5cc0df909ca31e6db43caac6a48a42e83e098955ab90ab1a69cf0511f4fdb61d1ea42d0a7ed5fac751f434d9167409dc7035f59d9214b2bb7b59cf41f1017d55beabf04b8e4eedfb0a05e6c9807648d7be326ee31ea30e80533c6fca3e00d0dcb5992a5aff2ccd03f0df7b8a0ab2f9c83022174911c7ab4efef9a7c74c07991b5124531f30665de20bcf498f962280e4ac5e38927d776d605597bd9dcf6f9f574564ec7fa35f7347635896e74bf21306b251cc31371ae87c61eea60a87440724272ff85ad3d51a5aef8098aebf90b9bf7dc14d1eb871498c07b6e0ab33a7aff534d8cccd689ae1b486f094a46384b25b136cdad0e1ae2e3a8565164e5e99300a94c4c33f60c3d9fcd2dbd3c065a9ca5295828ba81263df1d2cb3ce5ddf46bc8f9feab7b261579b56546529aaff8c7aab5130bcbc5393eff69484009e49685445c74991b2f7798f055e6875498dbe54091e9d0d34648d029d62d1f6517cb193d941e2282e0d1e74f50a6d935b5ab356e4825ff6481e7ffaa706f0a7dbac4e3d92c45bbbd44d4e14e4f17295a0795a1c91d023c156f77299a23d65eabc45f1834bdad0decd7ae1a14b807b4b2c62c7bd2d314feec7ce047e44a02ecc93cdd0d77f97e69d9b94b237b1ffe5968a72a24ee29f08d391b9334f6c54af246f7245e8dda1f125b106ced94b39a599d8451cf17834fbbae1d2ab7ad1d6e3e5bfbf791d0d62d2bf56311f27d29c0724307cbc3b83e9a1944b414cc6190956d4ef6c8eb40a6fd6d200c7166ac87a72681da3e653fcf5c5ce9bc8b660916a012651e5fde9f758e0723b406d12bd4f500b12ec319e0bfa00f6a7980b0139a31c569e6e9a6eb1cafe2ea9d883fab7d90c989adbbe9ad1e2ca38d3beb838ddc5107e875911d17589b069741e19474c9c3bcabd4fb52aadc8baf84de9ff0a903dc1b386a2f7b0db3dc06e4fa4e56ea3a8242f6a338dc8417e49b4fd718961f588f045892d33a473c65ca9edf39b086f231cb8d645c79807a2ae30ae623f0136aba6ace3920cbe9f07f228", 0x1000}, {&(0x7f0000008940)="165a3c9e3ebb91f229943bda83a229742e2ee3f74269", 0x16}], 0x4, &(0x7f00000089c0)=[@hopopts={{0x40, 0x29, 0x36, {0x5c, 0x4, '\x00', [@padn={0x1, 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @padn={0x1, 0x1, [0x0]}, @ra={0x5, 0x2, 0x592}, @hao={0xc9, 0x10, @loopback}]}}}, @hopopts_2292={{0x130, 0x29, 0x36, {0x21, 0x22, '\x00', [@jumbo, @pad1, @jumbo={0xc2, 0x4, 0x7}, @calipso={0x7, 0x50, {0x2, 0x12, 0x0, 0x6, [0x8, 0x1, 0x9, 0x8, 0x6, 0x52a, 0x8, 0x3, 0x706e]}}, @jumbo={0xc2, 0x4, 0x1}, @pad1, @jumbo={0xc2, 0x4, 0x2000}, @enc_lim={0x4, 0x1, 0x3f}, @pad1, @generic={0x8, 0x99, "2b590f8c43efba7d14d4bc23a5456cbd080d10dbd09dda1426a4fbf2f6596cf0c7780568f8b30a4145f701ce784bf5d3dda782d0759e75ab1cc6670a24a677c11be57e6b631b4ca03d831727d2bca5c86dee430f5fcbf86524825a5d625d837dfd7724f2a84047263eae9d8ec3c848207690b954c0265b84ac153e04651aa8fe83cbc0afa92f24a4310511a586cae74962be8a930cf6009902"}]}}}, @pktinfo={{0x24, 0x29, 0x32, {@private0={0xfc, 0x0, '\x00', 0x1}}}}], 0x198}}], 0x8, 0x0) 11:48:07 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0xf000, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:48:07 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x2000000000000000, 0x0, 0x0) 11:48:07 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) (fail_nth: 26) 11:48:07 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x2000) [ 2580.711953] ieee802154 phy0 wpan0: encryption failed: -22 [ 2580.732283] ieee802154 phy0 wpan0: encryption failed: -22 [ 2580.766270] FAULT_INJECTION: forcing a failure. [ 2580.766270] name failslab, interval 1, probability 0, space 0, times 0 [ 2580.769080] CPU: 1 PID: 18586 Comm: syz-executor.6 Not tainted 5.10.183 #1 [ 2580.770770] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2580.772816] Call Trace: [ 2580.773455] dump_stack+0x107/0x167 [ 2580.774193] should_fail.cold+0x5/0xa [ 2580.774954] ? create_object.isra.0+0x3a/0xa20 [ 2580.775907] ? create_object.isra.0+0x3a/0xa20 [ 2580.776854] should_failslab+0x5/0x20 [ 2580.777628] kmem_cache_alloc+0x5b/0x310 [ 2580.778438] ? ext4_es_cache_extent+0x2c7/0x420 [ 2580.779375] create_object.isra.0+0x3a/0xa20 [ 2580.780290] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2580.781323] kmem_cache_alloc+0x159/0x310 [ 2580.782138] ext4_mb_new_blocks+0x64d/0x45b0 [ 2580.783038] ? ext4_es_insert_extent+0xb10/0xb10 [ 2580.784014] ? mark_held_locks+0x9e/0xe0 [ 2580.784842] ? trace_hardirqs_on+0x5b/0x180 [ 2580.785710] ? ext4_cache_extents+0x148/0x2d0 [ 2580.786599] ? ext4_discard_preallocations+0xd80/0xd80 [ 2580.787636] ? ext4_ext_search_right+0x2e3/0xbd0 [ 2580.788585] ext4_ext_map_blocks+0x1d68/0x5850 [ 2580.789551] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2580.790585] ? SOFTIRQ_verbose+0x10/0x10 [ 2580.791406] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2580.792433] ? SOFTIRQ_verbose+0x10/0x10 [ 2580.793270] ? __lock_acquire+0x1657/0x5b00 [ 2580.794131] ? ext4_ext_release+0x10/0x10 [ 2580.794957] ? ext4_map_blocks+0x5e0/0x1970 [ 2580.795851] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 2580.796798] ? lock_downgrade+0x6d0/0x6d0 [ 2580.797676] ? __unwind_start+0x523/0x7e0 [ 2580.798521] ? down_write_killable+0x180/0x180 [ 2580.799446] ext4_map_blocks+0x652/0x1970 [ 2580.800273] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 2580.801180] ? trace_hardirqs_on+0x5b/0x180 [ 2580.802063] ? kmem_cache_alloc+0x2a6/0x310 [ 2580.802940] ext4_writepages+0x19bf/0x3350 [ 2580.803809] ? unwind_next_frame+0x13ef/0x1a90 [ 2580.804714] ? find_held_lock+0x2c/0x110 [ 2580.805600] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2580.806600] ? __is_insn_slot_addr+0x14c/0x290 [ 2580.807538] ? __kernel_text_address+0x9/0x40 [ 2580.808419] ? unwind_get_return_address+0x55/0xa0 [ 2580.809428] ? create_prof_cpu_mask+0x20/0x20 [ 2580.810364] ? stack_trace_save+0x8c/0xc0 [ 2580.811213] ? stack_trace_consume_entry+0x160/0x160 [ 2580.812268] ? kasan_save_stack+0x32/0x40 [ 2580.813126] ? kasan_save_stack+0x1b/0x40 [ 2580.813968] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2580.815007] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2580.816001] do_writepages+0xee/0x2a0 [ 2580.816789] ? page_writeback_cpu_online+0x20/0x20 [ 2580.817808] ? lock_acquire+0x197/0x470 [ 2580.818620] ? create_object.isra.0+0x3ad/0xa20 [ 2580.819580] ? lock_release+0x680/0x680 [ 2580.820396] ? find_held_lock+0x2c/0x110 [ 2580.821246] __filemap_fdatawrite_range+0x24b/0x2f0 [ 2580.822265] ? delete_from_page_cache_batch+0xa30/0xa30 [ 2580.823345] ? mark_held_locks+0x9e/0xe0 [ 2580.824181] ? trace_hardirqs_on+0x5b/0x180 [ 2580.825078] filemap_write_and_wait_range+0x65/0x100 [ 2580.826111] __iomap_dio_rw+0x552/0x1110 [ 2580.826958] ? iomap_dio_bio_actor+0xef0/0xef0 [ 2580.827886] ? ext4_orphan_add+0x253/0x9e0 [ 2580.828749] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 2580.829771] ? ext4_empty_dir+0xae0/0xae0 [ 2580.830613] ? jbd2__journal_start+0xf3/0x7e0 [ 2580.831538] iomap_dio_rw+0x31/0x90 [ 2580.832286] ext4_file_write_iter+0xb26/0x18d0 [ 2580.833244] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2580.834179] ? kasan_save_stack+0x32/0x40 [ 2580.835017] ? kasan_save_stack+0x1b/0x40 [ 2580.835857] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2580.836903] ? iter_file_splice_write+0x16d/0xc30 [ 2580.837881] ? direct_splice_actor+0x10f/0x170 [ 2580.838807] ? splice_direct_to_actor+0x387/0x980 [ 2580.839787] ? do_splice_direct+0x1c4/0x290 [ 2580.840664] ? vfs_copy_file_range+0x4f8/0x1290 [ 2580.841620] ? __do_sys_copy_file_range+0x193/0x420 [ 2580.842650] do_iter_readv_writev+0x476/0x750 [ 2580.843570] ? new_sync_write+0x660/0x660 [ 2580.844408] ? selinux_file_permission+0x92/0x520 [ 2580.845429] do_iter_write+0x191/0x670 [ 2580.846233] ? trace_hardirqs_on+0x5b/0x180 [ 2580.847126] vfs_iter_write+0x70/0xa0 [ 2580.847910] iter_file_splice_write+0x762/0xc30 [ 2580.848900] ? generic_splice_sendpage+0x140/0x140 [ 2580.849918] ? avc_policy_seqno+0x9/0x70 [ 2580.850745] ? selinux_file_permission+0x92/0x520 [ 2580.851737] ? lockdep_init_map_type+0x2c7/0x780 [ 2580.852711] ? generic_splice_sendpage+0x140/0x140 [ 2580.853724] direct_splice_actor+0x10f/0x170 [ 2580.854623] splice_direct_to_actor+0x387/0x980 [ 2580.855586] ? pipe_to_sendpage+0x380/0x380 [ 2580.856474] ? do_splice_to+0x160/0x160 [ 2580.857308] ? security_file_permission+0x24e/0x570 [ 2580.858339] do_splice_direct+0x1c4/0x290 [ 2580.859194] ? splice_direct_to_actor+0x980/0x980 [ 2580.860150] ? selinux_file_permission+0x92/0x520 [ 2580.861160] ? security_file_permission+0x24e/0x570 [ 2580.862171] vfs_copy_file_range+0x4f8/0x1290 [ 2580.863103] ? generic_file_rw_checks+0x240/0x240 [ 2580.864087] ? __fget_files+0x296/0x4c0 [ 2580.864932] __do_sys_copy_file_range+0x193/0x420 [ 2580.865920] ? vfs_copy_file_range+0x1290/0x1290 [ 2580.866882] ? ksys_write+0x1a9/0x260 [ 2580.867665] ? __ia32_sys_read+0xb0/0xb0 [ 2580.868503] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2580.869599] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2580.870652] do_syscall_64+0x33/0x40 [ 2580.871412] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2580.872457] RIP: 0033:0x7fd102b50b19 [ 2580.873230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2580.876990] RSP: 002b:00007fd1000c6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000146 [ 2580.878549] RAX: ffffffffffffffda RBX: 00007fd102c63f60 RCX: 00007fd102b50b19 [ 2580.879996] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005 [ 2580.881454] RBP: 00007fd1000c61d0 R08: 000000000200f5ef R09: 0000000000000000 [ 2580.882900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2580.884360] R13: 00007fff63b3a90f R14: 00007fd1000c6300 R15: 0000000000022000 11:48:07 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:48:07 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x30000, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:48:07 executing program 2: io_setup(0x1, &(0x7f00000000c0)=0x0) io_submit(r0, 0x58, &(0x7f00000000c0)) io_setup(0x3e7, &(0x7f0000000580)=0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) connect$inet(r2, &(0x7f0000000000)={0x2, 0x2, @remote}, 0x10) io_submit(r1, 0x1, &(0x7f0000000a40)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x8, 0x0, r2, 0x0}]) read(r2, &(0x7f00000004c0)=""/171, 0xab) syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x800) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8}, 0x200, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fork() 11:48:07 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0xf000000, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:48:07 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x34000, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:48:07 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x4000) 11:48:08 executing program 5: r0 = perf_event_open(&(0x7f0000000480)={0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r4, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r1, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x8, 0x8, 0x6, 0xa6, 0x0, 0x8, 0x0, 0x2, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x3, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x7ff, 0x0, @perf_bp={&(0x7f0000000140), 0x1}, 0x40010, 0x3, 0x8, 0x3, 0x1, 0x2, 0x0, 0x0, 0x1, 0x0, 0x4}, 0x0, 0xe, r0, 0x2) syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:48:08 executing program 2: io_setup(0x1, &(0x7f00000000c0)=0x0) io_submit(r0, 0x58, &(0x7f00000000c0)) io_setup(0x3e7, &(0x7f0000000580)=0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) connect$inet(r2, &(0x7f0000000000)={0x2, 0x2, @remote}, 0x10) io_submit(r1, 0x1, &(0x7f0000000a40)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x8, 0x0, r2, 0x0}]) read(r2, &(0x7f00000004c0)=""/171, 0xab) syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x800) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8}, 0x200, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fork() 11:48:08 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x9effffff, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:48:24 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x80000, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:48:24 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:48:24 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0xffffffff00000000, 0x0, 0x0) 11:48:24 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) (fail_nth: 27) 11:48:24 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0xe394e2ff, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:48:24 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x80000) 11:48:24 executing program 2: io_setup(0x1, &(0x7f00000000c0)=0x0) io_submit(r0, 0x58, &(0x7f00000000c0)) io_setup(0x3e7, &(0x7f0000000580)=0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) connect$inet(r2, &(0x7f0000000000)={0x2, 0x2, @remote}, 0x10) io_submit(r1, 0x1, &(0x7f0000000a40)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x8, 0x0, r2, 0x0}]) read(r2, &(0x7f00000004c0)=""/171, 0xab) syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x800) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8}, 0x200, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fork() 11:48:24 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000180)=0x0) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r4, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r1, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000) syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000400)={{0x1, 0x1, 0x18, r4}, './file1\x00'}) r7 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) mount$9p_fd(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0), 0xa0000, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[], [{@smackfsfloor={'smackfsfloor', 0x3d, ':!]'}}, {@obj_role={'obj_role', 0x3d, 'lblc\x00'}}, {@context={'context', 0x3d, 'root'}}, {@appraise}, {@appraise}, {@dont_measure}, {@mask={'mask', 0x3d, '^MAY_READ'}}, {@fsname={'fsname', 0x3d, 'lblc\x00'}}, {@dont_hash}]}}) r8 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) r9 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r9, 0x0, r8, 0x0, 0x200f5ef, 0x0) r10 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000200), r0) sendmsg$IPVS_CMD_NEW_SERVICE(r9, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0x78, r10, 0x200, 0x70bd29, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_SERVICE={0x48, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x828}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x2}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_SCHED_NAME={0x9, 0x6, 'lblc\x00'}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x4}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e23}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e20}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e21}]}, @IPVS_CMD_ATTR_DEST={0x1c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x8}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1f}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e21}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x28000000}, 0x100) getdents(r0, &(0x7f0000000140)=""/16, 0x10) io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2597.955522] FAULT_INJECTION: forcing a failure. [ 2597.955522] name failslab, interval 1, probability 0, space 0, times 0 [ 2597.958397] CPU: 0 PID: 18640 Comm: syz-executor.6 Not tainted 5.10.183 #1 [ 2597.959856] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2597.961618] Call Trace: [ 2597.962191] dump_stack+0x107/0x167 [ 2597.962970] should_fail.cold+0x5/0xa [ 2597.963788] ? __es_insert_extent+0x3a9/0x12f0 [ 2597.964779] should_failslab+0x5/0x20 [ 2597.965597] kmem_cache_alloc+0x5b/0x310 [ 2597.966472] __es_insert_extent+0x3a9/0x12f0 [ 2597.967429] ext4_es_insert_extent+0x2dc/0xb10 [ 2597.968405] ? ext4_es_scan_clu+0x2e0/0x2e0 [ 2597.969348] ? do_raw_read_unlock+0x3b/0x70 [ 2597.970257] ? ext4_es_lookup_extent+0xc4/0xaa0 [ 2597.971250] ext4_map_blocks+0x8e1/0x1970 [ 2597.972151] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 2597.973114] ? trace_hardirqs_on+0x5b/0x180 [ 2597.974038] ? kmem_cache_alloc+0x2a6/0x310 [ 2597.974969] ext4_writepages+0x19bf/0x3350 [ 2597.975867] ? unwind_next_frame+0x13ef/0x1a90 [ 2597.976850] ? find_held_lock+0x2c/0x110 [ 2597.977755] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2597.978817] ? __is_insn_slot_addr+0x14c/0x290 [ 2597.979790] ? __kernel_text_address+0x9/0x40 [ 2597.980748] ? unwind_get_return_address+0x55/0xa0 [ 2597.981811] ? create_prof_cpu_mask+0x20/0x20 [ 2597.982792] ? stack_trace_save+0x8c/0xc0 [ 2597.983679] ? stack_trace_consume_entry+0x160/0x160 [ 2597.984768] ? kasan_save_stack+0x32/0x40 [ 2597.985651] ? kasan_save_stack+0x1b/0x40 [ 2597.986530] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2597.987608] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2597.988652] do_writepages+0xee/0x2a0 [ 2597.989481] ? page_writeback_cpu_online+0x20/0x20 [ 2597.990522] ? lock_acquire+0x197/0x470 [ 2597.991365] ? create_object.isra.0+0x3ad/0xa20 [ 2597.992357] ? lock_release+0x680/0x680 [ 2597.993244] ? find_held_lock+0x2c/0x110 [ 2597.994132] __filemap_fdatawrite_range+0x24b/0x2f0 [ 2597.995184] ? delete_from_page_cache_batch+0xa30/0xa30 [ 2597.996310] ? mark_held_locks+0x9e/0xe0 [ 2597.997188] ? trace_hardirqs_on+0x5b/0x180 [ 2597.998128] filemap_write_and_wait_range+0x65/0x100 [ 2597.999207] __iomap_dio_rw+0x552/0x1110 [ 2598.000094] ? iomap_dio_bio_actor+0xef0/0xef0 [ 2598.001065] ? ext4_orphan_add+0x253/0x9e0 [ 2598.001995] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 2598.003040] ? ext4_empty_dir+0xae0/0xae0 [ 2598.003928] ? jbd2__journal_start+0xf3/0x7e0 [ 2598.004896] iomap_dio_rw+0x31/0x90 [ 2598.005692] ext4_file_write_iter+0xb26/0x18d0 [ 2598.006682] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2598.007654] ? kasan_save_stack+0x32/0x40 [ 2598.008531] ? kasan_save_stack+0x1b/0x40 [ 2598.009504] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2598.010692] ? iter_file_splice_write+0x16d/0xc30 [ 2598.011814] ? direct_splice_actor+0x10f/0x170 [ 2598.012891] ? splice_direct_to_actor+0x387/0x980 [ 2598.014041] ? do_splice_direct+0x1c4/0x290 [ 2598.015058] ? vfs_copy_file_range+0x4f8/0x1290 [ 2598.016156] ? __do_sys_copy_file_range+0x193/0x420 [ 2598.017302] do_iter_readv_writev+0x476/0x750 [ 2598.018263] ? new_sync_write+0x660/0x660 [ 2598.019149] ? selinux_file_permission+0x92/0x520 [ 2598.020193] do_iter_write+0x191/0x670 [ 2598.021030] ? trace_hardirqs_on+0x5b/0x180 [ 2598.021983] vfs_iter_write+0x70/0xa0 [ 2598.022796] iter_file_splice_write+0x762/0xc30 [ 2598.023811] ? generic_splice_sendpage+0x140/0x140 [ 2598.024861] ? avc_policy_seqno+0x9/0x70 [ 2598.025735] ? selinux_file_permission+0x92/0x520 [ 2598.026872] ? lockdep_init_map_type+0x2c7/0x780 [ 2598.028001] ? generic_splice_sendpage+0x140/0x140 [ 2598.029160] direct_splice_actor+0x10f/0x170 [ 2598.030204] splice_direct_to_actor+0x387/0x980 [ 2598.031302] ? pipe_to_sendpage+0x380/0x380 [ 2598.032333] ? do_splice_to+0x160/0x160 [ 2598.033296] ? security_file_permission+0x24e/0x570 [ 2598.034473] do_splice_direct+0x1c4/0x290 [ 2598.035435] ? splice_direct_to_actor+0x980/0x980 [ 2598.036562] ? selinux_file_permission+0x92/0x520 [ 2598.037731] ? security_file_permission+0x24e/0x570 [ 2598.038823] vfs_copy_file_range+0x4f8/0x1290 [ 2598.039795] ? generic_file_rw_checks+0x240/0x240 [ 2598.040830] ? __fget_files+0x296/0x4c0 [ 2598.041717] __do_sys_copy_file_range+0x193/0x420 [ 2598.042920] ? vfs_copy_file_range+0x1290/0x1290 [ 2598.043933] ? ksys_write+0x1a9/0x260 [ 2598.044743] ? __ia32_sys_read+0xb0/0xb0 [ 2598.045637] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2598.046858] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2598.048086] do_syscall_64+0x33/0x40 [ 2598.048966] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2598.050186] RIP: 0033:0x7fd102b50b19 [ 2598.051072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2598.055350] RSP: 002b:00007fd1000c6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000146 [ 2598.056957] RAX: ffffffffffffffda RBX: 00007fd102c63f60 RCX: 00007fd102b50b19 [ 2598.058479] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005 [ 2598.059991] RBP: 00007fd1000c61d0 R08: 000000000200f5ef R09: 0000000000000000 [ 2598.061521] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2598.063039] R13: 00007fff63b3a90f R14: 00007fd1000c6300 R15: 0000000000022000 11:48:25 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x400300, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:48:25 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x400000) 11:48:25 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0xf0ffffff, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:48:25 executing program 2: io_setup(0x1, &(0x7f00000000c0)=0x0) io_submit(r0, 0x58, &(0x7f00000000c0)) io_setup(0x3e7, &(0x7f0000000580)=0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) connect$inet(r2, &(0x7f0000000000)={0x2, 0x2, @remote}, 0x10) io_submit(r1, 0x1, &(0x7f0000000a40)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x8, 0x0, r2, 0x0}]) read(r2, &(0x7f00000004c0)=""/171, 0xab) syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x800) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8}, 0x200, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fork() 11:48:25 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0xffe294e3, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:48:25 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) (fail_nth: 28) 11:48:25 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0xfffff000, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) [ 2598.301756] FAULT_INJECTION: forcing a failure. [ 2598.301756] name failslab, interval 1, probability 0, space 0, times 0 [ 2598.303665] CPU: 1 PID: 18676 Comm: syz-executor.6 Not tainted 5.10.183 #1 [ 2598.304684] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2598.305911] Call Trace: [ 2598.306308] dump_stack+0x107/0x167 [ 2598.306852] should_fail.cold+0x5/0xa [ 2598.307424] ? create_object.isra.0+0x3a/0xa20 [ 2598.308103] should_failslab+0x5/0x20 [ 2598.308666] kmem_cache_alloc+0x5b/0x310 [ 2598.309279] create_object.isra.0+0x3a/0xa20 [ 2598.309926] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2598.310677] kmem_cache_alloc+0x159/0x310 [ 2598.311304] __es_insert_extent+0x3a9/0x12f0 [ 2598.311969] ext4_es_insert_extent+0x2dc/0xb10 [ 2598.312547] ? ext4_es_scan_clu+0x2e0/0x2e0 [ 2598.313219] ? do_raw_read_unlock+0x3b/0x70 [ 2598.313859] ? ext4_es_lookup_extent+0xc4/0xaa0 [ 2598.314558] ext4_map_blocks+0x8e1/0x1970 [ 2598.315181] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 2598.315850] ? trace_hardirqs_on+0x5b/0x180 [ 2598.316562] ? kmem_cache_alloc+0x2a6/0x310 [ 2598.317223] ext4_writepages+0x19bf/0x3350 [ 2598.317857] ? unwind_next_frame+0x13ef/0x1a90 [ 2598.318543] ? find_held_lock+0x2c/0x110 [ 2598.319168] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2598.319774] ? __is_insn_slot_addr+0x14c/0x290 [ 2598.320454] ? __kernel_text_address+0x9/0x40 [ 2598.321121] ? unwind_get_return_address+0x55/0xa0 [ 2598.321843] ? create_prof_cpu_mask+0x20/0x20 [ 2598.322518] ? stack_trace_save+0x8c/0xc0 [ 2598.323129] ? stack_trace_consume_entry+0x160/0x160 [ 2598.323886] ? kasan_save_stack+0x32/0x40 [ 2598.324493] ? kasan_save_stack+0x1b/0x40 [ 2598.325119] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2598.325820] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2598.326379] do_writepages+0xee/0x2a0 [ 2598.326843] ? page_writeback_cpu_online+0x20/0x20 [ 2598.327417] ? lock_acquire+0x197/0x470 [ 2598.327871] ? create_object.isra.0+0x3ad/0xa20 [ 2598.328404] ? lock_release+0x680/0x680 [ 2598.328861] ? find_held_lock+0x2c/0x110 [ 2598.329380] __filemap_fdatawrite_range+0x24b/0x2f0 [ 2598.329961] ? delete_from_page_cache_batch+0xa30/0xa30 [ 2598.330568] ? mark_held_locks+0x9e/0xe0 [ 2598.331044] ? trace_hardirqs_on+0x5b/0x180 [ 2598.331541] filemap_write_and_wait_range+0x65/0x100 [ 2598.332128] __iomap_dio_rw+0x552/0x1110 [ 2598.332610] ? iomap_dio_bio_actor+0xef0/0xef0 [ 2598.333153] ? ext4_orphan_add+0x253/0x9e0 [ 2598.333646] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 2598.334210] ? ext4_empty_dir+0xae0/0xae0 [ 2598.334685] ? jbd2__journal_start+0xf3/0x7e0 [ 2598.335201] iomap_dio_rw+0x31/0x90 [ 2598.335645] ext4_file_write_iter+0xb26/0x18d0 [ 2598.336230] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2598.336809] ? kasan_save_stack+0x32/0x40 [ 2598.337323] ? kasan_save_stack+0x1b/0x40 [ 2598.337832] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2598.338454] ? iter_file_splice_write+0x16d/0xc30 [ 2598.339053] ? direct_splice_actor+0x10f/0x170 [ 2598.339608] ? splice_direct_to_actor+0x387/0x980 [ 2598.340192] ? do_splice_direct+0x1c4/0x290 [ 2598.340722] ? vfs_copy_file_range+0x4f8/0x1290 [ 2598.341294] ? __do_sys_copy_file_range+0x193/0x420 [ 2598.341922] do_iter_readv_writev+0x476/0x750 [ 2598.342482] ? new_sync_write+0x660/0x660 [ 2598.342999] ? selinux_file_permission+0x92/0x520 [ 2598.343615] do_iter_write+0x191/0x670 [ 2598.344099] ? trace_hardirqs_on+0x5b/0x180 [ 2598.344643] vfs_iter_write+0x70/0xa0 [ 2598.345121] iter_file_splice_write+0x762/0xc30 [ 2598.345711] ? generic_splice_sendpage+0x140/0x140 [ 2598.346325] ? avc_policy_seqno+0x9/0x70 [ 2598.346823] ? selinux_file_permission+0x92/0x520 [ 2598.347425] ? lockdep_init_map_type+0x2c7/0x780 [ 2598.348011] ? generic_splice_sendpage+0x140/0x140 [ 2598.348629] direct_splice_actor+0x10f/0x170 [ 2598.349182] splice_direct_to_actor+0x387/0x980 [ 2598.349775] ? pipe_to_sendpage+0x380/0x380 [ 2598.350300] ? do_splice_to+0x160/0x160 [ 2598.350793] ? security_file_permission+0x24e/0x570 [ 2598.351420] do_splice_direct+0x1c4/0x290 [ 2598.351921] ? splice_direct_to_actor+0x980/0x980 [ 2598.352513] ? selinux_file_permission+0x92/0x520 [ 2598.353118] ? security_file_permission+0x24e/0x570 [ 2598.353739] vfs_copy_file_range+0x4f8/0x1290 [ 2598.354297] ? generic_file_rw_checks+0x240/0x240 [ 2598.354896] ? __fget_files+0x296/0x4c0 [ 2598.355393] __do_sys_copy_file_range+0x193/0x420 [ 2598.355982] ? vfs_copy_file_range+0x1290/0x1290 [ 2598.356559] ? ksys_write+0x1a9/0x260 [ 2598.357021] ? __ia32_sys_read+0xb0/0xb0 [ 2598.357530] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2598.358185] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2598.358819] do_syscall_64+0x33/0x40 [ 2598.359280] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2598.359908] RIP: 0033:0x7fd102b50b19 [ 2598.360363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2598.362628] RSP: 002b:00007fd1000c6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000146 [ 2598.363559] RAX: ffffffffffffffda RBX: 00007fd102c63f60 RCX: 00007fd102b50b19 [ 2598.364395] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005 [ 2598.365240] RBP: 00007fd1000c61d0 R08: 000000000200f5ef R09: 0000000000000000 [ 2598.366076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2598.366913] R13: 00007fff63b3a90f R14: 00007fd1000c6300 R15: 0000000000022000 11:48:25 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0xf0ffff, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:48:25 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x800000) 11:48:39 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:48:39 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) (fail_nth: 29) 11:48:39 executing program 2: io_setup(0x1, &(0x7f00000000c0)=0x0) io_submit(r0, 0x58, &(0x7f00000000c0)) io_setup(0x3e7, &(0x7f0000000580)=0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) connect$inet(r2, &(0x7f0000000000)={0x2, 0x2, @remote}, 0x10) io_submit(r1, 0x1, &(0x7f0000000a40)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x8, 0x0, r2, 0x0}]) read(r2, &(0x7f00000004c0)=""/171, 0xab) syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x800) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8}, 0x200, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) 11:48:39 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x1000000, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:48:39 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xf0ff7f) 11:48:39 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0xffffff7f, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:48:39 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x400}, 0x0, 0x4000000000000000, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) readv(r0, &(0x7f00000003c0)=[{&(0x7f0000000080)=""/71, 0x47}, {&(0x7f00000001c0)=""/75, 0x4b}, {&(0x7f0000000280)=""/44, 0x2c}, {&(0x7f0000000500)=""/4096, 0x1000}, {&(0x7f0000000300)=""/184, 0xb8}, {&(0x7f0000000240)=""/35, 0x23}], 0x6) r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r4, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r1, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000) syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0) 11:48:39 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0xffffffff00000416, 0x0, 0x0) [ 2612.327815] FAULT_INJECTION: forcing a failure. [ 2612.327815] name failslab, interval 1, probability 0, space 0, times 0 [ 2612.330319] CPU: 1 PID: 18696 Comm: syz-executor.6 Not tainted 5.10.183 #1 [ 2612.331804] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2612.333606] Call Trace: [ 2612.334187] dump_stack+0x107/0x167 [ 2612.334984] should_fail.cold+0x5/0xa [ 2612.335810] ? mempool_alloc+0x148/0x360 [ 2612.336686] ? mempool_free_pages+0x20/0x20 [ 2612.337643] should_failslab+0x5/0x20 [ 2612.338470] kmem_cache_alloc+0x5b/0x310 [ 2612.339351] ? mempool_free_pages+0x20/0x20 [ 2612.340287] mempool_alloc+0x148/0x360 [ 2612.341134] ? mempool_resize+0x7d0/0x7d0 [ 2612.342059] ? __test_set_page_writeback+0x160/0xbb0 [ 2612.343163] bio_alloc_bioset+0x36e/0x600 [ 2612.344066] ? bvec_alloc+0x2f0/0x2f0 [ 2612.344886] ? invalid_page_referenced_vma+0x570/0x570 [ 2612.346046] ext4_bio_write_page+0x9ba/0x1390 [ 2612.347033] mpage_submit_page+0x14b/0x260 [ 2612.347959] ext4_writepages+0x1f2e/0x3350 [ 2612.348927] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2612.350012] ? __is_insn_slot_addr+0x14c/0x290 [ 2612.350996] ? __kernel_text_address+0x9/0x40 [ 2612.351962] ? unwind_get_return_address+0x55/0xa0 [ 2612.353008] ? create_prof_cpu_mask+0x20/0x20 [ 2612.354009] ? stack_trace_consume_entry+0x160/0x160 [ 2612.355106] ? kasan_save_stack+0x32/0x40 [ 2612.355995] ? kasan_save_stack+0x1b/0x40 [ 2612.356880] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2612.357986] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2612.359030] do_writepages+0xee/0x2a0 [ 2612.359855] ? page_writeback_cpu_online+0x20/0x20 [ 2612.360898] ? lock_acquire+0x197/0x470 [ 2612.361765] ? create_object.isra.0+0x3ad/0xa20 [ 2612.362763] ? lock_release+0x680/0x680 [ 2612.363614] ? find_held_lock+0x2c/0x110 [ 2612.364491] __filemap_fdatawrite_range+0x24b/0x2f0 [ 2612.365571] ? delete_from_page_cache_batch+0xa30/0xa30 [ 2612.366700] ? mark_held_locks+0x9e/0xe0 [ 2612.367584] ? trace_hardirqs_on+0x5b/0x180 [ 2612.368511] filemap_write_and_wait_range+0x65/0x100 [ 2612.369607] __iomap_dio_rw+0x552/0x1110 [ 2612.370492] ? iomap_dio_bio_actor+0xef0/0xef0 [ 2612.371465] ? ext4_orphan_add+0x253/0x9e0 [ 2612.372362] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 2612.373431] ? ext4_empty_dir+0xae0/0xae0 [ 2612.374307] ? jbd2__journal_start+0xf3/0x7e0 [ 2612.375276] iomap_dio_rw+0x31/0x90 [ 2612.376050] ext4_file_write_iter+0xb26/0x18d0 [ 2612.377041] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2612.378014] ? kasan_save_stack+0x32/0x40 [ 2612.378893] ? kasan_save_stack+0x1b/0x40 [ 2612.379771] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2612.380844] ? iter_file_splice_write+0x16d/0xc30 [ 2612.381871] ? direct_splice_actor+0x10f/0x170 [ 2612.382849] ? splice_direct_to_actor+0x387/0x980 [ 2612.383867] ? do_splice_direct+0x1c4/0x290 [ 2612.384791] ? vfs_copy_file_range+0x4f8/0x1290 [ 2612.385783] ? __do_sys_copy_file_range+0x193/0x420 [ 2612.386867] do_iter_readv_writev+0x476/0x750 [ 2612.387830] ? new_sync_write+0x660/0x660 [ 2612.388716] ? selinux_file_permission+0x92/0x520 [ 2612.389780] do_iter_write+0x191/0x670 [ 2612.390634] ? trace_hardirqs_on+0x5b/0x180 [ 2612.391559] vfs_iter_write+0x70/0xa0 [ 2612.392388] iter_file_splice_write+0x762/0xc30 [ 2612.393431] ? generic_splice_sendpage+0x140/0x140 [ 2612.394485] ? avc_policy_seqno+0x9/0x70 [ 2612.395353] ? selinux_file_permission+0x92/0x520 [ 2612.396392] ? lockdep_init_map_type+0x2c7/0x780 [ 2612.397420] ? generic_splice_sendpage+0x140/0x140 [ 2612.398468] direct_splice_actor+0x10f/0x170 [ 2612.399414] splice_direct_to_actor+0x387/0x980 [ 2612.400419] ? pipe_to_sendpage+0x380/0x380 [ 2612.401362] ? do_splice_to+0x160/0x160 [ 2612.402214] ? security_file_permission+0x24e/0x570 [ 2612.403295] do_splice_direct+0x1c4/0x290 [ 2612.404183] ? splice_direct_to_actor+0x980/0x980 [ 2612.405209] ? selinux_file_permission+0x92/0x520 [ 2612.406253] ? security_file_permission+0x24e/0x570 [ 2612.407345] vfs_copy_file_range+0x4f8/0x1290 [ 2612.408325] ? generic_file_rw_checks+0x240/0x240 [ 2612.409385] ? __fget_files+0x296/0x4c0 [ 2612.410269] __do_sys_copy_file_range+0x193/0x420 [ 2612.411314] ? vfs_copy_file_range+0x1290/0x1290 [ 2612.412330] ? ksys_write+0x1a9/0x260 [ 2612.413152] ? __ia32_sys_read+0xb0/0xb0 [ 2612.414042] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2612.415172] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2612.416289] do_syscall_64+0x33/0x40 [ 2612.417095] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2612.418212] RIP: 0033:0x7fd102b50b19 [ 2612.419022] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2612.422997] RSP: 002b:00007fd1000c6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000146 [ 2612.424646] RAX: ffffffffffffffda RBX: 00007fd102c63f60 RCX: 00007fd102b50b19 [ 2612.426206] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005 [ 2612.427763] RBP: 00007fd1000c61d0 R08: 000000000200f5ef R09: 0000000000000000 [ 2612.429222] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2612.430666] R13: 00007fff63b3a90f R14: 00007fd1000c6300 R15: 0000000000022000 11:48:39 executing program 2: io_setup(0x1, &(0x7f00000000c0)=0x0) io_submit(r0, 0x58, &(0x7f00000000c0)) io_setup(0x3e7, &(0x7f0000000580)=0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) connect$inet(r2, &(0x7f0000000000)={0x2, 0x2, @remote}, 0x10) io_submit(r1, 0x1, &(0x7f0000000a40)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x8, 0x0, r2, 0x0}]) read(r2, &(0x7f00000004c0)=""/171, 0xab) syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x800) 11:48:39 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x2) 11:48:39 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1000000) 11:48:39 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0xffffff9e, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:48:39 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x2000000, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:48:39 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0xfffffff0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:48:56 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:48:56 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x2000000) 11:48:56 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x8) 11:48:56 executing program 2: io_setup(0x1, &(0x7f00000000c0)=0x0) io_submit(r0, 0x58, &(0x7f00000000c0)) io_setup(0x3e7, &(0x7f0000000580)=0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) connect$inet(r2, &(0x7f0000000000)={0x2, 0x2, @remote}, 0x10) io_submit(r1, 0x1, &(0x7f0000000a40)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x8, 0x0, r2, 0x0}]) read(r2, &(0x7f00000004c0)=""/171, 0xab) 11:48:56 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) (fail_nth: 30) 11:48:56 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0xffffffff, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:48:56 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x3000000, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:48:56 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, 0x3}, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/if_inet6\x00') readv(r4, &(0x7f0000000280)=[{&(0x7f00000004c0)=""/4089, 0xff9}], 0x1) r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2, 0x1010, r4, 0x10000000) io_setup(0x5, &(0x7f0000000700)=0x0) r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='fd/3\x00') io_submit(r6, 0x1, &(0x7f00000006c0)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x8, 0x0, r7, 0x0}]) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x40000, 0x0, 0x0, 0x3}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r10 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(r8, r9, &(0x7f0000000100)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r10}}, 0x0) syz_io_uring_submit(0x0, r5, &(0x7f00000000c0)=@IORING_OP_EPOLL_CTL=@del={0x1d, 0x4, 0x0, r7, 0x0, r4, 0x2, 0x0, 0x1, {0x0, r10}}, 0x9d) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x4, 0x0, 0xffffffffffffffff, &(0x7f0000000140)={0x440600, 0x10, 0x16}, &(0x7f0000000180)='./file0\x00', 0x18, 0x0, 0x12345, {0x0, r10}}, 0x5) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r11 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0xf, 0x10010, r0, 0x8000000) syz_io_uring_submit(r11, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2629.397157] FAULT_INJECTION: forcing a failure. [ 2629.397157] name failslab, interval 1, probability 0, space 0, times 0 [ 2629.398530] CPU: 1 PID: 18749 Comm: syz-executor.6 Not tainted 5.10.183 #1 [ 2629.399266] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2629.400171] Call Trace: [ 2629.400463] dump_stack+0x107/0x167 [ 2629.400856] should_fail.cold+0x5/0xa [ 2629.401275] ? create_object.isra.0+0x3a/0xa20 [ 2629.401777] should_failslab+0x5/0x20 [ 2629.402193] kmem_cache_alloc+0x5b/0x310 [ 2629.402643] create_object.isra.0+0x3a/0xa20 [ 2629.403125] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2629.403684] kmem_cache_alloc+0x159/0x310 [ 2629.404144] __es_insert_extent+0x3a9/0x12f0 [ 2629.404635] ext4_es_insert_extent+0x2dc/0xb10 [ 2629.405134] ? ext4_es_scan_clu+0x2e0/0x2e0 [ 2629.405620] ? do_raw_read_unlock+0x3b/0x70 [ 2629.406082] ? ext4_es_lookup_extent+0xc4/0xaa0 [ 2629.406592] ext4_map_blocks+0x8e1/0x1970 [ 2629.407044] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 2629.407523] ? trace_hardirqs_on+0x5b/0x180 [ 2629.408000] ? kmem_cache_alloc+0x2a6/0x310 [ 2629.408478] ext4_writepages+0x19bf/0x3350 [ 2629.408944] ? unwind_next_frame+0x13ef/0x1a90 [ 2629.409445] ? find_held_lock+0x2c/0x110 [ 2629.409923] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2629.410449] ? __is_insn_slot_addr+0x14c/0x290 [ 2629.410960] ? __kernel_text_address+0x9/0x40 [ 2629.411442] ? unwind_get_return_address+0x55/0xa0 [ 2629.411984] ? create_prof_cpu_mask+0x20/0x20 [ 2629.412481] ? stack_trace_save+0x8c/0xc0 [ 2629.412939] ? stack_trace_consume_entry+0x160/0x160 [ 2629.413503] ? kasan_save_stack+0x32/0x40 [ 2629.413960] ? kasan_save_stack+0x1b/0x40 [ 2629.414409] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2629.414968] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2629.415499] do_writepages+0xee/0x2a0 [ 2629.415924] ? page_writeback_cpu_online+0x20/0x20 [ 2629.416443] ? lock_acquire+0x197/0x470 [ 2629.416890] ? create_object.isra.0+0x3ad/0xa20 [ 2629.417394] ? lock_release+0x680/0x680 [ 2629.417833] ? find_held_lock+0x2c/0x110 [ 2629.418285] __filemap_fdatawrite_range+0x24b/0x2f0 [ 2629.418835] ? delete_from_page_cache_batch+0xa30/0xa30 [ 2629.419429] ? mark_held_locks+0x9e/0xe0 [ 2629.419883] ? trace_hardirqs_on+0x5b/0x180 [ 2629.420374] filemap_write_and_wait_range+0x65/0x100 [ 2629.420939] __iomap_dio_rw+0x552/0x1110 [ 2629.421416] ? iomap_dio_bio_actor+0xef0/0xef0 [ 2629.421929] ? ext4_orphan_add+0x253/0x9e0 [ 2629.422609] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 2629.423217] ? ext4_empty_dir+0xae0/0xae0 [ 2629.423680] ? jbd2__journal_start+0xf3/0x7e0 [ 2629.424179] iomap_dio_rw+0x31/0x90 [ 2629.424585] ext4_file_write_iter+0xb26/0x18d0 [ 2629.425092] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2629.425606] ? kasan_save_stack+0x32/0x40 [ 2629.426058] ? kasan_save_stack+0x1b/0x40 [ 2629.426526] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2629.427073] ? iter_file_splice_write+0x16d/0xc30 [ 2629.427607] ? direct_splice_actor+0x10f/0x170 [ 2629.428101] ? splice_direct_to_actor+0x387/0x980 [ 2629.428635] ? do_splice_direct+0x1c4/0x290 [ 2629.429105] ? vfs_copy_file_range+0x4f8/0x1290 [ 2629.429641] ? __do_sys_copy_file_range+0x193/0x420 [ 2629.430188] do_iter_readv_writev+0x476/0x750 [ 2629.430691] ? new_sync_write+0x660/0x660 [ 2629.431147] ? selinux_file_permission+0x92/0x520 [ 2629.431698] do_iter_write+0x191/0x670 [ 2629.432125] ? trace_hardirqs_on+0x5b/0x180 [ 2629.432617] vfs_iter_write+0x70/0xa0 [ 2629.433030] iter_file_splice_write+0x762/0xc30 [ 2629.433566] ? generic_splice_sendpage+0x140/0x140 [ 2629.434116] ? avc_policy_seqno+0x9/0x70 [ 2629.434567] ? selinux_file_permission+0x92/0x520 [ 2629.435102] ? lockdep_init_map_type+0x2c7/0x780 [ 2629.435632] ? generic_splice_sendpage+0x140/0x140 [ 2629.436165] direct_splice_actor+0x10f/0x170 [ 2629.436659] splice_direct_to_actor+0x387/0x980 [ 2629.437176] ? pipe_to_sendpage+0x380/0x380 [ 2629.437670] ? do_splice_to+0x160/0x160 [ 2629.438106] ? security_file_permission+0x24e/0x570 [ 2629.438663] do_splice_direct+0x1c4/0x290 [ 2629.439121] ? splice_direct_to_actor+0x980/0x980 [ 2629.439656] ? selinux_file_permission+0x92/0x520 [ 2629.440180] ? security_file_permission+0x24e/0x570 [ 2629.440743] vfs_copy_file_range+0x4f8/0x1290 [ 2629.441237] ? generic_file_rw_checks+0x240/0x240 [ 2629.441785] ? __fget_files+0x296/0x4c0 [ 2629.442222] __do_sys_copy_file_range+0x193/0x420 [ 2629.442759] ? vfs_copy_file_range+0x1290/0x1290 [ 2629.443266] ? ksys_write+0x1a9/0x260 [ 2629.443684] ? __ia32_sys_read+0xb0/0xb0 [ 2629.444117] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2629.444697] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2629.445247] do_syscall_64+0x33/0x40 [ 2629.445673] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2629.446217] RIP: 0033:0x7fd102b50b19 [ 2629.446632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2629.448567] RSP: 002b:00007fd1000c6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000146 [ 2629.449400] RAX: ffffffffffffffda RBX: 00007fd102c63f60 RCX: 00007fd102b50b19 [ 2629.450195] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005 [ 2629.450976] RBP: 00007fd1000c61d0 R08: 000000000200f5ef R09: 0000000000000000 [ 2629.451753] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2629.452528] R13: 00007fff63b3a90f R14: 00007fd1000c6300 R15: 0000000000022000 11:48:56 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {0x2}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:48:56 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x4000000, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:48:56 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {0x3}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:48:56 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x16040000) 11:48:56 executing program 2: io_setup(0x1, &(0x7f00000000c0)=0x0) io_submit(r0, 0x58, &(0x7f00000000c0)) io_setup(0x3e7, &(0x7f0000000580)=0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) connect$inet(r2, &(0x7f0000000000)={0x2, 0x2, @remote}, 0x10) io_submit(r1, 0x1, &(0x7f0000000a40)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x8, 0x0, r2, 0x0}]) 11:48:56 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {0x4}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:48:56 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x5000000, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:49:13 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) (fail_nth: 31) 11:49:13 executing program 2: io_setup(0x1, &(0x7f00000000c0)=0x0) io_submit(r0, 0x58, &(0x7f00000000c0)) io_setup(0x3e7, &(0x7f0000000580)) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) connect$inet(r1, &(0x7f0000000000)={0x2, 0x2, @remote}, 0x10) 11:49:13 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x416) 11:49:13 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:49:13 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x20000000) 11:49:13 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {0x5}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:49:13 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x6000000, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:49:13 executing program 5: r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000000200)=0x8) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r4, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r1, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000) syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) r6 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r7, 0x0, r6, 0x0, 0x200f5ef, 0x0) readv(r6, &(0x7f00000001c0)=[{&(0x7f0000000140)=""/111, 0x6f}], 0x1) io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2646.573569] FAULT_INJECTION: forcing a failure. [ 2646.573569] name failslab, interval 1, probability 0, space 0, times 0 [ 2646.576520] CPU: 1 PID: 18804 Comm: syz-executor.6 Not tainted 5.10.183 #1 [ 2646.578204] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2646.580185] Call Trace: [ 2646.580808] dump_stack+0x107/0x167 [ 2646.581680] should_fail.cold+0x5/0xa [ 2646.582576] ? mempool_alloc+0x148/0x360 [ 2646.583510] ? mempool_free_pages+0x20/0x20 [ 2646.584510] should_failslab+0x5/0x20 [ 2646.585392] kmem_cache_alloc+0x5b/0x310 [ 2646.586359] ? mempool_free_pages+0x20/0x20 [ 2646.587358] mempool_alloc+0x148/0x360 [ 2646.588269] ? mempool_resize+0x7d0/0x7d0 [ 2646.589224] ? mempool_resize+0x7d0/0x7d0 [ 2646.590205] bvec_alloc+0xd8/0x2f0 [ 2646.591024] bio_alloc_bioset+0x40a/0x600 [ 2646.591978] ? bvec_alloc+0x2f0/0x2f0 [ 2646.592871] ext4_bio_write_page+0x9ba/0x1390 [ 2646.593931] mpage_submit_page+0x14b/0x260 [ 2646.594918] ext4_writepages+0x1f2e/0x3350 [ 2646.595940] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2646.597049] ? __is_insn_slot_addr+0x14c/0x290 [ 2646.598111] ? __kernel_text_address+0x9/0x40 [ 2646.599131] ? unwind_get_return_address+0x55/0xa0 [ 2646.600248] ? create_prof_cpu_mask+0x20/0x20 [ 2646.601309] ? stack_trace_consume_entry+0x160/0x160 [ 2646.602481] ? kasan_save_stack+0x32/0x40 [ 2646.603414] ? kasan_save_stack+0x1b/0x40 [ 2646.604346] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2646.605500] ? __ext4_mark_inode_dirty+0x770/0x770 [ 2646.606618] do_writepages+0xee/0x2a0 [ 2646.607491] ? page_writeback_cpu_online+0x20/0x20 [ 2646.608598] ? lock_acquire+0x197/0x470 [ 2646.609507] ? create_object.isra.0+0x3ad/0xa20 [ 2646.610587] ? lock_release+0x680/0x680 [ 2646.611493] ? find_held_lock+0x2c/0x110 [ 2646.612420] __filemap_fdatawrite_range+0x24b/0x2f0 [ 2646.613550] ? delete_from_page_cache_batch+0xa30/0xa30 [ 2646.614751] ? mark_held_locks+0x9e/0xe0 [ 2646.615679] ? trace_hardirqs_on+0x5b/0x180 [ 2646.616642] filemap_write_and_wait_range+0x65/0x100 [ 2646.617803] __iomap_dio_rw+0x552/0x1110 [ 2646.618741] ? iomap_dio_bio_actor+0xef0/0xef0 [ 2646.619755] ? ext4_orphan_add+0x253/0x9e0 [ 2646.620708] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 2646.621836] ? ext4_empty_dir+0xae0/0xae0 [ 2646.622775] ? jbd2__journal_start+0xf3/0x7e0 [ 2646.623797] iomap_dio_rw+0x31/0x90 [ 2646.624623] ext4_file_write_iter+0xb26/0x18d0 [ 2646.625679] ? ext4_file_read_iter+0x4c0/0x4c0 [ 2646.626709] ? kasan_save_stack+0x32/0x40 [ 2646.627634] ? kasan_save_stack+0x1b/0x40 [ 2646.628569] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2646.629705] ? iter_file_splice_write+0x16d/0xc30 [ 2646.630787] ? direct_splice_actor+0x10f/0x170 [ 2646.631791] ? splice_direct_to_actor+0x387/0x980 [ 2646.632858] ? do_splice_direct+0x1c4/0x290 [ 2646.633834] ? vfs_copy_file_range+0x4f8/0x1290 [ 2646.634869] ? __do_sys_copy_file_range+0x193/0x420 [ 2646.635982] do_iter_readv_writev+0x476/0x750 [ 2646.636981] ? new_sync_write+0x660/0x660 [ 2646.637909] ? selinux_file_permission+0x92/0x520 [ 2646.639008] do_iter_write+0x191/0x670 [ 2646.639879] ? trace_hardirqs_on+0x5b/0x180 [ 2646.640840] vfs_iter_write+0x70/0xa0 [ 2646.641692] iter_file_splice_write+0x762/0xc30 [ 2646.642761] ? generic_splice_sendpage+0x140/0x140 [ 2646.643874] ? avc_policy_seqno+0x9/0x70 [ 2646.644773] ? selinux_file_permission+0x92/0x520 [ 2646.645873] ? lockdep_init_map_type+0x2c7/0x780 [ 2646.646919] ? generic_splice_sendpage+0x140/0x140 [ 2646.648008] direct_splice_actor+0x10f/0x170 [ 2646.648974] splice_direct_to_actor+0x387/0x980 [ 2646.650028] ? pipe_to_sendpage+0x380/0x380 [ 2646.650970] ? do_splice_to+0x160/0x160 [ 2646.651865] ? security_file_permission+0x24e/0x570 [ 2646.652981] do_splice_direct+0x1c4/0x290 [ 2646.653906] ? splice_direct_to_actor+0x980/0x980 [ 2646.654977] ? selinux_file_permission+0x92/0x520 [ 2646.656033] ? security_file_permission+0x24e/0x570 [ 2646.657150] vfs_copy_file_range+0x4f8/0x1290 [ 2646.658141] ? generic_file_rw_checks+0x240/0x240 [ 2646.659215] ? __fget_files+0x296/0x4c0 [ 2646.660108] __do_sys_copy_file_range+0x193/0x420 [ 2646.661159] ? vfs_copy_file_range+0x1290/0x1290 [ 2646.662221] ? ksys_write+0x1a9/0x260 [ 2646.663036] ? __ia32_sys_read+0xb0/0xb0 [ 2646.663940] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2646.665065] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2646.666214] do_syscall_64+0x33/0x40 [ 2646.667008] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 2646.668128] RIP: 0033:0x7fd102b50b19 [ 2646.668922] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2646.673094] RSP: 002b:00007fd1000c6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000146 [ 2646.675002] RAX: ffffffffffffffda RBX: 00007fd102c63f60 RCX: 00007fd102b50b19 [ 2646.676743] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000005 [ 2646.678484] RBP: 00007fd1000c61d0 R08: 000000000200f5ef R09: 0000000000000000 [ 2646.680278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2646.682189] R13: 00007fff63b3a90f R14: 00007fd1000c6300 R15: 0000000000022000 11:49:13 executing program 2: io_setup(0x1, &(0x7f00000000c0)=0x0) io_submit(r0, 0x58, &(0x7f00000000c0)) io_setup(0x3e7, &(0x7f0000000580)) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) 11:49:13 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x0, 0x0, {0x8}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:49:13 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r2, 0x1, 0x7000000, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0) 11:49:13 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x10, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x7ffff000) 11:49:13 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000240)=""/58, 0x3a}], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x2000) 11:49:14 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[], 0xfdef) fallocate(r0, 0x11, 0x4077, 0x8001) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) (fail_nth: 32) 11:49:14 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x144) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) creat(&(0x7f0000000180)='./file1/file0\x00', 0x88) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) pwritev(r3, &(0x7f0000001140)=[{&(0x7f0000000080)="f2", 0x1}], 0x1, 0x0, 0x0) mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x19f) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)) openat(r4, &(0x7f00000001c0)='./file1\x00', 0x250000, 0x40) setxattr$incfs_size(0x0, 0x0, 0x0, 0x0, 0x6) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='./file1\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x20d315) 11:49:14 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r1, 0x0, &(0x7f00000002c0)=@IORING_OP_STATX={0x15, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000180), &(0x7f0000000280)='./file0\x00', 0x20, 0x1000}, 0x2) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000e, 0x13, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x101200, 0x100) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2650.303606] Failed to initialize the IGMP autojoin socket (err -2) [ 2650.699827] Failed to initialize the IGMP autojoin socket (err -2) [ 2650.877177] Failed to initialize the IGMP autojoin socket (err -2) [ 2651.136153] Failed to initialize the IGMP autojoin socket (err -2) [ 2651.305554] Failed to initialize the IGMP autojoin socket (err -2) [ 2651.338174] Failed to initialize the IGMP autojoin socket (err -2) [ 2651.379348] Failed to initialize the IGMP autojoin socket (err -2) [ 2651.421077] Failed to initialize the IGMP autojoin socket (err -2) [ 2652.194459] Bluetooth: hci0: command 0x0409 tx timeout [ 2654.235498] Failed to initialize the IGMP autojoin socket (err -2) [ 2654.242529] Bluetooth: hci0: command 0x041b tx timeout [ 2654.935338] Failed to initialize the IGMP autojoin socket (err -2) [ 2654.974261] Failed to initialize the IGMP autojoin socket (err -2) [ 2655.003626] Failed to initialize the IGMP autojoin socket (err -2) [ 2655.081918] Failed to initialize the IGMP autojoin socket (err -2) [ 2655.084312] Failed to initialize the IGMP autojoin socket (err -2) [ 2655.168077] Failed to initialize the IGMP autojoin socket (err -2) [ 2656.290459] Bluetooth: hci0: command 0x040f tx timeout [ 2657.039173] Failed to initialize the IGMP autojoin socket (err -2) [ 2657.866276] Failed to initialize the IGMP autojoin socket (err -2) [ 2658.270395] Failed to initialize the IGMP autojoin socket (err -2) [ 2658.452393] Failed to initialize the IGMP autojoin socket (err -2) [ 2658.637969] Failed to initialize the IGMP autojoin socket (err -2) [ 2658.676789] Failed to initialize the IGMP autojoin socket (err -2) [ 2658.730214] Failed to initialize the IGMP autojoin socket (err -2) [ 2659.682435] Bluetooth: hci0: command 0x0409 tx timeout [ 2660.168066] Failed to initialize the IGMP autojoin socket (err -2) [ 2660.648343] Failed to initialize the IGMP autojoin socket (err -2) [ 2661.258034] Failed to initialize the IGMP autojoin socket (err -2) [ 2661.692779] Failed to initialize the IGMP autojoin socket (err -2) [ 2661.730456] Bluetooth: hci0: command 0x041b tx timeout [ 2661.750140] Failed to initialize the IGMP autojoin socket (err -2) [ 2661.754404] Failed to initialize the IGMP autojoin socket (err -2) [ 2661.974877] Failed to initialize the IGMP autojoin socket (err -2) [ 2663.477489] Failed to initialize the IGMP autojoin socket (err -2) [ 2663.600335] Failed to initialize the IGMP autojoin socket (err -2) [ 2663.778436] Bluetooth: hci0: command 0x040f tx timeout [ 2664.473161] Failed to initialize the IGMP autojoin socket (err -2) [ 2664.881336] Failed to initialize the IGMP autojoin socket (err -2) [ 2665.091433] Failed to initialize the IGMP autojoin socket (err -2) [ 2665.163036] Failed to initialize the IGMP autojoin socket (err -2) [ 2665.269420] Failed to initialize the IGMP autojoin socket (err -2) [ 2666.582970] Failed to initialize the IGMP autojoin socket (err -2) [ 2666.800216] Failed to initialize the IGMP autojoin socket (err -2) [ 2667.564041] Failed to initialize the IGMP autojoin socket (err -2) [ 2668.083650] Failed to initialize the IGMP autojoin socket (err -2) [ 2668.234442] Failed to initialize the IGMP autojoin socket (err -2) [ 2668.442088] Failed to initialize the IGMP autojoin socket (err -2) [ 2668.450452] Bluetooth: hci0: command 0x0409 tx timeout [ 2668.478008] Failed to initialize the IGMP autojoin socket (err -2) [ 2668.632128] Failed to initialize the IGMP autojoin socket (err -2) [ 2670.319997] Failed to initialize the IGMP autojoin socket (err -2) [ 2670.418136] Failed to initialize the IGMP autojoin socket (err -2) [ 2670.498433] Bluetooth: hci0: command 0x041b tx timeout [ 2671.308790] Failed to initialize the IGMP autojoin socket (err -2) [ 2671.929385] Failed to initialize the IGMP autojoin socket (err -2) [ 2671.993962] Failed to initialize the IGMP autojoin socket (err -2) [ 2672.016495] Failed to initialize the IGMP autojoin socket (err -2) [ 2672.018615] Failed to initialize the IGMP autojoin socket (err -2) [ 2672.546459] Bluetooth: hci0: command 0x040f tx timeout [ 2673.299436] Failed to initialize the IGMP autojoin socket (err -2) [ 2673.711977] Failed to initialize the IGMP autojoin socket (err -2) [ 2674.594528] Bluetooth: hci0: command 0x0419 tx timeout [ 2674.848642] Failed to initialize the IGMP autojoin socket (err -2) [ 2675.568069] Failed to initialize the IGMP autojoin socket (err -2) [ 2675.612895] Failed to initialize the IGMP autojoin socket (err -2) [ 2675.674710] Failed to initialize the IGMP autojoin socket (err -2) [ 2675.777365] Failed to initialize the IGMP autojoin socket (err -2) [ 2676.682699] Bluetooth: hci1: command 0x0409 tx timeout [ 2676.793380] Failed to initialize the IGMP autojoin socket (err -2) [ 2677.102026] Failed to initialize the IGMP autojoin socket (err -2) [ 2677.896536] Failed to initialize the IGMP autojoin socket (err -2) [ 2678.451963] Failed to initialize the IGMP autojoin socket (err -2) [ 2678.690443] Bluetooth: hci1: command 0x041b tx timeout [ 2678.864956] Failed to initialize the IGMP autojoin socket (err -2) [ 2678.998205] Failed to initialize the IGMP autojoin socket (err -2) [ 2679.058538] Failed to initialize the IGMP autojoin socket (err -2) [ 2679.810544] Failed to initialize the IGMP autojoin socket (err -2) [ 2680.523024] Failed to initialize the IGMP autojoin socket (err -2) [ 2680.738469] Bluetooth: hci1: command 0x040f tx timeout [ 2680.767537] Failed to initialize the IGMP autojoin socket (err -2) [ 2681.535588] Failed to initialize the IGMP autojoin socket (err -2) [ 2682.360077] Failed to initialize the IGMP autojoin socket (err -2) [ 2682.479338] Failed to initialize the IGMP autojoin socket (err -2) [ 2682.786752] Failed to initialize the IGMP autojoin socket (err -2) [ 2682.888846] Failed to initialize the IGMP autojoin socket (err -2) [ 2683.649579] Failed to initialize the IGMP autojoin socket (err -2) 2023/06/12 11:49:50 executor 5 failed 11 times: executor 5: exit status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 16: Device or resource busy) loop exited with status 67 [ 2684.063014] Failed to initialize the IGMP autojoin socket (err -2) [ 2684.274426] Failed to initialize the IGMP autojoin socket (err -2) [ 2685.922494] Bluetooth: hci1: command 0x0409 tx timeout [ 2687.970449] Bluetooth: hci1: command 0x041b tx timeout [ 2690.018544] Bluetooth: hci1: command 0x040f tx timeout VM DIAGNOSIS: 11:49:50 Registers: info registers vcpu 0 RAX=fffff94000201787 RBX=0000000000000003 RCX=ffffffff815667fd RDX=fffff94000201787 RSI=0000000000000004 RDI=ffffea000100bc34 RBP=fffff94000201786 RSP=ffff88803dc1f8d0 R8 =0000000000000001 R9 =ffffea000100bc37 R10=fffff94000201786 R11=0000000000000001 R12=ffffea000100bc34 R13=dffffc0000000000 R14=ffff8880442f33e8 R15=ffffea000100bc00 RIP=ffffffff816c1767 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ff91ceb3fb8 CR3=0000000004e26000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=636578650a3a73656d69742031312064 XMM02=6174732074697865203a3520726f7475 XMM03=203a4c4941465a59530a373620737574 XMM04=45534e5554286c74636f69203a6e7574 XMM05=6528200a64656c696166202946464954 XMM06=20656369766544203a3631206f6e7272 XMM07=7973756220656372756f73657220726f XMM08=2074697865203a3520726f7475636578 XMM09=4941465a59530a373620737574617473 XMM10=5554286c74636f69203a6e7574203a4c XMM11=0a64656c69616620294646495445534e XMM12=69766544203a3631206f6e7272652820 XMM13=6220656372756f73657220726f206563 XMM14=64657469786520706f6f6c0a29797375 XMM15=0a373620737574617473206874697720 info registers vcpu 1 RAX=0000000000000000 RBX=ffffffff8593bde4 RCX=ffffffff84000c81 RDX=0000000000000000 RSI=ffffffff85d39fb0 RDI=ffffffff8593bdb4 RBP=ffffffff8593bde8 RSP=ffff88806cf09938 R8 =ffffffff85d39fb0 R9 =ffffffff85d3a064 R10=0000000000032041 R11=1ffff1100d9e1338 R12=ffffffff8593bde8 R13=ffffffff8593bdb4 R14=ffffffff8593bde4 R15=dffffc0000000000 RIP=ffffffff81105478 RFL=00000256 [---ZAP-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fcbb23e16f4 CR3=0000000018790000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=0000ff00000000000000ff0000000000 XMM02=ff000000000000ff0000000000000000 XMM03=ff0000000000000000ff000000000000 XMM04=0000000000ff00000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000