ndard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 540.626545] Call Trace: [ 540.627083] dump_stack+0x107/0x167 [ 540.627839] should_fail.cold+0x5/0xa [ 540.628659] ? create_object.isra.0+0x3a/0xa20 [ 540.629586] should_failslab+0x5/0x20 [ 540.630347] kmem_cache_alloc+0x5b/0x360 [ 540.631162] ? kfree+0x1b9/0x390 [ 540.631866] create_object.isra.0+0x3a/0xa20 [ 540.632756] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 540.633802] kmem_cache_alloc+0x159/0x360 [ 540.634632] ? lock_release+0x6b0/0x6b0 [ 540.635442] alloc_vfsmnt+0x23/0x680 [ 540.636198] clone_mnt+0x6c/0xce0 [ 540.636909] copy_tree+0xfe/0xa60 [ 540.637611] ? down_write_killable+0x180/0x180 [ 540.638553] copy_mnt_ns+0x144/0xa00 [ 540.639305] ? rcu_read_lock_sched_held+0x3e/0x80 [ 540.640291] ? kmem_cache_alloc+0x2b4/0x360 [ 540.641152] create_new_namespaces+0xd6/0xb20 [ 540.642068] copy_namespaces+0x39e/0x480 [ 540.642897] copy_process+0x2549/0x67d0 [ 540.643695] ? find_held_lock+0x2c/0x110 [ 540.644544] ? __cleanup_sighand+0xb0/0xb0 [ 540.645402] ? _copy_from_user+0xfb/0x1b0 [ 540.646243] kernel_clone+0xe7/0xa20 [ 540.646999] ? __lockdep_reset_lock+0x180/0x180 [ 540.647930] ? create_io_thread+0xf0/0xf0 [ 540.648803] ? ksys_write+0x21a/0x260 [ 540.649577] ? lock_downgrade+0x6d0/0x6d0 [ 540.650425] __do_sys_clone3+0x1e5/0x320 [ 540.651227] ? __do_sys_clone+0x110/0x110 [ 540.652087] ? rcu_read_lock_any_held+0x75/0xa0 [ 540.653007] ? vfs_write+0x354/0xa30 [ 540.653757] ? fput_many+0x2f/0x1a0 [ 540.654507] ? ksys_write+0x1a9/0x260 [ 540.655279] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 540.656336] ? syscall_enter_from_user_mode+0x1d/0x50 [ 540.657359] ? trace_hardirqs_on+0x5b/0x180 [ 540.658219] do_syscall_64+0x33/0x40 [ 540.658966] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 540.660099] RIP: 0033:0x7f48f386eb19 [ 540.661039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 540.665518] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 540.667402] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 540.668937] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 540.670356] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 540.671785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 540.673224] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:42:14 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) [ 540.754639] FAULT_INJECTION: forcing a failure. [ 540.754639] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 540.757451] CPU: 0 PID: 5955 Comm: syz-executor.4 Not tainted 5.10.164 #1 [ 540.758999] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 540.760859] Call Trace: [ 540.761451] dump_stack+0x107/0x167 [ 540.762270] should_fail.cold+0x5/0xa [ 540.763133] strncpy_from_user+0x34/0x470 [ 540.764091] getname_flags.part.0+0x95/0x4f0 [ 540.765090] getname+0x8e/0xd0 [ 540.765813] do_sys_openat2+0xf9/0x420 [ 540.766693] ? security_file_free+0xaa/0xd0 [ 540.767661] ? build_open_flags+0x6f0/0x6f0 [ 540.768634] ? kmem_cache_free+0x257/0x310 [ 540.769592] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 540.770759] ? call_rcu+0x3c2/0xa10 [ 540.771577] __x64_sys_openat+0x13f/0x1f0 [ 540.772520] ? __ia32_sys_open+0x1c0/0x1c0 [ 540.773473] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 540.774655] ? syscall_enter_from_user_mode+0x1d/0x50 [ 540.775805] do_syscall_64+0x33/0x40 [ 540.776656] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 540.777797] RIP: 0033:0x7f384e6a3a04 [ 540.778625] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 540.782702] RSP: 002b:00007f384bc45060 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 540.784405] RAX: ffffffffffffffda RBX: 00007f384e804020 RCX: 00007f384e6a3a04 [ 540.785990] RDX: 0000000000000000 RSI: 00007f384bc450f0 RDI: 00000000ffffff9c [ 540.787568] RBP: 00007f384bc450f0 R08: 0000000000000000 R09: 00007f384bc44f70 [ 540.789160] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 540.790745] R13: 00007ffe540b322f R14: 00007f384bc45300 R15: 0000000000022000 01:42:14 executing program 5: r0 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) 01:42:14 executing program 5: r0 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) 01:42:14 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') (fail_nth: 29) pipe2(&(0x7f0000000000), 0x0) 01:42:14 executing program 0: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) r3 = dup(r2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r3, 0xc04c5349, &(0x7f00000000c0)) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) syz_mount_image$nfs4(&(0x7f0000000040), &(0x7f0000000080)='./file1\x00', 0x708a, 0x6, &(0x7f0000000680)=[{&(0x7f00000002c0)="d225f666e82f6c1356496ba9ae37fc7a926db07747f271a6b485f70c57af844b424f3ad80576a719c354ed013f594ab9052224cadd4c617a5f3b451ec5e49e62cf734b99695376da9ed857170f146e177553b630ec8e25d986f606d796d72c0c8c9ee07d3c1467b6b6f32118bfeee2f89f8bcdb84ca921ba418c84189f3f7f5c25f460391b39c37689cbe49cee240ecb31d63dd8c5024a7e528c80ea5e428f48f54f229a7f579bf9fb26cda5e1e615cd18a6a85bfdbbf59263", 0xb9, 0x9}, {&(0x7f0000000380)="43f62c6d66c626a678e0af77c908a7dd433ed09ad6bdbb0de8a71ae9bd0e29c2ed76723892a61970969de693a89fd9e32b12622c0d48ec2ef290b90701e03028cc4eddab51877e73fcbe3b7ace85e22cd9dbaa1146993ab998c3c7a2feafd18cd5429a3ed657a53ae2eab1f64ca098ddfd0b7c10efdcd393dc5ee03bac40b0813b815e6745030078d379a085d72eccc54c79bd52dde253ddebe5ad17deec6abbe17e60ca7d5db108fd95c8cb0012", 0xae, 0x3}, {&(0x7f0000000440)="6affb1a9b5e866b86a139f70a926b68ea246f2031bc4c5548ecafa90f444b6dc395b0b937d92f441c0aab1e3c6110a0cdf7bb44d0bfc9889e9e7eb2624279e1c61b60e6321565892e76dd6e1cc64e4b4fea1bca1d716c08c8acb2ec3e32ba3cae6380b39b1e2a220cbe969f152127108913ea1404844e619163a20c805452a8d65d6fffcc52e588d133340f16d", 0x8d, 0x7fff}, {&(0x7f0000000940)="07c16bda4019d07949b1f253bb564068d6d3d85471b5560e38e5acec8c086d97383eabb12051b5d90c34e12debbb3ad0c24598c610dc1a0045a05f171cb730a5e259b60284e60b51a4da2d3f2cee9088cdf41fe89eeb43dfa58149f5aa27578e5c4edb66fc2992f6a8bcef04668ef4a2207a855d8c9a022816f23483c30697b727bf022419c294740402f01ca52e483989aaf2f19a6edc8dae0a5214f9e3ea94a208b0d820059af6fe9931b801ab53e29270b6f5738a07a164b283176c028539164774e00d61af84b08ed6b8e34826efb5ff0be6f022241d47dc8d5dc2d61d4dd0c62e961b402f2ad873520f912dc033a228a95f306feb9fc581285ed125c96a0f3ea3e04ce79ac95403a15873dc9abdcad893191e37453de00fd799cb9b05b831de7ab698b085f1e5f6a0b9d53322565546686d9e96c4ee6cb34d51c389a1ce79611e7cf2223e470d8d8c8d0aad7038a6c38adecfd2c4b7a22b58a03bea2a0b5653d64cc17a9554263fbc038d6deef98d0b20683b3ec3d0cdff6229e6503feaeec013635a98161317f2c5c76021e6d3646770845f9b20fcb9070368f01ecece11b876b73e132b2e6b905d30ffde9102728e726bb99f6565745b4a3ab597731fe3a4ba00bdc29b822fceb135c122eaebf1815a1451b687651353d4c9bcff0deb4444ca0577e567daf9813798f03f68128f9171e07ae1523937b7ef075c9c2a59bd8b0f9485549789bc263837c2f37c22fdf7ab79c2184b7e7e53a55dfa4bf35a4955a4c2dd0163e907c748e3d27d7ea7d9fdc8e4a8eac3f6f9763442fa1d7708706b818836a4dcef7cd1894c4d89b7fa5b8c955f6e5f7987f3d39da0cabd3277f9129dcaf7a04c0e68957f13f77c5300de2fa848011788cd39d32c490bfb05263739bd41baf118d004ae2c4ee52020022f8787233f75985cb4760ae27f91c6c92c1a6af46b6becc5d6e747305780a69bc231a015a281f3d1b0b4850857566dee514ef46f954b950d226360b0c9aa39949a6902479bc0ebb2756352743b58d911abf4a574d7e62b8b68037079f70539969636356473537315e54c95317cdbd30a1a3f6a92e514d850d2696ff0b2b07fbdc97381821e8cf6fb3b3f3ea539472d926971d8b9db729dfc0c540b89a6213ba959553c95e5011faac595240ab9f0cb4e6e0893e324d7159b6a4c86c570bb511a3119cbb1f82143a171a5305b7217f4c638ff6de2460829ce8b942c117c647bfc508d2bbb013ddd2c1d402f4baffc3585df58e640f986096dc4da8c027c2e525a6d9fa65cd87edf858452fff0d787ee99644e0479457ebca6e94104148ff0c96d8db6f83ac730228ff12f88831b818cfdee987d628f38d519116db71375454ffbfa71b630ae581c620c848d460109952854adcc5ddfb2d402a43b2bb396222b3e791b79050ff8e2e5936c6c6098c5d34a4f0ced73779f82dea6427c950f0edd46998dab24314b794dab1da3258725d0626284743f45ba0f25caec75ffc723331f13c486296f62d7b050e11dc789b40d7fed235bb37a4cdc182cfc2d154a21025ae0e0e80ec577114c535953e3629a150ea640ae510590aa00c8a9dcf34fee39f1bee47830fa9287a72131f2275c70bec452f54f09bd6526e5f3662302c82da40e82a73c8e2abc7c02e4f81c8720f437c2c6ee28dd00b46e5b560d9f4c798e814a26f9ad72d9bf06af7986e1ced2c167c27f2a81f0da133e8b2570437f006e816a2d96e17e7a18050fec3eb6c30f7a6c8734b7b37021c729211039d27267220bc5b0dcd00cd2780e8879af1daa445ceb5858e30fe570fcbdb9ccda9cc3e13f61957bf02290f46a7132922c4ad3ec7cfc2e948dfd4070c6589bb00bce6dcfc1ba6acb64cb0f00306c85891c61b057a134de14b9385d0f9bee40b4c05a14cdc24ba3b52288ce07ed62c164c22eaaf01d2c1d994b72ce229ec7e4b5c34a0594e157de8128c3cddefc8be640064e153a7c81a263969d54a2988f94fc2dba99489819181a8f8a340adc0fec7a1870dcf2937c1316168b61663f58e74f6bbe8c42710e68dc919f21fe4456df00876911636d55b94a94dbf47a038e9144a6985e334dbeb84fabe6832db73f5ccb54bbf27b35f460c213d7da058385cae9794032f161d5d927db138bef004cad741029aaf956bc7013b456168a8e1ff7c97ec4ac9a0dc9780f501dd615938bafe9555db7446d3c502ef952b1c8ca8482a04a3fc0193c78f6a04bbdab998c2965203e52cf7665ea0f1797c1abc1d43311c0b4d0f8d282dfadf98dbe4855f18182ac2020f3daa00c9aafa395006e8acc0804e1573db8ce64c5aa456fa3199ceb730159e8d12b6443b963f6670887ee2255d3b50516386e9c9567e9c00db77949df7519f5434d5517063c75420481e7f53be9a82dbafef5ed5cf3ff2450d8778cab40a24e2127577fb5a98ae2a5b1a9441e89dc7ab8009d5e149ec3c4d68601aab0c236cdf5cef11211ad9fb4a3e8549d33c2ee57841f1f447607ffa2029682856ac30601602729249bc750b8133f5d5ca3bb135da3387aa1e369c12630d6913d987eab4d966e02d049a39041f7ea531eb11f2cd45d26c5d76ae71077ccc9ced971c0560d4f3b86c4acae53bbdf73c2ae3a9ff2b1baf2822a9aebe7a39324d05cacc1dd5e1454bedb389109722f4412ab4e5c48e302323b36888bd2348a6adfbd5e354fb444bab5fdf953a885df6a71389c7fd0c6b893e5ce0f1d2e056739f473ab7234655cb86d4cb04fa046cfa9a5b9fd9fcf2ec20598f8cd29c4444af2e4a859fe17521dd82b1287a865cd47eea05c416e8aa8e3027e3601dd6c57c0a13d8f8425d7f2b5358140c1aa3c17666e1595a6dd7dd0158de80a2ca038d3be80f840174c33cb4a179b325a8d92610841ef69d5d5829344d13692002d6772b757953c5c2a2524c1108e34eb7745b5a0336423823f160980e32dbb1ff489146eaf2ab0e905db1f4f931a269a7dbeea7c4f4f98c3eb0089ffb0115feb88c2dfabe0bf70224ac99caa10aef23d4e41fe2e2243c7262b858af9221e37ea89afe088c2d0c294a3b900276f6f8b6581dd84fd54ef625da8740fce8032ab9d4411531e6c93d758dad1a03d1d7df4e6a6dfdac73c6c06335f422c38df971b463e0de89bc12a27651dc0c309631233a870bfc4b2d4beedac3b55540aec3df1bdcd1709e7e3da135e9a575cd34746379af74575dfaec49362392aed2a23d117a7aa6a49cee0b7f50ac0d3c11e6aa5ee46a1e33c55a6753429c079eeca3f05f8265ab1e33a80ce9aaa7724a3ba9c51eb3b8b100c24609cb4c539a4dd255e6fa2d3ae3b1b3ca2de15e5b80c0bd872f53e69bea82dfcc34c5e73d85c5f3f6fd7912e9a1fc081ffd5b95cc9ec60b028d5ad273c40d61e083c622c36a76cd525b1915cfe7571d4bf60dc45d1781cf9fbf268db7bcaa7cbdce081e1c0771726ed47d97275f9aa4dcb2e6022b3b6c34b5444df5af100f0c6e11bce764b8b8b92c04717e0ce4a73fe979819c811be5781f7bbcfad50b13d2dae6c7884ae01c2f544999bbe7aa4492f92911d22fcef9a0fbfe936446552f774591c76922e610fefb9165655c9fdadaed3226f05979f87a59870826647f13af37499b594daef95c7b66272170ae62d2f394ecf32401297c7f5528da08c28f9d2dadc0f08352007a638d352c9a8e2d1ae61ef20d99d2b5a13a69e314d0fc5a28a513784f363892199c07c21dea19267aef40364aaa6a3a777dba2321ec1fb28027068aa8fde5c3032e7bad6da8eaef82eb445988d515a687d645a9d09a1b316a539e3e21b5cdbf9ff26b6125c658f3957f58cca87bde0c6aa4114e256315f76fa9d64f24b233cb5745cb430671cd0abd086523e183fe8369c40b3856621cc7995425fbf444d9bb779a02fa5595c313900fe70011b3eae293264d0fe1c9cfea29e1ef4eec6970bbe1a426b867b55b971630830745164ce9f2d6daefcfd35a3c5e91bda55cf48c3d8673db3b7c174308cfc1d9cffd3549df8f8d9ea0ae3d7ce9802ed26fb0a87951d8304e6105ab8950fddadee3baa6091f34fed706d4a0e1ec18072f5525a048b567de5be46dcb859948242474245c624a78b3eaec2c3c1dee80d23282d2423956ee67dd3c88cd0a536a9d00a1222b38116cc83d2f661eb9bd358ca690bd2312f7fc7ec072e4b44bdefb8834fc89b2768b36bf46520d105928bfca353ffa2e41d1f3682d2427c76f1e075d057c0bb3884eddd4a09db6da8f2efb40de87f74c0acbd5c4ed20f83db93a138f51ea591bc6995b36b080a202304fc15e08052c29255d5177a3d437315474c6dcd7f17a27c5b57135f21c6787b4680537ed6a7bfdcf0605f74858eca47a8a25c8234a2668da045d0220d600872b15e3a699520aed417933d9274a9858820fd2b940a49f7fa22a4dd6c3a2b75adaf0968f92380690b6f81ad6643c63647bbcd95a2e2fae9fa8c31eeee67248ecdf24c081cf7db1d345ceb5eeeb1c6ccaaef0d215cf35a6e37bb5c64390a7454b4c9771085df134742bb284fa0d69b9f44bc493548eb43a8fe8c4226661e543d11e64841f008422c24480173e81643c1636c41800008fda6468b94fad8b4f104779ff451dd7be69e1868b6d49820e4691ca020a4f9a576d0cf292922b7ebdbb137f239db1cd739016cb669bb6a7e656faf5c5bf2a2ab080fa25900162b5c9474d38c42e9d2bfca3ade31cfb3c79089e249271706a5bdeee6a7138ca113f9ecaf97c03ee4bc4178f002451ae6ffc766bd39acb15dab6ab15e5cfd4af70d909145832abf1c1f83d0e003b83ce649f3b5812f1e1311996d75e538aa9cef5b6240fbd90ca4e870f7b143add3f36fa2a52898bf5aee6aa41bca30ba2c55c548f9949d9b42f2fa4858fee203543e604a49652deac4a724fec18a73d9360a15bf0d20aabd063cbc2a9a454733540a27e4adfa0c97a5698a88334d0950ccd43f22aada059f4b7a65a92e2d213bb47212cea140c1a9ae48c45bf09d99202f353aa78e81cf04eff9eb0d0478a8ff4ef01629e537206f27aabc2ae47360691f215e208a4f6a023b59ff45a24dec2dc18f82e86ed80b66b4011241937b03bfcb0f19bda2fd31d538db24ef2431af93656fdb74237dc74338f9330261d2355a97f885ee0ae88ac136c292ddfd2c43b43114c4355104a78dd0988c9b36254d3b5acb9c080f6c31c7b07192e8402d52d6990a1174e92d88a47c69261c125e3fe3f2a3167c03ae9b4a1d955700c4ca9f484e6ae73af17e1dbe996e86059150f804a831ab9b76bf12ddf42ca0487f2b95e35be47159864368658a9bde9e258440d46543f88f093bc7fee4ad8582645081653c2ac3f1e87784f5ac6dd658039c64dc9719ab1c43f6f58b21becea46f38e054487fd510432dc58b4e2542d651ac7634427557347d224907b8699bc46c1197a96b920974644bb2d643bb590743499478c1bc6836d97250ab5a05df8d2731946c76a0a73aa10c1ad2f6ddd5ca65f500d8bc8826c650d5b5b97c14150b3c633eebc3536204547997e61c28643de50dce9db4474020cac6d733cfba6a4b6671047e0b0e932d91f2b559dfb6174fd727d465633b1d0b6099c549e260256895036084fdd9a2dee3c0e747fc7b40c1b122279c92457878cb3702477db58d09d67254b1418f7a9f51f7ef31f006c50dbd646340804a3fd49a821d7509730cd650683113c7d4e69eb8a1fb22ed4e52a14d950baebb0173bc858613c7e7a7b62f56e6a0b81bf864f58270e0b93245bd8f2ee312175f5e3fe331edeb", 0x1000, 0x2}, {&(0x7f0000000500)="e0cb3e6a5a042e8abaee7042f2ce127562637eabb4b44f6aeafe51a8648834648549ebd48a09779b1cfef31f60d02bc052c3a1b04736bb70100acce1ebd9420df54fc9d2b10cfe7144dd64393efa7e9dcd5e0d2174ec53be7bd3401b6e078bd23a902c3630aef9d62c8b35e1fbfdc76930d08e25cb352bc3c7ed3403a63c8086ba3ad53eaf408928ddfd431663873bcb5df87c83c7adc66d81", 0x99, 0xa0d}, {&(0x7f00000005c0)="567bc97d72c4d3df0a50c42f23aeaf7dde978a0b82bf9fa383ee063a0f3bfd4a91bf2901232799de308f1e348f4c24b6de50e94c54ec19b7454e166becdd5918a23b643ba245ac356dac487f4feb49eac793dab5944dd4e6d38e3cbac3c66efbd0b8c52699527667a6a974615c6d450e36fa6340f6899e9cf6c5571e94db9e8e429c9d2bd35f976c2701682499411c6297f0cdff6c273dbdc1c3d0090c159b4277c18a6481fc5f2f0eb83c86b94237c421", 0xb1, 0x2}], 0x40012, &(0x7f0000000740)={[], [{@appraise_type}, {@fowner_eq={'fowner', 0x3d, 0xffffffffffffffff}}, {@dont_appraise}, {@euid_gt={'euid>', 0xee01}}]}) [ 541.041788] FAULT_INJECTION: forcing a failure. [ 541.041788] name failslab, interval 1, probability 0, space 0, times 0 [ 541.044129] CPU: 1 PID: 5967 Comm: syz-executor.4 Not tainted 5.10.164 #1 [ 541.045516] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 541.047200] Call Trace: [ 541.047747] dump_stack+0x107/0x167 [ 541.048516] should_fail.cold+0x5/0xa [ 541.049299] ? create_object.isra.0+0x3a/0xa20 [ 541.050228] should_failslab+0x5/0x20 [ 541.051002] kmem_cache_alloc+0x5b/0x360 [ 541.051829] create_object.isra.0+0x3a/0xa20 [ 541.052732] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 541.053766] kmem_cache_alloc+0x159/0x360 [ 541.054609] __alloc_file+0x21/0x320 [ 541.055370] alloc_empty_file+0x6d/0x170 [ 541.056207] path_openat+0xde/0x26d0 [ 541.056992] ? path_lookupat+0x860/0x860 [ 541.057821] ? perf_trace_lock+0xac/0x490 [ 541.058657] ? __lockdep_reset_lock+0x180/0x180 [ 541.059597] ? lock_acquire+0x197/0x490 [ 541.060421] ? __lockdep_reset_lock+0x180/0x180 [ 541.061376] do_filp_open+0x190/0x3e0 [ 541.062149] ? may_open_dev+0xf0/0xf0 [ 541.062923] ? __alloc_fd+0x2a5/0x620 [ 541.063689] ? lock_downgrade+0x6d0/0x6d0 [ 541.064543] ? rwlock_bug.part.0+0x90/0x90 [ 541.065415] ? _raw_spin_unlock+0x1a/0x30 [ 541.066250] ? __alloc_fd+0x2a5/0x620 [ 541.067053] do_sys_openat2+0x171/0x420 [ 541.067857] ? security_file_free+0xaa/0xd0 [ 541.068755] ? build_open_flags+0x6f0/0x6f0 [ 541.069632] ? kmem_cache_free+0x257/0x310 [ 541.070502] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 541.071563] ? call_rcu+0x3c2/0xa10 [ 541.072324] __x64_sys_openat+0x13f/0x1f0 [ 541.073169] ? __ia32_sys_open+0x1c0/0x1c0 [ 541.074037] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 541.075100] ? syscall_enter_from_user_mode+0x1d/0x50 [ 541.076193] do_syscall_64+0x33/0x40 [ 541.076953] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 541.077999] RIP: 0033:0x7f384e6a3a04 [ 541.078758] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 541.082681] RSP: 002b:00007f384bc66060 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 541.084234] RAX: ffffffffffffffda RBX: 00007f384e803f60 RCX: 00007f384e6a3a04 [ 541.085669] RDX: 0000000000000000 RSI: 00007f384bc660f0 RDI: 00000000ffffff9c [ 541.087112] RBP: 00007f384bc660f0 R08: 0000000000000000 R09: 00007f384bc65f70 [ 541.088573] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 541.090016] R13: 00007ffe540b322f R14: 00007f384bc66300 R15: 0000000000022000 01:42:14 executing program 0: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) r3 = dup(r2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r3, 0xc04c5349, &(0x7f00000000c0)) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) syz_mount_image$nfs4(&(0x7f0000000040), &(0x7f0000000080)='./file1\x00', 0x708a, 0x6, &(0x7f0000000680)=[{&(0x7f00000002c0)="d225f666e82f6c1356496ba9ae37fc7a926db07747f271a6b485f70c57af844b424f3ad80576a719c354ed013f594ab9052224cadd4c617a5f3b451ec5e49e62cf734b99695376da9ed857170f146e177553b630ec8e25d986f606d796d72c0c8c9ee07d3c1467b6b6f32118bfeee2f89f8bcdb84ca921ba418c84189f3f7f5c25f460391b39c37689cbe49cee240ecb31d63dd8c5024a7e528c80ea5e428f48f54f229a7f579bf9fb26cda5e1e615cd18a6a85bfdbbf59263", 0xb9, 0x9}, {&(0x7f0000000380)="43f62c6d66c626a678e0af77c908a7dd433ed09ad6bdbb0de8a71ae9bd0e29c2ed76723892a61970969de693a89fd9e32b12622c0d48ec2ef290b90701e03028cc4eddab51877e73fcbe3b7ace85e22cd9dbaa1146993ab998c3c7a2feafd18cd5429a3ed657a53ae2eab1f64ca098ddfd0b7c10efdcd393dc5ee03bac40b0813b815e6745030078d379a085d72eccc54c79bd52dde253ddebe5ad17deec6abbe17e60ca7d5db108fd95c8cb0012", 0xae, 0x3}, {&(0x7f0000000440)="6affb1a9b5e866b86a139f70a926b68ea246f2031bc4c5548ecafa90f444b6dc395b0b937d92f441c0aab1e3c6110a0cdf7bb44d0bfc9889e9e7eb2624279e1c61b60e6321565892e76dd6e1cc64e4b4fea1bca1d716c08c8acb2ec3e32ba3cae6380b39b1e2a220cbe969f152127108913ea1404844e619163a20c805452a8d65d6fffcc52e588d133340f16d", 0x8d, 0x7fff}, {&(0x7f0000000940)="07c16bda4019d07949b1f253bb564068d6d3d85471b5560e38e5acec8c086d97383eabb12051b5d90c34e12debbb3ad0c24598c610dc1a0045a05f171cb730a5e259b60284e60b51a4da2d3f2cee9088cdf41fe89eeb43dfa58149f5aa27578e5c4edb66fc2992f6a8bcef04668ef4a2207a855d8c9a022816f23483c30697b727bf022419c294740402f01ca52e483989aaf2f19a6edc8dae0a5214f9e3ea94a208b0d820059af6fe9931b801ab53e29270b6f5738a07a164b283176c028539164774e00d61af84b08ed6b8e34826efb5ff0be6f022241d47dc8d5dc2d61d4dd0c62e961b402f2ad873520f912dc033a228a95f306feb9fc581285ed125c96a0f3ea3e04ce79ac95403a15873dc9abdcad893191e37453de00fd799cb9b05b831de7ab698b085f1e5f6a0b9d53322565546686d9e96c4ee6cb34d51c389a1ce79611e7cf2223e470d8d8c8d0aad7038a6c38adecfd2c4b7a22b58a03bea2a0b5653d64cc17a9554263fbc038d6deef98d0b20683b3ec3d0cdff6229e6503feaeec013635a98161317f2c5c76021e6d3646770845f9b20fcb9070368f01ecece11b876b73e132b2e6b905d30ffde9102728e726bb99f6565745b4a3ab597731fe3a4ba00bdc29b822fceb135c122eaebf1815a1451b687651353d4c9bcff0deb4444ca0577e567daf9813798f03f68128f9171e07ae1523937b7ef075c9c2a59bd8b0f9485549789bc263837c2f37c22fdf7ab79c2184b7e7e53a55dfa4bf35a4955a4c2dd0163e907c748e3d27d7ea7d9fdc8e4a8eac3f6f9763442fa1d7708706b818836a4dcef7cd1894c4d89b7fa5b8c955f6e5f7987f3d39da0cabd3277f9129dcaf7a04c0e68957f13f77c5300de2fa848011788cd39d32c490bfb05263739bd41baf118d004ae2c4ee52020022f8787233f75985cb4760ae27f91c6c92c1a6af46b6becc5d6e747305780a69bc231a015a281f3d1b0b4850857566dee514ef46f954b950d226360b0c9aa39949a6902479bc0ebb2756352743b58d911abf4a574d7e62b8b68037079f70539969636356473537315e54c95317cdbd30a1a3f6a92e514d850d2696ff0b2b07fbdc97381821e8cf6fb3b3f3ea539472d926971d8b9db729dfc0c540b89a6213ba959553c95e5011faac595240ab9f0cb4e6e0893e324d7159b6a4c86c570bb511a3119cbb1f82143a171a5305b7217f4c638ff6de2460829ce8b942c117c647bfc508d2bbb013ddd2c1d402f4baffc3585df58e640f986096dc4da8c027c2e525a6d9fa65cd87edf858452fff0d787ee99644e0479457ebca6e94104148ff0c96d8db6f83ac730228ff12f88831b818cfdee987d628f38d519116db71375454ffbfa71b630ae581c620c848d460109952854adcc5ddfb2d402a43b2bb396222b3e791b79050ff8e2e5936c6c6098c5d34a4f0ced73779f82dea6427c950f0edd46998dab24314b794dab1da3258725d0626284743f45ba0f25caec75ffc723331f13c486296f62d7b050e11dc789b40d7fed235bb37a4cdc182cfc2d154a21025ae0e0e80ec577114c535953e3629a150ea640ae510590aa00c8a9dcf34fee39f1bee47830fa9287a72131f2275c70bec452f54f09bd6526e5f3662302c82da40e82a73c8e2abc7c02e4f81c8720f437c2c6ee28dd00b46e5b560d9f4c798e814a26f9ad72d9bf06af7986e1ced2c167c27f2a81f0da133e8b2570437f006e816a2d96e17e7a18050fec3eb6c30f7a6c8734b7b37021c729211039d27267220bc5b0dcd00cd2780e8879af1daa445ceb5858e30fe570fcbdb9ccda9cc3e13f61957bf02290f46a7132922c4ad3ec7cfc2e948dfd4070c6589bb00bce6dcfc1ba6acb64cb0f00306c85891c61b057a134de14b9385d0f9bee40b4c05a14cdc24ba3b52288ce07ed62c164c22eaaf01d2c1d994b72ce229ec7e4b5c34a0594e157de8128c3cddefc8be640064e153a7c81a263969d54a2988f94fc2dba99489819181a8f8a340adc0fec7a1870dcf2937c1316168b61663f58e74f6bbe8c42710e68dc919f21fe4456df00876911636d55b94a94dbf47a038e9144a6985e334dbeb84fabe6832db73f5ccb54bbf27b35f460c213d7da058385cae9794032f161d5d927db138bef004cad741029aaf956bc7013b456168a8e1ff7c97ec4ac9a0dc9780f501dd615938bafe9555db7446d3c502ef952b1c8ca8482a04a3fc0193c78f6a04bbdab998c2965203e52cf7665ea0f1797c1abc1d43311c0b4d0f8d282dfadf98dbe4855f18182ac2020f3daa00c9aafa395006e8acc0804e1573db8ce64c5aa456fa3199ceb730159e8d12b6443b963f6670887ee2255d3b50516386e9c9567e9c00db77949df7519f5434d5517063c75420481e7f53be9a82dbafef5ed5cf3ff2450d8778cab40a24e2127577fb5a98ae2a5b1a9441e89dc7ab8009d5e149ec3c4d68601aab0c236cdf5cef11211ad9fb4a3e8549d33c2ee57841f1f447607ffa2029682856ac30601602729249bc750b8133f5d5ca3bb135da3387aa1e369c12630d6913d987eab4d966e02d049a39041f7ea531eb11f2cd45d26c5d76ae71077ccc9ced971c0560d4f3b86c4acae53bbdf73c2ae3a9ff2b1baf2822a9aebe7a39324d05cacc1dd5e1454bedb389109722f4412ab4e5c48e302323b36888bd2348a6adfbd5e354fb444bab5fdf953a885df6a71389c7fd0c6b893e5ce0f1d2e056739f473ab7234655cb86d4cb04fa046cfa9a5b9fd9fcf2ec20598f8cd29c4444af2e4a859fe17521dd82b1287a865cd47eea05c416e8aa8e3027e3601dd6c57c0a13d8f8425d7f2b5358140c1aa3c17666e1595a6dd7dd0158de80a2ca038d3be80f840174c33cb4a179b325a8d92610841ef69d5d5829344d13692002d6772b757953c5c2a2524c1108e34eb7745b5a0336423823f160980e32dbb1ff489146eaf2ab0e905db1f4f931a269a7dbeea7c4f4f98c3eb0089ffb0115feb88c2dfabe0bf70224ac99caa10aef23d4e41fe2e2243c7262b858af9221e37ea89afe088c2d0c294a3b900276f6f8b6581dd84fd54ef625da8740fce8032ab9d4411531e6c93d758dad1a03d1d7df4e6a6dfdac73c6c06335f422c38df971b463e0de89bc12a27651dc0c309631233a870bfc4b2d4beedac3b55540aec3df1bdcd1709e7e3da135e9a575cd34746379af74575dfaec49362392aed2a23d117a7aa6a49cee0b7f50ac0d3c11e6aa5ee46a1e33c55a6753429c079eeca3f05f8265ab1e33a80ce9aaa7724a3ba9c51eb3b8b100c24609cb4c539a4dd255e6fa2d3ae3b1b3ca2de15e5b80c0bd872f53e69bea82dfcc34c5e73d85c5f3f6fd7912e9a1fc081ffd5b95cc9ec60b028d5ad273c40d61e083c622c36a76cd525b1915cfe7571d4bf60dc45d1781cf9fbf268db7bcaa7cbdce081e1c0771726ed47d97275f9aa4dcb2e6022b3b6c34b5444df5af100f0c6e11bce764b8b8b92c04717e0ce4a73fe979819c811be5781f7bbcfad50b13d2dae6c7884ae01c2f544999bbe7aa4492f92911d22fcef9a0fbfe936446552f774591c76922e610fefb9165655c9fdadaed3226f05979f87a59870826647f13af37499b594daef95c7b66272170ae62d2f394ecf32401297c7f5528da08c28f9d2dadc0f08352007a638d352c9a8e2d1ae61ef20d99d2b5a13a69e314d0fc5a28a513784f363892199c07c21dea19267aef40364aaa6a3a777dba2321ec1fb28027068aa8fde5c3032e7bad6da8eaef82eb445988d515a687d645a9d09a1b316a539e3e21b5cdbf9ff26b6125c658f3957f58cca87bde0c6aa4114e256315f76fa9d64f24b233cb5745cb430671cd0abd086523e183fe8369c40b3856621cc7995425fbf444d9bb779a02fa5595c313900fe70011b3eae293264d0fe1c9cfea29e1ef4eec6970bbe1a426b867b55b971630830745164ce9f2d6daefcfd35a3c5e91bda55cf48c3d8673db3b7c174308cfc1d9cffd3549df8f8d9ea0ae3d7ce9802ed26fb0a87951d8304e6105ab8950fddadee3baa6091f34fed706d4a0e1ec18072f5525a048b567de5be46dcb859948242474245c624a78b3eaec2c3c1dee80d23282d2423956ee67dd3c88cd0a536a9d00a1222b38116cc83d2f661eb9bd358ca690bd2312f7fc7ec072e4b44bdefb8834fc89b2768b36bf46520d105928bfca353ffa2e41d1f3682d2427c76f1e075d057c0bb3884eddd4a09db6da8f2efb40de87f74c0acbd5c4ed20f83db93a138f51ea591bc6995b36b080a202304fc15e08052c29255d5177a3d437315474c6dcd7f17a27c5b57135f21c6787b4680537ed6a7bfdcf0605f74858eca47a8a25c8234a2668da045d0220d600872b15e3a699520aed417933d9274a9858820fd2b940a49f7fa22a4dd6c3a2b75adaf0968f92380690b6f81ad6643c63647bbcd95a2e2fae9fa8c31eeee67248ecdf24c081cf7db1d345ceb5eeeb1c6ccaaef0d215cf35a6e37bb5c64390a7454b4c9771085df134742bb284fa0d69b9f44bc493548eb43a8fe8c4226661e543d11e64841f008422c24480173e81643c1636c41800008fda6468b94fad8b4f104779ff451dd7be69e1868b6d49820e4691ca020a4f9a576d0cf292922b7ebdbb137f239db1cd739016cb669bb6a7e656faf5c5bf2a2ab080fa25900162b5c9474d38c42e9d2bfca3ade31cfb3c79089e249271706a5bdeee6a7138ca113f9ecaf97c03ee4bc4178f002451ae6ffc766bd39acb15dab6ab15e5cfd4af70d909145832abf1c1f83d0e003b83ce649f3b5812f1e1311996d75e538aa9cef5b6240fbd90ca4e870f7b143add3f36fa2a52898bf5aee6aa41bca30ba2c55c548f9949d9b42f2fa4858fee203543e604a49652deac4a724fec18a73d9360a15bf0d20aabd063cbc2a9a454733540a27e4adfa0c97a5698a88334d0950ccd43f22aada059f4b7a65a92e2d213bb47212cea140c1a9ae48c45bf09d99202f353aa78e81cf04eff9eb0d0478a8ff4ef01629e537206f27aabc2ae47360691f215e208a4f6a023b59ff45a24dec2dc18f82e86ed80b66b4011241937b03bfcb0f19bda2fd31d538db24ef2431af93656fdb74237dc74338f9330261d2355a97f885ee0ae88ac136c292ddfd2c43b43114c4355104a78dd0988c9b36254d3b5acb9c080f6c31c7b07192e8402d52d6990a1174e92d88a47c69261c125e3fe3f2a3167c03ae9b4a1d955700c4ca9f484e6ae73af17e1dbe996e86059150f804a831ab9b76bf12ddf42ca0487f2b95e35be47159864368658a9bde9e258440d46543f88f093bc7fee4ad8582645081653c2ac3f1e87784f5ac6dd658039c64dc9719ab1c43f6f58b21becea46f38e054487fd510432dc58b4e2542d651ac7634427557347d224907b8699bc46c1197a96b920974644bb2d643bb590743499478c1bc6836d97250ab5a05df8d2731946c76a0a73aa10c1ad2f6ddd5ca65f500d8bc8826c650d5b5b97c14150b3c633eebc3536204547997e61c28643de50dce9db4474020cac6d733cfba6a4b6671047e0b0e932d91f2b559dfb6174fd727d465633b1d0b6099c549e260256895036084fdd9a2dee3c0e747fc7b40c1b122279c92457878cb3702477db58d09d67254b1418f7a9f51f7ef31f006c50dbd646340804a3fd49a821d7509730cd650683113c7d4e69eb8a1fb22ed4e52a14d950baebb0173bc858613c7e7a7b62f56e6a0b81bf864f58270e0b93245bd8f2ee312175f5e3fe331edeb", 0x1000, 0x2}, {&(0x7f0000000500)="e0cb3e6a5a042e8abaee7042f2ce127562637eabb4b44f6aeafe51a8648834648549ebd48a09779b1cfef31f60d02bc052c3a1b04736bb70100acce1ebd9420df54fc9d2b10cfe7144dd64393efa7e9dcd5e0d2174ec53be7bd3401b6e078bd23a902c3630aef9d62c8b35e1fbfdc76930d08e25cb352bc3c7ed3403a63c8086ba3ad53eaf408928ddfd431663873bcb5df87c83c7adc66d81", 0x99, 0xa0d}, {&(0x7f00000005c0)="567bc97d72c4d3df0a50c42f23aeaf7dde978a0b82bf9fa383ee063a0f3bfd4a91bf2901232799de308f1e348f4c24b6de50e94c54ec19b7454e166becdd5918a23b643ba245ac356dac487f4feb49eac793dab5944dd4e6d38e3cbac3c66efbd0b8c52699527667a6a974615c6d450e36fa6340f6899e9cf6c5571e94db9e8e429c9d2bd35f976c2701682499411c6297f0cdff6c273dbdc1c3d0090c159b4277c18a6481fc5f2f0eb83c86b94237c421", 0xb1, 0x2}], 0x40012, &(0x7f0000000740)={[], [{@appraise_type}, {@fowner_eq={'fowner', 0x3d, 0xffffffffffffffff}}, {@dont_appraise}, {@euid_gt={'euid>', 0xee01}}]}) 01:42:14 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) 01:42:14 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x0, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:42:14 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 41) 01:42:14 executing program 7: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) r3 = dup(r2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r3, 0xc04c5349, &(0x7f00000000c0)) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:42:14 executing program 2: r0 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) [ 541.212394] FAULT_INJECTION: forcing a failure. [ 541.212394] name failslab, interval 1, probability 0, space 0, times 0 [ 541.214752] CPU: 1 PID: 5979 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 541.216146] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 541.217831] Call Trace: [ 541.218379] dump_stack+0x107/0x167 [ 541.219128] should_fail.cold+0x5/0xa [ 541.219907] ? create_object.isra.0+0x3a/0xa20 [ 541.220851] should_failslab+0x5/0x20 [ 541.221629] kmem_cache_alloc+0x5b/0x360 [ 541.222466] create_object.isra.0+0x3a/0xa20 [ 541.223361] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 541.224411] kmem_cache_alloc+0x159/0x360 [ 541.225260] alloc_vfsmnt+0x23/0x680 [ 541.226023] clone_mnt+0x6c/0xce0 [ 541.226741] copy_tree+0xfe/0xa60 [ 541.227449] ? down_write_killable+0x180/0x180 [ 541.228398] copy_mnt_ns+0x144/0xa00 [ 541.229156] ? rcu_read_lock_sched_held+0x3e/0x80 [ 541.230159] ? kmem_cache_alloc+0x2b4/0x360 [ 541.231041] create_new_namespaces+0xd6/0xb20 [ 541.231960] copy_namespaces+0x39e/0x480 [ 541.232808] copy_process+0x2549/0x67d0 [ 541.233613] ? find_held_lock+0x2c/0x110 [ 541.234461] ? __cleanup_sighand+0xb0/0xb0 [ 541.235326] ? _copy_from_user+0xfb/0x1b0 [ 541.236185] kernel_clone+0xe7/0xa20 [ 541.236937] ? __lockdep_reset_lock+0x180/0x180 [ 541.237881] ? create_io_thread+0xf0/0xf0 [ 541.238733] ? ksys_write+0x21a/0x260 [ 541.239510] ? lock_downgrade+0x6d0/0x6d0 [ 541.240387] __do_sys_clone3+0x1e5/0x320 [ 541.241216] ? __do_sys_clone+0x110/0x110 [ 541.242080] ? rcu_read_lock_any_held+0x75/0xa0 [ 541.243017] ? vfs_write+0x354/0xa30 [ 541.243774] ? fput_many+0x2f/0x1a0 [ 541.244521] ? ksys_write+0x1a9/0x260 [ 541.245303] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 541.246366] ? syscall_enter_from_user_mode+0x1d/0x50 [ 541.247415] ? trace_hardirqs_on+0x5b/0x180 [ 541.248308] do_syscall_64+0x33/0x40 [ 541.249079] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 541.250130] RIP: 0033:0x7f48f386eb19 [ 541.250901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 541.254656] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 541.256225] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 541.257683] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 541.259137] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 541.260614] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 541.262061] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 [ 541.350756] cgroup: fork rejected by pids controller in /syz1 01:42:28 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x0, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:42:28 executing program 6: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) r3 = dup(r2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r3, 0xc04c5349, &(0x7f00000000c0)) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:42:28 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) 01:42:28 executing program 0: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) r3 = dup(r2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r3, 0xc04c5349, &(0x7f00000000c0)) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) syz_mount_image$nfs4(&(0x7f0000000040), &(0x7f0000000080)='./file1\x00', 0x708a, 0x6, &(0x7f0000000680)=[{&(0x7f00000002c0)="d225f666e82f6c1356496ba9ae37fc7a926db07747f271a6b485f70c57af844b424f3ad80576a719c354ed013f594ab9052224cadd4c617a5f3b451ec5e49e62cf734b99695376da9ed857170f146e177553b630ec8e25d986f606d796d72c0c8c9ee07d3c1467b6b6f32118bfeee2f89f8bcdb84ca921ba418c84189f3f7f5c25f460391b39c37689cbe49cee240ecb31d63dd8c5024a7e528c80ea5e428f48f54f229a7f579bf9fb26cda5e1e615cd18a6a85bfdbbf59263", 0xb9, 0x9}, {&(0x7f0000000380)="43f62c6d66c626a678e0af77c908a7dd433ed09ad6bdbb0de8a71ae9bd0e29c2ed76723892a61970969de693a89fd9e32b12622c0d48ec2ef290b90701e03028cc4eddab51877e73fcbe3b7ace85e22cd9dbaa1146993ab998c3c7a2feafd18cd5429a3ed657a53ae2eab1f64ca098ddfd0b7c10efdcd393dc5ee03bac40b0813b815e6745030078d379a085d72eccc54c79bd52dde253ddebe5ad17deec6abbe17e60ca7d5db108fd95c8cb0012", 0xae, 0x3}, {&(0x7f0000000440)="6affb1a9b5e866b86a139f70a926b68ea246f2031bc4c5548ecafa90f444b6dc395b0b937d92f441c0aab1e3c6110a0cdf7bb44d0bfc9889e9e7eb2624279e1c61b60e6321565892e76dd6e1cc64e4b4fea1bca1d716c08c8acb2ec3e32ba3cae6380b39b1e2a220cbe969f152127108913ea1404844e619163a20c805452a8d65d6fffcc52e588d133340f16d", 0x8d, 0x7fff}, {&(0x7f0000000940)="07c16bda4019d07949b1f253bb564068d6d3d85471b5560e38e5acec8c086d97383eabb12051b5d90c34e12debbb3ad0c24598c610dc1a0045a05f171cb730a5e259b60284e60b51a4da2d3f2cee9088cdf41fe89eeb43dfa58149f5aa27578e5c4edb66fc2992f6a8bcef04668ef4a2207a855d8c9a022816f23483c30697b727bf022419c294740402f01ca52e483989aaf2f19a6edc8dae0a5214f9e3ea94a208b0d820059af6fe9931b801ab53e29270b6f5738a07a164b283176c028539164774e00d61af84b08ed6b8e34826efb5ff0be6f022241d47dc8d5dc2d61d4dd0c62e961b402f2ad873520f912dc033a228a95f306feb9fc581285ed125c96a0f3ea3e04ce79ac95403a15873dc9abdcad893191e37453de00fd799cb9b05b831de7ab698b085f1e5f6a0b9d53322565546686d9e96c4ee6cb34d51c389a1ce79611e7cf2223e470d8d8c8d0aad7038a6c38adecfd2c4b7a22b58a03bea2a0b5653d64cc17a9554263fbc038d6deef98d0b20683b3ec3d0cdff6229e6503feaeec013635a98161317f2c5c76021e6d3646770845f9b20fcb9070368f01ecece11b876b73e132b2e6b905d30ffde9102728e726bb99f6565745b4a3ab597731fe3a4ba00bdc29b822fceb135c122eaebf1815a1451b687651353d4c9bcff0deb4444ca0577e567daf9813798f03f68128f9171e07ae1523937b7ef075c9c2a59bd8b0f9485549789bc263837c2f37c22fdf7ab79c2184b7e7e53a55dfa4bf35a4955a4c2dd0163e907c748e3d27d7ea7d9fdc8e4a8eac3f6f9763442fa1d7708706b818836a4dcef7cd1894c4d89b7fa5b8c955f6e5f7987f3d39da0cabd3277f9129dcaf7a04c0e68957f13f77c5300de2fa848011788cd39d32c490bfb05263739bd41baf118d004ae2c4ee52020022f8787233f75985cb4760ae27f91c6c92c1a6af46b6becc5d6e747305780a69bc231a015a281f3d1b0b4850857566dee514ef46f954b950d226360b0c9aa39949a6902479bc0ebb2756352743b58d911abf4a574d7e62b8b68037079f70539969636356473537315e54c95317cdbd30a1a3f6a92e514d850d2696ff0b2b07fbdc97381821e8cf6fb3b3f3ea539472d926971d8b9db729dfc0c540b89a6213ba959553c95e5011faac595240ab9f0cb4e6e0893e324d7159b6a4c86c570bb511a3119cbb1f82143a171a5305b7217f4c638ff6de2460829ce8b942c117c647bfc508d2bbb013ddd2c1d402f4baffc3585df58e640f986096dc4da8c027c2e525a6d9fa65cd87edf858452fff0d787ee99644e0479457ebca6e94104148ff0c96d8db6f83ac730228ff12f88831b818cfdee987d628f38d519116db71375454ffbfa71b630ae581c620c848d460109952854adcc5ddfb2d402a43b2bb396222b3e791b79050ff8e2e5936c6c6098c5d34a4f0ced73779f82dea6427c950f0edd46998dab24314b794dab1da3258725d0626284743f45ba0f25caec75ffc723331f13c486296f62d7b050e11dc789b40d7fed235bb37a4cdc182cfc2d154a21025ae0e0e80ec577114c535953e3629a150ea640ae510590aa00c8a9dcf34fee39f1bee47830fa9287a72131f2275c70bec452f54f09bd6526e5f3662302c82da40e82a73c8e2abc7c02e4f81c8720f437c2c6ee28dd00b46e5b560d9f4c798e814a26f9ad72d9bf06af7986e1ced2c167c27f2a81f0da133e8b2570437f006e816a2d96e17e7a18050fec3eb6c30f7a6c8734b7b37021c729211039d27267220bc5b0dcd00cd2780e8879af1daa445ceb5858e30fe570fcbdb9ccda9cc3e13f61957bf02290f46a7132922c4ad3ec7cfc2e948dfd4070c6589bb00bce6dcfc1ba6acb64cb0f00306c85891c61b057a134de14b9385d0f9bee40b4c05a14cdc24ba3b52288ce07ed62c164c22eaaf01d2c1d994b72ce229ec7e4b5c34a0594e157de8128c3cddefc8be640064e153a7c81a263969d54a2988f94fc2dba99489819181a8f8a340adc0fec7a1870dcf2937c1316168b61663f58e74f6bbe8c42710e68dc919f21fe4456df00876911636d55b94a94dbf47a038e9144a6985e334dbeb84fabe6832db73f5ccb54bbf27b35f460c213d7da058385cae9794032f161d5d927db138bef004cad741029aaf956bc7013b456168a8e1ff7c97ec4ac9a0dc9780f501dd615938bafe9555db7446d3c502ef952b1c8ca8482a04a3fc0193c78f6a04bbdab998c2965203e52cf7665ea0f1797c1abc1d43311c0b4d0f8d282dfadf98dbe4855f18182ac2020f3daa00c9aafa395006e8acc0804e1573db8ce64c5aa456fa3199ceb730159e8d12b6443b963f6670887ee2255d3b50516386e9c9567e9c00db77949df7519f5434d5517063c75420481e7f53be9a82dbafef5ed5cf3ff2450d8778cab40a24e2127577fb5a98ae2a5b1a9441e89dc7ab8009d5e149ec3c4d68601aab0c236cdf5cef11211ad9fb4a3e8549d33c2ee57841f1f447607ffa2029682856ac30601602729249bc750b8133f5d5ca3bb135da3387aa1e369c12630d6913d987eab4d966e02d049a39041f7ea531eb11f2cd45d26c5d76ae71077ccc9ced971c0560d4f3b86c4acae53bbdf73c2ae3a9ff2b1baf2822a9aebe7a39324d05cacc1dd5e1454bedb389109722f4412ab4e5c48e302323b36888bd2348a6adfbd5e354fb444bab5fdf953a885df6a71389c7fd0c6b893e5ce0f1d2e056739f473ab7234655cb86d4cb04fa046cfa9a5b9fd9fcf2ec20598f8cd29c4444af2e4a859fe17521dd82b1287a865cd47eea05c416e8aa8e3027e3601dd6c57c0a13d8f8425d7f2b5358140c1aa3c17666e1595a6dd7dd0158de80a2ca038d3be80f840174c33cb4a179b325a8d92610841ef69d5d5829344d13692002d6772b757953c5c2a2524c1108e34eb7745b5a0336423823f160980e32dbb1ff489146eaf2ab0e905db1f4f931a269a7dbeea7c4f4f98c3eb0089ffb0115feb88c2dfabe0bf70224ac99caa10aef23d4e41fe2e2243c7262b858af9221e37ea89afe088c2d0c294a3b900276f6f8b6581dd84fd54ef625da8740fce8032ab9d4411531e6c93d758dad1a03d1d7df4e6a6dfdac73c6c06335f422c38df971b463e0de89bc12a27651dc0c309631233a870bfc4b2d4beedac3b55540aec3df1bdcd1709e7e3da135e9a575cd34746379af74575dfaec49362392aed2a23d117a7aa6a49cee0b7f50ac0d3c11e6aa5ee46a1e33c55a6753429c079eeca3f05f8265ab1e33a80ce9aaa7724a3ba9c51eb3b8b100c24609cb4c539a4dd255e6fa2d3ae3b1b3ca2de15e5b80c0bd872f53e69bea82dfcc34c5e73d85c5f3f6fd7912e9a1fc081ffd5b95cc9ec60b028d5ad273c40d61e083c622c36a76cd525b1915cfe7571d4bf60dc45d1781cf9fbf268db7bcaa7cbdce081e1c0771726ed47d97275f9aa4dcb2e6022b3b6c34b5444df5af100f0c6e11bce764b8b8b92c04717e0ce4a73fe979819c811be5781f7bbcfad50b13d2dae6c7884ae01c2f544999bbe7aa4492f92911d22fcef9a0fbfe936446552f774591c76922e610fefb9165655c9fdadaed3226f05979f87a59870826647f13af37499b594daef95c7b66272170ae62d2f394ecf32401297c7f5528da08c28f9d2dadc0f08352007a638d352c9a8e2d1ae61ef20d99d2b5a13a69e314d0fc5a28a513784f363892199c07c21dea19267aef40364aaa6a3a777dba2321ec1fb28027068aa8fde5c3032e7bad6da8eaef82eb445988d515a687d645a9d09a1b316a539e3e21b5cdbf9ff26b6125c658f3957f58cca87bde0c6aa4114e256315f76fa9d64f24b233cb5745cb430671cd0abd086523e183fe8369c40b3856621cc7995425fbf444d9bb779a02fa5595c313900fe70011b3eae293264d0fe1c9cfea29e1ef4eec6970bbe1a426b867b55b971630830745164ce9f2d6daefcfd35a3c5e91bda55cf48c3d8673db3b7c174308cfc1d9cffd3549df8f8d9ea0ae3d7ce9802ed26fb0a87951d8304e6105ab8950fddadee3baa6091f34fed706d4a0e1ec18072f5525a048b567de5be46dcb859948242474245c624a78b3eaec2c3c1dee80d23282d2423956ee67dd3c88cd0a536a9d00a1222b38116cc83d2f661eb9bd358ca690bd2312f7fc7ec072e4b44bdefb8834fc89b2768b36bf46520d105928bfca353ffa2e41d1f3682d2427c76f1e075d057c0bb3884eddd4a09db6da8f2efb40de87f74c0acbd5c4ed20f83db93a138f51ea591bc6995b36b080a202304fc15e08052c29255d5177a3d437315474c6dcd7f17a27c5b57135f21c6787b4680537ed6a7bfdcf0605f74858eca47a8a25c8234a2668da045d0220d600872b15e3a699520aed417933d9274a9858820fd2b940a49f7fa22a4dd6c3a2b75adaf0968f92380690b6f81ad6643c63647bbcd95a2e2fae9fa8c31eeee67248ecdf24c081cf7db1d345ceb5eeeb1c6ccaaef0d215cf35a6e37bb5c64390a7454b4c9771085df134742bb284fa0d69b9f44bc493548eb43a8fe8c4226661e543d11e64841f008422c24480173e81643c1636c41800008fda6468b94fad8b4f104779ff451dd7be69e1868b6d49820e4691ca020a4f9a576d0cf292922b7ebdbb137f239db1cd739016cb669bb6a7e656faf5c5bf2a2ab080fa25900162b5c9474d38c42e9d2bfca3ade31cfb3c79089e249271706a5bdeee6a7138ca113f9ecaf97c03ee4bc4178f002451ae6ffc766bd39acb15dab6ab15e5cfd4af70d909145832abf1c1f83d0e003b83ce649f3b5812f1e1311996d75e538aa9cef5b6240fbd90ca4e870f7b143add3f36fa2a52898bf5aee6aa41bca30ba2c55c548f9949d9b42f2fa4858fee203543e604a49652deac4a724fec18a73d9360a15bf0d20aabd063cbc2a9a454733540a27e4adfa0c97a5698a88334d0950ccd43f22aada059f4b7a65a92e2d213bb47212cea140c1a9ae48c45bf09d99202f353aa78e81cf04eff9eb0d0478a8ff4ef01629e537206f27aabc2ae47360691f215e208a4f6a023b59ff45a24dec2dc18f82e86ed80b66b4011241937b03bfcb0f19bda2fd31d538db24ef2431af93656fdb74237dc74338f9330261d2355a97f885ee0ae88ac136c292ddfd2c43b43114c4355104a78dd0988c9b36254d3b5acb9c080f6c31c7b07192e8402d52d6990a1174e92d88a47c69261c125e3fe3f2a3167c03ae9b4a1d955700c4ca9f484e6ae73af17e1dbe996e86059150f804a831ab9b76bf12ddf42ca0487f2b95e35be47159864368658a9bde9e258440d46543f88f093bc7fee4ad8582645081653c2ac3f1e87784f5ac6dd658039c64dc9719ab1c43f6f58b21becea46f38e054487fd510432dc58b4e2542d651ac7634427557347d224907b8699bc46c1197a96b920974644bb2d643bb590743499478c1bc6836d97250ab5a05df8d2731946c76a0a73aa10c1ad2f6ddd5ca65f500d8bc8826c650d5b5b97c14150b3c633eebc3536204547997e61c28643de50dce9db4474020cac6d733cfba6a4b6671047e0b0e932d91f2b559dfb6174fd727d465633b1d0b6099c549e260256895036084fdd9a2dee3c0e747fc7b40c1b122279c92457878cb3702477db58d09d67254b1418f7a9f51f7ef31f006c50dbd646340804a3fd49a821d7509730cd650683113c7d4e69eb8a1fb22ed4e52a14d950baebb0173bc858613c7e7a7b62f56e6a0b81bf864f58270e0b93245bd8f2ee312175f5e3fe331edeb", 0x1000, 0x2}, {&(0x7f0000000500)="e0cb3e6a5a042e8abaee7042f2ce127562637eabb4b44f6aeafe51a8648834648549ebd48a09779b1cfef31f60d02bc052c3a1b04736bb70100acce1ebd9420df54fc9d2b10cfe7144dd64393efa7e9dcd5e0d2174ec53be7bd3401b6e078bd23a902c3630aef9d62c8b35e1fbfdc76930d08e25cb352bc3c7ed3403a63c8086ba3ad53eaf408928ddfd431663873bcb5df87c83c7adc66d81", 0x99, 0xa0d}, {&(0x7f00000005c0)="567bc97d72c4d3df0a50c42f23aeaf7dde978a0b82bf9fa383ee063a0f3bfd4a91bf2901232799de308f1e348f4c24b6de50e94c54ec19b7454e166becdd5918a23b643ba245ac356dac487f4feb49eac793dab5944dd4e6d38e3cbac3c66efbd0b8c52699527667a6a974615c6d450e36fa6340f6899e9cf6c5571e94db9e8e429c9d2bd35f976c2701682499411c6297f0cdff6c273dbdc1c3d0090c159b4277c18a6481fc5f2f0eb83c86b94237c421", 0xb1, 0x2}], 0x40012, &(0x7f0000000740)={[], [{@appraise_type}, {@fowner_eq={'fowner', 0x3d, 0xffffffffffffffff}}, {@dont_appraise}, {@euid_gt={'euid>', 0xee01}}]}) 01:42:28 executing program 2: r0 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) 01:42:28 executing program 7: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) r3 = dup(r2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r3, 0xc04c5349, &(0x7f00000000c0)) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:42:28 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 42) 01:42:28 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') (fail_nth: 30) pipe2(&(0x7f0000000000), 0x0) [ 555.109375] FAULT_INJECTION: forcing a failure. [ 555.109375] name failslab, interval 1, probability 0, space 0, times 0 [ 555.110705] CPU: 0 PID: 6008 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 555.111428] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 555.112332] Call Trace: [ 555.112627] dump_stack+0x107/0x167 [ 555.113020] should_fail.cold+0x5/0xa [ 555.113430] ? create_object.isra.0+0x3a/0xa20 [ 555.113923] should_failslab+0x5/0x20 [ 555.114330] kmem_cache_alloc+0x5b/0x360 [ 555.114765] ? find_held_lock+0x2c/0x110 [ 555.115199] create_object.isra.0+0x3a/0xa20 [ 555.115679] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 555.116247] kmem_cache_alloc+0x159/0x360 [ 555.116702] ? rwlock_bug.part.0+0x90/0x90 [ 555.117157] alloc_vfsmnt+0x23/0x680 [ 555.117559] clone_mnt+0x6c/0xce0 [ 555.117933] ? is_subdir+0x1a8/0x2e0 [ 555.118342] copy_tree+0x3b0/0xa60 [ 555.118738] copy_mnt_ns+0x144/0xa00 [ 555.119154] ? rcu_read_lock_sched_held+0x3e/0x80 [ 555.119698] ? kmem_cache_alloc+0x2b4/0x360 [ 555.120180] create_new_namespaces+0xd6/0xb20 [ 555.120686] copy_namespaces+0x39e/0x480 [ 555.121130] copy_process+0x2549/0x67d0 [ 555.121576] ? find_held_lock+0x2c/0x110 [ 555.122035] ? __cleanup_sighand+0xb0/0xb0 [ 555.122509] ? _copy_from_user+0xfb/0x1b0 [ 555.122970] kernel_clone+0xe7/0xa20 [ 555.123383] ? __lockdep_reset_lock+0x180/0x180 [ 555.123902] ? create_io_thread+0xf0/0xf0 [ 555.124381] ? ksys_write+0x21a/0x260 [ 555.124809] ? lock_downgrade+0x6d0/0x6d0 [ 555.125275] __do_sys_clone3+0x1e5/0x320 [ 555.125731] ? __do_sys_clone+0x110/0x110 [ 555.126206] ? rcu_read_lock_any_held+0x75/0xa0 [ 555.126727] ? vfs_write+0x354/0xa30 [ 555.127143] ? fput_many+0x2f/0x1a0 [ 555.127560] ? ksys_write+0x1a9/0x260 [ 555.127992] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 555.128584] ? syscall_enter_from_user_mode+0x1d/0x50 [ 555.129157] ? trace_hardirqs_on+0x5b/0x180 [ 555.129635] do_syscall_64+0x33/0x40 [ 555.130045] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 555.130618] RIP: 0033:0x7f48f386eb19 [ 555.131036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 555.133085] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 555.133934] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 555.134733] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 555.135541] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 555.136336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 555.137136] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:42:28 executing program 2: r0 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) 01:42:28 executing program 0: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) r3 = dup(r2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r3, 0xc04c5349, &(0x7f00000000c0)) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:42:28 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) 01:42:28 executing program 0: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) r3 = dup(r2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r3, 0xc04c5349, &(0x7f00000000c0)) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:42:28 executing program 7: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) r3 = dup(r2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r3, 0xc04c5349, &(0x7f00000000c0)) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:42:28 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) 01:42:28 executing program 0: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) r3 = dup(r2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r3, 0xc04c5349, &(0x7f00000000c0)) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:42:28 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) [ 555.259677] FAULT_INJECTION: forcing a failure. [ 555.259677] name failslab, interval 1, probability 0, space 0, times 0 [ 555.260951] CPU: 0 PID: 6006 Comm: syz-executor.4 Not tainted 5.10.164 #1 [ 555.261698] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 555.262609] Call Trace: [ 555.262915] dump_stack+0x107/0x167 [ 555.263327] should_fail.cold+0x5/0xa [ 555.263758] ? security_file_alloc+0x34/0x170 [ 555.264273] should_failslab+0x5/0x20 [ 555.264707] kmem_cache_alloc+0x5b/0x360 [ 555.265185] security_file_alloc+0x34/0x170 [ 555.265691] __alloc_file+0xb6/0x320 [ 555.266135] alloc_empty_file+0x6d/0x170 [ 555.266604] path_openat+0xde/0x26d0 [ 555.267050] ? path_lookupat+0x860/0x860 [ 555.267511] ? perf_trace_lock+0xac/0x490 [ 555.267980] ? __lockdep_reset_lock+0x180/0x180 [ 555.268521] ? lock_acquire+0x197/0x490 [ 555.268967] ? __lockdep_reset_lock+0x180/0x180 [ 555.269486] do_filp_open+0x190/0x3e0 [ 555.269901] ? may_open_dev+0xf0/0xf0 [ 555.270323] ? __alloc_fd+0x2a5/0x620 [ 555.270753] ? lock_downgrade+0x6d0/0x6d0 [ 555.271207] ? rwlock_bug.part.0+0x90/0x90 [ 555.271684] ? _raw_spin_unlock+0x1a/0x30 [ 555.272131] ? __alloc_fd+0x2a5/0x620 [ 555.272565] do_sys_openat2+0x171/0x420 [ 555.272998] ? security_file_free+0xaa/0xd0 [ 555.273474] ? build_open_flags+0x6f0/0x6f0 [ 555.273944] ? kmem_cache_free+0x257/0x310 [ 555.274413] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 555.274998] ? call_rcu+0x3c2/0xa10 [ 555.275398] __x64_sys_openat+0x13f/0x1f0 [ 555.275856] ? __ia32_sys_open+0x1c0/0x1c0 [ 555.276322] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 555.276903] ? syscall_enter_from_user_mode+0x1d/0x50 [ 555.277462] do_syscall_64+0x33/0x40 [ 555.277892] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 555.278484] RIP: 0033:0x7f384e6a3a04 [ 555.278907] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 555.280992] RSP: 002b:00007f384bc66060 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 555.281853] RAX: ffffffffffffffda RBX: 00007f384e803f60 RCX: 00007f384e6a3a04 [ 555.282649] RDX: 0000000000000000 RSI: 00007f384bc660f0 RDI: 00000000ffffff9c [ 555.283424] RBP: 00007f384bc660f0 R08: 0000000000000000 R09: 00007f384bc65f70 [ 555.284195] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 555.284983] R13: 00007ffe540b322f R14: 00007f384bc66300 R15: 0000000000022000 01:42:45 executing program 7: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) r3 = dup(r2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r3, 0xc04c5349, &(0x7f00000000c0)) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:42:45 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x0, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:42:45 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) 01:42:45 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) 01:42:45 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') (fail_nth: 31) pipe2(&(0x7f0000000000), 0x0) 01:42:45 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 43) [ 571.978350] FAULT_INJECTION: forcing a failure. [ 571.978350] name failslab, interval 1, probability 0, space 0, times 0 [ 571.979646] CPU: 0 PID: 6047 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 571.980398] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 571.981316] Call Trace: [ 571.981632] dump_stack+0x107/0x167 [ 571.982045] should_fail.cold+0x5/0xa [ 571.982474] should_failslab+0x5/0x20 [ 571.982897] __kmalloc_track_caller+0x79/0x3c0 [ 571.983398] ? kstrdup_const+0x53/0x80 [ 571.983843] kstrdup+0x36/0x70 [ 571.984206] kstrdup_const+0x53/0x80 [ 571.984624] alloc_vfsmnt+0xb5/0x680 [ 571.985048] clone_mnt+0x6c/0xce0 [ 571.985445] ? is_subdir+0x1a8/0x2e0 [ 571.985869] copy_tree+0x3b0/0xa60 [ 571.986277] copy_mnt_ns+0x144/0xa00 [ 571.986689] ? rcu_read_lock_sched_held+0x3e/0x80 01:42:45 executing program 6: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) r3 = dup(r2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r3, 0xc04c5349, &(0x7f00000000c0)) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 571.987219] ? kmem_cache_alloc+0x2b4/0x360 [ 571.987774] create_new_namespaces+0xd6/0xb20 [ 571.988272] copy_namespaces+0x39e/0x480 [ 571.988734] copy_process+0x2549/0x67d0 [ 571.989185] ? find_held_lock+0x2c/0x110 [ 571.989643] ? __cleanup_sighand+0xb0/0xb0 [ 571.990111] ? _copy_from_user+0xfb/0x1b0 [ 571.990577] kernel_clone+0xe7/0xa20 [ 571.990985] ? __lockdep_reset_lock+0x180/0x180 01:42:45 executing program 0: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) r3 = dup(r2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r3, 0xc04c5349, &(0x7f00000000c0)) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 571.991510] ? create_io_thread+0xf0/0xf0 [ 571.992020] ? ksys_write+0x21a/0x260 [ 571.992449] ? lock_downgrade+0x6d0/0x6d0 [ 571.992915] __do_sys_clone3+0x1e5/0x320 [ 571.993352] ? __do_sys_clone+0x110/0x110 [ 571.993821] ? rcu_read_lock_any_held+0x75/0xa0 [ 571.994337] ? vfs_write+0x354/0xa30 [ 571.994747] ? fput_many+0x2f/0x1a0 [ 571.995148] ? ksys_write+0x1a9/0x260 [ 571.995579] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 571.996161] ? syscall_enter_from_user_mode+0x1d/0x50 [ 571.996743] ? trace_hardirqs_on+0x5b/0x180 [ 571.997216] do_syscall_64+0x33/0x40 [ 571.997634] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 571.998198] RIP: 0033:0x7f48f386eb19 [ 571.998610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 572.000660] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 572.001490] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 572.002263] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 572.003036] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 572.003812] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 572.004600] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 [ 572.016744] FAULT_INJECTION: forcing a failure. [ 572.016744] name failslab, interval 1, probability 0, space 0, times 0 [ 572.018066] CPU: 0 PID: 6045 Comm: syz-executor.4 Not tainted 5.10.164 #1 [ 572.018877] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 572.019831] Call Trace: [ 572.020138] dump_stack+0x107/0x167 [ 572.020579] should_fail.cold+0x5/0xa [ 572.021007] ? create_object.isra.0+0x3a/0xa20 [ 572.021517] should_failslab+0x5/0x20 [ 572.021938] kmem_cache_alloc+0x5b/0x360 [ 572.022398] ? percpu_ref_put_many.constprop.0+0x4e/0x100 [ 572.023012] create_object.isra.0+0x3a/0xa20 [ 572.023497] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 572.024068] kmem_cache_alloc+0x159/0x360 [ 572.024551] security_file_alloc+0x34/0x170 [ 572.025035] __alloc_file+0xb6/0x320 [ 572.025475] alloc_empty_file+0x6d/0x170 [ 572.025953] path_openat+0xde/0x26d0 [ 572.026380] ? path_lookupat+0x860/0x860 [ 572.026834] ? perf_trace_lock+0xac/0x490 [ 572.027301] ? __lockdep_reset_lock+0x180/0x180 [ 572.027842] ? lock_acquire+0x197/0x490 [ 572.028302] ? __lockdep_reset_lock+0x180/0x180 [ 572.028845] do_filp_open+0x190/0x3e0 [ 572.029286] ? may_open_dev+0xf0/0xf0 [ 572.029715] ? __alloc_fd+0x2a5/0x620 [ 572.030153] ? lock_downgrade+0x6d0/0x6d0 [ 572.030619] ? rwlock_bug.part.0+0x90/0x90 [ 572.031120] ? _raw_spin_unlock+0x1a/0x30 [ 572.031593] ? __alloc_fd+0x2a5/0x620 [ 572.032032] do_sys_openat2+0x171/0x420 [ 572.032471] ? security_file_free+0xaa/0xd0 [ 572.032959] ? build_open_flags+0x6f0/0x6f0 [ 572.033460] ? kmem_cache_free+0x257/0x310 [ 572.033959] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 572.034573] ? call_rcu+0x3c2/0xa10 [ 572.034993] __x64_sys_openat+0x13f/0x1f0 [ 572.035450] ? __ia32_sys_open+0x1c0/0x1c0 [ 572.035936] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 572.036530] ? syscall_enter_from_user_mode+0x1d/0x50 [ 572.037112] do_syscall_64+0x33/0x40 [ 572.037528] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 572.038110] RIP: 0033:0x7f384e6a3a04 [ 572.038542] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 572.040656] RSP: 002b:00007f384bc66060 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 572.041506] RAX: ffffffffffffffda RBX: 00007f384e803f60 RCX: 00007f384e6a3a04 [ 572.042331] RDX: 0000000000000000 RSI: 00007f384bc660f0 RDI: 00000000ffffff9c [ 572.043120] RBP: 00007f384bc660f0 R08: 0000000000000000 R09: 00007f384bc65f70 [ 572.043916] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 572.044758] R13: 00007ffe540b322f R14: 00007f384bc66300 R15: 0000000000022000 01:42:45 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) 01:42:45 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) 01:42:45 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 44) 01:42:45 executing program 0: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) r3 = dup(r2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r3, 0xc04c5349, &(0x7f00000000c0)) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 572.171450] FAULT_INJECTION: forcing a failure. [ 572.171450] name failslab, interval 1, probability 0, space 0, times 0 [ 572.174162] CPU: 0 PID: 6064 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 572.175701] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 572.177586] Call Trace: [ 572.178192] dump_stack+0x107/0x167 [ 572.179023] should_fail.cold+0x5/0xa [ 572.179890] ? create_object.isra.0+0x3a/0xa20 [ 572.180969] should_failslab+0x5/0x20 [ 572.181818] kmem_cache_alloc+0x5b/0x360 [ 572.182757] create_object.isra.0+0x3a/0xa20 [ 572.183750] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 572.184911] __kmalloc_track_caller+0x177/0x3c0 [ 572.185965] ? kstrdup_const+0x53/0x80 [ 572.186866] kstrdup+0x36/0x70 [ 572.187606] kstrdup_const+0x53/0x80 [ 572.188475] alloc_vfsmnt+0xb5/0x680 [ 572.189329] clone_mnt+0x6c/0xce0 [ 572.190117] ? is_subdir+0x1a8/0x2e0 [ 572.190981] copy_tree+0x3b0/0xa60 [ 572.191814] copy_mnt_ns+0x144/0xa00 [ 572.192667] ? rcu_read_lock_sched_held+0x3e/0x80 [ 572.193752] ? kmem_cache_alloc+0x2b4/0x360 [ 572.194744] create_new_namespaces+0xd6/0xb20 [ 572.195780] copy_namespaces+0x39e/0x480 [ 572.196716] copy_process+0x2549/0x67d0 [ 572.197625] ? find_held_lock+0x2c/0x110 [ 572.198608] ? __cleanup_sighand+0xb0/0xb0 [ 572.199583] ? _copy_from_user+0xfb/0x1b0 [ 572.200551] kernel_clone+0xe7/0xa20 [ 572.201418] ? __lockdep_reset_lock+0x180/0x180 [ 572.202490] ? create_io_thread+0xf0/0xf0 [ 572.203458] ? ksys_write+0x21a/0x260 [ 572.204341] ? lock_downgrade+0x6d0/0x6d0 [ 572.205310] __do_sys_clone3+0x1e5/0x320 [ 572.206254] ? __do_sys_clone+0x110/0x110 [ 572.207190] ? rcu_read_lock_any_held+0x75/0xa0 [ 572.208155] ? vfs_write+0x354/0xa30 [ 572.208934] ? fput_many+0x2f/0x1a0 [ 572.209683] ? ksys_write+0x1a9/0x260 [ 572.210483] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 572.211560] ? syscall_enter_from_user_mode+0x1d/0x50 [ 572.212647] ? trace_hardirqs_on+0x5b/0x180 [ 572.213538] do_syscall_64+0x33/0x40 [ 572.214306] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 572.215366] RIP: 0033:0x7f48f386eb19 [ 572.216128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 572.219915] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 572.221480] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 572.222943] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 572.224386] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 572.225875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 572.227345] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 [ 591.466393] FAULT_INJECTION: forcing a failure. [ 591.466393] name failslab, interval 1, probability 0, space 0, times 0 [ 591.468887] CPU: 0 PID: 6078 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 591.470267] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 591.471961] Call Trace: [ 591.472512] dump_stack+0x107/0x167 [ 591.473283] should_fail.cold+0x5/0xa [ 591.474263] ? create_object.isra.0+0x3a/0xa20 [ 591.475208] should_failslab+0x5/0x20 [ 591.475974] kmem_cache_alloc+0x5b/0x360 [ 591.476817] create_object.isra.0+0x3a/0xa20 [ 591.477715] kmemleak_alloc_percpu+0xa0/0x100 [ 591.478631] pcpu_alloc+0x4e2/0x12f0 [ 591.479410] alloc_vfsmnt+0xfd/0x680 [ 591.480172] clone_mnt+0x6c/0xce0 [ 591.480889] ? is_subdir+0x1a8/0x2e0 [ 591.481650] copy_tree+0x3b0/0xa60 [ 591.482389] copy_mnt_ns+0x144/0xa00 [ 591.483150] ? rcu_read_lock_sched_held+0x3e/0x80 [ 591.484129] ? kmem_cache_alloc+0x2b4/0x360 [ 591.485029] create_new_namespaces+0xd6/0xb20 [ 591.485947] copy_namespaces+0x39e/0x480 [ 591.486774] copy_process+0x2549/0x67d0 [ 591.487582] ? find_held_lock+0x2c/0x110 [ 591.488429] ? __cleanup_sighand+0xb0/0xb0 [ 591.489313] ? _copy_from_user+0xfb/0x1b0 [ 591.490161] kernel_clone+0xe7/0xa20 [ 591.490917] ? __lockdep_reset_lock+0x180/0x180 [ 591.491860] ? create_io_thread+0xf0/0xf0 [ 591.492733] ? ksys_write+0x21a/0x260 [ 591.493506] ? lock_downgrade+0x6d0/0x6d0 [ 591.494358] __do_sys_clone3+0x1e5/0x320 [ 591.495181] ? __do_sys_clone+0x110/0x110 [ 591.496048] ? rcu_read_lock_any_held+0x75/0xa0 [ 591.496995] ? vfs_write+0x354/0xa30 [ 591.497754] ? fput_many+0x2f/0x1a0 [ 591.498491] ? ksys_write+0x1a9/0x260 [ 591.499272] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 591.500335] ? syscall_enter_from_user_mode+0x1d/0x50 [ 591.501389] ? trace_hardirqs_on+0x5b/0x180 [ 591.502267] do_syscall_64+0x33/0x40 [ 591.503023] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 591.504059] RIP: 0033:0x7f48f386eb19 [ 591.504830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 591.508561] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 591.510111] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 591.511552] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 591.513001] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 591.514442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 591.515886] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:43:04 executing program 0: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) r3 = dup(r2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r3, 0xc04c5349, &(0x7f00000000c0)) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:43:04 executing program 7: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) r3 = dup(r2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r3, 0xc04c5349, &(0x7f00000000c0)) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:43:04 executing program 6: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:43:04 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) 01:43:04 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') (fail_nth: 32) pipe2(&(0x7f0000000000), 0x0) 01:43:04 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) 01:43:04 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x0, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:43:04 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 45) 01:43:04 executing program 6: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r2) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:43:04 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(0xffffffffffffffff, 0x0, r0, 0x0, 0x200f5ef, 0x0) 01:43:04 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x200f5ef, 0x0) 01:43:05 executing program 6: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r2) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 591.619929] FAULT_INJECTION: forcing a failure. [ 591.619929] name failslab, interval 1, probability 0, space 0, times 0 [ 591.622283] CPU: 0 PID: 6087 Comm: syz-executor.4 Not tainted 5.10.164 #1 [ 591.623686] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 591.625423] Call Trace: [ 591.625987] dump_stack+0x107/0x167 [ 591.626731] should_fail.cold+0x5/0xa [ 591.627527] ? proc_thread_self_get_link+0x1a8/0x210 [ 591.628582] should_failslab+0x5/0x20 [ 591.629392] kmem_cache_alloc_trace+0x55/0x360 [ 591.630338] proc_thread_self_get_link+0x1a8/0x210 [ 591.631350] ? proc_setup_self+0x390/0x390 [ 591.632234] step_into+0x157c/0x1cb0 [ 591.633026] ? lookup_fast+0x6e0/0x6e0 [ 591.633836] ? try_to_unlazy_next+0x4a0/0x4a0 [ 591.634768] walk_component+0x171/0x6a0 [ 591.635588] ? trace_hardirqs_on+0x5b/0x180 [ 591.636500] ? handle_dots.part.0+0x1540/0x1540 [ 591.637486] ? security_inode_permission+0xcb/0x100 [ 591.638536] link_path_walk.part.0+0x699/0xbf0 [ 591.639595] ? walk_component+0x6a0/0x6a0 [ 591.640452] ? percpu_counter_add_batch+0x8b/0x140 [ 591.641467] path_openat+0x255/0x26d0 [ 591.642256] ? path_lookupat+0x860/0x860 [ 591.643080] ? perf_trace_lock+0xac/0x490 [ 591.643922] ? __lockdep_reset_lock+0x180/0x180 [ 591.644885] ? lock_acquire+0x197/0x490 [ 591.645692] ? __lockdep_reset_lock+0x180/0x180 [ 591.646646] do_filp_open+0x190/0x3e0 [ 591.647415] ? may_open_dev+0xf0/0xf0 [ 591.648207] ? rwlock_bug.part.0+0x90/0x90 [ 591.649094] ? _raw_spin_unlock+0x1a/0x30 [ 591.649933] ? __alloc_fd+0x2a5/0x620 [ 591.650724] do_sys_openat2+0x171/0x420 [ 591.651531] ? security_file_free+0xaa/0xd0 [ 591.652441] ? build_open_flags+0x6f0/0x6f0 [ 591.653326] ? kmem_cache_free+0x257/0x310 [ 591.654194] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 591.655273] ? call_rcu+0x3c2/0xa10 [ 591.656058] __x64_sys_openat+0x13f/0x1f0 [ 591.656922] ? __ia32_sys_open+0x1c0/0x1c0 [ 591.657790] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 591.658854] ? syscall_enter_from_user_mode+0x1d/0x50 [ 591.659940] do_syscall_64+0x33/0x40 [ 591.660718] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 591.661763] RIP: 0033:0x7f384e6a3a04 [ 591.662520] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 591.666910] RSP: 002b:00007f384bc66060 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 591.668851] RAX: ffffffffffffffda RBX: 00007f384e803f60 RCX: 00007f384e6a3a04 [ 591.670324] RDX: 0000000000000000 RSI: 00007f384bc660f0 RDI: 00000000ffffff9c [ 591.671788] RBP: 00007f384bc660f0 R08: 0000000000000000 R09: 00007f384bc65f70 [ 591.673259] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 591.674725] R13: 00007ffe540b322f R14: 00007f384bc66300 R15: 0000000000022000 01:43:05 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(0xffffffffffffffff, 0x0, r0, 0x0, 0x200f5ef, 0x0) 01:43:05 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(0xffffffffffffffff, 0x0, r0, 0x0, 0x200f5ef, 0x0) 01:43:05 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x0, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:43:05 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(0xffffffffffffffff, 0x0, r0, 0x0, 0x200f5ef, 0x0) 01:43:22 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') (fail_nth: 33) pipe2(&(0x7f0000000000), 0x0) 01:43:22 executing program 6: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r2) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:43:22 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(0xffffffffffffffff, 0x0, r0, 0x0, 0x200f5ef, 0x0) 01:43:22 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r0, 0x0, 0xffffffffffffffff, 0x0, 0x200f5ef, 0x0) 01:43:22 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 46) 01:43:22 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:43:22 executing program 7: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) r3 = dup(r2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r3, 0xc04c5349, &(0x7f00000000c0)) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:43:22 executing program 0: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) r3 = dup(r2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r3, 0xc04c5349, &(0x7f00000000c0)) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 608.781536] FAULT_INJECTION: forcing a failure. [ 608.781536] name failslab, interval 1, probability 0, space 0, times 0 [ 608.784282] CPU: 1 PID: 6133 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 608.785832] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 608.787711] Call Trace: [ 608.788320] dump_stack+0x107/0x167 [ 608.789169] should_fail.cold+0x5/0xa [ 608.790036] ? create_object.isra.0+0x3a/0xa20 [ 608.791085] should_failslab+0x5/0x20 [ 608.791947] kmem_cache_alloc+0x5b/0x360 [ 608.792910] ? mark_held_locks+0x9e/0xe0 [ 608.793890] create_object.isra.0+0x3a/0xa20 [ 608.794944] kmemleak_alloc_percpu+0xa0/0x100 [ 608.796011] pcpu_alloc+0x4e2/0x12f0 [ 608.796938] alloc_vfsmnt+0xfd/0x680 [ 608.797832] clone_mnt+0x6c/0xce0 [ 608.798661] ? is_subdir+0x1a8/0x2e0 [ 608.799551] copy_tree+0x3b0/0xa60 [ 608.800427] copy_mnt_ns+0x144/0xa00 [ 608.801345] ? rcu_read_lock_sched_held+0x3e/0x80 [ 608.802502] ? kmem_cache_alloc+0x2b4/0x360 [ 608.803545] create_new_namespaces+0xd6/0xb20 [ 608.804628] copy_namespaces+0x39e/0x480 [ 608.805615] copy_process+0x2549/0x67d0 [ 608.806570] ? find_held_lock+0x2c/0x110 [ 608.807566] ? __cleanup_sighand+0xb0/0xb0 [ 608.808678] ? _copy_from_user+0xfb/0x1b0 [ 608.809636] kernel_clone+0xe7/0xa20 [ 608.810658] ? __lockdep_reset_lock+0x180/0x180 [ 608.811718] ? create_io_thread+0xf0/0xf0 [ 608.812764] ? ksys_write+0x21a/0x260 [ 608.813641] ? lock_downgrade+0x6d0/0x6d0 [ 608.814581] __do_sys_clone3+0x1e5/0x320 [ 608.815491] ? __do_sys_clone+0x110/0x110 [ 608.816445] ? rcu_read_lock_any_held+0x75/0xa0 [ 608.817495] ? vfs_write+0x354/0xa30 [ 608.818345] ? fput_many+0x2f/0x1a0 [ 608.819169] ? ksys_write+0x1a9/0x260 [ 608.820042] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 608.821237] ? syscall_enter_from_user_mode+0x1d/0x50 [ 608.822400] ? trace_hardirqs_on+0x5b/0x180 [ 608.823383] do_syscall_64+0x33/0x40 [ 608.824231] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 608.825404] RIP: 0033:0x7f48f386eb19 [ 608.826255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 608.830368] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 608.832074] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 608.833690] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 608.835294] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 608.836923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 608.838549] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 [ 608.849896] FAULT_INJECTION: forcing a failure. [ 608.849896] name failslab, interval 1, probability 0, space 0, times 0 01:43:22 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r0, 0x0, 0xffffffffffffffff, 0x0, 0x200f5ef, 0x0) 01:43:22 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:43:22 executing program 6: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 608.852591] CPU: 1 PID: 6132 Comm: syz-executor.4 Not tainted 5.10.164 #1 [ 608.854328] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 608.856191] Call Trace: [ 608.856799] dump_stack+0x107/0x167 [ 608.857650] should_fail.cold+0x5/0xa [ 608.858513] ? ___slab_alloc+0x155/0x700 [ 608.859440] ? create_object.isra.0+0x3a/0xa20 [ 608.860534] should_failslab+0x5/0x20 [ 608.861455] kmem_cache_alloc+0x5b/0x360 [ 608.862417] ? __task_pid_nr_ns+0x16a/0x490 [ 608.863446] create_object.isra.0+0x3a/0xa20 [ 608.864489] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 608.865715] kmem_cache_alloc_trace+0x151/0x360 [ 608.866834] proc_thread_self_get_link+0x1a8/0x210 [ 608.868007] ? proc_setup_self+0x390/0x390 [ 608.869031] step_into+0x157c/0x1cb0 [ 608.869935] ? lookup_fast+0x6e0/0x6e0 [ 608.870874] ? try_to_unlazy_next+0x4a0/0x4a0 [ 608.871963] walk_component+0x171/0x6a0 [ 608.872919] ? trace_hardirqs_on+0x5b/0x180 [ 608.873956] ? handle_dots.part.0+0x1540/0x1540 [ 608.875072] ? security_inode_permission+0xcb/0x100 [ 608.876274] link_path_walk.part.0+0x699/0xbf0 [ 608.877389] ? walk_component+0x6a0/0x6a0 [ 608.878367] ? percpu_counter_add_batch+0x8b/0x140 [ 608.879546] path_openat+0x255/0x26d0 [ 608.880469] ? path_lookupat+0x860/0x860 [ 608.881448] ? perf_trace_lock+0xac/0x490 [ 608.882428] ? __lockdep_reset_lock+0x180/0x180 [ 608.883529] ? lock_acquire+0x197/0x490 [ 608.884475] ? __lockdep_reset_lock+0x180/0x180 [ 608.885601] do_filp_open+0x190/0x3e0 [ 608.886501] ? may_open_dev+0xf0/0xf0 [ 608.887430] ? rwlock_bug.part.0+0x90/0x90 [ 608.888455] ? _raw_spin_unlock+0x1a/0x30 [ 608.889446] ? __alloc_fd+0x2a5/0x620 [ 608.890372] do_sys_openat2+0x171/0x420 [ 608.891331] ? security_file_free+0xaa/0xd0 [ 608.892358] ? build_open_flags+0x6f0/0x6f0 [ 608.893404] ? kmem_cache_free+0x257/0x310 [ 608.894418] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 608.895660] ? call_rcu+0x3c2/0xa10 [ 608.896528] __x64_sys_openat+0x13f/0x1f0 [ 608.897525] ? __ia32_sys_open+0x1c0/0x1c0 [ 608.898539] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 608.899778] ? syscall_enter_from_user_mode+0x1d/0x50 [ 608.901012] do_syscall_64+0x33/0x40 [ 608.901898] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 608.903109] RIP: 0033:0x7f384e6a3a04 [ 608.904004] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 608.908381] RSP: 002b:00007f384bc66060 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 608.910197] RAX: ffffffffffffffda RBX: 00007f384e803f60 RCX: 00007f384e6a3a04 [ 608.911880] RDX: 0000000000000000 RSI: 00007f384bc660f0 RDI: 00000000ffffff9c [ 608.913585] RBP: 00007f384bc660f0 R08: 0000000000000000 R09: 00007f384bc65f70 [ 608.915292] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 608.917000] R13: 00007ffe540b322f R14: 00007f384bc66300 R15: 0000000000022000 01:43:22 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(0xffffffffffffffff, 0x0, r0, 0x0, 0x200f5ef, 0x0) 01:43:22 executing program 6: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:43:22 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r0, 0x0, 0xffffffffffffffff, 0x0, 0x200f5ef, 0x0) 01:43:22 executing program 6: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:43:22 executing program 2: openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r0, 0x0, 0xffffffffffffffff, 0x0, 0x200f5ef, 0x0) 01:43:22 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') (fail_nth: 34) pipe2(&(0x7f0000000000), 0x0) 01:43:22 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x0, 0x0) [ 609.148410] FAULT_INJECTION: forcing a failure. [ 609.148410] name failslab, interval 1, probability 0, space 0, times 0 [ 609.151033] CPU: 1 PID: 6155 Comm: syz-executor.4 Not tainted 5.10.164 #1 [ 609.152674] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 609.154653] Call Trace: [ 609.155294] dump_stack+0x107/0x167 [ 609.156175] should_fail.cold+0x5/0xa [ 609.157105] ? __d_alloc+0x2a/0x990 [ 609.157986] should_failslab+0x5/0x20 [ 609.158917] kmem_cache_alloc+0x5b/0x360 [ 609.159897] __d_alloc+0x2a/0x990 [ 609.160744] d_alloc_parallel+0x111/0x1aa0 [ 609.161788] ? __d_lookup+0x3bf/0x710 [ 609.162705] ? lock_downgrade+0x6d0/0x6d0 [ 609.163701] ? find_held_lock+0x2c/0x110 [ 609.164684] ? __d_lookup_rcu+0x6b0/0x6b0 [ 609.165693] ? __d_lookup+0x3e8/0x710 [ 609.166609] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 609.167872] lookup_open.isra.0+0x926/0x1230 [ 609.168942] ? hashlen_string+0xf0/0xf0 [ 609.169943] path_openat+0x961/0x26d0 [ 609.170864] ? path_lookupat+0x860/0x860 [ 609.171829] ? perf_trace_lock+0xac/0x490 [ 609.172808] ? __lockdep_reset_lock+0x180/0x180 [ 609.173933] ? lock_acquire+0x197/0x490 [ 609.174887] ? __lockdep_reset_lock+0x180/0x180 [ 609.175999] do_filp_open+0x190/0x3e0 [ 609.176909] ? may_open_dev+0xf0/0xf0 [ 609.177834] ? simple_attr_release+0x50/0x50 [ 609.178895] ? _raw_spin_unlock+0x1a/0x30 [ 609.179878] ? __alloc_fd+0x2a5/0x620 [ 609.180800] do_sys_openat2+0x171/0x420 [ 609.181765] ? security_file_free+0xaa/0xd0 [ 609.182790] ? build_open_flags+0x6f0/0x6f0 [ 609.183804] ? kmem_cache_free+0x257/0x310 [ 609.184808] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 609.186048] ? call_rcu+0x3c2/0xa10 [ 609.186911] __x64_sys_openat+0x13f/0x1f0 [ 609.187886] ? __ia32_sys_open+0x1c0/0x1c0 [ 609.188906] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 609.190144] ? syscall_enter_from_user_mode+0x1d/0x50 [ 609.191368] do_syscall_64+0x33/0x40 [ 609.192245] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 609.193455] RIP: 0033:0x7f384e6a3a04 [ 609.194334] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 609.198629] RSP: 002b:00007f384bc66060 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 609.200402] RAX: ffffffffffffffda RBX: 00007f384e803f60 RCX: 00007f384e6a3a04 [ 609.202078] RDX: 0000000000000000 RSI: 00007f384bc660f0 RDI: 00000000ffffff9c [ 609.203734] RBP: 00007f384bc660f0 R08: 0000000000000000 R09: 00007f384bc65f70 [ 609.205397] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 609.207059] R13: 00007ffe540b322f R14: 00007f384bc66300 R15: 0000000000022000 01:43:37 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 47) 01:43:37 executing program 0: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:43:37 executing program 7: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) r3 = dup(r2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r3, 0xc04c5349, &(0x7f00000000c0)) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:43:37 executing program 6: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:43:37 executing program 2: openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r0, 0x0, 0xffffffffffffffff, 0x0, 0x200f5ef, 0x0) 01:43:37 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x0, 0x0) 01:43:37 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:43:37 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') (fail_nth: 35) pipe2(&(0x7f0000000000), 0x0) [ 624.275412] FAULT_INJECTION: forcing a failure. [ 624.275412] name failslab, interval 1, probability 0, space 0, times 0 [ 624.276756] CPU: 1 PID: 6181 Comm: syz-executor.4 Not tainted 5.10.164 #1 [ 624.277541] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 624.278474] Call Trace: [ 624.278780] dump_stack+0x107/0x167 [ 624.279194] should_fail.cold+0x5/0xa [ 624.279627] ? create_object.isra.0+0x3a/0xa20 [ 624.280144] should_failslab+0x5/0x20 [ 624.280577] kmem_cache_alloc+0x5b/0x360 [ 624.281059] create_object.isra.0+0x3a/0xa20 [ 624.281557] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 624.282138] kmem_cache_alloc+0x159/0x360 [ 624.282612] __d_alloc+0x2a/0x990 [ 624.283013] d_alloc_parallel+0x111/0x1aa0 [ 624.283495] ? __d_lookup+0x3bf/0x710 [ 624.283927] ? lock_downgrade+0x6d0/0x6d0 [ 624.284222] FAULT_INJECTION: forcing a failure. [ 624.284222] name failslab, interval 1, probability 0, space 0, times 0 [ 624.284393] ? find_held_lock+0x2c/0x110 [ 624.284414] ? __d_lookup_rcu+0x6b0/0x6b0 [ 624.287954] ? __d_lookup+0x3e8/0x710 [ 624.288424] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 624.289079] lookup_open.isra.0+0x926/0x1230 [ 624.289627] ? hashlen_string+0xf0/0xf0 [ 624.290140] path_openat+0x961/0x26d0 [ 624.290619] ? path_lookupat+0x860/0x860 [ 624.291113] ? perf_trace_lock+0xac/0x490 [ 624.291621] ? __lockdep_reset_lock+0x180/0x180 [ 624.292196] ? lock_acquire+0x197/0x490 [ 624.292687] ? __lockdep_reset_lock+0x180/0x180 [ 624.293268] do_filp_open+0x190/0x3e0 [ 624.293732] ? may_open_dev+0xf0/0xf0 [ 624.294209] ? simple_attr_release+0x50/0x50 [ 624.294752] ? _raw_spin_unlock+0x1a/0x30 [ 624.295248] ? __alloc_fd+0x2a5/0x620 [ 624.295716] do_sys_openat2+0x171/0x420 [ 624.296199] ? security_file_free+0xaa/0xd0 [ 624.296720] ? build_open_flags+0x6f0/0x6f0 [ 624.297260] ? kmem_cache_free+0x257/0x310 [ 624.297779] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 624.298425] ? call_rcu+0x3c2/0xa10 [ 624.298870] __x64_sys_openat+0x13f/0x1f0 [ 624.299372] ? __ia32_sys_open+0x1c0/0x1c0 [ 624.299890] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 624.300522] ? syscall_enter_from_user_mode+0x1d/0x50 [ 624.301159] do_syscall_64+0x33/0x40 [ 624.301611] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 624.302227] RIP: 0033:0x7f384e6a3a04 [ 624.302677] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 624.304898] RSP: 002b:00007f384bc66060 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 624.305838] RAX: ffffffffffffffda RBX: 00007f384e803f60 RCX: 00007f384e6a3a04 [ 624.306693] RDX: 0000000000000000 RSI: 00007f384bc660f0 RDI: 00000000ffffff9c [ 624.307551] RBP: 00007f384bc660f0 R08: 0000000000000000 R09: 00007f384bc65f70 [ 624.308410] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 624.309275] R13: 00007ffe540b322f R14: 00007f384bc66300 R15: 0000000000022000 [ 624.310163] CPU: 0 PID: 6182 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 624.311624] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 624.313468] Call Trace: [ 624.314074] dump_stack+0x107/0x167 01:43:37 executing program 6: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 624.314896] should_fail.cold+0x5/0xa [ 624.315847] ? alloc_vfsmnt+0x23/0x680 [ 624.316674] should_failslab+0x5/0x20 [ 624.317499] kmem_cache_alloc+0x5b/0x360 [ 624.318353] ? copy_tree+0x61a/0xa60 [ 624.319140] alloc_vfsmnt+0x23/0x680 [ 624.319924] clone_mnt+0x6c/0xce0 [ 624.320663] copy_tree+0x3b0/0xa60 [ 624.321436] copy_mnt_ns+0x144/0xa00 [ 624.322218] ? rcu_read_lock_sched_held+0x3e/0x80 [ 624.323230] ? kmem_cache_alloc+0x2b4/0x360 [ 624.324347] create_new_namespaces+0xd6/0xb20 [ 624.325312] copy_namespaces+0x39e/0x480 [ 624.326357] copy_process+0x2549/0x67d0 [ 624.327195] ? find_held_lock+0x2c/0x110 [ 624.328252] ? __cleanup_sighand+0xb0/0xb0 [ 624.329184] ? _copy_from_user+0xfb/0x1b0 [ 624.330253] kernel_clone+0xe7/0xa20 [ 624.331034] ? __lockdep_reset_lock+0x180/0x180 [ 624.332220] ? create_io_thread+0xf0/0xf0 [ 624.333125] ? ksys_write+0x21a/0x260 [ 624.334090] ? lock_downgrade+0x6d0/0x6d0 [ 624.334961] __do_sys_clone3+0x1e5/0x320 [ 624.335985] ? __do_sys_clone+0x110/0x110 [ 624.336881] ? rcu_read_lock_any_held+0x75/0xa0 [ 624.338063] ? vfs_write+0x354/0xa30 [ 624.338853] ? fput_many+0x2f/0x1a0 [ 624.339773] ? ksys_write+0x1a9/0x260 [ 624.340579] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 624.341925] ? syscall_enter_from_user_mode+0x1d/0x50 [ 624.343008] ? trace_hardirqs_on+0x5b/0x180 [ 624.344101] do_syscall_64+0x33/0x40 [ 624.344885] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 624.346189] RIP: 0033:0x7f48f386eb19 [ 624.346980] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 624.351629] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 624.353228] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 624.355015] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 624.356486] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 624.358292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 624.359767] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:43:37 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x0, 0x0) 01:43:37 executing program 6: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:43:37 executing program 2: openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r0, 0x0, 0xffffffffffffffff, 0x0, 0x200f5ef, 0x0) 01:43:37 executing program 0: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r2) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:43:37 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:43:37 executing program 6: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:43:37 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x0, 0x0) 01:43:37 executing program 0: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:43:37 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 48) [ 624.540033] FAULT_INJECTION: forcing a failure. [ 624.540033] name failslab, interval 1, probability 0, space 0, times 0 [ 624.541634] CPU: 1 PID: 6211 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 624.542533] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 624.543459] Call Trace: [ 624.543731] dump_stack+0x107/0x167 [ 624.544097] should_fail.cold+0x5/0xa [ 624.544478] ? create_object.isra.0+0x3a/0xa20 [ 624.544937] should_failslab+0x5/0x20 [ 624.545325] kmem_cache_alloc+0x5b/0x360 [ 624.545732] create_object.isra.0+0x3a/0xa20 [ 624.546172] kmemleak_alloc_percpu+0xa0/0x100 [ 624.546622] pcpu_alloc+0x4e2/0x12f0 [ 624.547004] alloc_vfsmnt+0xfd/0x680 [ 624.547379] clone_mnt+0x6c/0xce0 [ 624.547727] ? is_subdir+0x1a8/0x2e0 [ 624.548100] copy_tree+0x3b0/0xa60 [ 624.548463] copy_mnt_ns+0x144/0xa00 [ 624.548838] ? rcu_read_lock_sched_held+0x3e/0x80 [ 624.549324] ? kmem_cache_alloc+0x2b4/0x360 [ 624.549758] create_new_namespaces+0xd6/0xb20 [ 624.550210] copy_namespaces+0x39e/0x480 [ 624.550619] copy_process+0x2549/0x67d0 [ 624.551017] ? find_held_lock+0x2c/0x110 [ 624.551434] ? __cleanup_sighand+0xb0/0xb0 [ 624.551865] ? _copy_from_user+0xfb/0x1b0 [ 624.552283] kernel_clone+0xe7/0xa20 [ 624.552655] ? __lockdep_reset_lock+0x180/0x180 [ 624.553130] ? create_io_thread+0xf0/0xf0 [ 624.553560] ? ksys_write+0x21a/0x260 [ 624.553956] ? lock_downgrade+0x6d0/0x6d0 [ 624.554393] __do_sys_clone3+0x1e5/0x320 [ 624.554824] ? __do_sys_clone+0x110/0x110 [ 624.555268] ? rcu_read_lock_any_held+0x75/0xa0 [ 624.555757] ? vfs_write+0x354/0xa30 [ 624.556142] ? fput_many+0x2f/0x1a0 [ 624.556526] ? ksys_write+0x1a9/0x260 [ 624.556931] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 624.557487] ? syscall_enter_from_user_mode+0x1d/0x50 [ 624.558012] ? trace_hardirqs_on+0x5b/0x180 [ 624.558471] do_syscall_64+0x33/0x40 [ 624.558850] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 624.559384] RIP: 0033:0x7f48f386eb19 [ 624.559769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 624.561688] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 624.562473] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 624.563224] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 624.563975] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 624.564723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 624.565458] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:43:55 executing program 0: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:43:55 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') (fail_nth: 36) pipe2(&(0x7f0000000000), 0x0) 01:43:55 executing program 7: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:43:55 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x0, 0x0) 01:43:55 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:43:55 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 49) 01:43:55 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:43:55 executing program 5: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 641.804434] FAULT_INJECTION: forcing a failure. [ 641.804434] name failslab, interval 1, probability 0, space 0, times 0 [ 641.807043] CPU: 0 PID: 6225 Comm: syz-executor.4 Not tainted 5.10.164 #1 [ 641.808447] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 641.810181] Call Trace: [ 641.810743] dump_stack+0x107/0x167 [ 641.811510] should_fail.cold+0x5/0xa [ 641.812316] ? proc_alloc_inode+0x18/0x200 [ 641.813204] should_failslab+0x5/0x20 [ 641.813988] kmem_cache_alloc+0x5b/0x360 [ 641.814822] ? proc_free_inode+0x20/0x20 [ 641.815652] proc_alloc_inode+0x18/0x200 [ 641.816485] ? proc_free_inode+0x20/0x20 [ 641.817332] alloc_inode+0x63/0x240 [ 641.818074] new_inode+0x23/0x250 [ 641.818785] proc_get_inode+0x1e/0x820 [ 641.819584] proc_lookup_de+0x13a/0x220 [ 641.820398] proc_tgid_net_lookup+0x70/0x100 [ 641.821307] lookup_open.isra.0+0x763/0x1230 [ 641.822216] ? hashlen_string+0xf0/0xf0 [ 641.823071] path_openat+0x961/0x26d0 [ 641.823867] ? path_lookupat+0x860/0x860 [ 641.824701] ? perf_trace_lock+0xac/0x490 [ 641.825567] ? __lockdep_reset_lock+0x180/0x180 [ 641.826543] ? lock_acquire+0x197/0x490 [ 641.827375] ? __lockdep_reset_lock+0x180/0x180 [ 641.828352] do_filp_open+0x190/0x3e0 [ 641.829144] ? may_open_dev+0xf0/0xf0 [ 641.829975] ? simple_attr_release+0x50/0x50 [ 641.830910] ? _raw_spin_unlock+0x1a/0x30 [ 641.831773] ? __alloc_fd+0x2a5/0x620 [ 641.832557] do_sys_openat2+0x171/0x420 [ 641.833369] ? security_file_free+0xaa/0xd0 [ 641.834238] ? build_open_flags+0x6f0/0x6f0 [ 641.835102] ? kmem_cache_free+0x257/0x310 [ 641.835960] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 641.837023] ? call_rcu+0x3c2/0xa10 [ 641.837781] __x64_sys_openat+0x13f/0x1f0 [ 641.838648] ? __ia32_sys_open+0x1c0/0x1c0 [ 641.839531] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 641.840636] ? syscall_enter_from_user_mode+0x1d/0x50 [ 641.841748] do_syscall_64+0x33/0x40 [ 641.842516] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 641.843589] RIP: 0033:0x7f384e6a3a04 [ 641.844362] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 641.848204] RSP: 002b:00007f384bc66060 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 641.849776] RAX: ffffffffffffffda RBX: 00007f384e803f60 RCX: 00007f384e6a3a04 [ 641.851263] RDX: 0000000000000000 RSI: 00007f384bc660f0 RDI: 00000000ffffff9c [ 641.852754] RBP: 00007f384bc660f0 R08: 0000000000000000 R09: 00007f384bc65f70 [ 641.854259] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 641.855752] R13: 00007ffe540b322f R14: 00007f384bc66300 R15: 0000000000022000 [ 641.870013] FAULT_INJECTION: forcing a failure. [ 641.870013] name failslab, interval 1, probability 0, space 0, times 0 [ 641.872339] CPU: 1 PID: 6237 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 641.873739] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 641.875426] Call Trace: [ 641.875969] dump_stack+0x107/0x167 [ 641.876718] should_fail.cold+0x5/0xa [ 641.877532] should_failslab+0x5/0x20 [ 641.878304] __kmalloc_track_caller+0x79/0x3c0 [ 641.879229] ? kstrdup_const+0x53/0x80 [ 641.880037] kstrdup+0x36/0x70 [ 641.880689] kstrdup_const+0x53/0x80 [ 641.881460] alloc_vfsmnt+0xb5/0x680 [ 641.882222] clone_mnt+0x6c/0xce0 [ 641.882939] copy_tree+0x3b0/0xa60 [ 641.883675] copy_mnt_ns+0x144/0xa00 [ 641.884439] ? rcu_read_lock_sched_held+0x3e/0x80 [ 641.885441] ? kmem_cache_alloc+0x2b4/0x360 [ 641.886323] create_new_namespaces+0xd6/0xb20 [ 641.887243] copy_namespaces+0x39e/0x480 [ 641.888071] copy_process+0x2549/0x67d0 [ 641.888878] ? find_held_lock+0x2c/0x110 [ 641.889737] ? __cleanup_sighand+0xb0/0xb0 [ 641.890614] ? _copy_from_user+0xfb/0x1b0 [ 641.891471] kernel_clone+0xe7/0xa20 [ 641.892226] ? __lockdep_reset_lock+0x180/0x180 [ 641.893170] ? create_io_thread+0xf0/0xf0 [ 641.894037] ? ksys_write+0x21a/0x260 [ 641.894811] ? lock_downgrade+0x6d0/0x6d0 [ 641.895661] __do_sys_clone3+0x1e5/0x320 [ 641.896483] ? __do_sys_clone+0x110/0x110 [ 641.897358] ? rcu_read_lock_any_held+0x75/0xa0 [ 641.898295] ? vfs_write+0x354/0xa30 [ 641.899053] ? fput_many+0x2f/0x1a0 [ 641.899790] ? ksys_write+0x1a9/0x260 [ 641.900573] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 641.901647] ? syscall_enter_from_user_mode+0x1d/0x50 [ 641.902688] ? trace_hardirqs_on+0x5b/0x180 [ 641.903569] do_syscall_64+0x33/0x40 [ 641.904325] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 641.905381] RIP: 0033:0x7f48f386eb19 [ 641.906135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 641.909845] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 641.911382] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 641.912817] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 641.914265] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 641.915705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 641.917147] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:44:13 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') (fail_nth: 37) pipe2(&(0x7f0000000000), 0x0) 01:44:13 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 50) [ 660.094252] FAULT_INJECTION: forcing a failure. [ 660.094252] name failslab, interval 1, probability 0, space 0, times 0 [ 660.096634] CPU: 0 PID: 6246 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 660.098039] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 660.099736] Call Trace: [ 660.100285] dump_stack+0x107/0x167 [ 660.101037] should_fail.cold+0x5/0xa [ 660.101827] should_failslab+0x5/0x20 [ 660.102604] __kmalloc_track_caller+0x79/0x3c0 [ 660.103527] ? kstrdup_const+0x53/0x80 [ 660.104324] kstrdup+0x36/0x70 01:44:13 executing program 0: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:44:13 executing program 7: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r2) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:44:13 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000001340)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x0, 0x0) 01:44:13 executing program 5: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 660.105098] kstrdup_const+0x53/0x80 [ 660.105908] alloc_vfsmnt+0xb5/0x680 [ 660.106689] clone_mnt+0x6c/0xce0 [ 660.107383] copy_tree+0x3b0/0xa60 [ 660.108121] copy_mnt_ns+0x144/0xa00 [ 660.108866] ? rcu_read_lock_sched_held+0x3e/0x80 [ 660.109862] ? kmem_cache_alloc+0x2b4/0x360 [ 660.110727] create_new_namespaces+0xd6/0xb20 [ 660.111674] copy_namespaces+0x39e/0x480 [ 660.112484] copy_process+0x2549/0x67d0 [ 660.113294] ? find_held_lock+0x2c/0x110 [ 660.114142] ? __cleanup_sighand+0xb0/0xb0 [ 660.115053] ? _copy_from_user+0xfb/0x1b0 [ 660.115920] kernel_clone+0xe7/0xa20 [ 660.116713] ? __lockdep_reset_lock+0x180/0x180 [ 660.117720] ? create_io_thread+0xf0/0xf0 [ 660.118606] ? ksys_write+0x21a/0x260 [ 660.119391] ? lock_downgrade+0x6d0/0x6d0 [ 660.120260] __do_sys_clone3+0x1e5/0x320 [ 660.121074] ? __do_sys_clone+0x110/0x110 [ 660.121969] ? rcu_read_lock_any_held+0x75/0xa0 [ 660.122919] ? vfs_write+0x354/0xa30 [ 660.123687] ? fput_many+0x2f/0x1a0 [ 660.124447] ? ksys_write+0x1a9/0x260 [ 660.125238] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 660.126323] ? syscall_enter_from_user_mode+0x1d/0x50 [ 660.127375] ? trace_hardirqs_on+0x5b/0x180 [ 660.128263] do_syscall_64+0x33/0x40 [ 660.129039] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 660.130087] RIP: 0033:0x7f48f386eb19 [ 660.130856] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 660.134529] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 660.136073] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 660.137573] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 660.139152] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 660.140998] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 660.142836] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:44:13 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:44:13 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:44:13 executing program 5: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:44:13 executing program 7: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 660.188955] FAULT_INJECTION: forcing a failure. [ 660.188955] name failslab, interval 1, probability 0, space 0, times 0 [ 660.191331] CPU: 0 PID: 6263 Comm: syz-executor.4 Not tainted 5.10.164 #1 [ 660.192726] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 660.194426] Call Trace: [ 660.194966] dump_stack+0x107/0x167 [ 660.195708] should_fail.cold+0x5/0xa [ 660.196478] ? create_object.isra.0+0x3a/0xa20 [ 660.197401] should_failslab+0x5/0x20 [ 660.198190] kmem_cache_alloc+0x5b/0x360 [ 660.199018] create_object.isra.0+0x3a/0xa20 [ 660.199901] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 660.200928] kmem_cache_alloc+0x159/0x360 [ 660.201770] ? proc_free_inode+0x20/0x20 [ 660.202587] proc_alloc_inode+0x18/0x200 [ 660.203390] ? proc_free_inode+0x20/0x20 [ 660.204207] alloc_inode+0x63/0x240 [ 660.204936] new_inode+0x23/0x250 [ 660.205643] proc_get_inode+0x1e/0x820 [ 660.206417] proc_lookup_de+0x13a/0x220 [ 660.207228] proc_tgid_net_lookup+0x70/0x100 [ 660.208120] lookup_open.isra.0+0x763/0x1230 [ 660.209016] ? hashlen_string+0xf0/0xf0 [ 660.209869] path_openat+0x961/0x26d0 [ 660.210653] ? path_lookupat+0x860/0x860 [ 660.211470] ? perf_trace_lock+0xac/0x490 [ 660.212299] ? __lockdep_reset_lock+0x180/0x180 [ 660.213258] ? lock_acquire+0x197/0x490 [ 660.214071] ? __lockdep_reset_lock+0x180/0x180 [ 660.215001] do_filp_open+0x190/0x3e0 [ 660.215767] ? may_open_dev+0xf0/0xf0 [ 660.216544] ? simple_attr_release+0x50/0x50 [ 660.217463] ? _raw_spin_unlock+0x1a/0x30 [ 660.218330] ? __alloc_fd+0x2a5/0x620 [ 660.219256] do_sys_openat2+0x171/0x420 [ 660.220060] ? security_file_free+0xaa/0xd0 [ 660.220968] ? build_open_flags+0x6f0/0x6f0 [ 660.221843] ? kmem_cache_free+0x257/0x310 [ 660.222701] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 660.223740] ? call_rcu+0x3c2/0xa10 [ 660.224487] __x64_sys_openat+0x13f/0x1f0 [ 660.225346] ? __ia32_sys_open+0x1c0/0x1c0 [ 660.226214] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 660.227311] ? syscall_enter_from_user_mode+0x1d/0x50 [ 660.228361] do_syscall_64+0x33/0x40 [ 660.229116] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 660.230177] RIP: 0033:0x7f384e6a3a04 [ 660.230941] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 660.234667] RSP: 002b:00007f384bc66060 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 660.236248] RAX: ffffffffffffffda RBX: 00007f384e803f60 RCX: 00007f384e6a3a04 [ 660.237707] RDX: 0000000000000000 RSI: 00007f384bc660f0 RDI: 00000000ffffff9c [ 660.239160] RBP: 00007f384bc660f0 R08: 0000000000000000 R09: 00007f384bc65f70 [ 660.240612] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 660.242073] R13: 00007ffe540b322f R14: 00007f384bc66300 R15: 0000000000022000 01:44:29 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 51) 01:44:29 executing program 0: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:44:29 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 676.538102] FAULT_INJECTION: forcing a failure. [ 676.538102] name failslab, interval 1, probability 0, space 0, times 0 [ 676.540668] CPU: 1 PID: 6279 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 676.542085] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 676.543831] Call Trace: [ 676.544387] dump_stack+0x107/0x167 [ 676.545158] should_fail.cold+0x5/0xa [ 676.545946] should_failslab+0x5/0x20 [ 676.546747] __kmalloc_track_caller+0x79/0x3c0 [ 676.547695] ? kstrdup_const+0x53/0x80 [ 676.548506] kstrdup+0x36/0x70 [ 676.549173] kstrdup_const+0x53/0x80 [ 676.549950] alloc_vfsmnt+0xb5/0x680 [ 676.550733] clone_mnt+0x6c/0xce0 [ 676.551442] copy_tree+0x3b0/0xa60 [ 676.552178] copy_mnt_ns+0x144/0xa00 [ 676.552957] ? rcu_read_lock_sched_held+0x3e/0x80 [ 676.553937] ? kmem_cache_alloc+0x2b4/0x360 [ 676.554840] create_new_namespaces+0xd6/0xb20 [ 676.555774] copy_namespaces+0x39e/0x480 [ 676.556627] copy_process+0x2549/0x67d0 [ 676.557433] ? find_held_lock+0x2c/0x110 [ 676.558304] ? __cleanup_sighand+0xb0/0xb0 [ 676.559183] ? _copy_from_user+0xfb/0x1b0 [ 676.560075] kernel_clone+0xe7/0xa20 [ 676.560832] ? __lockdep_reset_lock+0x180/0x180 [ 676.561797] ? create_io_thread+0xf0/0xf0 [ 676.562666] ? ksys_write+0x21a/0x260 [ 676.563458] ? lock_downgrade+0x6d0/0x6d0 [ 676.564322] __do_sys_clone3+0x1e5/0x320 [ 676.565166] ? __do_sys_clone+0x110/0x110 [ 676.566050] ? rcu_read_lock_any_held+0x75/0xa0 [ 676.566985] ? vfs_write+0x354/0xa30 [ 676.567747] ? fput_many+0x2f/0x1a0 [ 676.568496] ? ksys_write+0x1a9/0x260 [ 676.569295] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 676.570410] ? syscall_enter_from_user_mode+0x1d/0x50 [ 676.571501] ? trace_hardirqs_on+0x5b/0x180 [ 676.572385] do_syscall_64+0x33/0x40 [ 676.573148] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 676.574222] RIP: 0033:0x7f48f386eb19 [ 676.574998] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 676.578782] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 676.580350] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 676.581822] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 676.583296] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 676.584748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 676.586205] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 [ 676.600131] FAULT_INJECTION: forcing a failure. [ 676.600131] name failslab, interval 1, probability 0, space 0, times 0 [ 676.602490] CPU: 1 PID: 6282 Comm: syz-executor.4 Not tainted 5.10.164 #1 [ 676.603922] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 676.605638] Call Trace: [ 676.606199] dump_stack+0x107/0x167 [ 676.606971] should_fail.cold+0x5/0xa [ 676.607772] ? security_inode_alloc+0x34/0x160 [ 676.608723] should_failslab+0x5/0x20 [ 676.609517] kmem_cache_alloc+0x5b/0x360 [ 676.610371] security_inode_alloc+0x34/0x160 [ 676.611316] inode_init_always+0xa4e/0xd10 [ 676.612206] ? proc_free_inode+0x20/0x20 [ 676.613037] alloc_inode+0x84/0x240 [ 676.613793] new_inode+0x23/0x250 [ 676.614515] proc_get_inode+0x1e/0x820 [ 676.615326] proc_lookup_de+0x13a/0x220 [ 676.616161] proc_tgid_net_lookup+0x70/0x100 [ 676.617084] lookup_open.isra.0+0x763/0x1230 [ 676.618001] ? hashlen_string+0xf0/0xf0 [ 676.618904] path_openat+0x961/0x26d0 [ 676.619720] ? path_lookupat+0x860/0x860 [ 676.620578] ? perf_trace_lock+0xac/0x490 [ 676.621429] ? __lockdep_reset_lock+0x180/0x180 [ 676.622406] ? lock_acquire+0x197/0x490 [ 676.623246] ? __lockdep_reset_lock+0x180/0x180 [ 676.624209] do_filp_open+0x190/0x3e0 [ 676.624995] ? may_open_dev+0xf0/0xf0 [ 676.625807] ? simple_attr_release+0x50/0x50 [ 676.626750] ? _raw_spin_unlock+0x1a/0x30 [ 676.627604] ? __alloc_fd+0x2a5/0x620 [ 676.628395] do_sys_openat2+0x171/0x420 [ 676.629200] ? security_file_free+0xaa/0xd0 [ 676.630085] ? build_open_flags+0x6f0/0x6f0 [ 676.630951] ? kmem_cache_free+0x257/0x310 [ 676.631848] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 676.632914] ? call_rcu+0x3c2/0xa10 [ 676.633706] __x64_sys_openat+0x13f/0x1f0 [ 676.634554] ? __ia32_sys_open+0x1c0/0x1c0 [ 676.635434] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 676.636557] ? syscall_enter_from_user_mode+0x1d/0x50 [ 676.637632] do_syscall_64+0x33/0x40 [ 676.638411] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 676.639469] RIP: 0033:0x7f384e6a3a04 [ 676.640229] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 676.644001] RSP: 002b:00007f384bc66060 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 676.645580] RAX: ffffffffffffffda RBX: 00007f384e803f60 RCX: 00007f384e6a3a04 [ 676.647061] RDX: 0000000000000000 RSI: 00007f384bc660f0 RDI: 00000000ffffff9c [ 676.648516] RBP: 00007f384bc660f0 R08: 0000000000000000 R09: 00007f384bc65f70 [ 676.649965] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 676.651409] R13: 00007ffe540b322f R14: 00007f384bc66300 R15: 0000000000022000 01:44:29 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') (fail_nth: 38) pipe2(&(0x7f0000000000), 0x0) 01:44:29 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), 0x0) syz_io_uring_submit(0x0, 0x0, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:44:29 executing program 2: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:44:29 executing program 7: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:44:30 executing program 5: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:44:30 executing program 5: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:44:30 executing program 2: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:44:30 executing program 7: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:44:30 executing program 5: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:44:30 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 52) 01:44:30 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') (fail_nth: 39) pipe2(&(0x7f0000000000), 0x0) 01:44:30 executing program 7: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 676.898908] FAULT_INJECTION: forcing a failure. [ 676.898908] name failslab, interval 1, probability 0, space 0, times 0 [ 676.901302] CPU: 1 PID: 6312 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 676.902689] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 676.904387] Call Trace: [ 676.904938] dump_stack+0x107/0x167 [ 676.905707] should_fail.cold+0x5/0xa [ 676.906488] ? create_object.isra.0+0x3a/0xa20 [ 676.907439] should_failslab+0x5/0x20 [ 676.908224] kmem_cache_alloc+0x5b/0x360 [ 676.909050] ? mark_held_locks+0x9e/0xe0 [ 676.909884] create_object.isra.0+0x3a/0xa20 [ 676.910791] kmemleak_alloc_percpu+0xa0/0x100 [ 676.911738] pcpu_alloc+0x4e2/0x12f0 [ 676.912531] alloc_vfsmnt+0xfd/0x680 [ 676.913293] clone_mnt+0x6c/0xce0 [ 676.914034] copy_tree+0x3b0/0xa60 [ 676.914774] copy_mnt_ns+0x144/0xa00 [ 676.915524] ? rcu_read_lock_sched_held+0x3e/0x80 [ 676.916498] ? kmem_cache_alloc+0x2b4/0x360 [ 676.917387] create_new_namespaces+0xd6/0xb20 [ 676.918313] copy_namespaces+0x39e/0x480 [ 676.919138] copy_process+0x2549/0x67d0 [ 676.919949] ? find_held_lock+0x2c/0x110 [ 676.920794] ? __cleanup_sighand+0xb0/0xb0 [ 676.921687] ? _copy_from_user+0xfb/0x1b0 [ 676.922546] kernel_clone+0xe7/0xa20 [ 676.923319] ? __lockdep_reset_lock+0x180/0x180 [ 676.924290] ? create_io_thread+0xf0/0xf0 [ 676.925157] ? ksys_write+0x21a/0x260 [ 676.925949] ? lock_downgrade+0x6d0/0x6d0 [ 676.926817] __do_sys_clone3+0x1e5/0x320 [ 676.927654] ? __do_sys_clone+0x110/0x110 [ 676.928555] ? rcu_read_lock_any_held+0x75/0xa0 [ 676.929523] ? vfs_write+0x354/0xa30 [ 676.930320] ? fput_many+0x2f/0x1a0 [ 676.931059] ? ksys_write+0x1a9/0x260 [ 676.931860] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 676.932952] ? syscall_enter_from_user_mode+0x1d/0x50 [ 676.934022] ? trace_hardirqs_on+0x5b/0x180 [ 676.934913] do_syscall_64+0x33/0x40 [ 676.935697] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 676.936760] RIP: 0033:0x7f48f386eb19 [ 676.937523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 676.941281] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 676.942878] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 676.944353] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 676.945847] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 676.947357] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 676.948813] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:44:30 executing program 5: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:44:30 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), 0x0) syz_io_uring_submit(0x0, 0x0, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) [ 676.977785] FAULT_INJECTION: forcing a failure. [ 676.977785] name failslab, interval 1, probability 0, space 0, times 0 [ 676.980419] CPU: 0 PID: 6314 Comm: syz-executor.4 Not tainted 5.10.164 #1 [ 676.982005] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 676.983858] Call Trace: [ 676.984418] dump_stack+0x107/0x167 [ 676.985278] should_fail.cold+0x5/0xa [ 676.986200] ? security_inode_alloc+0x34/0x160 [ 676.987279] should_failslab+0x5/0x20 [ 676.988173] kmem_cache_alloc+0x5b/0x360 [ 676.989141] security_inode_alloc+0x34/0x160 [ 676.990186] inode_init_always+0xa4e/0xd10 [ 676.991180] ? proc_free_inode+0x20/0x20 [ 676.992141] alloc_inode+0x84/0x240 [ 676.993001] new_inode+0x23/0x250 [ 676.993840] proc_get_inode+0x1e/0x820 [ 676.994773] proc_lookup_de+0x13a/0x220 [ 676.995726] proc_tgid_net_lookup+0x70/0x100 [ 676.996730] lookup_open.isra.0+0x763/0x1230 [ 676.997694] ? hashlen_string+0xf0/0xf0 [ 676.998695] path_openat+0x961/0x26d0 [ 676.999629] ? path_lookupat+0x860/0x860 [ 677.000605] ? perf_trace_lock+0xac/0x490 [ 677.001569] ? __lockdep_reset_lock+0x180/0x180 [ 677.002517] ? lock_acquire+0x197/0x490 [ 677.003346] ? __lockdep_reset_lock+0x180/0x180 [ 677.004321] do_filp_open+0x190/0x3e0 [ 677.005092] ? may_open_dev+0xf0/0xf0 [ 677.005906] ? simple_attr_release+0x50/0x50 [ 677.006833] ? _raw_spin_unlock+0x1a/0x30 [ 677.007674] ? __alloc_fd+0x2a5/0x620 [ 677.008480] do_sys_openat2+0x171/0x420 [ 677.009296] ? security_file_free+0xaa/0xd0 [ 677.010206] ? build_open_flags+0x6f0/0x6f0 [ 677.011093] ? kmem_cache_free+0x257/0x310 [ 677.011978] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 677.013062] ? call_rcu+0x3c2/0xa10 [ 677.013831] __x64_sys_openat+0x13f/0x1f0 [ 677.014703] ? __ia32_sys_open+0x1c0/0x1c0 [ 677.015592] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 677.016683] ? syscall_enter_from_user_mode+0x1d/0x50 [ 677.017780] do_syscall_64+0x33/0x40 [ 677.018563] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 677.019640] RIP: 0033:0x7f384e6a3a04 [ 677.020424] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 677.024288] RSP: 002b:00007f384bc66060 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 677.025907] RAX: ffffffffffffffda RBX: 00007f384e803f60 RCX: 00007f384e6a3a04 [ 677.027440] RDX: 0000000000000000 RSI: 00007f384bc660f0 RDI: 00000000ffffff9c [ 677.028932] RBP: 00007f384bc660f0 R08: 0000000000000000 R09: 00007f384bc65f70 [ 677.030452] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 677.031971] R13: 00007ffe540b322f R14: 00007f384bc66300 R15: 0000000000022000 01:44:46 executing program 5: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:44:46 executing program 7: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:44:46 executing program 2: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:44:46 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), 0x0) syz_io_uring_submit(0x0, 0x0, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:44:46 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 53) 01:44:46 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') (fail_nth: 40) pipe2(&(0x7f0000000000), 0x0) 01:44:46 executing program 0: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:44:46 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 693.452201] FAULT_INJECTION: forcing a failure. [ 693.452201] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 693.453791] CPU: 0 PID: 6331 Comm: syz-executor.4 Not tainted 5.10.164 #1 [ 693.454650] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 693.455712] Call Trace: [ 693.456060] dump_stack+0x107/0x167 [ 693.456522] should_fail.cold+0x5/0xa [ 693.457014] __alloc_pages_nodemask+0x182/0x680 [ 693.457596] ? __alloc_pages_slowpath.constprop.0+0x2220/0x2220 [ 693.458357] ? lock_downgrade+0x6d0/0x6d0 [ 693.458863] ? do_raw_spin_lock+0x121/0x260 [ 693.459395] ? rwlock_bug.part.0+0x90/0x90 [ 693.459924] alloc_pages_current+0x187/0x280 [ 693.460472] __get_free_pages+0xc/0xa0 [ 693.460979] inode_doinit_with_dentry+0x8f1/0x1240 [ 693.461595] ? __hrtimer_run_queues+0x457/0xb50 [ 693.462186] ? trace_ctxwake_print+0x2b0/0x410 [ 693.462774] ? selinux_file_lock+0x280/0x280 [ 693.463318] ? current_time+0x1e6/0x2c0 [ 693.463812] selinux_d_instantiate+0x23/0x30 [ 693.464359] security_d_instantiate+0x56/0xe0 [ 693.464919] d_splice_alias+0x8c/0xc60 [ 693.465408] proc_lookup_de+0x17d/0x220 [ 693.465937] proc_tgid_net_lookup+0x70/0x100 [ 693.466480] lookup_open.isra.0+0x763/0x1230 [ 693.467041] ? hashlen_string+0xf0/0xf0 [ 693.467569] path_openat+0x961/0x26d0 [ 693.468071] ? path_lookupat+0x860/0x860 [ 693.468597] ? perf_trace_lock+0xac/0x490 [ 693.469126] ? __lockdep_reset_lock+0x180/0x180 [ 693.469723] ? lock_acquire+0x197/0x490 [ 693.470241] ? __lockdep_reset_lock+0x180/0x180 [ 693.470844] do_filp_open+0x190/0x3e0 [ 693.471326] ? may_open_dev+0xf0/0xf0 [ 693.471829] ? simple_attr_release+0x50/0x50 [ 693.472398] ? _raw_spin_unlock+0x1a/0x30 [ 693.472924] ? __alloc_fd+0x2a5/0x620 [ 693.473422] do_sys_openat2+0x171/0x420 [ 693.473935] ? security_file_free+0xaa/0xd0 [ 693.474486] ? build_open_flags+0x6f0/0x6f0 [ 693.475038] ? kmem_cache_free+0x257/0x310 [ 693.475590] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 693.476266] ? call_rcu+0x3c2/0xa10 [ 693.476742] __x64_sys_openat+0x13f/0x1f0 [ 693.477267] ? __ia32_sys_open+0x1c0/0x1c0 [ 693.477823] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 693.478486] ? syscall_enter_from_user_mode+0x1d/0x50 [ 693.479145] do_syscall_64+0x33/0x40 [ 693.479618] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 693.480245] RIP: 0033:0x7f384e6a3a04 [ 693.480707] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 693.482938] RSP: 002b:00007f384bc66060 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 693.483895] RAX: ffffffffffffffda RBX: 00007f384e803f60 RCX: 00007f384e6a3a04 [ 693.484797] RDX: 0000000000000000 RSI: 00007f384bc660f0 RDI: 00000000ffffff9c [ 693.485684] RBP: 00007f384bc660f0 R08: 0000000000000000 R09: 00007f384bc65f70 [ 693.486601] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 693.487508] R13: 00007ffe540b322f R14: 00007f384bc66300 R15: 0000000000022000 01:44:46 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 693.512128] FAULT_INJECTION: forcing a failure. [ 693.512128] name failslab, interval 1, probability 0, space 0, times 0 [ 693.514746] CPU: 1 PID: 6345 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 693.516302] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 693.518197] Call Trace: [ 693.518816] dump_stack+0x107/0x167 [ 693.519651] should_fail.cold+0x5/0xa [ 693.520496] ? alloc_vfsmnt+0x23/0x680 [ 693.521382] should_failslab+0x5/0x20 [ 693.522270] kmem_cache_alloc+0x5b/0x360 [ 693.523203] ? copy_tree+0x61a/0xa60 [ 693.524056] alloc_vfsmnt+0x23/0x680 [ 693.524913] clone_mnt+0x6c/0xce0 [ 693.525703] copy_tree+0x3b0/0xa60 [ 693.526521] copy_mnt_ns+0x144/0xa00 [ 693.527387] ? rcu_read_lock_sched_held+0x3e/0x80 [ 693.528481] ? kmem_cache_alloc+0x2b4/0x360 [ 693.529457] create_new_namespaces+0xd6/0xb20 [ 693.530529] copy_namespaces+0x39e/0x480 [ 693.531476] copy_process+0x2549/0x67d0 [ 693.532388] ? find_held_lock+0x2c/0x110 [ 693.533347] ? __cleanup_sighand+0xb0/0xb0 [ 693.534351] ? _copy_from_user+0xfb/0x1b0 [ 693.535336] kernel_clone+0xe7/0xa20 [ 693.536188] ? __lockdep_reset_lock+0x180/0x180 [ 693.537231] ? create_io_thread+0xf0/0xf0 [ 693.538220] ? ksys_write+0x21a/0x260 [ 693.539104] ? lock_downgrade+0x6d0/0x6d0 [ 693.540044] __do_sys_clone3+0x1e5/0x320 [ 693.540973] ? __do_sys_clone+0x110/0x110 [ 693.541954] ? rcu_read_lock_any_held+0x75/0xa0 [ 693.543004] ? vfs_write+0x354/0xa30 [ 693.543858] ? fput_many+0x2f/0x1a0 [ 693.544675] ? ksys_write+0x1a9/0x260 [ 693.545506] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 693.546718] ? syscall_enter_from_user_mode+0x1d/0x50 [ 693.547892] ? trace_hardirqs_on+0x5b/0x180 [ 693.548857] do_syscall_64+0x33/0x40 [ 693.549681] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 693.550889] RIP: 0033:0x7f48f386eb19 [ 693.551757] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 693.556635] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 693.558415] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 693.559918] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 693.561422] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 693.562937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 693.564428] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:44:47 executing program 7: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:44:47 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)) syz_io_uring_submit(0x0, 0x0, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:44:47 executing program 7: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:44:47 executing program 2: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:44:47 executing program 0: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:45:09 executing program 7: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:45:09 executing program 2: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:45:09 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:45:09 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 54) 01:45:09 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)) syz_io_uring_submit(0x0, 0x0, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:45:09 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') (fail_nth: 41) pipe2(&(0x7f0000000000), 0x0) 01:45:09 executing program 0: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:45:09 executing program 5: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:45:09 executing program 7: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 715.856938] FAULT_INJECTION: forcing a failure. [ 715.856938] name failslab, interval 1, probability 0, space 0, times 0 [ 715.859396] CPU: 0 PID: 6390 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 715.860780] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 715.861960] FAULT_INJECTION: forcing a failure. [ 715.861960] name failslab, interval 1, probability 0, space 0, times 0 [ 715.862464] Call Trace: [ 715.862496] dump_stack+0x107/0x167 [ 715.862526] should_fail.cold+0x5/0xa [ 715.867145] ? create_object.isra.0+0x3a/0xa20 [ 715.868071] should_failslab+0x5/0x20 [ 715.868842] kmem_cache_alloc+0x5b/0x360 [ 715.869658] ? __lockdep_reset_lock+0x180/0x180 [ 715.870601] create_object.isra.0+0x3a/0xa20 [ 715.871488] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 715.872510] kmem_cache_alloc+0x159/0x360 [ 715.873350] alloc_vfsmnt+0x23/0x680 [ 715.874278] clone_mnt+0x6c/0xce0 [ 715.874989] copy_tree+0x3b0/0xa60 [ 715.875857] copy_mnt_ns+0x144/0xa00 [ 715.876609] ? rcu_read_lock_sched_held+0x3e/0x80 [ 715.877575] ? kmem_cache_alloc+0x2b4/0x360 [ 715.878631] create_new_namespaces+0xd6/0xb20 [ 715.879534] copy_namespaces+0x39e/0x480 [ 715.880509] copy_process+0x2549/0x67d0 [ 715.881304] ? find_held_lock+0x2c/0x110 [ 715.882318] ? __cleanup_sighand+0xb0/0xb0 [ 715.883178] ? _copy_from_user+0xfb/0x1b0 [ 715.884164] kernel_clone+0xe7/0xa20 [ 715.884909] ? __lockdep_reset_lock+0x180/0x180 [ 715.885836] ? create_io_thread+0xf0/0xf0 [ 715.886846] ? ksys_write+0x21a/0x260 [ 715.887603] ? lock_downgrade+0x6d0/0x6d0 [ 715.888583] __do_sys_clone3+0x1e5/0x320 [ 715.889386] ? __do_sys_clone+0x110/0x110 [ 715.890396] ? rcu_read_lock_any_held+0x75/0xa0 [ 715.891309] ? vfs_write+0x354/0xa30 [ 715.892189] ? fput_many+0x2f/0x1a0 [ 715.892919] ? ksys_write+0x1a9/0x260 [ 715.893684] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 715.894939] ? syscall_enter_from_user_mode+0x1d/0x50 [ 715.895958] ? trace_hardirqs_on+0x5b/0x180 [ 715.896975] do_syscall_64+0x33/0x40 [ 715.897713] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 715.898926] RIP: 0033:0x7f48f386eb19 [ 715.899662] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 715.903548] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 715.905051] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 715.906464] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 715.907863] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 715.909264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 715.910690] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 [ 715.912134] CPU: 1 PID: 6393 Comm: syz-executor.4 Not tainted 5.10.164 #1 [ 715.913770] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 715.915753] Call Trace: [ 715.916395] dump_stack+0x107/0x167 [ 715.917262] should_fail.cold+0x5/0xa [ 715.918174] ? proc_reg_open+0x1f1/0x5d0 [ 715.919154] should_failslab+0x5/0x20 [ 715.920061] kmem_cache_alloc+0x5b/0x360 [ 715.921027] proc_reg_open+0x1f1/0x5d0 [ 715.921947] do_dentry_open+0x4b7/0x1090 [ 715.922935] ? proc_reg_read+0x300/0x300 [ 715.923900] ? may_open+0x1e4/0x400 [ 715.924781] path_openat+0x193d/0x26d0 [ 715.925724] ? path_lookupat+0x860/0x860 [ 715.926684] ? perf_trace_lock+0xac/0x490 [ 715.927672] ? __lockdep_reset_lock+0x180/0x180 [ 715.928782] ? lock_acquire+0x197/0x490 [ 715.929734] ? __lockdep_reset_lock+0x180/0x180 [ 715.930872] do_filp_open+0x190/0x3e0 [ 715.931776] ? may_open_dev+0xf0/0xf0 [ 715.932678] ? simple_attr_release+0x50/0x50 [ 715.933741] ? _raw_spin_unlock+0x1a/0x30 [ 715.934737] ? __alloc_fd+0x2a5/0x620 [ 715.935655] do_sys_openat2+0x171/0x420 [ 715.936591] ? security_file_free+0xaa/0xd0 [ 715.937616] ? build_open_flags+0x6f0/0x6f0 [ 715.938637] ? kmem_cache_free+0x257/0x310 [ 715.939700] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 715.940937] ? call_rcu+0x3c2/0xa10 [ 715.941799] __x64_sys_openat+0x13f/0x1f0 [ 715.942807] ? __ia32_sys_open+0x1c0/0x1c0 [ 715.943814] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 715.945023] ? syscall_enter_from_user_mode+0x1d/0x50 [ 715.946234] do_syscall_64+0x33/0x40 [ 715.947118] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 715.948304] RIP: 0033:0x7f384e6a3a04 [ 715.949166] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 715.953461] RSP: 002b:00007f384bc66060 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 715.955266] RAX: ffffffffffffffda RBX: 00007f384e803f60 RCX: 00007f384e6a3a04 [ 715.956924] RDX: 0000000000000000 RSI: 00007f384bc660f0 RDI: 00000000ffffff9c [ 715.958582] RBP: 00007f384bc660f0 R08: 0000000000000000 R09: 00007f384bc65f70 [ 715.960246] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 715.961895] R13: 00007ffe540b322f R14: 00007f384bc66300 R15: 0000000000022000 01:45:09 executing program 0: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:45:09 executing program 2: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:45:09 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:45:09 executing program 7: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:45:09 executing program 0: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:45:09 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:45:09 executing program 7: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:45:09 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:45:09 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:45:09 executing program 2: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:45:26 executing program 2: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:45:26 executing program 5: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) dup(0xffffffffffffffff) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:45:26 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)) syz_io_uring_submit(0x0, 0x0, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:45:26 executing program 0: clone3(0x0, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:45:26 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:45:26 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') (fail_nth: 42) pipe2(&(0x7f0000000000), 0x0) 01:45:26 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 55) 01:45:26 executing program 7: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 733.068880] FAULT_INJECTION: forcing a failure. [ 733.068880] name failslab, interval 1, probability 0, space 0, times 0 [ 733.070901] FAULT_INJECTION: forcing a failure. [ 733.070901] name failslab, interval 1, probability 0, space 0, times 0 [ 733.071401] CPU: 1 PID: 6445 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 733.074816] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 733.076492] Call Trace: [ 733.077038] dump_stack+0x107/0x167 [ 733.077796] should_fail.cold+0x5/0xa [ 733.078752] should_failslab+0x5/0x20 [ 733.079669] __kmalloc_track_caller+0x79/0x3c0 [ 733.080767] ? kstrdup_const+0x53/0x80 [ 733.081704] kstrdup+0x36/0x70 [ 733.082517] kstrdup_const+0x53/0x80 [ 733.083411] alloc_vfsmnt+0xb5/0x680 [ 733.084313] clone_mnt+0x6c/0xce0 [ 733.085159] copy_tree+0x3b0/0xa60 [ 733.086037] copy_mnt_ns+0x144/0xa00 [ 733.086945] ? rcu_read_lock_sched_held+0x3e/0x80 [ 733.088104] ? kmem_cache_alloc+0x2b4/0x360 [ 733.089156] create_new_namespaces+0xd6/0xb20 [ 733.090255] copy_namespaces+0x39e/0x480 [ 733.091249] copy_process+0x2549/0x67d0 [ 733.092203] ? find_held_lock+0x2c/0x110 [ 733.093212] ? __cleanup_sighand+0xb0/0xb0 [ 733.094242] ? _copy_from_user+0xfb/0x1b0 [ 733.095247] kernel_clone+0xe7/0xa20 [ 733.096006] ? __lockdep_reset_lock+0x180/0x180 [ 733.096955] ? create_io_thread+0xf0/0xf0 [ 733.097806] ? ksys_write+0x21a/0x260 [ 733.098593] ? lock_downgrade+0x6d0/0x6d0 [ 733.099439] __do_sys_clone3+0x1e5/0x320 [ 733.100254] ? __do_sys_clone+0x110/0x110 [ 733.101108] ? rcu_read_lock_any_held+0x75/0xa0 [ 733.102045] ? vfs_write+0x354/0xa30 [ 733.102806] ? fput_many+0x2f/0x1a0 [ 733.103546] ? ksys_write+0x1a9/0x260 [ 733.104334] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 733.105407] ? syscall_enter_from_user_mode+0x1d/0x50 [ 733.106475] ? trace_hardirqs_on+0x5b/0x180 [ 733.107358] do_syscall_64+0x33/0x40 [ 733.108117] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 733.109159] RIP: 0033:0x7f48f386eb19 [ 733.109916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 733.113669] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 733.115237] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 733.116694] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 733.118148] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 733.119608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 733.121065] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 [ 733.122564] CPU: 0 PID: 6444 Comm: syz-executor.4 Not tainted 5.10.164 #1 [ 733.123967] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 733.125658] Call Trace: [ 733.126205] dump_stack+0x107/0x167 [ 733.126966] should_fail.cold+0x5/0xa [ 733.127744] ? create_object.isra.0+0x3a/0xa20 [ 733.128685] should_failslab+0x5/0x20 [ 733.129457] kmem_cache_alloc+0x5b/0x360 [ 733.130311] create_object.isra.0+0x3a/0xa20 [ 733.131212] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 733.132253] kmem_cache_alloc+0x159/0x360 [ 733.133107] proc_reg_open+0x1f1/0x5d0 [ 733.133905] do_dentry_open+0x4b7/0x1090 [ 733.134751] ? proc_reg_read+0x300/0x300 [ 733.135587] ? may_open+0x1e4/0x400 [ 733.136336] path_openat+0x193d/0x26d0 [ 733.137148] ? path_lookupat+0x860/0x860 [ 733.137968] ? perf_trace_lock+0xac/0x490 [ 733.138814] ? __lockdep_reset_lock+0x180/0x180 [ 733.139758] ? lock_acquire+0x197/0x490 [ 733.140571] ? __lockdep_reset_lock+0x180/0x180 [ 733.141518] do_filp_open+0x190/0x3e0 [ 733.142307] ? may_open_dev+0xf0/0xf0 [ 733.143105] ? simple_attr_release+0x50/0x50 [ 733.144021] ? _raw_spin_unlock+0x1a/0x30 [ 733.144867] ? __alloc_fd+0x2a5/0x620 [ 733.145650] do_sys_openat2+0x171/0x420 [ 733.146479] ? security_file_free+0xaa/0xd0 [ 733.147361] ? build_open_flags+0x6f0/0x6f0 [ 733.148231] ? kmem_cache_free+0x257/0x310 [ 733.149108] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 733.150172] ? call_rcu+0x3c2/0xa10 [ 733.150932] __x64_sys_openat+0x13f/0x1f0 [ 733.151770] ? __ia32_sys_open+0x1c0/0x1c0 [ 733.152641] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 733.153701] ? syscall_enter_from_user_mode+0x1d/0x50 [ 733.154788] do_syscall_64+0x33/0x40 [ 733.155552] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 733.156595] RIP: 0033:0x7f384e6a3a04 [ 733.157361] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 733.161116] RSP: 002b:00007f384bc66060 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 733.162685] RAX: ffffffffffffffda RBX: 00007f384e803f60 RCX: 00007f384e6a3a04 [ 733.164138] RDX: 0000000000000000 RSI: 00007f384bc660f0 RDI: 00000000ffffff9c [ 733.165588] RBP: 00007f384bc660f0 R08: 0000000000000000 R09: 00007f384bc65f70 [ 733.167053] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 733.168505] R13: 00007ffe540b322f R14: 00007f384bc66300 R15: 0000000000022000 01:45:26 executing program 7: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:45:26 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') (fail_nth: 43) pipe2(&(0x7f0000000000), 0x0) 01:45:26 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 56) [ 733.283461] FAULT_INJECTION: forcing a failure. [ 733.283461] name failslab, interval 1, probability 0, space 0, times 0 [ 733.285894] CPU: 0 PID: 6457 Comm: syz-executor.4 Not tainted 5.10.164 #1 [ 733.287324] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 733.289034] Call Trace: [ 733.289060] FAULT_INJECTION: forcing a failure. [ 733.289060] name failslab, interval 1, probability 0, space 0, times 0 [ 733.289579] dump_stack+0x107/0x167 [ 733.289604] should_fail.cold+0x5/0xa [ 733.289624] ? __seq_open_private+0x20/0xd0 [ 733.289647] should_failslab+0x5/0x20 [ 733.289671] __kmalloc+0x72/0x3f0 [ 733.295759] __seq_open_private+0x20/0xd0 [ 733.296617] seq_open_net+0x323/0x500 [ 733.297404] ? proc_net_ns_init+0x410/0x410 [ 733.298317] ? rcu_read_lock_sched_held+0x3e/0x80 [ 733.299314] ? kmem_cache_alloc+0x2b4/0x360 [ 733.300208] ? proc_net_ns_init+0x410/0x410 [ 733.301097] proc_reg_open+0x25d/0x5d0 [ 733.301907] do_dentry_open+0x4b7/0x1090 [ 733.302753] ? proc_reg_read+0x300/0x300 [ 733.303593] ? may_open+0x1e4/0x400 [ 733.304350] path_openat+0x193d/0x26d0 [ 733.305168] ? path_lookupat+0x860/0x860 [ 733.306007] ? perf_trace_lock+0xac/0x490 [ 733.306867] ? __lockdep_reset_lock+0x180/0x180 [ 733.307824] ? lock_acquire+0x197/0x490 [ 733.308651] ? __lockdep_reset_lock+0x180/0x180 [ 733.309617] do_filp_open+0x190/0x3e0 [ 733.310418] ? may_open_dev+0xf0/0xf0 [ 733.311218] ? simple_attr_release+0x50/0x50 [ 733.312147] ? _raw_spin_unlock+0x1a/0x30 [ 733.313004] ? __alloc_fd+0x2a5/0x620 [ 733.313803] do_sys_openat2+0x171/0x420 [ 733.314627] ? security_file_free+0xaa/0xd0 [ 733.315511] ? build_open_flags+0x6f0/0x6f0 [ 733.316393] ? kmem_cache_free+0x257/0x310 [ 733.317265] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 733.318352] ? call_rcu+0x3c2/0xa10 [ 733.319102] __x64_sys_openat+0x13f/0x1f0 [ 733.319938] ? __ia32_sys_open+0x1c0/0x1c0 [ 733.320809] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 733.321880] ? syscall_enter_from_user_mode+0x1d/0x50 [ 733.322944] do_syscall_64+0x33/0x40 [ 733.323704] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 733.324738] RIP: 0033:0x7f384e6a3a04 [ 733.325494] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 733.329278] RSP: 002b:00007f384bc66060 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 733.330866] RAX: ffffffffffffffda RBX: 00007f384e803f60 RCX: 00007f384e6a3a04 [ 733.332326] RDX: 0000000000000000 RSI: 00007f384bc660f0 RDI: 00000000ffffff9c [ 733.333787] RBP: 00007f384bc660f0 R08: 0000000000000000 R09: 00007f384bc65f70 [ 733.335254] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 733.336713] R13: 00007ffe540b322f R14: 00007f384bc66300 R15: 0000000000022000 [ 733.338191] CPU: 1 PID: 6460 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 733.339589] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 733.341266] Call Trace: [ 733.341802] dump_stack+0x107/0x167 [ 733.342557] should_fail.cold+0x5/0xa [ 733.343325] ? create_object.isra.0+0x3a/0xa20 [ 733.344246] should_failslab+0x5/0x20 [ 733.345018] kmem_cache_alloc+0x5b/0x360 [ 733.345846] create_object.isra.0+0x3a/0xa20 [ 733.346756] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 733.347783] __kmalloc_track_caller+0x177/0x3c0 [ 733.348718] ? kstrdup_const+0x53/0x80 [ 733.349511] kstrdup+0x36/0x70 [ 733.350157] kstrdup_const+0x53/0x80 [ 733.350916] alloc_vfsmnt+0xb5/0x680 [ 733.351672] clone_mnt+0x6c/0xce0 [ 733.352389] copy_tree+0x3b0/0xa60 [ 733.353132] copy_mnt_ns+0x144/0xa00 [ 733.353885] ? rcu_read_lock_sched_held+0x3e/0x80 [ 733.354859] ? kmem_cache_alloc+0x2b4/0x360 [ 733.355736] create_new_namespaces+0xd6/0xb20 [ 733.356648] copy_namespaces+0x39e/0x480 [ 733.357457] copy_process+0x2549/0x67d0 [ 733.358259] ? find_held_lock+0x2c/0x110 [ 733.359092] ? __cleanup_sighand+0xb0/0xb0 [ 733.359965] ? _copy_from_user+0xfb/0x1b0 [ 733.360805] kernel_clone+0xe7/0xa20 [ 733.361555] ? __lockdep_reset_lock+0x180/0x180 [ 733.362485] ? create_io_thread+0xf0/0xf0 [ 733.363342] ? ksys_write+0x21a/0x260 [ 733.364110] ? lock_downgrade+0x6d0/0x6d0 [ 733.364961] __do_sys_clone3+0x1e5/0x320 [ 733.365777] ? __do_sys_clone+0x110/0x110 [ 733.366652] ? rcu_read_lock_any_held+0x75/0xa0 [ 733.367588] ? vfs_write+0x354/0xa30 [ 733.368341] ? fput_many+0x2f/0x1a0 [ 733.369075] ? ksys_write+0x1a9/0x260 [ 733.369845] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 733.370909] ? syscall_enter_from_user_mode+0x1d/0x50 [ 733.371953] ? trace_hardirqs_on+0x5b/0x180 [ 733.372821] do_syscall_64+0x33/0x40 [ 733.373572] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 733.374614] RIP: 0033:0x7f48f386eb19 [ 733.375375] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 733.379101] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 733.380610] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 733.382049] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 733.383500] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 733.384944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 733.386393] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:45:26 executing program 7: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:45:26 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:45:26 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') (fail_nth: 44) pipe2(&(0x7f0000000000), 0x0) [ 733.518977] FAULT_INJECTION: forcing a failure. [ 733.518977] name failslab, interval 1, probability 0, space 0, times 0 [ 733.521445] CPU: 1 PID: 6470 Comm: syz-executor.4 Not tainted 5.10.164 #1 [ 733.522851] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 733.524533] Call Trace: [ 733.525082] dump_stack+0x107/0x167 [ 733.525828] should_fail.cold+0x5/0xa [ 733.526636] ? create_object.isra.0+0x3a/0xa20 [ 733.527565] should_failslab+0x5/0x20 [ 733.528341] kmem_cache_alloc+0x5b/0x360 [ 733.529178] create_object.isra.0+0x3a/0xa20 [ 733.530092] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 733.531144] __kmalloc+0x16e/0x3f0 [ 733.531879] __seq_open_private+0x20/0xd0 [ 733.532728] seq_open_net+0x323/0x500 [ 733.533501] ? proc_net_ns_init+0x410/0x410 [ 733.534412] ? rcu_read_lock_sched_held+0x3e/0x80 [ 733.535397] ? kmem_cache_alloc+0x2b4/0x360 [ 733.536282] ? proc_net_ns_init+0x410/0x410 [ 733.537163] proc_reg_open+0x25d/0x5d0 [ 733.537958] do_dentry_open+0x4b7/0x1090 [ 733.538798] ? proc_reg_read+0x300/0x300 [ 733.539620] ? may_open+0x1e4/0x400 [ 733.540372] path_openat+0x193d/0x26d0 [ 733.541178] ? path_lookupat+0x860/0x860 [ 733.542008] ? perf_trace_lock+0xac/0x490 [ 733.542849] ? __lockdep_reset_lock+0x180/0x180 [ 733.543798] ? lock_acquire+0x197/0x490 [ 733.544605] ? __lockdep_reset_lock+0x180/0x180 [ 733.545563] do_filp_open+0x190/0x3e0 [ 733.546359] ? may_open_dev+0xf0/0xf0 [ 733.547158] ? simple_attr_release+0x50/0x50 [ 733.548070] ? _raw_spin_unlock+0x1a/0x30 [ 733.548919] ? __alloc_fd+0x2a5/0x620 [ 733.549721] do_sys_openat2+0x171/0x420 [ 733.550547] ? security_file_free+0xaa/0xd0 [ 733.551442] ? build_open_flags+0x6f0/0x6f0 [ 733.552327] ? kmem_cache_free+0x257/0x310 [ 733.553197] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 733.554274] ? call_rcu+0x3c2/0xa10 [ 733.555046] __x64_sys_openat+0x13f/0x1f0 [ 733.555896] ? __ia32_sys_open+0x1c0/0x1c0 [ 733.556774] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 733.557849] ? syscall_enter_from_user_mode+0x1d/0x50 [ 733.558923] do_syscall_64+0x33/0x40 [ 733.559708] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 733.560759] RIP: 0033:0x7f384e6a3a04 [ 733.561529] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 733.565312] RSP: 002b:00007f384bc66060 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 733.566896] RAX: ffffffffffffffda RBX: 00007f384e803f60 RCX: 00007f384e6a3a04 [ 733.568365] RDX: 0000000000000000 RSI: 00007f384bc660f0 RDI: 00000000ffffff9c [ 733.569825] RBP: 00007f384bc660f0 R08: 0000000000000000 R09: 00007f384bc65f70 [ 733.571298] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 733.572760] R13: 00007ffe540b322f R14: 00007f384bc66300 R15: 0000000000022000 01:45:45 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') (fail_nth: 45) pipe2(&(0x7f0000000000), 0x0) 01:45:45 executing program 7: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:45:45 executing program 6: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:45:45 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:45:45 executing program 5: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) dup(0xffffffffffffffff) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:45:45 executing program 2: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:45:45 executing program 0: clone3(0x0, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:45:45 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 57) [ 751.953397] FAULT_INJECTION: forcing a failure. [ 751.953397] name failslab, interval 1, probability 0, space 0, times 0 [ 751.956036] CPU: 1 PID: 6478 Comm: syz-executor.4 Not tainted 5.10.164 #1 [ 751.957562] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 751.959434] Call Trace: [ 751.960036] dump_stack+0x107/0x167 [ 751.960866] should_fail.cold+0x5/0xa [ 751.961738] ? seq_open+0x57/0x180 [ 751.962546] should_failslab+0x5/0x20 [ 751.963395] kmem_cache_alloc+0x5b/0x360 [ 751.964303] seq_open+0x57/0x180 [ 751.965052] __seq_open_private+0x38/0xd0 [ 751.965968] seq_open_net+0x323/0x500 [ 751.966839] ? proc_net_ns_init+0x410/0x410 [ 751.967788] ? rcu_read_lock_sched_held+0x3e/0x80 [ 751.968858] ? kmem_cache_alloc+0x2b4/0x360 [ 751.969809] ? proc_net_ns_init+0x410/0x410 [ 751.970777] proc_reg_open+0x25d/0x5d0 [ 751.971602] do_dentry_open+0x4b7/0x1090 [ 751.972471] ? proc_reg_read+0x300/0x300 [ 751.973355] ? may_open+0x1e4/0x400 [ 751.974153] path_openat+0x193d/0x26d0 [ 751.975045] ? path_lookupat+0x860/0x860 [ 751.975957] ? perf_trace_lock+0xac/0x490 [ 751.976876] ? __lockdep_reset_lock+0x180/0x180 [ 751.977906] ? lock_acquire+0x197/0x490 [ 751.978819] ? __lockdep_reset_lock+0x180/0x180 [ 751.979878] do_filp_open+0x190/0x3e0 [ 751.980721] ? may_open_dev+0xf0/0xf0 [ 751.981547] ? simple_attr_release+0x50/0x50 [ 751.982540] ? _raw_spin_unlock+0x1a/0x30 [ 751.983455] ? __alloc_fd+0x2a5/0x620 [ 751.984310] do_sys_openat2+0x171/0x420 [ 751.985186] ? security_file_free+0xaa/0xd0 [ 751.986126] ? build_open_flags+0x6f0/0x6f0 [ 751.987084] ? kmem_cache_free+0x257/0x310 [ 751.988021] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 751.989177] ? call_rcu+0x3c2/0xa10 [ 751.989990] __x64_sys_openat+0x13f/0x1f0 [ 751.990912] ? __ia32_sys_open+0x1c0/0x1c0 [ 751.991855] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 751.992985] ? syscall_enter_from_user_mode+0x1d/0x50 [ 751.994132] do_syscall_64+0x33/0x40 [ 751.994970] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 751.996126] RIP: 0033:0x7f384e6a3a04 [ 751.996957] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 752.001046] RSP: 002b:00007f384bc66060 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 752.002732] RAX: ffffffffffffffda RBX: 00007f384e803f60 RCX: 00007f384e6a3a04 [ 752.004297] RDX: 0000000000000000 RSI: 00007f384bc660f0 RDI: 00000000ffffff9c [ 752.005792] RBP: 00007f384bc660f0 R08: 0000000000000000 R09: 00007f384bc65f70 [ 752.007280] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 752.008755] R13: 00007ffe540b322f R14: 00007f384bc66300 R15: 0000000000022000 01:45:45 executing program 5: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 752.027952] FAULT_INJECTION: forcing a failure. [ 752.027952] name failslab, interval 1, probability 0, space 0, times 0 [ 752.030777] CPU: 1 PID: 6495 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 752.032401] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 752.034367] Call Trace: [ 752.035067] dump_stack+0x107/0x167 [ 752.035998] should_fail.cold+0x5/0xa [ 752.036975] ? create_object.isra.0+0x3a/0xa20 [ 752.038154] should_failslab+0x5/0x20 [ 752.039149] kmem_cache_alloc+0x5b/0x360 [ 752.040195] create_object.isra.0+0x3a/0xa20 [ 752.041328] kmemleak_alloc_percpu+0xa0/0x100 [ 752.042480] pcpu_alloc+0x4e2/0x12f0 [ 752.043501] alloc_vfsmnt+0xfd/0x680 [ 752.044468] clone_mnt+0x6c/0xce0 [ 752.045396] copy_tree+0x3b0/0xa60 [ 752.046334] copy_mnt_ns+0x144/0xa00 [ 752.047315] ? rcu_read_lock_sched_held+0x3e/0x80 [ 752.048540] ? kmem_cache_alloc+0x2b4/0x360 [ 752.049654] create_new_namespaces+0xd6/0xb20 [ 752.050834] copy_namespaces+0x39e/0x480 [ 752.051871] copy_process+0x2549/0x67d0 [ 752.052882] ? find_held_lock+0x2c/0x110 [ 752.053944] ? __cleanup_sighand+0xb0/0xb0 [ 752.055063] ? _copy_from_user+0xfb/0x1b0 [ 752.056133] kernel_clone+0xe7/0xa20 [ 752.057084] ? __lockdep_reset_lock+0x180/0x180 [ 752.058274] ? create_io_thread+0xf0/0xf0 [ 752.059399] ? ksys_write+0x21a/0x260 [ 752.060366] ? lock_downgrade+0x6d0/0x6d0 [ 752.061424] __do_sys_clone3+0x1e5/0x320 [ 752.062455] ? __do_sys_clone+0x110/0x110 [ 752.063568] ? rcu_read_lock_any_held+0x75/0xa0 [ 752.064733] ? vfs_write+0x354/0xa30 [ 752.065679] ? fput_many+0x2f/0x1a0 [ 752.066604] ? ksys_write+0x1a9/0x260 [ 752.067570] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 752.068879] ? syscall_enter_from_user_mode+0x1d/0x50 [ 752.070172] ? trace_hardirqs_on+0x5b/0x180 [ 752.071276] do_syscall_64+0x33/0x40 [ 752.072212] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 752.073509] RIP: 0033:0x7f48f386eb19 [ 752.074446] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 752.079059] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 752.080956] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 752.082741] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 752.084515] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 752.086285] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 752.088112] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:45:45 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:45:45 executing program 6: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:45:45 executing program 6: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:45:45 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:45:45 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:45:45 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') (fail_nth: 46) pipe2(&(0x7f0000000000), 0x0) [ 752.211333] FAULT_INJECTION: forcing a failure. [ 752.211333] name failslab, interval 1, probability 0, space 0, times 0 [ 752.214185] CPU: 1 PID: 6508 Comm: syz-executor.4 Not tainted 5.10.164 #1 [ 752.215842] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 752.217858] Call Trace: [ 752.218517] dump_stack+0x107/0x167 [ 752.219390] should_fail.cold+0x5/0xa [ 752.220236] ? create_object.isra.0+0x3a/0xa20 [ 752.221252] should_failslab+0x5/0x20 [ 752.222088] kmem_cache_alloc+0x5b/0x360 [ 752.222996] create_object.isra.0+0x3a/0xa20 [ 752.223963] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 752.225080] kmem_cache_alloc+0x159/0x360 [ 752.226001] seq_open+0x57/0x180 [ 752.226768] __seq_open_private+0x38/0xd0 [ 752.227672] seq_open_net+0x323/0x500 [ 752.228504] ? proc_net_ns_init+0x410/0x410 [ 752.229448] ? rcu_read_lock_sched_held+0x3e/0x80 [ 752.230509] ? kmem_cache_alloc+0x2b4/0x360 [ 752.231456] ? proc_net_ns_init+0x410/0x410 [ 752.232395] proc_reg_open+0x25d/0x5d0 [ 752.233251] do_dentry_open+0x4b7/0x1090 [ 752.234143] ? proc_reg_read+0x300/0x300 [ 752.235054] ? may_open+0x1e4/0x400 [ 752.235858] path_openat+0x193d/0x26d0 [ 752.236730] ? path_lookupat+0x860/0x860 [ 752.237618] ? perf_trace_lock+0xac/0x490 [ 752.238532] ? __lockdep_reset_lock+0x180/0x180 [ 752.239550] ? lock_acquire+0x197/0x490 [ 752.240422] ? __lockdep_reset_lock+0x180/0x180 [ 752.241447] do_filp_open+0x190/0x3e0 [ 752.242278] ? may_open_dev+0xf0/0xf0 [ 752.243139] ? simple_attr_release+0x50/0x50 [ 752.244116] ? _raw_spin_unlock+0x1a/0x30 [ 752.245018] ? __alloc_fd+0x2a5/0x620 [ 752.245868] do_sys_openat2+0x171/0x420 [ 752.246760] ? security_file_free+0xaa/0xd0 [ 752.247715] ? build_open_flags+0x6f0/0x6f0 [ 752.248661] ? kmem_cache_free+0x257/0x310 [ 752.249599] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 752.250765] ? call_rcu+0x3c2/0xa10 [ 752.251566] __x64_sys_openat+0x13f/0x1f0 [ 752.252490] ? __ia32_sys_open+0x1c0/0x1c0 [ 752.253425] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 752.254580] ? syscall_enter_from_user_mode+0x1d/0x50 [ 752.255722] do_syscall_64+0x33/0x40 [ 752.256550] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 752.257684] RIP: 0033:0x7f384e6a3a04 [ 752.258510] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 752.262483] RSP: 002b:00007f384bc66060 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 752.264181] RAX: ffffffffffffffda RBX: 00007f384e803f60 RCX: 00007f384e6a3a04 [ 752.265953] RDX: 0000000000000000 RSI: 00007f384bc660f0 RDI: 00000000ffffff9c [ 752.267746] RBP: 00007f384bc660f0 R08: 0000000000000000 R09: 00007f384bc65f70 [ 752.269528] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 752.271353] R13: 00007ffe540b322f R14: 00007f384bc66300 R15: 0000000000022000 01:45:45 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:45:45 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:45:45 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:46:02 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') (fail_nth: 47) pipe2(&(0x7f0000000000), 0x0) 01:46:02 executing program 2: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:46:02 executing program 5: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:46:02 executing program 0: clone3(0x0, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:46:02 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 58) 01:46:02 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:46:02 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:46:02 executing program 7: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:46:02 executing program 2: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 769.314162] cgroup: fork rejected by pids controller in /syz6 [ 769.314953] FAULT_INJECTION: forcing a failure. [ 769.314953] name failslab, interval 1, probability 0, space 0, times 0 [ 769.316901] CPU: 0 PID: 6548 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 769.317751] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 769.318072] FAULT_INJECTION: forcing a failure. [ 769.318072] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 769.318780] Call Trace: [ 769.318801] dump_stack+0x107/0x167 [ 769.318817] should_fail.cold+0x5/0xa [ 769.318832] ? create_object.isra.0+0x3a/0xa20 [ 769.318853] should_failslab+0x5/0x20 [ 769.318867] kmem_cache_alloc+0x5b/0x360 [ 769.324366] create_object.isra.0+0x3a/0xa20 [ 769.324935] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 769.325561] __kmalloc_track_caller+0x177/0x3c0 [ 769.326150] ? kstrdup_const+0x53/0x80 [ 769.326643] kstrdup+0x36/0x70 [ 769.327057] kstrdup_const+0x53/0x80 [ 769.327525] alloc_vfsmnt+0xb5/0x680 [ 769.327999] clone_mnt+0x6c/0xce0 [ 769.328453] copy_tree+0x3b0/0xa60 [ 769.328921] copy_mnt_ns+0x144/0xa00 [ 769.329395] ? rcu_read_lock_sched_held+0x3e/0x80 [ 769.330004] ? kmem_cache_alloc+0x2b4/0x360 [ 769.330566] create_new_namespaces+0xd6/0xb20 [ 769.331145] copy_namespaces+0x39e/0x480 [ 769.331672] copy_process+0x2549/0x67d0 [ 769.332179] ? find_held_lock+0x2c/0x110 [ 769.332700] ? __cleanup_sighand+0xb0/0xb0 [ 769.333246] ? _copy_from_user+0xfb/0x1b0 [ 769.333777] kernel_clone+0xe7/0xa20 [ 769.334243] ? __lockdep_reset_lock+0x180/0x180 [ 769.334846] ? create_io_thread+0xf0/0xf0 [ 769.335389] ? ksys_write+0x21a/0x260 [ 769.335875] ? lock_downgrade+0x6d0/0x6d0 [ 769.336406] __do_sys_clone3+0x1e5/0x320 [ 769.336922] ? __do_sys_clone+0x110/0x110 [ 769.337463] ? rcu_read_lock_any_held+0x75/0xa0 [ 769.338049] ? vfs_write+0x354/0xa30 [ 769.338517] ? fput_many+0x2f/0x1a0 [ 769.338977] ? ksys_write+0x1a9/0x260 [ 769.339458] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 769.340119] ? syscall_enter_from_user_mode+0x1d/0x50 [ 769.340772] ? trace_hardirqs_on+0x5b/0x180 [ 769.341309] do_syscall_64+0x33/0x40 [ 769.341783] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 769.342438] RIP: 0033:0x7f48f386eb19 [ 769.342925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 769.345243] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 769.346210] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 769.347123] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 769.348021] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 769.348928] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 769.349827] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 [ 769.350772] CPU: 1 PID: 6549 Comm: syz-executor.4 Not tainted 5.10.164 #1 [ 769.352165] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 769.353831] Call Trace: [ 769.354374] dump_stack+0x107/0x167 [ 769.355139] should_fail.cold+0x5/0xa [ 769.355918] _copy_to_user+0x2e/0x180 [ 769.356694] simple_read_from_buffer+0xcc/0x160 [ 769.357645] proc_fail_nth_read+0x198/0x230 [ 769.358525] ? proc_sessionid_read+0x230/0x230 [ 769.359469] ? security_file_permission+0x24e/0x570 [ 769.360481] ? perf_trace_initcall_start+0x101/0x380 [ 769.361516] ? proc_sessionid_read+0x230/0x230 [ 769.362444] vfs_read+0x228/0x580 [ 769.363167] ksys_read+0x12d/0x260 [ 769.363901] ? vfs_write+0xa30/0xa30 [ 769.364663] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 769.365725] ? syscall_enter_from_user_mode+0x1d/0x50 [ 769.366785] do_syscall_64+0x33/0x40 [ 769.367538] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 769.368580] RIP: 0033:0x7f384e6a369c [ 769.369338] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 769.373044] RSP: 002b:00007f384bc66170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 769.374584] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f384e6a369c [ 769.376031] RDX: 000000000000000f RSI: 00007f384bc661e0 RDI: 0000000000000004 [ 769.377480] RBP: 00007f384bc661d0 R08: 0000000000000000 R09: 00007f384bc65f70 [ 769.378934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 769.380379] R13: 00007ffe540b322f R14: 00007f384bc66300 R15: 0000000000022000 01:46:02 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:46:02 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 59) 01:46:02 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) [ 769.458448] FAULT_INJECTION: forcing a failure. [ 769.458448] name failslab, interval 1, probability 0, space 0, times 0 [ 769.460021] CPU: 0 PID: 6636 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 769.460852] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 769.461859] Call Trace: [ 769.462186] dump_stack+0x107/0x167 [ 769.462630] should_fail.cold+0x5/0xa [ 769.463091] ? create_object.isra.0+0x3a/0xa20 [ 769.463651] should_failslab+0x5/0x20 [ 769.464107] kmem_cache_alloc+0x5b/0x360 [ 769.464617] create_object.isra.0+0x3a/0xa20 [ 769.465122] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 769.465743] __kmalloc_track_caller+0x177/0x3c0 [ 769.466278] ? kstrdup_const+0x53/0x80 [ 769.466770] kstrdup+0x36/0x70 [ 769.467139] kstrdup_const+0x53/0x80 [ 769.467582] alloc_vfsmnt+0xb5/0x680 [ 769.468011] clone_mnt+0x6c/0xce0 [ 769.468438] copy_tree+0x3b0/0xa60 [ 769.468856] copy_mnt_ns+0x144/0xa00 [ 769.469315] ? rcu_read_lock_sched_held+0x3e/0x80 [ 769.469858] ? kmem_cache_alloc+0x2b4/0x360 [ 769.470384] create_new_namespaces+0xd6/0xb20 [ 769.470907] copy_namespaces+0x39e/0x480 [ 769.471403] copy_process+0x2549/0x67d0 [ 769.471859] ? find_held_lock+0x2c/0x110 [ 769.472368] ? __cleanup_sighand+0xb0/0xb0 [ 769.472860] ? _copy_from_user+0xfb/0x1b0 [ 769.473375] kernel_clone+0xe7/0xa20 [ 769.473799] ? __lockdep_reset_lock+0x180/0x180 [ 769.474353] ? create_io_thread+0xf0/0xf0 [ 769.474845] ? ksys_write+0x21a/0x260 [ 769.475302] ? lock_downgrade+0x6d0/0x6d0 [ 769.475781] __do_sys_clone3+0x1e5/0x320 [ 769.476270] ? __do_sys_clone+0x110/0x110 [ 769.476765] ? rcu_read_lock_any_held+0x75/0xa0 [ 769.477324] ? vfs_write+0x354/0xa30 [ 769.477763] ? fput_many+0x2f/0x1a0 [ 769.478201] ? ksys_write+0x1a9/0x260 [ 769.478650] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 769.479294] ? syscall_enter_from_user_mode+0x1d/0x50 [ 769.479881] ? trace_hardirqs_on+0x5b/0x180 [ 769.480401] do_syscall_64+0x33/0x40 [ 769.480839] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 769.481455] RIP: 0033:0x7f48f386eb19 [ 769.481910] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 769.484103] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 769.484970] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 769.485819] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 769.486671] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 769.487527] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 769.488363] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:46:02 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:46:03 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:46:03 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 60) 01:46:03 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) [ 769.706865] FAULT_INJECTION: forcing a failure. [ 769.706865] name failslab, interval 1, probability 0, space 0, times 0 [ 769.709454] CPU: 0 PID: 6671 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 769.710956] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 769.712757] Call Trace: [ 769.713342] dump_stack+0x107/0x167 [ 769.714135] should_fail.cold+0x5/0xa [ 769.714978] ? create_object.isra.0+0x3a/0xa20 [ 769.715969] should_failslab+0x5/0x20 [ 769.716803] kmem_cache_alloc+0x5b/0x360 [ 769.717691] create_object.isra.0+0x3a/0xa20 [ 769.718661] kmemleak_alloc_percpu+0xa0/0x100 [ 769.719682] pcpu_alloc+0x4e2/0x12f0 [ 769.720511] alloc_vfsmnt+0xfd/0x680 [ 769.721339] clone_mnt+0x6c/0xce0 [ 769.722109] copy_tree+0x3b0/0xa60 [ 769.722923] copy_mnt_ns+0x144/0xa00 [ 769.723742] ? rcu_read_lock_sched_held+0x3e/0x80 [ 769.724809] ? kmem_cache_alloc+0x2b4/0x360 [ 769.725767] create_new_namespaces+0xd6/0xb20 [ 769.726779] copy_namespaces+0x39e/0x480 [ 769.727670] copy_process+0x2549/0x67d0 [ 769.728548] ? find_held_lock+0x2c/0x110 [ 769.729454] ? __cleanup_sighand+0xb0/0xb0 [ 769.730403] ? _copy_from_user+0xfb/0x1b0 [ 769.731330] kernel_clone+0xe7/0xa20 [ 769.732150] ? create_io_thread+0xf0/0xf0 [ 769.733071] ? perf_event_sched_in.isra.0+0x80/0x80 [ 769.734186] __do_sys_clone3+0x1e5/0x320 [ 769.735086] ? __do_sys_clone+0x110/0x110 [ 769.735996] ? finish_task_switch+0x126/0x5d0 [ 769.736965] ? finish_task_switch+0xef/0x5d0 [ 769.737953] ? io_schedule_timeout+0x140/0x140 [ 769.738956] ? copy_kernel_to_fpregs+0x9e/0xe0 [ 769.739956] ? trace_event_raw_event_x86_fpu+0x390/0x390 [ 769.741156] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 769.742303] ? syscall_enter_from_user_mode+0x1d/0x50 [ 769.743441] ? trace_hardirqs_on+0x5b/0x180 [ 769.744388] do_syscall_64+0x33/0x40 [ 769.745212] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 769.746331] RIP: 0033:0x7f48f386eb19 [ 769.747167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 769.751180] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 769.752858] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 769.754435] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 769.756008] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 769.757578] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 769.759146] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:46:03 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:46:03 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:46:03 executing program 5: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:46:03 executing program 0: clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:46:03 executing program 4: pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r1, r0, 0x9, 0x0) getpeername(r1, &(0x7f00000000c0)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @private}}}, &(0x7f0000000040)=0x80) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) 01:46:03 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 61) 01:46:03 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:46:03 executing program 7: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 770.206077] FAULT_INJECTION: forcing a failure. [ 770.206077] name failslab, interval 1, probability 0, space 0, times 0 [ 770.208902] CPU: 0 PID: 6682 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 770.210521] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 770.212495] Call Trace: [ 770.213123] dump_stack+0x107/0x167 [ 770.214000] should_fail.cold+0x5/0xa [ 770.214947] should_failslab+0x5/0x20 [ 770.215848] __kmalloc_track_caller+0x79/0x3c0 [ 770.216936] ? kstrdup_const+0x53/0x80 [ 770.217879] kstrdup+0x36/0x70 [ 770.218659] kstrdup_const+0x53/0x80 [ 770.219562] alloc_vfsmnt+0xb5/0x680 [ 770.220458] clone_mnt+0x6c/0xce0 [ 770.221303] copy_tree+0x3b0/0xa60 [ 770.222173] copy_mnt_ns+0x144/0xa00 [ 770.223075] ? rcu_read_lock_sched_held+0x3e/0x80 [ 770.224226] ? kmem_cache_alloc+0x2b4/0x360 [ 770.225267] create_new_namespaces+0xd6/0xb20 [ 770.226352] copy_namespaces+0x39e/0x480 [ 770.227359] copy_process+0x2549/0x67d0 [ 770.228312] ? find_held_lock+0x2c/0x110 [ 770.229326] ? __cleanup_sighand+0xb0/0xb0 [ 770.230370] ? _copy_from_user+0xfb/0x1b0 [ 770.231404] kernel_clone+0xe7/0xa20 [ 770.232315] ? __lockdep_reset_lock+0x180/0x180 [ 770.233436] ? create_io_thread+0xf0/0xf0 [ 770.234460] ? ksys_write+0x21a/0x260 [ 770.235404] ? lock_downgrade+0x6d0/0x6d0 [ 770.236410] __do_sys_clone3+0x1e5/0x320 [ 770.237409] ? __do_sys_clone+0x110/0x110 [ 770.238447] ? rcu_read_lock_any_held+0x75/0xa0 [ 770.239602] ? vfs_write+0x354/0xa30 [ 770.240505] ? fput_many+0x2f/0x1a0 [ 770.241400] ? ksys_write+0x1a9/0x260 [ 770.242338] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 770.243625] ? syscall_enter_from_user_mode+0x1d/0x50 [ 770.244870] ? trace_hardirqs_on+0x5b/0x180 [ 770.245922] do_syscall_64+0x33/0x40 [ 770.246829] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 770.248067] RIP: 0033:0x7f48f386eb19 [ 770.248963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 770.253347] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 770.255165] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 770.256880] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 770.258562] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 770.260256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 770.261973] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:46:03 executing program 2: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:46:03 executing program 5: clone3(0x0, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:46:03 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:46:03 executing program 2: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:46:20 executing program 0: clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:46:20 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:46:20 executing program 2: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:46:20 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:46:20 executing program 5: clone3(0x0, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:46:20 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000001, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r1, r0, 0x9, 0x0) r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) pidfd_getfd(r1, r2, 0x0) pipe2(&(0x7f0000000000), 0x0) 01:46:20 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 62) 01:46:20 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(0xffffffffffffffff, &(0x7f0000000140)='./file1\x00', 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 787.161669] FAULT_INJECTION: forcing a failure. [ 787.161669] name failslab, interval 1, probability 0, space 0, times 0 [ 787.164038] CPU: 1 PID: 6725 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 787.165427] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 787.167126] Call Trace: [ 787.167673] dump_stack+0x107/0x167 [ 787.168422] should_fail.cold+0x5/0xa [ 787.169204] ? create_object.isra.0+0x3a/0xa20 [ 787.170142] should_failslab+0x5/0x20 [ 787.170950] kmem_cache_alloc+0x5b/0x360 [ 787.171785] create_object.isra.0+0x3a/0xa20 [ 787.172681] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 787.173719] __kmalloc_track_caller+0x177/0x3c0 [ 787.174662] ? kstrdup_const+0x53/0x80 [ 787.175467] kstrdup+0x36/0x70 [ 787.176124] kstrdup_const+0x53/0x80 [ 787.176875] alloc_vfsmnt+0xb5/0x680 [ 787.177632] clone_mnt+0x6c/0xce0 [ 787.178344] copy_tree+0x3b0/0xa60 [ 787.179087] copy_mnt_ns+0x144/0xa00 [ 787.179847] ? rcu_read_lock_sched_held+0x3e/0x80 [ 787.180834] ? kmem_cache_alloc+0x2b4/0x360 [ 787.181717] create_new_namespaces+0xd6/0xb20 [ 787.182635] copy_namespaces+0x39e/0x480 [ 787.183477] copy_process+0x2549/0x67d0 [ 787.184285] ? find_held_lock+0x2c/0x110 [ 787.185132] ? __cleanup_sighand+0xb0/0xb0 [ 787.186002] ? _copy_from_user+0xfb/0x1b0 [ 787.186848] kernel_clone+0xe7/0xa20 [ 787.187612] ? __lockdep_reset_lock+0x180/0x180 [ 787.188555] ? create_io_thread+0xf0/0xf0 [ 787.189417] ? ksys_write+0x21a/0x260 [ 787.190189] ? lock_downgrade+0x6d0/0x6d0 [ 787.191038] __do_sys_clone3+0x1e5/0x320 [ 787.191860] ? __do_sys_clone+0x110/0x110 [ 787.192723] ? rcu_read_lock_any_held+0x75/0xa0 [ 787.193669] ? vfs_write+0x354/0xa30 [ 787.194430] ? fput_many+0x2f/0x1a0 [ 787.195187] ? ksys_write+0x1a9/0x260 [ 787.195970] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 787.197038] ? syscall_enter_from_user_mode+0x1d/0x50 [ 787.198083] ? trace_hardirqs_on+0x5b/0x180 [ 787.198969] do_syscall_64+0x33/0x40 [ 787.199729] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 787.200762] RIP: 0033:0x7f48f386eb19 [ 787.201520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 787.205254] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 787.206793] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 787.208233] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 787.209673] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 787.211115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 787.212559] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:46:20 executing program 2: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:46:20 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(0xffffffffffffffff, &(0x7f0000000140)='./file1\x00', 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:46:20 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(0xffffffffffffffff, &(0x7f0000000140)='./file1\x00', 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:46:20 executing program 4: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc018937e, &(0x7f0000000140)={{0x1, 0x1, 0x18, r2, @in_args={0x2}}, './file0\x00'}) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r5, r4, 0x9, 0x0) r6 = socket$inet(0x2, 0x4, 0x17ab6932) readv(r6, &(0x7f0000000780)=[{&(0x7f00000004c0)=""/243, 0xf3}, {&(0x7f00000005c0)=""/180, 0xb4}, {&(0x7f00000002c0)=""/40, 0x28}, {&(0x7f0000000680)=""/241, 0xf1}], 0x4) r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000300), 0x48800, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r9, r8, 0x9, 0x0) io_submit(0x0, 0x4, &(0x7f0000000480)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x8, 0x8, r0, &(0x7f00000000c0)="d9d60a9db28a279fd2442494b4e438e83a8d9688bf8af18df7b2e82c13c07b91625edcdb8ccd89013887ad5f1286b73ba41ca29a856543fd5c8c07e8d8bdf3fb6bf88fbbc3791d7239e4114f0712fd9354ba185ad1e2494468803e64f02073c6d5fa3e360d036194b28b", 0x6a, 0x4}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x7, 0x7, r3, &(0x7f0000000180)="3064d74bd189266d8dbec7116405f95efdc99d774b7425edffe6e629358c9a8e903571009acd6f577cfa252f440e30d957888973a29a6d3520361f10e47dd7d7122aa695f995d5fbf971e19e4ae368397f3a598a3cb3b9aa7bdd0fae0204a2a36e1b41f561d643688f0a2f394140608d6fee8ded3bb9fa9858040c5d16fc90c04feedfcd57f414f66a15737d149b8aac3f50fe40876f4a2d5b78257369e514b415395baf7f4fd5b31c1dda9dd561c31b035e9c7c710921469ebfade9e68e19f34d858f81bbfae0ffd9bff0f26f4f05e76e0eab34ea02ae6a30495780e23787d6f8137039243724d3961fead4", 0xec, 0x5, 0x0, 0x3}, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x7, 0x0, r4, &(0x7f00000002c0), 0x0, 0xffffffff, 0x0, 0x1, r7}, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x1, 0x7, r8, &(0x7f0000000380)="3f4d2c087cd4473b556dca9521a2792d88e46953011acd1a34d35a4463de8770f39ac4810884c64e23978a48f7057f35882d6749a44224d1fcc399c53da5fb34f96cae954f3af89a73c349eeb484f00d4977157582bae4af2bd5320c0d5e6e18bc7fd35833489ba3cd1b575ebf6e94c59baf5d64053b3514daceb8c06eb88022f779ec2db6ad92c7b497cc0f68a0280a68c19db2f43d9da930f61f2d54fd60f18f0d9daba9366e698f7393238b34861495bafe", 0xb3, 0x310, 0x0, 0x3, r1}]) 01:46:20 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:46:20 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 63) 01:46:20 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) [ 787.488236] FAULT_INJECTION: forcing a failure. [ 787.488236] name failslab, interval 1, probability 0, space 0, times 0 [ 787.490643] CPU: 1 PID: 6754 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 787.492022] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 787.493682] Call Trace: [ 787.494222] dump_stack+0x107/0x167 [ 787.494971] should_fail.cold+0x5/0xa [ 787.495741] ? create_object.isra.0+0x3a/0xa20 [ 787.496662] should_failslab+0x5/0x20 [ 787.497426] kmem_cache_alloc+0x5b/0x360 [ 787.498248] create_object.isra.0+0x3a/0xa20 [ 787.499155] kmemleak_alloc_percpu+0xa0/0x100 [ 787.500057] pcpu_alloc+0x4e2/0x12f0 [ 787.500827] alloc_vfsmnt+0xfd/0x680 [ 787.501578] clone_mnt+0x6c/0xce0 [ 787.502284] copy_tree+0x3b0/0xa60 [ 787.503029] copy_mnt_ns+0x144/0xa00 [ 787.503781] ? rcu_read_lock_sched_held+0x3e/0x80 [ 787.504760] ? kmem_cache_alloc+0x2b4/0x360 [ 787.505632] create_new_namespaces+0xd6/0xb20 [ 787.506539] copy_namespaces+0x39e/0x480 [ 787.507376] copy_process+0x2549/0x67d0 [ 787.508172] ? find_held_lock+0x2c/0x110 [ 787.509024] ? __cleanup_sighand+0xb0/0xb0 [ 787.509886] ? _copy_from_user+0xfb/0x1b0 [ 787.510740] kernel_clone+0xe7/0xa20 [ 787.511501] ? __lockdep_reset_lock+0x180/0x180 [ 787.512434] ? create_io_thread+0xf0/0xf0 [ 787.513281] ? ksys_write+0x21a/0x260 [ 787.514043] ? lock_downgrade+0x6d0/0x6d0 [ 787.514877] __do_sys_clone3+0x1e5/0x320 [ 787.515695] ? __do_sys_clone+0x110/0x110 [ 787.516549] ? rcu_read_lock_any_held+0x75/0xa0 [ 787.517476] ? vfs_write+0x354/0xa30 [ 787.518227] ? fput_many+0x2f/0x1a0 [ 787.518984] ? ksys_write+0x1a9/0x260 [ 787.519753] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 787.520823] ? syscall_enter_from_user_mode+0x1d/0x50 [ 787.521855] ? trace_hardirqs_on+0x5b/0x180 [ 787.522737] do_syscall_64+0x33/0x40 [ 787.523505] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 787.524529] RIP: 0033:0x7f48f386eb19 [ 787.525275] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 787.528951] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 787.530472] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 787.531930] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 787.533364] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 787.534799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 787.536245] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:46:20 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:46:36 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 64) 01:46:36 executing program 0: clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:46:36 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x101) tee(r2, r1, 0x9, 0x0) syz_open_dev$sg(&(0x7f0000000280), 0x7150, 0xce241) vmsplice(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)="539b0a2c0cf6c6c4d6e213557826aaf6688f7da487394b04a775852470074f5bc82551616bc17cdb1d08d06f8463333b05228100b0b34d2fb83aa444f588e669675c98a1934aaffee8bf93eee0afe49a8bce4d1eb04be1ec3ea8e393d06233f887ddc4c946736dd7bb292619baf02de8064d23c6d7d8ae1575c1b54c25319989fbdbc7df8644728aafe8bb0a9447440abb45b03fc18179fcba10972ac92d132530333b460a65c3453125f5117aca77", 0xaf}, {&(0x7f0000000180)="5c42738b80fd5933a0207cdcb14b939d266612d97ba0e0ab2b1ebf0f3d3d0519027389d9ab594aa54e165e298c30c5e33e7a0909db65d203118ae62294c6ef607f6e316393d344ef9bf59d1eb0fde8f4d1", 0x51}, {&(0x7f0000000200)="3274d6ccd6d7a9377e5fe5b9e846b4277435a1e680be3f4771e4e8fc36cc31266c986eba46c4230b3196390e21205d2d26c57dd1abd1802db4f4082951590304535ec3f20d5f2ab58ec9539b843b4b78d77a6e46e51b2b678a44c3e8136463ba002fede13fe0558c6ed401", 0x6b}], 0x3, 0x9) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0x98, 0x0, 0x1, 0x101, 0x0, 0x0, {0xa, 0x0, 0x3}, [@CTA_NAT_DST={0x68, 0xd, 0x0, 0x1, [@CTA_NAT_V4_MINIP={0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x10}}, @CTA_NAT_PROTO={0x3c, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e20}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e20}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e24}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e21}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e21}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e21}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e24}]}, @CTA_NAT_V4_MINIP={0x8, 0x1, @empty}, @CTA_NAT_V4_MINIP={0x8, 0x1, @broadcast}, @CTA_NAT_V4_MINIP={0x8, 0x1, @remote}, @CTA_NAT_V4_MINIP={0x8, 0x1, @broadcast}]}, @CTA_SYNPROXY={0x1c, 0x18, 0x0, 0x1, [@CTA_SYNPROXY_ITS={0x8, 0x2, 0x1, 0x0, 0x1}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x3}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x4}]}]}, 0x98}, 0x1, 0x0, 0x0, 0x20004080}, 0x20000010) 01:46:36 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r0, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(0xffffffffffffffff, &(0x7f0000001180)=""/4091, 0xffb) 01:46:36 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:46:36 executing program 2: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:46:36 executing program 5: clone3(0x0, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:46:36 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 802.816007] FAULT_INJECTION: forcing a failure. [ 802.816007] name failslab, interval 1, probability 0, space 0, times 0 [ 802.817348] CPU: 1 PID: 6780 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 802.818112] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 802.819046] Call Trace: [ 802.819401] dump_stack+0x107/0x167 [ 802.819822] should_fail.cold+0x5/0xa [ 802.820265] ? create_object.isra.0+0x3a/0xa20 [ 802.820787] should_failslab+0x5/0x20 [ 802.821223] kmem_cache_alloc+0x5b/0x360 [ 802.821727] create_object.isra.0+0x3a/0xa20 [ 802.822229] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 802.822849] __kmalloc_track_caller+0x177/0x3c0 [ 802.823389] ? kstrdup_const+0x53/0x80 [ 802.823840] kstrdup+0x36/0x70 [ 802.824231] kstrdup_const+0x53/0x80 [ 802.824661] alloc_vfsmnt+0xb5/0x680 [ 802.825083] clone_mnt+0x6c/0xce0 [ 802.825485] copy_tree+0x3b0/0xa60 [ 802.825896] copy_mnt_ns+0x144/0xa00 [ 802.826317] ? rcu_read_lock_sched_held+0x3e/0x80 [ 802.826859] ? kmem_cache_alloc+0x2b4/0x360 [ 802.827388] create_new_namespaces+0xd6/0xb20 [ 802.827901] copy_namespaces+0x39e/0x480 [ 802.828365] copy_process+0x2549/0x67d0 [ 802.828813] ? find_held_lock+0x2c/0x110 [ 802.829316] ? __cleanup_sighand+0xb0/0xb0 [ 802.829806] ? _copy_from_user+0xfb/0x1b0 [ 802.830276] kernel_clone+0xe7/0xa20 [ 802.830695] ? __lockdep_reset_lock+0x180/0x180 [ 802.831233] ? create_io_thread+0xf0/0xf0 [ 802.831711] ? ksys_write+0x21a/0x260 [ 802.832139] ? lock_downgrade+0x6d0/0x6d0 [ 802.832609] __do_sys_clone3+0x1e5/0x320 [ 802.833068] ? __do_sys_clone+0x110/0x110 [ 802.833580] ? rcu_read_lock_any_held+0x75/0xa0 [ 802.834131] ? vfs_write+0x354/0xa30 [ 802.834557] ? fput_many+0x2f/0x1a0 [ 802.834997] ? ksys_write+0x1a9/0x260 [ 802.835443] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 802.836042] ? syscall_enter_from_user_mode+0x1d/0x50 [ 802.836620] ? trace_hardirqs_on+0x5b/0x180 [ 802.837114] do_syscall_64+0x33/0x40 [ 802.837534] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 802.838173] RIP: 0033:0x7f48f386eb19 [ 802.838596] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 802.840655] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 802.841582] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 802.842441] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 802.843327] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 802.844227] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 802.845114] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:46:36 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:46:36 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r0, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(0xffffffffffffffff, &(0x7f0000001180)=""/4091, 0xffb) 01:46:36 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r0, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(0xffffffffffffffff, &(0x7f0000001180)=""/4091, 0xffb) 01:46:53 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 65) 01:46:53 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:46:53 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:46:53 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, 0x0, 0x0) 01:46:53 executing program 5: clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:46:53 executing program 2: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:46:53 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:46:53 executing program 4: r0 = pkey_alloc(0x0, 0x0) pkey_mprotect(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2000000, r0) pkey_mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000004, r0) pkey_mprotect(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000009, r0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) [ 819.980035] FAULT_INJECTION: forcing a failure. [ 819.980035] name failslab, interval 1, probability 0, space 0, times 0 [ 819.982337] CPU: 0 PID: 6800 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 819.983726] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 819.985395] Call Trace: [ 819.985935] dump_stack+0x107/0x167 [ 819.986677] should_fail.cold+0x5/0xa [ 819.987469] ? create_object.isra.0+0x3a/0xa20 [ 819.988391] should_failslab+0x5/0x20 [ 819.989160] kmem_cache_alloc+0x5b/0x360 [ 819.989987] create_object.isra.0+0x3a/0xa20 [ 819.990883] kmemleak_alloc_percpu+0xa0/0x100 [ 819.991802] pcpu_alloc+0x4e2/0x12f0 [ 819.992580] alloc_vfsmnt+0xfd/0x680 [ 819.993335] clone_mnt+0x6c/0xce0 [ 819.994050] copy_tree+0x3b0/0xa60 [ 819.994785] copy_mnt_ns+0x144/0xa00 [ 819.995570] ? rcu_read_lock_sched_held+0x3e/0x80 [ 819.996542] ? kmem_cache_alloc+0x2b4/0x360 [ 819.997418] create_new_namespaces+0xd6/0xb20 [ 819.998331] copy_namespaces+0x39e/0x480 [ 819.999156] copy_process+0x2549/0x67d0 [ 819.999975] ? find_held_lock+0x2c/0x110 [ 820.000817] ? __cleanup_sighand+0xb0/0xb0 [ 820.001683] ? _copy_from_user+0xfb/0x1b0 [ 820.002542] kernel_clone+0xe7/0xa20 [ 820.003291] ? __lockdep_reset_lock+0x180/0x180 [ 820.004258] ? create_io_thread+0xf0/0xf0 [ 820.005116] ? ksys_write+0x21a/0x260 [ 820.005896] ? lock_downgrade+0x6d0/0x6d0 [ 820.006739] __do_sys_clone3+0x1e5/0x320 [ 820.007567] ? __do_sys_clone+0x110/0x110 [ 820.008425] ? rcu_read_lock_any_held+0x75/0xa0 [ 820.009359] ? vfs_write+0x354/0xa30 [ 820.010114] ? fput_many+0x2f/0x1a0 [ 820.010850] ? ksys_write+0x1a9/0x260 [ 820.011648] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 820.012712] ? syscall_enter_from_user_mode+0x1d/0x50 [ 820.013752] ? trace_hardirqs_on+0x5b/0x180 [ 820.014631] do_syscall_64+0x33/0x40 [ 820.015403] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 820.016435] RIP: 0033:0x7f48f386eb19 [ 820.017189] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 820.020905] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 820.022434] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 820.024051] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 820.025510] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 820.026943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 820.028383] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:46:53 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:46:53 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:47:10 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:47:10 executing program 2: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:47:10 executing program 5: clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:47:10 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:47:10 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:47:10 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, 0x0, 0x0) 01:47:10 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 66) [ 837.151802] audit: type=1400 audit(1674438430.571:16): avc: denied { tracepoint } for pid=6841 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 01:47:10 executing program 4: r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc404, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xc}, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x10000000}, 0xffffffffffffffff, 0x0, r0, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') r1 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000040)={0x4, 0x4, 0x6, 0x100, 0xfffffffa}) pipe2(&(0x7f0000000000), 0x0) [ 837.165013] FAULT_INJECTION: forcing a failure. [ 837.165013] name failslab, interval 1, probability 0, space 0, times 0 [ 837.167421] CPU: 0 PID: 6840 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 837.168834] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 837.170538] Call Trace: [ 837.171086] dump_stack+0x107/0x167 [ 837.171847] should_fail.cold+0x5/0xa [ 837.172631] ? create_object.isra.0+0x3a/0xa20 [ 837.173571] should_failslab+0x5/0x20 [ 837.174353] kmem_cache_alloc+0x5b/0x360 [ 837.175191] create_object.isra.0+0x3a/0xa20 [ 837.176120] kmemleak_alloc_percpu+0xa0/0x100 [ 837.177047] pcpu_alloc+0x4e2/0x12f0 [ 837.177833] alloc_vfsmnt+0xfd/0x680 [ 837.178599] clone_mnt+0x6c/0xce0 [ 837.179316] copy_tree+0x3b0/0xa60 [ 837.180069] copy_mnt_ns+0x144/0xa00 [ 837.180844] ? rcu_read_lock_sched_held+0x3e/0x80 [ 837.181839] ? kmem_cache_alloc+0x2b4/0x360 [ 837.182730] create_new_namespaces+0xd6/0xb20 [ 837.183673] copy_namespaces+0x39e/0x480 [ 837.184513] copy_process+0x2549/0x67d0 [ 837.185331] ? find_held_lock+0x2c/0x110 [ 837.186191] ? __cleanup_sighand+0xb0/0xb0 [ 837.187071] ? _copy_from_user+0xfb/0x1b0 [ 837.187937] kernel_clone+0xe7/0xa20 [ 837.188701] ? __lockdep_reset_lock+0x180/0x180 [ 837.189652] ? create_io_thread+0xf0/0xf0 [ 837.190517] ? ksys_write+0x21a/0x260 [ 837.191292] ? lock_downgrade+0x6d0/0x6d0 [ 837.192161] __do_sys_clone3+0x1e5/0x320 [ 837.192996] ? __do_sys_clone+0x110/0x110 [ 837.193868] ? rcu_read_lock_any_held+0x75/0xa0 [ 837.194822] ? vfs_write+0x354/0xa30 [ 837.195605] ? fput_many+0x2f/0x1a0 [ 837.196355] ? ksys_write+0x1a9/0x260 [ 837.197142] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 837.198211] ? syscall_enter_from_user_mode+0x1d/0x50 [ 837.199268] ? trace_hardirqs_on+0x5b/0x180 [ 837.200200] do_syscall_64+0x33/0x40 [ 837.200966] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 837.202020] RIP: 0033:0x7f48f386eb19 [ 837.202786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 837.206554] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 837.208147] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 837.209613] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 837.211063] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 837.212520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 837.213971] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:47:10 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:47:10 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:47:10 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:47:10 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:47:10 executing program 4: pipe2(&(0x7f0000001100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) tee(r1, r0, 0x9, 0x0) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0), 0x111001, 0x0) ioctl$BTRFS_IOC_ADD_DEV(r1, 0x5000940a, &(0x7f0000000100)={{r2}, "11054e7c4ea56bd17dd59d8d89f85c0b8040e92eff3fec630f76b38755840db73e72fcbb7c35e815bdfce828b6a0ada663a5ea7d1fd9d30ccb9ebd726dca7d178a21000a48b7be68e5d666f6d90244ee9fd3a66c54bb5c5e38f630d96f015ff37e5c529b29ac720a314206d0f0acdacecb2c9910d8657679bc3ca6c42c77eb7b665052975fda4b741825fe5fe091c74ee9836787f3f2e08e3ec857d6d2722835eb9ac1957dd44d3c74cbbb9d2c06fa2d8e3039780a19550057558432dc67d67947ce374560b990b4736b18bf905ef93592b8ca42417e14fcec8f506911fcec220f02b50543358f9dcbe6cd33239550f1623a74741ac28f3f29a84b700e7a6a01dcc3d0a703f23fc2a44ce7efc72c97085592f5aac4f111c5410c7f958c0d97d8d48cdc595c44f3453623c7c16f268ff7bfd1525b02d73c7e5d90a5d87d8094006e5b8ed3e8a7b9c1e77379ef922b2e62a8683f6b0309a54b00b05fdf32024a2067b8406fdb2160ab7c37ad3731b98d8c06eecfa285787c9bfa9d44547b30acd0e375360f72ed4bb4d627789ea10b85ff7d14b6250b5d9df7588d1d93af2ea78c580e9e4645e8a6ff9b9fab58cdfb6ff9d6e551e20a64af737a464bc6aad4950fef799137b970b1edc3910a3b93a4d3d12be83b3d393ba6579db56143a301389bac1564d848eb40e78e63099e67ae744fcc61674505c520e799023f483f6aad2387e8007797c4ddcb72120a2f8a9c8d4b689ccad0583e42443d266cf99d7d15dc327c5a28e38b13b11bad6216a5ff46e57bb160beaaa93bc2fbc23305e9afd45f3af17e19489a26a9e08b38c8f6a1d7abc94d04ff32ac1d08d530f11fc96dc03f67f6e48d106fdb22209e3de8d88f0ecb6151e63fafc7856f222fbe02bc3f71cbff02aa4bd76d8e3a98e3c6faf428d70f76cdf356e845f91653949ae6691e220f217d1ffeddc9c683cebf84f695f41c4660ff7af201a147def6cc781a592deeee5628817a8f7c6ee1b680173b7284a2613b8989699c30ea6e296a5637b27e1f39217d7f9b1884afbe7d9b1441d46a4f221f139c57ca29797fafe639db108fe360e98ef6e51a520195b3559f6b4e3a973b53c1610a91ecc43521f744e6966115d41a9fe12a89e8f2b5af55e6fc5896b2a894fdbf9ca6f88800416b177413912256e831b6a4f4394706a8c8f5579a3aa03699ae6699dcd7d950512cfb474260a3b36e9af407f2716ec154bc1fb84c607515d15da1a97e22341c2ea033caf57067e3573eaa4384a20dbc93e9f12d294b36309d525eac2313ebecca3dbb437b8928456b04a1dcfda207e189cd842c119780cb7860e922088215c6332d9fb6f9e01584ffa06f5514614dc416a304a9d3e6baf4dd25cb06f30b17697efad5926b1f5586d67298fc56e7e5c195a208f743387e9d4ed7a28af8b67c084c9b2ec36f7bf7a830bd5ae1407029151e5a3e07d77f89b9453b710149c9c67bdcfe1b4a40e44987b5e5f81a7b42d987c72b32d88b6a3240bd55dd1b6630408f6b119889fd90325ebdf8d50787e7df16634a097e2288e1eeb75077bc691420e009e81134c1485d281f9a25fe5db9a34c625c5b86e3d0ac0b4f386b4d4534b5ace8c1b6bd36623da8922c85843592d34fca91b7d8ca3c56e394b8fc55ecc064087ec7efdaddfdab71221c6ba6464abdcc770306b2e55235f2936f03d3881aabdc117bec4d9ad2d6e8c15dedf991e3a436647115774608ac76d6e6e01e1c9ad16ff3d5a6c0e945b2b9f78771a2748246b04d44f5cabb432ecb54cac8814250fe38562f88711665489f1b6dd67f54bf394ac7d092c4b88cc258a7abaf5b83884f1fe197749734c56ddfe2c6b6007db8ab7cfcf3398ecee24585103f4e954b66b103f11d63e556aaa353bd3cf0f5a015eebe2b7f536df34db251725a509f3101668efc9d26190d05e8cb7cae35910e6aaad336a8545f6f5984b1e980a5b6ea21eec443a742f1e7f8a4c7ab3163f53538ea6502cebd0e54e80ad1a651c92c7cbd9214bae106ca6aec923e144b5cf08f34c70dd0741e8a147d34451f89b5477e209a0ef8734a48138806a38d8877f544f7db0099313339ae10e8a84562076b1bc600d3d6983b0be8aeeb03b4802964c129566459e503cf0c20754f0c553495b55f6e10ed08887053e4889acff5a6c5244a318805da5c9a099730c0ff048fde0169856d7866878ca5cd11c2f81600c4bdd04c65c2e641487eefba4a05adcdaa0c95222976d286a5ad24691cf8a93ba57d302846a5fa15a61ed548f12b60c7e9ab1d1e3b595a43c3e9ebf5e30ecc3c91105a1785e93ba5fe9997bf2d06edaf7e5ad4e686d251f29444b8e13996e29b21f9c4a9b6f0767fcd5b1939621d884cc92576c855779b58bb9e8647c7ca7b5950135bd4f55fc45f28534bdb4a8e8b07c505b015d0f5e1a9e0d272a653df45871201216dfd6a53f92e19c09456dcf8d5bc2afaa4c4c150ee6a9bebb87ad5cbe73cfdef16ca648d7006483e9280bcb1d616252532d52c48bfe0cdb791986c78fc7adf722ce614f4bb6ec388d61c0ad3c92fe0cf274203f228f66ce080f21eedfd21c1a69feadf8ddece945143e7a8d9351d5e8f40403b69a62a8d30a9b1d27650412c52456f6e6c9c41e9dcf0bde6c02b7ef57b697e762e6c2c0c6674635e01e01ca9e567e50bec1efb4fac439d8ebe28bf1a607af91c5ed2dac30776a2f4bdee2d360650e27a0cdfc1778a3ef178e477e687abc89bd3535cd678ff6df79e0d7eeddf1434f3d4ca084c0851d8ba221a1b8a527aead19386dd6d2e3b1758f9c41d1530af844b794a41183957238fd484fc7234f0e6b1a4ad45e126be873f8740ed0bf4145fa6937f5e4352a5bc5fcb9ef763fa8f04d0ac6a58dbf2db7da6cb18a2664aec3302494ad3d45e01fcb12121c07a9b7a81255a5f3dcef6ca2c64a481c90d26bbcfc074372bd6065488c555255819e8c17976831a99c67c8055f868d13ef646b5f49a253e39b34a0380b507060b06a19b633377f7ddf0257277bfb38d864fc827046f59d2c875c43d267468eedfe1852f53df4c9278c4c9606e3cb48f83e69067c63cdf5da651c97e527b50c167fac2582fc7b400b28de6e0a6369bb48af417aff26d96e8f97aabc0f1985766f72a0afe4f8e4d178df237fe35e7865eac2ce56900d30c38847704ee691e46a94278ea1636569c6bde86d01a91b9716fa5f636dea6d627247aa1fb6020a4c8d40a1381bc69d641eb3afdca9a6d86da24ef0bbfce8564940b93ab27ce250b32d2dea7165fbc28e4f22aa6460454dcf6a934c19c0877ec78548d568e8a20095c793ef307ca80911162a1c7c1bfcf5e913c625609fe8cde04f421e1040e0111a93ee7631b798b20e3e51e066adb9bec2d0381eb79cd8277273365a079fc8e81937cbc661eef69086181c93455442f45616510a188251a326d2a600c160d471715e9ace175d1a701a686873481723024f2a003944c07c79e3451419b69d69e8df6c632806f812e689b021505e0202450993782a10f72e45b7a6c13dc9e7b9bc4a5af1ec68d5f621c31df12487e7b905ddb34d6797e3bf9b0627c2d55100f0c0a9ee9562da1fe7a7a2a84faf3a16857beb246c1ea27b6b03ea14a37424ea2548fa1f6ae4286a99f19ea7279c1e73e261fd04fe80f579aaa3572260a64fd6a942961f31b69b282b91c99be35b41415caa8494a843308677113106fa6f46c7e1e9afd899f5ce60dcf38495ccf13bc81b5cc2a4ba431504f7bd46ab6b97c07678cbd0eed7d1d65faf2dcd664015c6ba66032035c8ae222eeb0de3f8d58d089de0a846aba7ff863019c9d4d07f1dd8d6b05b0e854dff397696bcd40df39d1380228372bfea7a42faf3a3f961141670de095521a7d16fba774f0873b6478d94207948c3f791908d0625130eef230dc3d0db750532896af2d539c427ad830dcc7d0f7e11f422f98d2ae03aeb015091336b745a7bf28dd6ddd946c106324fea6b49201af25aa70cce87745fd562e3d6f418489dbee4d2393ab867cac526fe97db0505c6cc812c7d3258ef147a151acdb7e8f23069806e952475959e140145f301434ba927c545d06ef723eb3ff4a6c708eda05f9beec945f2b6c726344dc08f6e2e28de89f09f3bb910c7860c7945c00815c44836743af1925dce76b3064ba8fe78bafbdac415092ada27fc141e1541a90583d9bc0cd1189f7efe0a0916ee9f6ec8e7dafeed0b7fb6c22894eb35ee5a4add4ef553aadea2072b1276272fcb2ba649b6229cfd7e334ea117c52090599ce1d724cf5f24f1aa12dea95bf5b4fff46ea8524cd39ff0a0b80d55542c8010db24ef7f5ea8223d77ba09a4c37fff2b073e9d4453c6ef2a94def0bfc08127829dfc6d8e29be6a74b803eccd2c0696a0bdbeadd482f8b0c14b0f30ea3ae8b65b868f941ae37a19e8c460e1f3f54c3cfa6bdea8b99c2efef348b51c1d383653a0701996cf36cd93e3e85bd9fb0dffd378dbb12e369a6f06d2e1b08cb865dd6be9eef3508015d3888184b553b42ea86d2f85a6a1585a57683ac629cdff980296618cfa5b133f907307458fa1fb69030e7d5c198aff33a24602af797c62829fd6082a678a25ba8fa9302074ae8f7f4046ddbed0c3a92fe43b8ca4f1b648efec674581d60c5ce658559ba05239aefbcdf62d622ad27f7b7af72487ea3ca87e2c74d2c8db2ef350d2119f2a175eba3952202d345b4772f21e829c7062bdbdae348415abd537f2760b984ed50c1df93386d8b516ce65a64221400af1be390fdc0b39a4649e9a22d9b5821bb42048f511d86bb417f38f022ce7ad0375ef411ceef69cde3dc75303358ebcc5c111fbed236a764e0bb939a1b18174a0a26fc029d060e3ba6ce3f9cbe58f41401daa18577d8ccbf3c4e409175c970005b3eda4782e43c33ae77e98e1c1eac5fd5f4bbf5c0399589962d036043b04d653764ca38d2b5da9c57649b9da9b227b9c05564092a6d0505576488058afab2ee4e9314c248be89616d5d4950bdf941f3d2f02c02d0bf62810440a810827aa7d6eb67a7a35b309d347c667beac3b884c0fb3f6e836a1850b043191c2f9e24ded9155fc3ff3a56f407a6811aa4cd6aced34a39b8523d4cdffafcbf59b6a8f6379cb9d7613e319d3e06596fdf324f57712fa2dd057850590fb3e131ce0e70669b622d3b175ad1191f946d90772edaa5f1514cd7f84049cee21940ccb1ba6ca14b941a4b1c1cc7e4aed143a794763502bf62ca48f3cfc30770191791ab87cb496409c4f4e94434023d8527358fefc91668fc46695e199b46b3e2f0980383510b0de0eb27b68e7826749c8b3099f7cc1dee8ceaf4047b18d0ec68576a4705449a1f56d4c821ea66002ba4f58d6c8a63c282cb3aa4ce56adce9182bbd873cff5337ced556ecf2583fa257b50aaf1dc098aab1b2fe5875d338c1773f614166e24e719aeb8920596ad6779d256bbbb77d899b7e0e16047baf33fc3d0f5b2bbaca210229922659e465004c138175d84271b2e4ff1a1dd7251fa11ff14290697d6e9ffc9baad46a78d5a17a63c409320041c92808e04a227bbf0f31cf3d92207a64fc3ceb95877b2d223910f3dd7944cd81a252638e5db2bb0543470003e2901f99849026e7daed9f08f76a1b7620034d822236a204bc9833a62babe7e056025b2be44e79f5a3a7b2c08041396bf66c836dc3cd86af10ae688c4208a55581ecab50fe367f9b3e7f7a181270b93379606065d38ae2130754e98c233c068f2361fe254d4c3dd0a14eb513aea"}) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') openat$cgroup(0xffffffffffffffff, &(0x7f0000000040)='syz0\x00', 0x200002, 0x0) pipe2(&(0x7f0000000000), 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r4, r3, 0x9, 0x0) fsmount(r4, 0x1, 0xa) 01:47:10 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, 0x0, 0x0) 01:47:10 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 67) 01:47:10 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r2}, @void}}}, 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_SURVEY(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x20, r4, 0x10, 0x70bd26, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x1, 0x33}}}}, ["", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x804}, 0x4000010) [ 837.509397] FAULT_INJECTION: forcing a failure. [ 837.509397] name failslab, interval 1, probability 0, space 0, times 0 [ 837.511769] CPU: 0 PID: 6876 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 837.513157] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 837.514828] Call Trace: [ 837.515368] dump_stack+0x107/0x167 [ 837.516113] should_fail.cold+0x5/0xa [ 837.516898] should_failslab+0x5/0x20 [ 837.517669] __kmalloc_track_caller+0x79/0x3c0 [ 837.518588] ? kstrdup_const+0x53/0x80 [ 837.519378] kstrdup+0x36/0x70 [ 837.520043] kstrdup_const+0x53/0x80 [ 837.520797] alloc_vfsmnt+0xb5/0x680 [ 837.521545] clone_mnt+0x6c/0xce0 [ 837.522251] copy_tree+0x3b0/0xa60 [ 837.522973] copy_mnt_ns+0x144/0xa00 [ 837.523728] ? rcu_read_lock_sched_held+0x3e/0x80 [ 837.524689] ? kmem_cache_alloc+0x2b4/0x360 [ 837.525556] create_new_namespaces+0xd6/0xb20 [ 837.526464] copy_namespaces+0x39e/0x480 [ 837.527288] copy_process+0x2549/0x67d0 [ 837.528119] ? find_held_lock+0x2c/0x110 [ 837.528959] ? __cleanup_sighand+0xb0/0xb0 [ 837.529823] ? _copy_from_user+0xfb/0x1b0 [ 837.530673] kernel_clone+0xe7/0xa20 [ 837.531414] ? __lockdep_reset_lock+0x180/0x180 [ 837.532374] ? create_io_thread+0xf0/0xf0 [ 837.533218] ? ksys_write+0x21a/0x260 [ 837.533985] ? lock_downgrade+0x6d0/0x6d0 [ 837.534807] __do_sys_clone3+0x1e5/0x320 [ 837.535624] ? __do_sys_clone+0x110/0x110 [ 837.536475] ? rcu_read_lock_any_held+0x75/0xa0 [ 837.537413] ? vfs_write+0x354/0xa30 [ 837.538166] ? fput_many+0x2f/0x1a0 [ 837.538900] ? ksys_write+0x1a9/0x260 [ 837.539667] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 837.540702] ? syscall_enter_from_user_mode+0x1d/0x50 [ 837.541718] ? trace_hardirqs_on+0x5b/0x180 [ 837.542582] do_syscall_64+0x33/0x40 [ 837.543325] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 837.544378] RIP: 0033:0x7f48f386eb19 [ 837.545127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 837.548820] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 837.550349] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 837.551842] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 837.553244] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 837.554674] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 837.556092] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:47:26 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:47:26 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:47:26 executing program 5: clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:47:26 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 68) 01:47:26 executing program 3: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, 0x0, 0x0) 01:47:26 executing program 4: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') close_range(r0, r1, 0x2) pipe2(&(0x7f0000000000), 0x0) fcntl$getownex(r1, 0x10, &(0x7f0000000380)={0x0, 0x0}) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r4, r3, 0x9, 0x0) kcmp(0x0, r2, 0x4, 0xffffffffffffffff, r3) r5 = epoll_create(0x3) readv(r5, &(0x7f0000000340)=[{&(0x7f0000000100)=""/72, 0x48}, {&(0x7f0000000180)=""/137, 0x89}, {&(0x7f0000000240)=""/218, 0xda}], 0x3) fsetxattr$trusted_overlay_nlink(r0, &(0x7f0000000040), &(0x7f00000000c0)={'L-'}, 0x16, 0x0) 01:47:26 executing program 2: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:47:26 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 853.381182] FAULT_INJECTION: forcing a failure. [ 853.381182] name failslab, interval 1, probability 0, space 0, times 0 [ 853.383756] CPU: 0 PID: 6897 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 853.385240] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 01:47:26 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 853.387010] Call Trace: [ 853.387674] dump_stack+0x107/0x167 [ 853.388477] should_fail.cold+0x5/0xa [ 853.389298] ? create_object.isra.0+0x3a/0xa20 [ 853.390286] should_failslab+0x5/0x20 [ 853.391119] kmem_cache_alloc+0x5b/0x360 [ 853.392020] create_object.isra.0+0x3a/0xa20 [ 853.392980] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 853.394095] __kmalloc_track_caller+0x177/0x3c0 [ 853.395110] ? kstrdup_const+0x53/0x80 [ 853.395983] kstrdup+0x36/0x70 [ 853.396689] kstrdup_const+0x53/0x80 [ 853.397503] alloc_vfsmnt+0xb5/0x680 [ 853.398322] clone_mnt+0x6c/0xce0 [ 853.399070] copy_tree+0x3b0/0xa60 [ 853.399861] copy_mnt_ns+0x144/0xa00 [ 853.400662] ? rcu_read_lock_sched_held+0x3e/0x80 [ 853.401691] ? kmem_cache_alloc+0x2b4/0x360 [ 853.402622] create_new_namespaces+0xd6/0xb20 [ 853.403591] copy_namespaces+0x39e/0x480 [ 853.404467] copy_process+0x2549/0x67d0 [ 853.405316] ? find_held_lock+0x2c/0x110 [ 853.406223] ? __cleanup_sighand+0xb0/0xb0 [ 853.407137] ? _copy_from_user+0xfb/0x1b0 [ 853.408061] kernel_clone+0xe7/0xa20 [ 853.408849] ? __lockdep_reset_lock+0x180/0x180 [ 853.409857] ? create_io_thread+0xf0/0xf0 [ 853.410750] ? ksys_write+0x21a/0x260 [ 853.411572] ? lock_downgrade+0x6d0/0x6d0 [ 853.412465] __do_sys_clone3+0x1e5/0x320 [ 853.413331] ? __do_sys_clone+0x110/0x110 [ 853.414223] ? rcu_read_lock_any_held+0x75/0xa0 [ 853.415202] ? vfs_write+0x354/0xa30 [ 853.416000] ? fput_many+0x2f/0x1a0 [ 853.416776] ? ksys_write+0x1a9/0x260 [ 853.417589] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 853.418706] ? syscall_enter_from_user_mode+0x1d/0x50 [ 853.419814] ? trace_hardirqs_on+0x5b/0x180 [ 853.420736] do_syscall_64+0x33/0x40 [ 853.421530] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 853.422633] RIP: 0033:0x7f48f386eb19 [ 853.423425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 853.427404] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 853.429022] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 853.430531] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 853.432060] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 853.433569] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 853.435077] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:47:26 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, 0x0, 0x0) 01:47:26 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:47:26 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:47:26 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r2}, @void}}}, 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_SURVEY(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x20, r4, 0x10, 0x70bd26, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x1, 0x33}}}}, ["", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x804}, 0x4000010) 01:47:26 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:47:26 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, 0x0, 0x0) 01:47:26 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, 0x0, 0x0) [ 853.567936] cgroup: fork rejected by pids controller in /syz0 01:47:27 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r2}, @void}}}, 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_SURVEY(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x20, r4, 0x10, 0x70bd26, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x1, 0x33}}}}, ["", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x804}, 0x4000010) 01:47:27 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 69) [ 853.673746] FAULT_INJECTION: forcing a failure. [ 853.673746] name failslab, interval 1, probability 0, space 0, times 0 [ 853.676209] CPU: 0 PID: 6932 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 853.677641] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 853.679346] Call Trace: [ 853.679933] dump_stack+0x107/0x167 [ 853.680708] should_fail.cold+0x5/0xa [ 853.681496] should_failslab+0x5/0x20 [ 853.682300] __kmalloc_track_caller+0x79/0x3c0 [ 853.683314] ? kstrdup_const+0x53/0x80 [ 853.684147] kstrdup+0x36/0x70 [ 853.684832] kstrdup_const+0x53/0x80 [ 853.685609] alloc_vfsmnt+0xb5/0x680 [ 853.686402] clone_mnt+0x6c/0xce0 [ 853.687152] copy_tree+0x3b0/0xa60 [ 853.687927] copy_mnt_ns+0x144/0xa00 [ 853.688712] ? rcu_read_lock_sched_held+0x3e/0x80 [ 853.689706] ? kmem_cache_alloc+0x2b4/0x360 [ 853.690627] create_new_namespaces+0xd6/0xb20 [ 853.691603] copy_namespaces+0x39e/0x480 [ 853.692461] copy_process+0x2549/0x67d0 [ 853.693285] ? find_held_lock+0x2c/0x110 [ 853.694154] ? __cleanup_sighand+0xb0/0xb0 [ 853.695065] ? _copy_from_user+0xfb/0x1b0 [ 853.695952] kernel_clone+0xe7/0xa20 [ 853.696728] ? __lockdep_reset_lock+0x180/0x180 [ 853.697697] ? create_io_thread+0xf0/0xf0 [ 853.698557] ? ksys_write+0x21a/0x260 [ 853.699358] ? lock_downgrade+0x6d0/0x6d0 [ 853.700234] __do_sys_clone3+0x1e5/0x320 [ 853.701079] ? __do_sys_clone+0x110/0x110 [ 853.701959] ? rcu_read_lock_any_held+0x75/0xa0 [ 853.702938] ? vfs_write+0x354/0xa30 [ 853.703743] ? fput_many+0x2f/0x1a0 [ 853.704489] ? ksys_write+0x1a9/0x260 [ 853.705283] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 853.706360] ? syscall_enter_from_user_mode+0x1d/0x50 [ 853.707438] ? trace_hardirqs_on+0x5b/0x180 [ 853.708348] do_syscall_64+0x33/0x40 [ 853.709119] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 853.710183] RIP: 0033:0x7f48f386eb19 [ 853.710975] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 853.714743] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 853.716315] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 853.717790] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 853.719260] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 853.720854] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 853.722682] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:47:27 executing program 5: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:47:27 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:47:27 executing program 4: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') r2 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001b00), 0x10000, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r4, r3, 0x9, 0x0) r5 = signalfd(r0, &(0x7f0000001b40)={[0x7]}, 0x8) r6 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r6}, 0x0) perf_event_open(0x0, r6, 0x4, 0xffffffffffffffff, 0xa) lstat(&(0x7f0000001b80)='./file0\x00', &(0x7f0000001bc0)={0x0, 0x0, 0x0, 0x0, 0x0}) r8 = getgid() ioctl$TUNSETGROUP(0xffffffffffffffff, 0x400454ce, r8) sendmsg$unix(0xffffffffffffffff, &(0x7f0000001d00)={&(0x7f0000000140)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000001740)=[{&(0x7f00000001c0)="bcd5269acfc3f6391306a536a9aebce01108d2ea8d38e7c6965208c23a7a9fb8fbb34857b3a5c85fcc8d1af685bba01f5c9a5f5daea1977bf2beb02759a596a12949237c88e11665875ce38828af2807f32dceebd9e823f1460d9d5105daf523337467b6a13fb355857450113977e5063b37b22c629d755e9fe88d735acb4d6d29626304e3fcaf948a00a169e51ccdbf7460b9c15031c75e28b3847e83e659ea8f11c26d23ebda741464d513bee67357a0e2d9b89fbf95c3218548d49da449371556e69350", 0xc5}, {&(0x7f00000002c0)="ef064bd32ae40fe586829e34364eff8da824456a369e8c9e8097e3fb32714003228bba817a7e29efb6dc579937065c52591f0cf86922f62d1c6283fef88b378bb82fbe2b8d820d4be59d19bf9ccb80b85abae82e0e3f6eb37fc7e42da4d91e87ff65654e3a12b71c5674f6a2ef015d770831c62e972b2556c0c11276515f0fb122f502857b161c5837b15693fd62800de42fef88b79570704e7cb78ecaeb4e1ee614e3f0c3246e542004ffcdaedaf35825abc6edaeb8b9512b62b45c026c60f2a4347ad9a97e1a886b72570d1d20c28ee00509826275d91b0f348e0834d736a8df568ccf26", 0xe5}, {&(0x7f00000003c0)="c8250a0cd6f2bf7ced7f5e8561a27ebd58a08831fbb0bcc1e6a1de784ba951bf5e8f17eac8ce43d84fce9966cd701366d48259b216de5f75aa109c58c3ac49c52db0a370b5642b7683af099b84021f65546a6fcc5014bfcb83c5bffb691997889460757e6cbf62e41da8664dca3bc8d975cef15f2eb6d5e8559211d1cf84e2852cb7dc3259f243112b7d5929ad0d80449555405e44f7d1f7f79a6ea07c3c8f727126a6f8006bbf36f192e8167036dcd92d5d4b2556f49b94148a66993673758279206644c6b2b1e571eed71e6a62dd6907685bb272763abfe63fa14ba84f", 0xde}, {&(0x7f00000004c0)="8ac062fe99e853b1545cd47e3f1f44d18eefe0ee34864aeac38d32318a7ccc48de1f67f057c87db67ca792a91b9522522fdcac4b894744f13d9198fd46a9b9f50accebce700f5ca97315394398177a21c294fae67862ced8f1377e829b2f87c78d43a9e4dd3d88292e8e1f3e1c97d9d6ef1dc75b90d83fda59c2c881f859bf472e230f8be6d8e051cc9a5d9fb351acde7af4c601f3a451ea687b9132da204f5b130227ae2d447d0c9bfc48705c23631d0fb30ea499f5669de5fed3a7d7fd3721edee7764a1492b170493d8c2726aabd5f4259e8438f77766b0bd76997d82c276471de7f1d7adf64ffcb974", 0xeb}, {&(0x7f00000005c0)="f5495e4d0b1ee539b04bd63d1130227f33defe0b4bb4d0ee42f1ac6e3977cda597d7fd0111c10e", 0x27}, {&(0x7f0000000600)="b3dad8eb9b9857f52822ed426f426b7ada4b45c8a2fbca49ff6ce9523f75ae929a6d6bb61770b52752fd8a873ee26cf0b82a3f50b698d41ca966ce572e63b391244cbeb85d2082ed79cfb21aa80642d3e27399f35bb73fbb559678811a861ddeb6fdb5912efb5ffee1fbf4b91a0cc5be39de236bffb5b160d05f1ebf48a7be823044e507f072b03cf664bd9444cbf32083ce49014541f5d1b5c619060ea3ee8ea9f3c0f4b9215013c0806973cf107915a68082d5c73d52a190b93f8c236cccf1d7fffdf159fbfe0c4b73925de61c1520cdfd88b16157f79067a74b9ec6c0038861ce88f9bb2a53ad2691a7fe62f6642da4ffeb1fb06715881e5c4f4285c8e5dd5f4cea75064016be7df6017d81443d9d30ca4b0ec775c6b4404d78e2de0456f5e07382b93e2474ebb044329b0325e69d69b8d8cd9381781e83057001c1fec8ac9204d28e28cc835fdc0b656840821407eef9cbfdd7a1f211dc59bee6a0f3f0066115a5247027ff1ddabc86cf49983d9a8648a6d126514e8fdb8d477e005ffd0350d2dc6a14b9abbb2dbb2e8fcea551329769887e1e6b9472d0f04a35f712a4e4570251e431cd0883155eaaf74496cc1c1cc832dc8c92f73f3188dbf94c0eead3d86f027a2f868580c59f45266404bd998b349eb14206da78001174850238077e9c5e3063d2b0b30b928f5579e244cc9e84a93ee41d1f486360353540f3c8934a2c78a7c21de788027796c0f08bb1dfe971370f5de0b2160be41c7a3975f9abed5ba763c99189eb0ed1273f508fd45353ae554c26e0336ed339bc6318d5b470bddb7be8fa4dc75f762aceb940ef03ef741acb7ca034bfa38161eecd73b44bcac8e2c6e467952e961a34ca9c2d280b6ecb52a6dd481f3a71ff8ac40fc545f82ad707f1febe41dc78a08c661485606c50b52d8f239203e9d55422fc135cf28237757e5521e59fa1580d41830af33b39e68658f1f5ac9b70895e198ddfc57d61758319d25a60d7eb91d93b2541f60512cd24b2fcda0230e1e755e0e35f8dcd2386eedd713b8f23f243d0ddbda6b951f6588a4de56076a4c88268d1ac96631cd0d27592459ef8056d3209e3caa805506dde39caaf4e6eff6f8919bbb723e35d58a2b6e86f296959debe617f767a60568b1978ebe459c520881953b51cc50510925cb421374f085134e19464e0bac50e3ae115bcc69a996162507ed27a103f08d5e04fc1054182e14a7e2178636b4eb7f2e9fb922dd5acdc5ce3d768acac7a317f014f3fd4601c6d94262144bd6012ea2c96938fdfbf9240bafbfba6fc68d5842918e2baff1e4b5f8649b260876553de0789256e4a53f98791b335670069abe62c40479bfe1566d49b8e641aa05c295dbafcfccbc0a381b2267b6d6682a4415503151df78e67efbbdc9d14100e722e321e551e5765ef5afab86414c027f39dccf6dbaf8d9eca9143ad4c97c67ca3dbfae9edef3ec4212a8bfdad6391bfc3f5143b40b7a9cd2a7ef584f04eb800dd88e81bf12deb87206b6f3457bf72f4fc7c995d09b5d71b482c76d393ace30a96a84add31e15e5f1b6c279a9842ca9a21ad8ea1840d8d6488b881ea64c715936b9cf1e8be5186d0632135f756623ef29de14862df44a2f6f66636c86ab4fea7fd3b4f85d2b0a48bfb414fdb675fdda8d536c65be9710e78da0c59a03025c9603d58d9749d33ae36a0520b0208aba02efb199ea9cf6beb53b2e9281eace7ff032e92b654f792ee794735a0459b18282966a222879203edca7fe55d2ac708d47b0805aea5b942ad1a206ad99130bf11236b65b06a94d474794b8ffc53c5a697cb1b2ed7b27c34a1824b6502cc0c6524a641213c6f6c07c19925f9161cd6e989d3b5c907e260f2b383cf5b5fddd9d132188eabab6f09cf9f2716445eb304347d18ae4d72f1e8569a3792edf4f83b6558796eb3781c52c326fc5721da59a37c0c739f721b6ddb4fbddcd388280a03207f3877c9f5939fa7c0b03abc00f458d6d9b853f46c61dbcb29fbbb16ee501b1fd1c4ad0dceac39f3e7f4934c763170cc40976de370a870a538a9113b6fa91e03a0da9f452db9c35f39f0b9819d8924800f0c7db30b88a46299c0008e450cf51594ac7e6011b8a436664e95b4cac767e0d6893c51ceb91a21e3ad5dc09f59266d053c508c2ec7887342cc6580f12344914776764a6c3a8f021fc773d221af892da70076025b17fa1832b7e91f019031260581d09fdb396b38c8641ad71f918a3d6b2d140bcc1dff57801a738b37fcf1eae0a547c1ca018d61348e8110fcc3c7c55c70b67a434ea175f564c9d59a408f02e1fc54689d660b91884827e31f87bd353ccf68b3ae5b24841ce75ac80c1959bb205dc05fe5e7c18a2ee01baaf058b3cbcad535ec517617b2e6712831ea82fdfe2a686cf7eaff8e98530360bbe70e733a666145fc85f4b6fd0ac0619325d37134970b77912eec0b4a309c11ee79f4ec6273acedc516ebcd47598f263656b0c0f4bd91e7cde5e46848c26290e59032264588abbf03acb72b299abdbab760d07ef0cd42942900ccfa37a9e31e7082f9cee4bf438f15f33ca67a56d1b19cf1cd978830d5932d5753aae9917aed89659da95a506c23f3276e3c5902484a7802e79a5eb87432c3b1865fad72a1844c1d68bc020e4b0af82b5ed601db801e7e63c26a5f91779f8d2dc08242f840cacca2a6a6b3a9231d91d70a6dcd2aad423dfff6704708f19870950f4dd708ec42baa5e6ea8bd4af086cceeeb660b24525795df58c31e47923a8de3accb1ea785e1c2925e75677991be5143dc2b594ab243a158a8b7fad05d4606a614373dadd49899e28f3f16c0ed56c24cd94ccfa6a5912e2d2cac61ac7a05a26f1b6f64214a6158672cf92b86a9fb5791fd7503d56af061600fe66ddf68f2fab1c5d63d2abf829617fd41fca6d88c2e3c42b34276265bcfaa67addf03df69b9e979f3f3b565ff6a8e6e32c35ae35a4e6fb891138272eb750cd7d7fe38dbdf1ac428f1f066008e9d128549f9b0901618a39f9a279d721756f61f9047985967732ba61f5c94e533f2decef11600879fba427d9b5f9e160cc5cd3cdac3479c2f9ca43423532458562cf8a33dc751dfc658d9566cef27b7779b697d0ca311b70d36d5c50ebef3455213c25bbe9a19af367f67fb0c216b44ef95db928c852cc01b84b1fcf4afdbc8e43c2d2c0c74e15b982bc8ee6605a34a655a2f7e4144e2d6eba53e658c2ac15144a6a969e959b50b3f2d03da49d676b4690978470fafa246189b407b72b539d119615893a64c822f21524621a6724333f1efdd2b36b2b42feb6aeee0e5bd13951deb0e709ee8ade020c866bdff8cf628db6a669dba0be1d7c1a894f434c73c80cbee97712052ba39069a9d86b29ddc01768ba501922e13033022d8571a3859848a46f3e45b947089a89b4d935b7c77aea440dc57520e6f336d04e4f116b2fe66bc56a062d1e18586de967079c457d7cbd884969e9ec50a8e0adebed43d87076c795e1739ade163b139b31445e2b6b0db2b9e3a6844d614127212778c1a902e180f1a0036cd1eb6f5dd9c3b8edfaf83ff98e3a331ac8b9e6854f910a66ef4c9cee4b3c8d83b9c357993da90a470a07d18f7140f6c8820ebef8922d9def8f16c68770b67fdae893150975c677bc4cd677d82621a008e76a9c835d7768d5f4456dbcdd47f0c4207a00ae238443ba09c62b4b34b07bad24b52b3929fe3c61210d7577142976fb930a5dd2f53a619f81a222ce23bfe7ddeffcbbd33c85063b3dd5d5ea78e78e6fe48f69f317c658b99806ea55434be91c36f63da339215318700d2671932bf0f2abcf1b981cccd86049925e9ebc93e78611abd549192bf626a3a585658eb19d0884f652096ae7e48fbcb091ec37f6db771364acb3465692392779be4de0a6d3b8e455db3ccc49002dbb8a62aeddc46db0a14bae68281c05ee1f3f7ea1c8186e108fe6b54c13e4f8d8586ac416a5e30d57b4d4342a0799f9f5363f5df3cc97fce06a1c0225ee11dd5f064464bfe529df472cb594ce549596c2ba0865bb9bf9e16857fd231f40eb5ec82f29ebc35fd42c05134ee8ba0209dd05671fda75b5cb4f114874691e0967a2d9c98d54060f989971f6b86ce787fdf18cf21eb4b8e3acf94ca612eed0f79ea06d607014f4e74b9bfa9a268e20a206d5b48bd157c9062b54d7a615f9492aa4004be7d39add17fc0690b1c84b36216b1024d3119f1c8833a5edb1b43c3ff2f196200364bcee20decabfe9b52a5436f059881555f9365b763c94be1cff36671f8c4900a164035aa61cf39ed78cac8a1b5a6c5ca2f62818e4f28cc8f9b897cf2fb94b6c9bfc06eb31025b6137c763370027d148cf3259f7187eec6ef0e8d05c4bf7246144f116d6731b4941ab44234d67d38661e8c55560e995b0339c136e910d8390bafa02f3f5ce13aa213d8372b14a524d15cc1737ffec58e5c96ae826630d50e80d39ae4cb6ac93d120076cfb4ba75732f09015c4bd8f7282040cc2e2aeffba3e636af7dbd984b5e1b642954b475f7494b2cd2df13bd80fbc759bd5b1a5e5c1de7ab61d8b7a81d8788dd24e2247670622595d4bae068ef89a9a0f9a4070820b91c7f6dfc2dc701195e96c8879c5f92dd4f6d94e35d6af4eae4f53a8421a8fa9f18e00aa3c814592728bfbc03858ba38fd572713f72e4a98c7c2ba70a878637ca3feba40b2bb006a03389e43d2c3c6565cf1f1018bb7883a8751b341324b1b90e482dabc6a50d38f91501ba32f26ee851f9e2091d1bdaa2b009f1ce8116c4e948e11c496a21ace9937fbe2053b8a97fba2cf389bcb0c63dea391d78a9757aa23aab7d9e2bd1a0c440dbafd95efbf5d0287276b2d7be3b28cfdee222c5b0c28065d765450faee9cd69f3899da177744c17446c82692d5bbed0cdfda62d637a528a3bd9e908dc668dd220a5d56d8bb82eb28fd552bd256c99321ecf6f0588aea40cfafad635a47a0ffee5207f6223e620ffdaf7caec36fd5bcb8a7d83d7f1865668d450bce358072aae8d4dd744a48f04435c3e6c9b068d51d39888445eadc590620d0f2052af435da498f0df19114888750b49ed7c9e660ee1cb875dd35c45ae75ac1aee021698148243c7c077722a4a4a63a7b1018e08c684eae4f520a4eb23886c10323ec77d99dcad82bc9732cc6baf13107ecaf870d5a6230b479d56a43e3673dcc3f86fd0ebf3fdb583bc1977f7b6c7aea33dad598f8b2fda2cdf23bb78263cc188203eefffbcea833467ac3dfaf68463baab0e3844c0a3c4b076c24fad47b6e49bb1b60e9660e4a634d132089f33d70d5d590791f4da78df283bae50c6af962aca1e17eea9bb32959f23bffe11c315fc57120e9ba2304fa14e9a522f8a07268a757884824b773fa3d2485df8cf9195b73fd0a0e8f2e1f84a98f193009cebfebe1724432414eaa0bd6a78d51e27c5f7d1ba10cb9ecd075582a4e621420194f469461b339f8f6d88940eea22ff12ede340fe3b6d0b72f9777e5be2207cc9633a7e4b8915d72fff34a6e87abc486af90aed4fb523610a0608548d441d6a96ab9ac71baa7aff111930173863d9bc1a0d4593e57f60f379511f31c8a86dd2864fd46365484ad652a49cea0d1f4e0c1d720835ee93fae1aff9aeb9144b2c8576ec02ddddec57e7dbb48ec41869204209da4b40a14c87f3f8cf7e6d4faa5bd4334ab175392ef9cbd2c07a523e24317e79391648f2785930be789d656b5fe64063f9386b0bf60bdc0595b9ed52c60eae36ce73a8e392c443530964e5d135c2b0730b7b8", 0x1000}, {&(0x7f0000001600)="72ecb2397cda824a9b1b32cb1416b3c90dc5623ba1fb2e317892b22c0ce176e8adb8da227c4f4c8dc4231dc9cbf557d089f5b09db0c6c00708967f74e9024563287aa00475ec3007124c015a19709520677bac87788f586304cba68082b3ffef8811592f6e77dae9c95ef91e57833aa1089e0ec908dfa94a98831b61823a60c177585bd18dfa93ac2b81cf9f79574e351016b3d89821ab20a719479824a74a61184be5d7c6b404717982499fc8198c65d2d9e0ebfc6616f1d6e788da70f39111d63e7f", 0xc3}, {&(0x7f0000001700)="95912539afae954b2d6888957029aa73151dfb994b60a9e69316848fd990bc1cd0", 0x21}], 0x8, &(0x7f0000001c40)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff}}}, @rights={{0x2c, 0x1, 0x1, [r1, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r2, r4]}}, @rights={{0x14, 0x1, 0x1, [r5]}}, @cred={{0x1c, 0x1, 0x2, {r6, r7, r8}}}], 0xa8, 0x8004}, 0x24004005) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r10, r9, 0x9, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r11, r9, 0x4009, 0xa) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r9, 0xc0189372, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r11, @ANYBLOB="09000084000000002e2f6669b1d23000"]) perf_event_open(&(0x7f00000000c0)={0x4, 0x80, 0xff, 0x81, 0x7f, 0x8f, 0x0, 0x5d9d, 0x30, 0x8, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext={0x100000001, 0x721}, 0x0, 0x6, 0x4, 0x4, 0x845, 0xfffffffe, 0x7ff, 0x0, 0xd0}, 0x0, 0x1, 0xffffffffffffffff, 0x3) pipe2(&(0x7f0000000000), 0x0) 01:47:27 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r2}, @void}}}, 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_SURVEY(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x20, r4, 0x10, 0x70bd26, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x1, 0x33}}}}, ["", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x804}, 0x4000010) 01:47:27 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 70) 01:47:27 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:47:27 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 854.349881] FAULT_INJECTION: forcing a failure. [ 854.349881] name failslab, interval 1, probability 0, space 0, times 0 [ 854.352296] CPU: 0 PID: 6944 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 854.353706] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 854.355408] Call Trace: [ 854.355962] dump_stack+0x107/0x167 [ 854.356721] should_fail.cold+0x5/0xa [ 854.357493] ? create_object.isra.0+0x3a/0xa20 01:47:27 executing program 5: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 854.358423] should_failslab+0x5/0x20 [ 854.359286] kmem_cache_alloc+0x5b/0x360 [ 854.360126] ? mark_held_locks+0x9e/0xe0 [ 854.360959] create_object.isra.0+0x3a/0xa20 [ 854.361864] kmemleak_alloc_percpu+0xa0/0x100 [ 854.362786] pcpu_alloc+0x4e2/0x12f0 [ 854.363566] alloc_vfsmnt+0xfd/0x680 [ 854.364348] clone_mnt+0x6c/0xce0 [ 854.365068] copy_tree+0x3b0/0xa60 [ 854.365814] copy_mnt_ns+0x144/0xa00 [ 854.366581] ? rcu_read_lock_sched_held+0x3e/0x80 [ 854.367563] ? kmem_cache_alloc+0x2b4/0x360 [ 854.368461] create_new_namespaces+0xd6/0xb20 [ 854.369379] copy_namespaces+0x39e/0x480 [ 854.370211] copy_process+0x2549/0x67d0 [ 854.371019] ? find_held_lock+0x2c/0x110 [ 854.371871] ? __cleanup_sighand+0xb0/0xb0 [ 854.372750] ? _copy_from_user+0xfb/0x1b0 [ 854.373604] kernel_clone+0xe7/0xa20 [ 854.374359] ? __lockdep_reset_lock+0x180/0x180 [ 854.375332] ? create_io_thread+0xf0/0xf0 [ 854.376204] ? ksys_write+0x21a/0x260 [ 854.376990] ? lock_downgrade+0x6d0/0x6d0 [ 854.377830] __do_sys_clone3+0x1e5/0x320 [ 854.378647] ? __do_sys_clone+0x110/0x110 01:47:27 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r1}, @void}}}, 0x24}}, 0x0) [ 854.379506] ? rcu_read_lock_any_held+0x75/0xa0 [ 854.380492] ? vfs_write+0x354/0xa30 [ 854.381248] ? fput_many+0x2f/0x1a0 [ 854.381987] ? ksys_write+0x1a9/0x260 [ 854.382770] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 854.383852] ? syscall_enter_from_user_mode+0x1d/0x50 [ 854.384893] ? trace_hardirqs_on+0x5b/0x180 [ 854.385768] do_syscall_64+0x33/0x40 [ 854.386525] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 854.387560] RIP: 0033:0x7f48f386eb19 [ 854.388320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 854.392030] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 854.393563] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 854.395000] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 854.396454] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 854.397898] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 854.399342] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:47:44 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:47:44 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:47:44 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r0, 0xc018937b, &(0x7f0000000180)=ANY=[@ANYBLOB="00000000fffd14d984b36fdd00ff0fb3ea3db54ddacd8290ff00000000d2217fe7dabfd66653729e6354134e402ff04e30b070ce574d509750b199dd5d7aa12790bad4fbb16059293be789b5444dfdfba5cc80389d4a47339f103266a1", @ANYRES32=r0, @ANYRES32, @ANYRES32=0xee01, @ANYBLOB='./file0\x00']) pread64(r1, &(0x7f00000000c0)=""/143, 0x8f, 0x8) pipe2(&(0x7f0000000000), 0x0) 01:47:44 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 71) 01:47:44 executing program 5: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:47:44 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:47:44 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REGISTER_BEACONS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r1}, @void}}}, 0x24}}, 0x0) 01:47:44 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 871.228997] FAULT_INJECTION: forcing a failure. [ 871.228997] name failslab, interval 1, probability 0, space 0, times 0 [ 871.231457] CPU: 0 PID: 6964 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 871.232907] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 871.234612] Call Trace: [ 871.235160] dump_stack+0x107/0x167 [ 871.235925] should_fail.cold+0x5/0xa [ 871.236714] ? alloc_vfsmnt+0x23/0x680 [ 871.237505] should_failslab+0x5/0x20 [ 871.238276] kmem_cache_alloc+0x5b/0x360 [ 871.239105] ? copy_tree+0x61a/0xa60 [ 871.239870] alloc_vfsmnt+0x23/0x680 [ 871.240639] clone_mnt+0x6c/0xce0 [ 871.241354] copy_tree+0x3b0/0xa60 [ 871.242093] copy_mnt_ns+0x144/0xa00 [ 871.242851] ? rcu_read_lock_sched_held+0x3e/0x80 [ 871.243833] ? kmem_cache_alloc+0x2b4/0x360 [ 871.244736] create_new_namespaces+0xd6/0xb20 [ 871.245717] copy_namespaces+0x39e/0x480 [ 871.246751] copy_process+0x2549/0x67d0 [ 871.247657] ? find_held_lock+0x2c/0x110 [ 871.248551] ? __cleanup_sighand+0xb0/0xb0 [ 871.249550] ? _copy_from_user+0xfb/0x1b0 [ 871.250481] kernel_clone+0xe7/0xa20 [ 871.251265] ? __lockdep_reset_lock+0x180/0x180 [ 871.252253] ? create_io_thread+0xf0/0xf0 [ 871.253127] ? ksys_write+0x21a/0x260 [ 871.253927] ? lock_downgrade+0x6d0/0x6d0 [ 871.254778] __do_sys_clone3+0x1e5/0x320 [ 871.255595] ? __do_sys_clone+0x110/0x110 [ 871.256458] ? rcu_read_lock_any_held+0x75/0xa0 [ 871.257391] ? vfs_write+0x354/0xa30 [ 871.258142] ? fput_many+0x2f/0x1a0 [ 871.258879] ? ksys_write+0x1a9/0x260 [ 871.259653] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 871.260719] ? syscall_enter_from_user_mode+0x1d/0x50 [ 871.261755] ? trace_hardirqs_on+0x5b/0x180 [ 871.262640] do_syscall_64+0x33/0x40 [ 871.263388] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 871.264452] RIP: 0033:0x7f48f386eb19 [ 871.265205] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 871.268950] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 871.270484] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 871.271935] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 871.273364] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 871.274796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 871.276247] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:47:44 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:47:44 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:47:44 executing program 5: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:47:44 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:47:44 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REGISTER_BEACONS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r1}, @void}}}, 0x24}}, 0x0) 01:47:44 executing program 5: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:47:44 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 72) [ 871.464055] cgroup: fork rejected by pids controller in /syz7 [ 871.479766] FAULT_INJECTION: forcing a failure. [ 871.479766] name failslab, interval 1, probability 0, space 0, times 0 [ 871.482216] CPU: 0 PID: 7001 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 871.483624] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 871.485339] Call Trace: [ 871.485893] dump_stack+0x107/0x167 [ 871.486644] should_fail.cold+0x5/0xa [ 871.487427] ? alloc_vfsmnt+0x23/0x680 [ 871.488245] should_failslab+0x5/0x20 [ 871.489026] kmem_cache_alloc+0x5b/0x360 [ 871.489861] ? copy_tree+0x61a/0xa60 [ 871.490632] alloc_vfsmnt+0x23/0x680 [ 871.491399] clone_mnt+0x6c/0xce0 [ 871.492121] copy_tree+0x3b0/0xa60 [ 871.492872] copy_mnt_ns+0x144/0xa00 [ 871.493635] ? rcu_read_lock_sched_held+0x3e/0x80 [ 871.494623] ? kmem_cache_alloc+0x2b4/0x360 [ 871.495500] create_new_namespaces+0xd6/0xb20 [ 871.496451] copy_namespaces+0x39e/0x480 [ 871.497279] copy_process+0x2549/0x67d0 [ 871.498127] ? find_held_lock+0x2c/0x110 [ 871.498969] ? __cleanup_sighand+0xb0/0xb0 [ 871.499847] ? _copy_from_user+0xfb/0x1b0 [ 871.500701] kernel_clone+0xe7/0xa20 [ 871.501468] ? __lockdep_reset_lock+0x180/0x180 [ 871.502406] ? create_io_thread+0xf0/0xf0 [ 871.503273] ? ksys_write+0x21a/0x260 [ 871.504070] ? lock_downgrade+0x6d0/0x6d0 [ 871.504927] __do_sys_clone3+0x1e5/0x320 [ 871.505763] ? __do_sys_clone+0x110/0x110 [ 871.506635] ? rcu_read_lock_any_held+0x75/0xa0 [ 871.507590] ? vfs_write+0x354/0xa30 [ 871.508366] ? fput_many+0x2f/0x1a0 [ 871.509117] ? ksys_write+0x1a9/0x260 [ 871.509907] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 871.510988] ? syscall_enter_from_user_mode+0x1d/0x50 [ 871.512053] ? trace_hardirqs_on+0x5b/0x180 [ 871.512944] do_syscall_64+0x33/0x40 [ 871.513713] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 871.514767] RIP: 0033:0x7f48f386eb19 [ 871.515539] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 871.519319] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 871.520891] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 871.522357] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 871.523820] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 871.525310] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 871.526774] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:47:44 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r2, r1, 0x9, 0x0) r3 = openat(r1, &(0x7f0000000740)='./file0\x00', 0x0, 0x10) perf_event_open(&(0x7f00000006c0)={0x7, 0x80, 0x5, 0x0, 0x9a, 0x3, 0x0, 0x1000, 0x25001, 0x2, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000280)}, 0x0, 0xfff, 0x2, 0x0, 0x7fff, 0xffffff96, 0x138, 0x0, 0x900e, 0x0, 0xffffffffffffbab4}, 0xffffffffffffffff, 0x8, r3, 0x9) r4 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r4}, 0x0) r5 = perf_event_open(0x0, r4, 0x4, 0xffffffffffffffff, 0xa) fcntl$setown(r1, 0x8, r4) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd=r0, 0x5, {0x0, r2}, 0x80000000, 0x1, 0x1, {0x0, 0x0, r0}}, 0x2) preadv(r5, &(0x7f0000000880)=[{&(0x7f0000000780)=""/216, 0xd8}], 0x1, 0x2, 0x9) vmsplice(r1, &(0x7f0000000600)=[{&(0x7f00000000c0)="ab9a18490834629e6e78fdefd5", 0xd}, {&(0x7f0000000100)="7ad4144e5a74cbfc658adf7319bdaf52486287165cd200ddf3ecb0077e3d40597f67602a775bca4687a0426b8cb9559f134e74fcef80019130545ebef3c892a1e1b2dc", 0x43}, {&(0x7f0000000180)="1d583e19f4a5ac9dada9f335bccce92a40679c30cce45eac5e573b424eb6f1db8c948e9ee4765ea8f327c41cb83769b050fdea14cae2bcd7b15e604de21be631421eee83865e598bc9bd2e9b3e82e7c6a4425b1ea59c3d6117767f1b86baf569bb4922dcfe677fba10caf34e8d26a8cb513f8953b65f95dbeebc6d351c3b9520075be5707289b574b8b2a5b842d355f9b58cee73572035b456327fffdbd674e7078b9593f77bd6ab50fa9e7d0cb159124c333698b0ea163810084842d26d8c921a6c0741419e64c8ceff5fdcdba056254c705d0050b4d2c835", 0xd9}, {&(0x7f0000000280)}, {&(0x7f00000002c0)="4d467a617e594bce2fed721569eaedc6da6d501d59b59558f063d8cafa1bfbea15589dfb33f6da337477d8c4fdb52f19c967f95ca86227fb6fec47c3f99b31810a7323d3a6d3eacdd51a27ff0bbeb73814d3716b3001ca25", 0x58}, {&(0x7f0000000340)="852851209b50302858a307f9c22370361d8329f8ba46283e22108c23638351e72c07feed302be395790e16ddbe6502d1631b695b98bb48ecd7a2bc728393017d69210bc26aa1ff115bad51800d6944f910d51153c729ae05f57a3a4084f8692fc1c0b61761ee095fe420da42c6061cd9d73102a6d46caf8221bec33207cc4f2c3bd4e1c7bbe31104bfd97e73b76db355af489e99e593bcd5f2b49ddc1eaa08fb8089fb781d55a65468cb52aebbcfbe5de1e8fe11a8c1b62fb26fd5343b4806ecb0f4a6b52b85bc39434f", 0xca}, {&(0x7f0000000440)="1dfd0e72e34424304db3c616f923cbbc4db7f1add94b10a4e5c6cd843b1b7ce5abc235a94a0ff70381e7670f84ae52270d2f998e5f363612035b5b11ad9b8d837bcab318fa2440a09ce2607db662fbc155c551e8f9aa68d1d89f665816b538c1112d451de9d4e81770937fc645f374891dbc3e14b2d15b362550d78abc181a1a76bbc599225974", 0x87}, {&(0x7f0000000500)="ea26268f0e58bec7a546f2f0f78409479c887bd893cc4eb698cb00429ddd0531647d89bc18a3dd7c9bf55debf80f90b5d15e1f2643ed1897437bc8fa89920c239b577539144ea62a208acb8334b9ecefa246643e5250d65cadb3c25c5071d3e195c8bfec886211023e5cbdbe73f9af4d4cc3a9ebabdf8c43a46abda6ffc878b9f2d1f339ee16972546504451d0b64ababa08589788938a4d17ce887aa136", 0x9e}, {&(0x7f00000005c0)="ced4f0ee441acac435c2ab67454afb48e569cf7d8215804403784cfc107f5478b4c743", 0x23}], 0x9, 0x9) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r1, 0x40042409, 0x0) pipe2(&(0x7f0000000000), 0x0) [ 873.473646] Bluetooth: hci3: command 0x0405 tx timeout 01:48:02 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 73) 01:48:02 executing program 5: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:48:02 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REGISTER_BEACONS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r1}, @void}}}, 0x24}}, 0x0) 01:48:02 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:48:02 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x5}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000040), 0x1000, 0x0, &(0x7f00000000c0)="28088a6de7871a614736366d9fa7d692ba118e9a8e8c9929ba1bcc77847ffeab1d5901f34d7d443dab2004dce66fba23e4ea7183ceae256312a6dc959740b6a3ad1bce75be7ac40c8df4e1b45d014739c1881bbb214367a961dd80a7fcd6942ab8a16c5b03e77cf75013c7fc5047198b4b50e1286c534f6107cb9e735a1ad464fae8148c7956579778c7ef084a6ac7463713ab2c8fb595b0c3b5e8cf163ff1467336d717b0366c2cd8a4e79ebdd7690534c6acdc5a78d2fca37bd69014f4a610414df6edad86f1f71e0b9fe728fd0f0b2c7deb165b0db33077cf9d641566bff8cc13aeac7500151dd13c14273b6241ee7ff5750e9d284a5555832a2a9e018595b8cbc4c9898428e864ff91b03e2b3778a4a71b56517ef59c0e0a0e3446dfc45a7e063225b2fac363dcd5d86fca896d0319371764615390489c15d9dca3df1613a867dc439ca8287f920888a6d86850a8427f4ea6076cb8867800726706ed4c60383884abde82d51b4c5632bc5d684e148ffc4a86c1165907cbb1c2d78e3a1c1fdd423aec89c2a1a3f3ed5466c7b0a860947243d0bd253b93d5c0d37ee5fbcb2c5b2c9be89363c9adbf7b6996d8cd60f6dc8fb5db41a3019c641c459a1aa5b31487fdc93c5a78f2a665df8ccc77104110203360888fb65562b4cd7d1674a8b2eae38f3360b1253b4293851bba080b7d575a71e6bfda3b27a8fcfb463a9a2ab9f75ef73727ec61a66d1e7f25a398cb9db3837218b1f727335e4e1f6b8b067e1ddbee5e3ec9fadf57f04c2571ee90828ffe2c6e508c0f7d7d55103aba2a4a836a83ac861c093de0451eddb3dbc0888e5037849018de2f84a9e2cc097d4b28add579b1cdec352e22cdffbcae6e120edc800771c7d3133877ab903719cdb73b5b136b6d90f0970306530528cf8da946495e010a4ec5099bae26b34acf83eca67d54557b62e8014a8131c887b775307f2d348cb576e8bc2cfa0c2a8a4022656c6cf8199749ebb9c3be9b51af2c1996e13330fe656826368faad9f9720353e6e64b753cf835bfd9dee64ecd29a3d6c8813ceeeafe8ebcc21646d6fef77b5532fafa52f08d318996f64668004de49a04120430eebe0ad392a0bf5d49e8f50f39973edcdf007a60c638e81f5169ed06938815894a58da7599d6ae10cebfea898754507b5c12db1bc58d249a4e912461f68c8c71e9782295ba3187369ba208de7ac10d2408024959a162576d0de25eb9bc7760267920cc233eb423bfdb0acbe3b4f2d236fe0da4ec850dfbda87660f899840a85f2da284f551eb934ef01a02ac31895c5c0768e69262b1c32eb8bcd2765b54f72596d5ca09ef6d0208aac9fa1e7b1ecc8d6dc53a21c63f01165881bdfc7fcebb808715e2cfaccf1cc566027203a8d1fe530d40a055aff8304dcde7c66a1a968fac09ae3c057cfe1a79248efd22bbc34c69491699774f25dff4967960122d005af12f80430dca3af7e3cc1d937eb4a9c519b7ec87462e0a9366c32874c18749d84ffc126002ef7d8e4ad31fe7047b3c3aff6cda8b3a26bf12f0a354dba49192d1a7d5cef89af501b5cd974ad85ffb214684cfe0b04a811bd8f5551ac7ab76455fc0a87b1bfa51c996b6bb2d4de9bf3a943b15d85f951e1e0b140b007cb9733782d1636d5e30fc028b50ebc1203ad31baa2c0cb4bf8e323231b12ca3f5c234c0d994e09780c5c1e65ba6fac2391e9f092971d763c10037123a02c558380d2d579ed3fe35984e593dea914d724f7438dbe126ee180579d2b32221ed36901c49f130ff5d5c06a9f05e1fe4979d6bb21198ebe5276b963d4ffe30e301db032da2e8f8d91fbffe56a34a320a7fd69cc67f9af87388796bfcd088d54992f9362960e7dac47e1f12bed6d9e48cd8c77b5ba8d3bf144831d139e1d5cb5b7476f5af85b82a24fdfb964e516d9610e81fa90e9e8ce5c23506578e913c6ab51a7be5dd71ff513442dab442eb417921de4a2a0042b5223ec122dbe2333ae8e81fa934e172d5c3df94ef4ef96ccc2edad3f589030ec3b2dee33e8923bd209ddae10f2317c6608d94a52f497abfba68cc533481708441e4e1972af1222719536988597cf6950030a392a38700b45ad2160d903cedff008e9de1a3211d5c541871f85dfbe7b5e03b0fc8720d57656601123cf0e2c1a5a64e376743ee685bb48cd8a06a14c60709be81baf27486ab5206daadfbfa7e4b6e76669e59e1c495a5618b8b3cd21b943a1b80896a4818cbed4e3b4c05fcdffb5e3ae7051f74c2b60627b1749e3196f1377fc8c384364e38fc4ff0e97199b173d221743b9672e67431612c8a4931d70ef97d1543791421c9891f37d2aefa998637190820ca20e34d7ea73d4a530bb14a1b041e512225cb60c184bb0706adaf1dacd430b91f2974b87ebdd22eaf9a1b96e06b87acdcd97f2572ee3525ba6f1f380ce45c755579cb9697afbde61bdff8b6e4028c5db32443ecbecf0f96d6423c302a3b457cf139a61ec06fde168a4ab02482d1f20a3fd31d20e7a503331997cf03600d47c48800408996172db631b216817e3a2fcfe808b04eb65b879bda88b3d0317a95e57cf2ab99e654cc33e50828d6ea41749b36a73b027f37affddab10bf6766009988fe41bcbee0f3c71dc2145d02b5d98440bc96520d6ebbf4fdf51422edc1da63359c2864c69e050cbed9f3b9a6cab40343aec1630a63be0022610b071076d068eaf75e5aa9ed2b23009d85a8160fb98273388f7bc310a7f04c6aeb484092f4d50235b07a12c1df832fdb6326748d1d22b506e7be24e8fa6f1d7bd39a77ca2a18d036b6bbb8f2809b10a97e01f894126362998640c0fb98e07101c22add822c4ae3895587dd4a6eeb8cab7b411f409cf34caeaa5724d9b42d4a08d5874d660b5309463913ebec1871357305e2f91f5b2770d02c0faf2636b6138a237586660d159c10b30c9a21fe3e017d01eb400d50c386c7ca7066bfc625c6fd2082865872218bd54048f1af12f0cf8c266ec3286297ca6e64981cd014b2c549ec6ec1e63c5db3273241aacaf8b2963a6584bec5ed798a8e06dd853448d4cc66ceaa910d3499a15ff82bb9131c71dd542a4ea8c87f670d6c841d2f8da1fb82ce8d3b8bc4801b79cf53ffee3e27f1e355ca0eb03d2f2d187719403f01c066acbaf2a0489bc0d699e36e2ac437b19ef23afcc322591e51aa22534f4dbc6fbb7aba31e17389261f0570de5e2b34c03e113c1673db1f774e6d404f5190190aef5657ad561e625c3ef5e3fa3233020c9f26ebc2439df5d0d920a1388042cf3e6418276696b14ed6a08f0d89858aab04a874030581b5bf2bd847e04f7ee98b1b6b923540148ef4651fd72129b67754913eca71ff78afa579262ebdb75eb341e2548a3c7c6c7f9794ab17de670e099fab87ddf6b2045264d32aee4e2c2db75334a65b217778ac58243538b5479542d1f777255ef42d5eb856f8042500201f3402ea2cfe0381b4a96208655f29330e1344cfbd972b9ff16548c0d80011515e9a2315f70788b7d08a9064c940dbefde341e8f409074996b0caf04856b46788e8247d40ffd320d39f2b1f959087d0d3c78df6048f05247f13d0b994794ec916ed3350c98fc746716dff479742dba52136fac3abac98e21d33b851135ed921f2b2d612a1b0a764a0db80eb11fd75ce172c35a4f0d96295f3ac3b2493a155e5a81239b75ba362dd303e1fa1f61ad681cb9487698171d765f652bf7a1ce81785e903b81db47a0093cdebaf8826c57d1933adbb317c7902f757bcacf058b33de16244045bf01f16c386a6f8a7f3b914ac64fb58146236d0cb785fd2bab0d0325be451907ce7455e17a85c0e9d2cd546e01cf3224d266536cc6aa17312c66c9f7461312c61a09aa05ed862dc2fbf81a51cc2c474cc9506c9c377dbe042ae2d02e61241718eae60f4b05a69f9650647d870f9b9b0425382a4bead5b969bf65dd159c8ade64523ed63bee0c71587568ab84cadf96d5186262fb3494360d1cf08d6df963d3d648f5ad69d6bda4121ef4a4086656dccc635507cda8932c19b8d37326aaade27ed4f94f77acd850e2c7ca1863898f5151acb1d0aa08f28b20675fa10ef835c427dcffb46394c1b15afd95c8b3bb60acdab8b709e39732bf94192394d81462693fdb4f2e26d0b4526b4e1304c968c138e8b9c2077321f78637d25f8b0024516b11237b63719bbbeb1cf2dc36c9ad02d647c24073ce911ffee7089084a31153b186bf1ee2bfdc6e4ec258facdc800d5beaa9400bbae68526948a13a2448091f60eda7fac7d5389f91f33ce03a6561332b9e4e39ea3c99cdfd87aa75649da6339e8521133bbbf09437b1df1e9f0013bfdf9e21f95a762d535542208589fcd354f2bccc2feb1acbcf349ac65dcc7d3c3d725316e96a46c4d36cb8977a4b1c86e8aea0cc60971507ab451562b1507053137d52c7c55b8768d9d3fa3a5cb6a9d25cb46dfa992637c0d8e704a4851a031267e20ee2967dd646d046d290db27d7dee8d1c6e5c33d43f15f4160b3f080865ae7ccb84d61687d61a466aba553716f4a8c5cae92ffffea8713e1a5a97fb797c97cc8032840f1c2d6b7a39cdb84449569d894a19f6259b0ad5c188153506217edfd16c95e4f3e583ba72d544d8cd8e3fc412b7dac957cf408c7dcd8843284ea97bea0a71104f77f5b25cb4d004015e8ba7a4afa02942b54b25aa7d054fee3666cd86870eb8480026617c564189915d5233685e9a7cc0f47fc5b16413a4ad746192aa1bc0d28bc229889c35f8d967c2d9153466d4916247fed6469bd1d04f15aa821ecd3d8f6ac81eab105048b3fc6ed0b3187df81ae014993ea325952d5d171796921dcc05d945acbf6d5f3f531e30366f63e3af49ff04493fae265c744e38e3ebbb5352bfd90d5d71d78fa4427172b243d6691b18ce91555b2973e65bdc6faee9bedf96073aa08dd023448f55a7eafdd9da494f2eca496849802a12294480ff606a35d689955e0e35ce021b4e838868a572ce2087c760f0c8e027b77524631a52539e53fb408aeeb9f0faf280f42a93bf2dfd4127476933b4632be194719b2fb80c20d3a8662bc64b141b060d9a204ba1e6f178fce445c70b4da1e5ee66116aad1d119fa537a679a55a3b78b5e82d0657a1849b6d4fde4c23a8d004fb80bed60ccf184972352be3deaec142271a2a78e46a71de714a2ad162262e4131a4feaacdadfa9c8ec143eace92c52dedcd2b4d67c15fe0cbb686019f091ac51b1af2f30d95955145ed6c517f0a389d012517a76dd5c81a5b30298711c32dbab94977a4ea1803e671d1451ff29bcc18b1c679957a2f9d89286ab6ad1c406e8de1f5d9117cf9c873b70b2fb66db6aa38c4a7c16f8d7cd991095ed474024cd9422357e836e470f7a5370f9d7b37339b7cee8b180cdf1d3dcd53f9e8fb2dd34b92edfa70c2603f5f81514375d4aded31e426ddc739b9032517f943700088d329500d2e18ff1d0e7bd66be167ff39e0917ab37ca6d57d64f8daf7747733f672e27fa00491a9f0621294ebe54591a8d778d405590b667abb6f428c2881518d5bb310315e81f8ff6b792a2672708c4eb868b7d28ef632122c47775d8240089c33a569da612fbdf78382316b8ddf0e9ed501f42ddef40728736a26b48dec42981bdb09ed16d099c63a135785244fd598620be1b728192bbc67101dc6866b83c21730fa75c9dd102898fca3626e16751b7c7fc1ab112b487460a81172bb556f6593131e86fd8aad2be0cf996a16bc464b92f01cb496092c0c4d8c1074c964f9a4aa19f759"}) pipe2(&(0x7f0000000000), 0x0) 01:48:02 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:48:02 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:48:02 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:48:02 executing program 2: clone3(0x0, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 889.514888] FAULT_INJECTION: forcing a failure. [ 889.514888] name failslab, interval 1, probability 0, space 0, times 0 [ 889.516425] CPU: 1 PID: 7035 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 889.517275] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 889.518262] Call Trace: [ 889.518581] dump_stack+0x107/0x167 [ 889.519020] should_fail.cold+0x5/0xa [ 889.519484] should_failslab+0x5/0x20 [ 889.519939] __kmalloc_track_caller+0x79/0x3c0 [ 889.520490] ? kstrdup_const+0x53/0x80 [ 889.520979] kstrdup+0x36/0x70 [ 889.521378] kstrdup_const+0x53/0x80 [ 889.521836] alloc_vfsmnt+0xb5/0x680 [ 889.522293] clone_mnt+0x6c/0xce0 [ 889.522729] copy_tree+0x3b0/0xa60 [ 889.523171] copy_mnt_ns+0x144/0xa00 [ 889.523633] ? rcu_read_lock_sched_held+0x3e/0x80 [ 889.524222] ? kmem_cache_alloc+0x2b4/0x360 [ 889.524750] create_new_namespaces+0xd6/0xb20 [ 889.525315] copy_namespaces+0x39e/0x480 [ 889.525846] copy_process+0x2549/0x67d0 [ 889.526359] ? find_held_lock+0x2c/0x110 [ 889.526908] ? __cleanup_sighand+0xb0/0xb0 [ 889.527471] ? _copy_from_user+0xfb/0x1b0 [ 889.527983] kernel_clone+0xe7/0xa20 [ 889.528456] ? __lockdep_reset_lock+0x180/0x180 [ 889.529022] ? create_io_thread+0xf0/0xf0 [ 889.529573] ? ksys_write+0x21a/0x260 [ 889.530094] ? lock_downgrade+0x6d0/0x6d0 [ 889.530636] __do_sys_clone3+0x1e5/0x320 [ 889.531162] ? __do_sys_clone+0x110/0x110 [ 889.531718] ? rcu_read_lock_any_held+0x75/0xa0 [ 889.532339] ? vfs_write+0x354/0xa30 [ 889.532821] ? fput_many+0x2f/0x1a0 [ 889.533287] ? ksys_write+0x1a9/0x260 [ 889.533791] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 889.534473] ? syscall_enter_from_user_mode+0x1d/0x50 [ 889.535106] ? trace_hardirqs_on+0x5b/0x180 [ 889.535643] do_syscall_64+0x33/0x40 [ 889.536099] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 889.536725] RIP: 0033:0x7f48f386eb19 [ 889.537186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 889.539398] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 889.540514] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 889.541368] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 889.542221] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 889.543082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 889.543944] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:48:02 executing program 5: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, 0x0, 0x0) 01:48:03 executing program 5: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, 0x0, 0x0) 01:48:03 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r1}, @void}}}, 0x24}}, 0x0) 01:48:03 executing program 4: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x200, 0x6}, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') r2 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r4, r3, 0x9, 0x0) ioctl$FS_IOC_GETFLAGS(r4, 0x80086601, &(0x7f0000001bc0)) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) close(r1) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r8, r7, 0x9, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000480)={0xa8, 0x0, &(0x7f0000000940)=[@reply_sg={0x40486312, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000180)={@fda={0x66646185, 0x8, 0x2, 0x18}, @ptr={0x70742a85, 0x1, &(0x7f0000000140)=""/32, 0x20, 0x1, 0x3a}, @flat=@handle={0x73682a85, 0x100a, 0x1}}, &(0x7f0000000200)={0x0, 0x20, 0x48}}, 0x1000}, @clear_death={0x400c630f, 0x3}, @reply_sg={0x40486312, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f00000008c0)={@fd={0x66642a85, 0x0, r8}, @ptr={0x70742a85, 0x1, &(0x7f0000000740)=""/174, 0xae, 0x0, 0xb}, @ptr={0x70742a85, 0x1, &(0x7f0000000800)=""/143, 0x8f, 0x0, 0x21}}, &(0x7f0000000340)={0x0, 0x18, 0x40}}, 0x40}], 0xe4, 0x0, &(0x7f0000000a00)="da0fd80b448a9e2e2b8b1910f95ee0200ff4e06eaf0de5e1319b3640c5e19ca9b0c93cb8f47d7ab17e65b05536e369367288a742c1ea98afa457dd0db4b6002a410febb612faee9368b998758e8b4dba250eca4b0ff77f80359d32d932aafaf0af3c88480208c8bb72d6d14d6a00fb59d7ab38ab8a6e3ec8f811fe18351b913a139a0d3a51459e1312382054fdcea07aa94c8ca20940f0e36f6ccf9562effbdc22d7c700671e9eb81fefb6d4f2f4da42b078b77dfe541bf525bf47e78bba13176a20302486d0e2afe38a41e500b0204b299fb8287274fef7db704bb1b5198ae1f509ce6c"}) tee(r6, r5, 0x9, 0x0) dup2(r6, r1) writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000600)="2f039dccd230e06198069f1797f9291bb8f369feb6489e331a1d73cb9750d6eea401000000f9f5d4b90c45a189c4729b8f18a8b8efcc66a862c12b51aa23def0e3760e6c397bd9f09e26965b210c5d7ed3ba43bb6c4a27a0f7561ee4f9a45024ccecae03fbe663d7ac5b520868865e7c1eef814ada03b66ed9fc74ebb505d640bddd5cdf70caf1595e0323188fb504371985a2aff5b2fbc6a33c86b6d3e7d8b7049edf0a70391687441ec7a01645d28778c75ae870b67e35419bdb9d0539de09b1eeffdf0dd5799e3114449da4f882f3fb2bca939dce09794daa662b3bf3441034fde1b9e8569471c2cbbdd21801f30f23d3632a37b9a8095ca94aa08bc907321ccf8ffaee88a78298ec566290b4b4bafdfdc9776cd1b9b080c7eefce6cdc8e6eb3a60ab04dd", 0x126}, {&(0x7f00000000c0)="651d46997c511975ff10c402ea176aa47e7fe30d81cc54f1a9cd12cfbdcb7b2e699167123a4709637bde8692b723761766e90ced047d90036e83525de38ef790366ff5", 0x43}, {&(0x7f0000000240)="c6e727b8e0ea0ddb42c798b2885b18b877a090f96ff0c450c7315ac64f58766c735c6b6a52d3c4b9", 0x28}, {&(0x7f0000000280)="ffc3612536f25846574c5fe3b159e9701109d4c6db82da2f43df56805230bc46824a05dd31fd26a56a8f62a4108e207e6240f7123c436b647e76ca7de9e5131f2f612120130c6dbb", 0x48}, {&(0x7f0000000540)="f65e0ec854b9e3553af70e8b7f2a6e7ad0a52dad4830657beb21a5f055a71f2b14376a33964a804f1a683630145a05d38057f85b552efb834c3daa6ec46b38949be21b4c2e0bab4bc533bc1f79d4eb779001eeebb7ac891d97c28d97424b7317e9f9cac717e7e2c508a9d8e9d8c9ba7906307733ecb47d7237e42a8308a36e039c0f5fbc3b667627d84167ac608c000000000000", 0x94}, {&(0x7f0000000380)="36cbaaf0ff74bd9c02670ebd2b552d2ba11fc4bc9029117d9ee682e088c7357f30a1475fe0adbe88028f08ce048782c2b3615e641b2ba64cd4f47209696abee291c23c1a45c4565ae4bda9ca18f63487478daaed5dedc0d156943b8980df44c4cb4b5e2a02f4aa97a6886615e00cc8ef7f04f570ad318e163309ba9c5ac4213a09e00cdd651c0676e419164427e87dbc8ae6443a2d2f3dad7c657c9f5a2fd07c6d6b258c45ecb612ff4e59cb37bac93ca24d1bed3044cc64fcd451e1bca6672faf60f40d05f4865332b3e333d9abe0b4a3c5f56694bb7bb2f261142a485afa3a6886da766f0fc46455de9e623466", 0xee}, {&(0x7f0000000300)="469fe27d9798d190348d2bade4cc2ee8feb75bbf18cec85d7648300ad780ec577fa859aea018b62a02aba4d015ca7190bf655d38e2", 0x35}], 0x7) dup(r2) perf_event_open(&(0x7f0000000b40)={0x4, 0x80, 0x9, 0x7f, 0x3, 0x1, 0x0, 0x2, 0x80001, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x5, 0x4, @perf_bp={&(0x7f0000000b00), 0x9}, 0x5945bbf0e830464c, 0x63, 0x3, 0x9, 0x965, 0x4, 0xc2, 0x0, 0x80000000, 0x0, 0xafd}, 0x0, 0x0, r1, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r10, r9, 0x9, 0x0) ioctl$BTRFS_IOC_SNAP_DESTROY(r0, 0x5000940f, &(0x7f0000000bc0)={{r10}, "b0749006d131554622ca32c6003400404dd2ff5d797e20a711abaa37ee76b568e2207142178da338c3f4928f0f299c288cc2e20c0375d896863048412fafd9061c18eaae48f6583760709810143f93355e65c13152e2ea767238e25bca7879763569522ceccb95f966c32751b26368b597401b7e0a90065afbc9bb780ab380161a6e8961a520a6a15d808d138649b34fb295f1a778a837b4bb3be3f91930e9d4f9912a96a090e57a62491917901ed8eca537dd001b567b113ac870ad2af994d9d4ba2bf369dd333c395ef6992e89051c76a4b88e6e43998dd3dd78adb892413a9746563948ccf39674e025ab5227fcaa147434e82ac72f991cc6d092ceb23016b645dec4e5fabbd550d68ea9692bc314549d11406b84736ceeabb04fc068198ba04592ef8e67bfe83cb2560668ab11c637612a660f9835c01fb72a7e9c53a048ed7df74c45d79da53e1b3b77db38980aae31ebf60e35e4cb9b9093a132cc66ed504f61df8c4a3a3f1b64cda0ed1f8483319023ec25c328c808e27c76e2babeaa09c6cd5213d3ed3c7214317ec2c34af8a952a2c8f88528844a9bf80a5a9d33739153095a76957440dbeccb03215c30637b28c3f6f37d825ed527f6e1906c981a46568c105833d29b745a3684536ff634d6cbd08e6bc491fdbd81ec734cd3c5e56a1bc2ce5bc2355143aa8038fb4494095758c2e7e094cf37bbbb85566f272eaec4f247e018818a786f0d5000fa96177abe72eea25f0a1907ecd5ea456aaa1a965691b55b195609583687db65a40f3589633707df07a8242bc86bfd8fbe7864ab53a83c03c200fe9d8b6b199647d5a2b87356d98bb739d61b353365f2f50d57487f3f37bd27637b0696ce5793d5320cb4bf50acda5eacf14cebc69bbb17a28767a4a2d23a7ac9fcecbd9a728ba07fe34b6decd2d0c7ec6a746cbb56612d9cca67109301ebbe50bd88f4e2ab0c49edd291d952855c3c610ce678be48967c9ad265cdcd55b0c28977e922fc78a844f921305b61d596a15e8dcd652fd24038d38511a25f2d75af1166ee7e4b9573bcff22787a5bc23b779376f18d26a49968e4188d9b82ee6377c50f3281d4d216754813d4e5a2f262369393c541dfbb7bfa8e6feb35ea66588093475266e36e18ce6fc6913a0e20249fb2e4dd35af3493f8e649cccfb97150abfa3f980ced1750b6bb23791f889166caf2991b635cfde84977ec58fd511abe86720e26f2c4ddce1eb821ace5907fa2429bd06ab2461d18fceebdadf9523f3b421d952dfe42cd03672968bfc9ce09e2d2b0891ba3e7190fdf40c8d0c8653818a76491a98fa7323199c5a77998fc890f20a31c58198783ded9b0db22e13b3211a677a1274a465f35b5011e03f5f0ba7a74eb517fcc9e735b6303a42bf628b3e86a8f9a00e296ae950483cb2e63452825fbd896b08a7655ef10ef73b4cc84b539d1ebd352dd582ac5f5994893b65e79e2e1fa23e45978b563830e635a2a71b34b95082e072077640eebf0c245b60579d11c119004d45256bbec945430acfddd7ce6d4042887b6e730d78cefa12492a151e47b32fa5491448778e569e86b6769a9e8556b0928b45df87e61f2abcbecf37ac99f7afbfcdc0a4878384e783d9bec99f94cf306f18dacc228317821e5013247e467495d99fcd18b7cccd5bc6705d1cbe2d14d1586bc7e60e581f83b26a2f1f0527d80c7dcf49a273ff10e26b8cfbab1739ca9b327711a5911e5649b728e1690be98c38deee50276d83d68c3a6c82b344470d70e1a3e2a13da464f1217c9f87ad4d40306bc38f8db31cfeadbc16430e675b8608b9235839edde2814c0751e1f19bddd14c1026efa760c8fe16610b0f3c6b58e346e1d221fa5da53ebebb000755a923d69337f2b89ce1710165a5e47b28e383000f5069c612bb0f0dcf8b6e38540f5dc5924e2b4f5014f01a8a2413f51916f3aeb4cf26a8bacf8cb94e8b5ec99f3c7c1aace8e32f5786ed4d27963144740d11f2e0de6bf5d9b73fc989865ebf8c4cde2929b62621a4a871fe47db5651de412400554bb04c87479f45f445f86c9cbe7cedb17284a5c8d7d1daf68d4161776360a4738cbac2b8e0609df3b73871fc4c43065cf9448a1747ce935eedb2c958ae53c6c2cfbbe969a040fc3191afaafee4ce8c7af6334d0953a216187750e1a0df667d93aeee6a92a1d94882d84b74518a92107a1216145c4fb8056387396288693c051b93705ba4a87fccf4061b868427bdd8afe4542d84fe01d035e76fe872e54324b92ae588bc20ac9f65abcd09760079338a85a559d6022ec3d95440a80a3fe3afa3eb79f144e95d84d1e99df5d61339d8072c858a2bc832e6e4c03ea95fa86b833b234cf21a484933042d0f0261859e16c6333427e16e0c6f768763daa5615106b0df9d56f931971322da7ca7365a741e54e68f37c46cb087b15cafa154f129851665cf7d2329ca7ca5e381bc2b17de5ba14f96023bf12fd8db8fa3d26b483f49f8e9a607b248bff0795f20f9aec0f7b15fbea146653575fd6337637b8dd032e313377594328b4cde3dba6840331e5f2d5a874916a983b0ff015292fde7ed334538eb2d6f2542b45378f19dca21202ccaf30195e633e1114272bd3250caf4feccf2ee0f6707ca4d14e7fee0e9bd46e84ae1f123c1b98c0a8861cadbb47f2e6104c6c0094436b9847bca2b353243e81030c0c9da21510de873e5ddf9d9612ff77fb9da4e80e7d007f1a1e4c89452837fffbb2ddbe9d38b49afd8e8a838e6e486ad6630f947e2f17bdcfbe4c0b8ea0327e355dc2eee6be94c223736d095bd2a0829ee7b8e49075126ff130f254eded10cd56efa9526031076f113d728f5c93c09be3a0c456fba7abbb85f394e2f1f497269001f0a4baf244607cbcfb1ff3bd2c04cfc100b288e057b6a435ca3ff3909bde35598dc3d6c0465436c7e1cdfa494c3d2b9144a01f60921a3b63ac48e4a2af4903f7d7544b7f4d612412bbbf67874e6ef99aeeaff8674dd43d422673135988179c3263b19bbaae1658b37df81c923c47bf8cf5bb56393d48d60ad3e2d3e113fdb17dcd46593eebfe703048ebd9b80ed2cc330257ec9d0d9dc7a01637d011e07a6640d07d27fe9a03cd810cd3a7996a8382aa1b59809802baf5aa6f11f39601811330b89d04a11b455303c8dcaf7cdb3cacfcecd73d7c96d1d0cd52ca6a9f70210557405b9123a370bbf52b984f74a5547f9baecaf6e4d447a1e22da8a7b6852d0f26f3327dec7ea313fc313f490704f22489e75037c463769e14876e75ab0f114338b48cf953e8d2cc6f2fef8f1638fd4492415ff6736800b26ee3a47f782f06422501686f325e2fc325a0c2fd78a74ec79e584278d77e44f72612469b6702646ad3bf55034fc72417a379df401677c94b038ba6ea408881e20f378139f28511f0341e604391392d6dff3ab251b725778c7454cfaa8474137d8a1ceafddc84ae12d59175860da134c99ac522e72ffebfa9573750f9dccfd883bb8fa8a8162e0892a4e626f2513098d79365a704e9a65ded13c4fbf8ace8d7f81666fd1b208fe7394a9ef1f80bf3c53fa05ae8ed6a076bbeba3f4ed8a1a2bd9f087e60c08774a1074d5a3c03bb8fc1c62c75ac06f0215b900ecb6161859a3e516ff7bfdf7b854a4ff768ce1edc9696fa0b1de341162d9df8fc2d54f21bc3da03ceb41dcc9fd38fdcede4b1910dd2793e24fe3048301412a7168c0d100aede4135818a2b7849f3740c8430334bd37fb01e2361603c77bc2256b8638355af66b59d1e37d6febf4bd22c8c7627720a4bf59d3cd31da763fb0b334e43dc0e5ab74910a381f5500f0296f53c8a04ee7e5a826393984724c4b8e49018589ecd3d1ee76e01de87c7f378ae20d08c31b97f3289bf1a39c3ae46ddd9588503c502faa1693bb86398828e767cbba6a1e3ae49b590830f230b51a035c1a4b927b9f05a9cb6555e82b0addd47dbc9f27673d72a5603eabec260a3b0b074b12a6ead40676857c254e69420871348c48abc0128cdafd422a3ca73cbaa832373ccea63aa5be67544cc58882b13732f53957ce78958c8fdf2f67039271f4432b8ba8eb966545846b6bcd95f6cd6d13399a58f9e98ebdf1e0549751b9cc86c3b128287ad7a833d60f9950abb102d8befae9e88f9c2e3dc2ca79b17283a8e9395f6418cde5df31572e3d884ca9f97c81e5b4ad43602f156eaa41cd3597fc4fc7c7c7964177bd2cdcde487fd4eb74a0a651f86688d9a3f7f991f0bf6dfef448729e7db3f3139429e537c382dd9ec0065e11a3e8a3dd995d0805de6de7f0bda063dc208a04a2af0818e3152bf01d49c81621bbc12889403a63663a78df5af98d7dc4f3f011440d5b392bce44943c28339dac3149a93c149f4e18d1dc5352e8566e585144946cfb54c303a91747d7bc91e17cd63ec6b23e7aee17bf35b2f29a2cf5ed248820601b531b885d90278b0712fb9075c7bc9726371bb0d117d4861828fd22050bca8f83bd1f51e80476dd3f16c6bb29f637576e3f2dd12d7c91c1ee90d1ab283eea9b500841818e978e026738b6173425a9cbc8587f8c2c7dc07cce1c13a861c1bd5e4e1338c6b2e484ba273390800adacb0ebfa83ecf046e739c5746d601e830abe3d00f41cb757e2f49e3b16b4b55e02b13b85373b8f5055d53de80b982f5d1b999790dfe024dedb2e8e0d71fb794d0c8ec88573e422ca9ae4c68c81127b735adfc5b2ea1438422f54e82846f8addc70bb94735e72acf6a8f88aa05c9260c6da9d8d62b32f9af1b548c3a502218b27f8f8908545d0405e9cc61db08bc3d1f51cdcc5c09e033ffea3080c717d995149bb5a3158b81b774739a52861e6e1e37509bb31daba340ff3a59ed074cb545cdd51e475a710f399e8f313185615e0389c020ed05d5936aa6b5ff52f921861b02e6b77027efd770e88229fff6aa5441c02fcc1f114cb3db49b2649de9e155bdf16bab3c0c4ff38d6e149e5140fae4c8a885a2733295b7c81fb01f86751641bffa67dcca2192c9cb8ce801c8232d00df5423c60a450f81a13141bf56c050667e303941e8bee7a83fdf7385bf38b89ed75dd6587619652586c1f18522ed0f1a198e301f51e454b0a1f2e211e9870522dd3ec0daafd32c6dbabdad095f8ef8177d1eb04b3335de310167870c122c9e2c5292c7123e811147723ff6070629f13a67fe47db1df6bf602abccf353a0e44eccd8525efc2fe4ea7500c08bfb29623ca9f57e08ca0525bc4851d428d42336595069a6232099c2d84b840d656edd366ee243240826f57e3ed429059a8997fef0eba932346c2c333783501101d3112f23aca097cb6e2463d0d84e32e488cb6e7135ab9bbfb2ef91b91db91e4f1cd6807a61ebeefdd10a26066e544b171fe1746c169eed5033cd2632448530afa68f0e94434f50dff8e62b48bae2f01ce7d62e3f8d83fed879ffbe7be6b14643dace2c938a9a218e5082e482439e5459dec79c310f25a2a23ff5136103610222c059af24088bd69e482f356e562b00b00d7d0488b1d5ec849b44123e07eff2a7ffce93c55c1235bb39a85bf53641bee326fce4b18e1adac34364ca7f2e44da21db7be6ddfba9490df26f8e57976ca9b8159c86f49c70cf1b952db955573a071cec792658e577619eb4a6df9318aa21d3831f68fa3fd76001cde693827ed3cd0da7fa15984135658c65c5e54faeca89b72a34f7100722a953fc49df97dfccf4d0b5fd97c3cd12fc80355aff845306ac316773eb61b3feeefccd2e645db1d9b44147b2fad51c44"}) pipe2(&(0x7f0000000000), 0x0) 01:48:19 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 74) 01:48:19 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:48:19 executing program 2: clone3(0x0, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:48:19 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r1}, @void}}}, 0x24}}, 0x0) 01:48:19 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') r0 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x8, 0x110, 0xffffffffffffffff, 0x8000000) syz_io_uring_submit(r0, 0x0, &(0x7f0000000040)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x4, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x1, {0x2}}, 0x10001) pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r3, r2, 0x9, 0x0) copy_file_range(r3, &(0x7f00000000c0)=0xedd, r1, &(0x7f0000000100)=0xf970, 0x7, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000140)='children\x00') ioctl$SG_GET_VERSION_NUM(r4, 0x2282, &(0x7f0000000180)) 01:48:19 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:48:19 executing program 5: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, 0x0, 0x0) 01:48:19 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 906.541825] FAULT_INJECTION: forcing a failure. [ 906.541825] name failslab, interval 1, probability 0, space 0, times 0 [ 906.544476] CPU: 0 PID: 7057 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 906.545985] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 906.547834] Call Trace: [ 906.548445] dump_stack+0x107/0x167 [ 906.549241] should_fail.cold+0x5/0xa [ 906.550071] ? create_object.isra.0+0x3a/0xa20 [ 906.551079] should_failslab+0x5/0x20 [ 906.551919] kmem_cache_alloc+0x5b/0x360 [ 906.552835] ? __lockdep_reset_lock+0x180/0x180 [ 906.553858] create_object.isra.0+0x3a/0xa20 [ 906.554828] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 906.555956] kmem_cache_alloc+0x159/0x360 [ 906.556879] alloc_vfsmnt+0x23/0x680 [ 906.557702] clone_mnt+0x6c/0xce0 [ 906.558473] copy_tree+0x3b0/0xa60 [ 906.559280] copy_mnt_ns+0x144/0xa00 [ 906.560098] ? rcu_read_lock_sched_held+0x3e/0x80 [ 906.561159] ? kmem_cache_alloc+0x2b4/0x360 [ 906.562109] create_new_namespaces+0xd6/0xb20 [ 906.563111] copy_namespaces+0x39e/0x480 [ 906.564019] copy_process+0x2549/0x67d0 [ 906.564908] ? find_held_lock+0x2c/0x110 [ 906.565826] ? __cleanup_sighand+0xb0/0xb0 [ 906.566771] ? _copy_from_user+0xfb/0x1b0 [ 906.567697] kernel_clone+0xe7/0xa20 [ 906.568515] ? __lockdep_reset_lock+0x180/0x180 [ 906.569538] ? create_io_thread+0xf0/0xf0 [ 906.570458] ? ksys_write+0x21a/0x260 [ 906.571282] ? lock_downgrade+0x6d0/0x6d0 [ 906.572179] __do_sys_clone3+0x1e5/0x320 [ 906.573078] ? __do_sys_clone+0x110/0x110 [ 906.574000] ? rcu_read_lock_any_held+0x75/0xa0 [ 906.575009] ? vfs_write+0x354/0xa30 [ 906.575829] ? fput_many+0x2f/0x1a0 [ 906.576629] ? ksys_write+0x1a9/0x260 [ 906.577466] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 906.578604] ? syscall_enter_from_user_mode+0x1d/0x50 [ 906.579733] ? trace_hardirqs_on+0x5b/0x180 [ 906.580682] do_syscall_64+0x33/0x40 [ 906.581498] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 906.582613] RIP: 0033:0x7f48f386eb19 [ 906.583424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 906.587438] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 906.589087] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 906.590633] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 906.592176] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 906.593725] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 906.595265] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:48:20 executing program 5: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:48:20 executing program 5: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:48:37 executing program 5: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:48:37 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:48:37 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:48:37 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 75) 01:48:37 executing program 2: clone3(0x0, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:48:37 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:48:37 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r1, r0, 0x9, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x1, 0x0, 0x1, 0x7f, 0x0, 0x12, 0x100, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x1, @perf_bp={&(0x7f0000000040), 0x9}, 0x500, 0x0, 0x1, 0x9, 0x1, 0x10000, 0x6, 0x0, 0x5, 0x0, 0x1}, 0x0, 0xd, r1, 0x1) 01:48:37 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r1}, @void}}}, 0x24}}, 0x0) 01:48:37 executing program 5: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) [ 924.361228] FAULT_INJECTION: forcing a failure. [ 924.361228] name failslab, interval 1, probability 0, space 0, times 0 [ 924.363757] CPU: 1 PID: 7101 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 924.365170] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 924.366860] Call Trace: [ 924.367407] dump_stack+0x107/0x167 [ 924.368158] should_fail.cold+0x5/0xa [ 924.368972] ? create_object.isra.0+0x3a/0xa20 [ 924.369909] should_failslab+0x5/0x20 [ 924.370684] kmem_cache_alloc+0x5b/0x360 [ 924.371517] create_object.isra.0+0x3a/0xa20 [ 924.372418] kmemleak_alloc_percpu+0xa0/0x100 [ 924.373347] pcpu_alloc+0x4e2/0x12f0 [ 924.374126] alloc_vfsmnt+0xfd/0x680 [ 924.374896] clone_mnt+0x6c/0xce0 [ 924.375613] copy_tree+0x3b0/0xa60 [ 924.376357] copy_mnt_ns+0x144/0xa00 [ 924.377124] ? rcu_read_lock_sched_held+0x3e/0x80 [ 924.378121] ? kmem_cache_alloc+0x2b4/0x360 [ 924.379025] create_new_namespaces+0xd6/0xb20 [ 924.379960] copy_namespaces+0x39e/0x480 [ 924.380805] copy_process+0x2549/0x67d0 [ 924.381627] ? find_held_lock+0x2c/0x110 [ 924.382472] ? __cleanup_sighand+0xb0/0xb0 [ 924.383345] ? _copy_from_user+0xfb/0x1b0 [ 924.384195] kernel_clone+0xe7/0xa20 [ 924.384964] ? __lockdep_reset_lock+0x180/0x180 [ 924.385909] ? create_io_thread+0xf0/0xf0 [ 924.386770] ? ksys_write+0x21a/0x260 [ 924.387543] ? lock_downgrade+0x6d0/0x6d0 [ 924.388395] __do_sys_clone3+0x1e5/0x320 [ 924.389238] ? __do_sys_clone+0x110/0x110 [ 924.390115] ? rcu_read_lock_any_held+0x75/0xa0 [ 924.391056] ? vfs_write+0x354/0xa30 [ 924.391822] ? fput_many+0x2f/0x1a0 [ 924.392571] ? ksys_write+0x1a9/0x260 [ 924.393363] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 924.394432] ? syscall_enter_from_user_mode+0x1d/0x50 [ 924.395486] ? trace_hardirqs_on+0x5b/0x180 [ 924.396386] do_syscall_64+0x33/0x40 [ 924.397162] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 924.398210] RIP: 0033:0x7f48f386eb19 [ 924.398968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 924.402722] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 924.404264] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 924.405716] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 924.407155] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 924.408605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 924.410047] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:48:37 executing program 4: perf_event_open(&(0x7f0000001d80)={0x4, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={0x0, 0x3}, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) 01:48:37 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8}, @void}}}, 0x24}}, 0x0) 01:48:38 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 76) [ 924.625855] FAULT_INJECTION: forcing a failure. [ 924.625855] name failslab, interval 1, probability 0, space 0, times 0 [ 924.628238] CPU: 0 PID: 7120 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 924.629639] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 924.631322] Call Trace: [ 924.631870] dump_stack+0x107/0x167 [ 924.632635] should_fail.cold+0x5/0xa [ 924.633408] ? create_object.isra.0+0x3a/0xa20 [ 924.634335] should_failslab+0x5/0x20 [ 924.635108] kmem_cache_alloc+0x5b/0x360 [ 924.635942] create_object.isra.0+0x3a/0xa20 [ 924.636847] kmemleak_alloc_percpu+0xa0/0x100 [ 924.637755] pcpu_alloc+0x4e2/0x12f0 [ 924.638535] alloc_vfsmnt+0xfd/0x680 [ 924.639319] clone_mnt+0x6c/0xce0 [ 924.640043] copy_tree+0x3b0/0xa60 [ 924.640810] copy_mnt_ns+0x144/0xa00 [ 924.641580] ? rcu_read_lock_sched_held+0x3e/0x80 [ 924.642568] ? kmem_cache_alloc+0x2b4/0x360 [ 924.643463] create_new_namespaces+0xd6/0xb20 [ 924.644390] copy_namespaces+0x39e/0x480 [ 924.645241] copy_process+0x2549/0x67d0 [ 924.646060] ? find_held_lock+0x2c/0x110 [ 924.646923] ? __cleanup_sighand+0xb0/0xb0 [ 924.647804] ? _copy_from_user+0xfb/0x1b0 [ 924.648672] kernel_clone+0xe7/0xa20 [ 924.649432] ? __lockdep_reset_lock+0x180/0x180 [ 924.650392] ? create_io_thread+0xf0/0xf0 [ 924.651262] ? ksys_write+0x21a/0x260 [ 924.652042] ? lock_downgrade+0x6d0/0x6d0 [ 924.652912] __do_sys_clone3+0x1e5/0x320 [ 924.653742] ? __do_sys_clone+0x110/0x110 [ 924.654617] ? rcu_read_lock_any_held+0x75/0xa0 [ 924.655554] ? vfs_write+0x354/0xa30 [ 924.656313] ? fput_many+0x2f/0x1a0 [ 924.657060] ? ksys_write+0x1a9/0x260 [ 924.657849] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 924.658916] ? syscall_enter_from_user_mode+0x1d/0x50 [ 924.659957] ? trace_hardirqs_on+0x5b/0x180 [ 924.660845] do_syscall_64+0x33/0x40 [ 924.661598] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 924.662636] RIP: 0033:0x7f48f386eb19 [ 924.663396] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 924.667172] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 924.668868] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 924.670458] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 924.672050] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 924.673667] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 924.675276] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:48:52 executing program 5: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:48:52 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:48:52 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:48:52 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8}, @void}}}, 0x24}}, 0x0) 01:48:52 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 77) 01:48:52 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:48:52 executing program 2: clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:48:52 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x9}, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') socket$inet6_udplite(0xa, 0x2, 0x88) pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x0) r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000140), 0x8900, 0x0) perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xba, 0x1, 0x0, 0x80, 0x0, 0x7, 0x20, 0xb, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x52b, 0x1, @perf_config_ext={0x400, 0x4}, 0x40, 0xfc, 0x2, 0x8, 0xa07a, 0x9, 0x2bc, 0x0, 0x8, 0x0, 0x7}, 0x0, 0x7, r1, 0x9) fstatfs(r0, &(0x7f0000000040)=""/53) [ 939.444954] FAULT_INJECTION: forcing a failure. [ 939.444954] name failslab, interval 1, probability 0, space 0, times 0 [ 939.447328] CPU: 1 PID: 7142 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 939.448708] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 939.450406] Call Trace: [ 939.450947] dump_stack+0x107/0x167 [ 939.451693] should_fail.cold+0x5/0xa [ 939.452472] ? create_object.isra.0+0x3a/0xa20 [ 939.453412] should_failslab+0x5/0x20 [ 939.454182] kmem_cache_alloc+0x5b/0x360 [ 939.455012] create_object.isra.0+0x3a/0xa20 [ 939.455907] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 939.456938] kmem_cache_alloc+0x159/0x360 [ 939.457788] alloc_vfsmnt+0x23/0x680 [ 939.458539] clone_mnt+0x6c/0xce0 [ 939.459275] copy_tree+0x3b0/0xa60 [ 939.460006] copy_mnt_ns+0x144/0xa00 [ 939.460794] ? rcu_read_lock_sched_held+0x3e/0x80 [ 939.461760] ? kmem_cache_alloc+0x2b4/0x360 [ 939.462653] create_new_namespaces+0xd6/0xb20 [ 939.463561] copy_namespaces+0x39e/0x480 [ 939.464394] copy_process+0x2549/0x67d0 [ 939.465214] ? find_held_lock+0x2c/0x110 [ 939.466170] ? __cleanup_sighand+0xb0/0xb0 [ 939.467141] ? _copy_from_user+0xfb/0x1b0 [ 939.468099] kernel_clone+0xe7/0xa20 [ 939.468967] ? __lockdep_reset_lock+0x180/0x180 [ 939.470035] ? create_io_thread+0xf0/0xf0 [ 939.470992] ? ksys_write+0x21a/0x260 [ 939.471854] ? lock_downgrade+0x6d0/0x6d0 [ 939.472810] __do_sys_clone3+0x1e5/0x320 [ 939.473727] ? __do_sys_clone+0x110/0x110 [ 939.474632] ? rcu_read_lock_any_held+0x75/0xa0 [ 939.475566] ? vfs_write+0x354/0xa30 [ 939.476322] ? fput_many+0x2f/0x1a0 [ 939.477060] ? ksys_write+0x1a9/0x260 [ 939.477835] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 939.478884] ? syscall_enter_from_user_mode+0x1d/0x50 [ 939.479923] ? trace_hardirqs_on+0x5b/0x180 [ 939.480812] do_syscall_64+0x33/0x40 [ 939.481568] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 939.482656] RIP: 0033:0x7f48f386eb19 [ 939.483501] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 939.487653] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 939.489386] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 939.490989] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 939.492597] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 939.494212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 939.495813] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:48:52 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8}, @void}}}, 0x24}}, 0x0) 01:48:52 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, 0x0, 0x0) 01:48:53 executing program 4: r0 = add_key$fscrypt_provisioning(&(0x7f0000000040), &(0x7f00000000c0)={'syz', 0x0}, &(0x7f0000000100)=ANY=[@ANYBLOB="020000000000000061626364656667685e6a6b6c6d6e6f707172737475767778797a30313233343536"], 0x29, 0xfffffffffffffffc) r1 = add_key$keyring(&(0x7f00000003c0), &(0x7f0000000400)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) add_key$keyring(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, r1) keyctl$KEYCTL_MOVE(0x1e, r1, 0xfffffffffffffffe, 0x0, 0x0) request_key(&(0x7f0000000000)='dns_resolver\x00', &(0x7f0000000080)={'syz', 0x3, 0x2}, &(0x7f00000001c0)='\xe8\xff\xff\xff\xff\xff\xff\xff\x00\x9d~\xf1\xad\xa2.\x803\x7f\xb5U\x18w\xae\x91mLO\x85\xc1D\xf8/\x19Vc\xb0\xc8\xaba\xa9T\xb2\xa4\x9d8\x13kc|Lgj V{\xddKF\xbb6\xf5\xa2\xe5\\/\xf0]\xe6\x0e2\xb5o4\xba\x98\x1e\xfb', r1) keyctl$reject(0x13, r0, 0x0, 0x7fffffff, r1) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) 01:48:53 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r0}, @void}}}, 0x24}}, 0x0) 01:48:53 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, 0x0, 0x0) 01:48:53 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 78) [ 939.762590] FAULT_INJECTION: forcing a failure. 01:48:53 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r0}, @void}}}, 0x24}}, 0x0) [ 939.762590] name failslab, interval 1, probability 0, space 0, times 0 [ 939.765266] CPU: 0 PID: 7163 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 939.766651] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 939.768330] Call Trace: [ 939.768930] dump_stack+0x107/0x167 [ 939.769670] should_fail.cold+0x5/0xa [ 939.770446] ? create_object.isra.0+0x3a/0xa20 [ 939.771360] should_failslab+0x5/0x20 [ 939.772138] kmem_cache_alloc+0x5b/0x360 [ 939.772980] ? __lockdep_reset_lock+0x180/0x180 [ 939.773933] create_object.isra.0+0x3a/0xa20 [ 939.774831] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 939.775867] kmem_cache_alloc+0x159/0x360 [ 939.776721] alloc_vfsmnt+0x23/0x680 [ 939.777507] clone_mnt+0x6c/0xce0 [ 939.778226] copy_tree+0x3b0/0xa60 [ 939.778969] copy_mnt_ns+0x144/0xa00 [ 939.779730] ? rcu_read_lock_sched_held+0x3e/0x80 [ 939.780723] ? kmem_cache_alloc+0x2b4/0x360 [ 939.781631] create_new_namespaces+0xd6/0xb20 [ 939.782547] copy_namespaces+0x39e/0x480 [ 939.783365] copy_process+0x2549/0x67d0 [ 939.784167] ? find_held_lock+0x2c/0x110 [ 939.785032] ? __cleanup_sighand+0xb0/0xb0 [ 939.785893] ? _copy_from_user+0xfb/0x1b0 [ 939.786740] kernel_clone+0xe7/0xa20 [ 939.787524] ? __lockdep_reset_lock+0x180/0x180 [ 939.788465] ? create_io_thread+0xf0/0xf0 [ 939.789346] ? ksys_write+0x21a/0x260 [ 939.790125] ? lock_downgrade+0x6d0/0x6d0 [ 939.790983] __do_sys_clone3+0x1e5/0x320 [ 939.791822] ? __do_sys_clone+0x110/0x110 [ 939.792705] ? rcu_read_lock_any_held+0x75/0xa0 [ 939.793677] ? vfs_write+0x354/0xa30 [ 939.794453] ? fput_many+0x2f/0x1a0 [ 939.795205] ? ksys_write+0x1a9/0x260 [ 939.796009] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 939.797106] ? syscall_enter_from_user_mode+0x1d/0x50 [ 939.798156] ? trace_hardirqs_on+0x5b/0x180 [ 939.799040] do_syscall_64+0x33/0x40 [ 939.799801] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 939.800857] RIP: 0033:0x7f48f386eb19 [ 939.801618] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 939.805348] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 939.806892] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 939.808338] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 939.809806] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 939.811249] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 939.812694] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:48:53 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x4) sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="fd0000681a4e", @ANYRES16=0x0, @ANYBLOB="040026bd7000fedbdf25130000000c00990007000000690000000500190001000000d100be00ba18fd76d20d822a5cece17b1eb7368557855b3950d69d36465ee140c1e61f60993a9a9c77a45ace1adeb4b76511a1bb070d4e23a38555900bfa95c955ff216d5c2c750f2a9bad2f37479db80fcb65ae3f38063ba99c94817a1813bc07bdab006160930fbde0b48e93b8184462674c9f58a7f52522fd0d8f13521fb065d5ab11bed85c25cb11a54353b029f06c5f5d9b5acf26e85878db0db980046a1630432723c23486e78986dbfc9d2e192cb8ca2d7b128f9dd7705906851bc99696ff1f670617cbec8efbbfba2e4f9c3e5e000000"], 0xfc}, 0x1, 0x0, 0x0, 0x4c800}, 0x4000) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) 01:48:53 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r0}, @void}}}, 0x24}}, 0x0) 01:49:08 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 79) 01:49:08 executing program 2: clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:49:08 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1f800000, 0xfffffffffffffad1}, 0x4008}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) 01:49:08 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r1}, @void}}}, 0x24}}, 0x0) 01:49:08 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:49:08 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:49:08 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:49:08 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 955.064053] FAULT_INJECTION: forcing a failure. [ 955.064053] name failslab, interval 1, probability 0, space 0, times 0 [ 955.066469] CPU: 1 PID: 7194 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 955.067875] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 955.069577] Call Trace: [ 955.070124] dump_stack+0x107/0x167 [ 955.070871] should_fail.cold+0x5/0xa [ 955.071654] ? alloc_vfsmnt+0x23/0x680 [ 955.072453] should_failslab+0x5/0x20 [ 955.073247] kmem_cache_alloc+0x5b/0x360 [ 955.074091] ? copy_tree+0x61a/0xa60 [ 955.074869] alloc_vfsmnt+0x23/0x680 [ 955.075634] clone_mnt+0x6c/0xce0 [ 955.076354] copy_tree+0x3b0/0xa60 [ 955.077116] copy_mnt_ns+0x144/0xa00 [ 955.077885] ? rcu_read_lock_sched_held+0x3e/0x80 [ 955.078873] ? kmem_cache_alloc+0x2b4/0x360 [ 955.079760] create_new_namespaces+0xd6/0xb20 [ 955.080690] copy_namespaces+0x39e/0x480 [ 955.081531] copy_process+0x2549/0x67d0 [ 955.082343] ? find_held_lock+0x2c/0x110 [ 955.083194] ? __cleanup_sighand+0xb0/0xb0 [ 955.084069] ? _copy_from_user+0xfb/0x1b0 [ 955.084943] kernel_clone+0xe7/0xa20 [ 955.085706] ? __lockdep_reset_lock+0x180/0x180 [ 955.086664] ? create_io_thread+0xf0/0xf0 [ 955.087529] ? ksys_write+0x21a/0x260 [ 955.088311] ? lock_downgrade+0x6d0/0x6d0 [ 955.089169] __do_sys_clone3+0x1e5/0x320 [ 955.089998] ? __do_sys_clone+0x110/0x110 [ 955.090866] ? rcu_read_lock_any_held+0x75/0xa0 [ 955.091810] ? vfs_write+0x354/0xa30 [ 955.092576] ? fput_many+0x2f/0x1a0 [ 955.093325] ? ksys_write+0x1a9/0x260 [ 955.094109] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 955.095175] ? syscall_enter_from_user_mode+0x1d/0x50 [ 955.096229] ? trace_hardirqs_on+0x5b/0x180 [ 955.097127] do_syscall_64+0x33/0x40 [ 955.097889] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 955.098929] RIP: 0033:0x7f48f386eb19 [ 955.099706] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 955.103465] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 955.105013] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 955.106454] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 955.107888] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 955.109341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 955.110788] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:49:08 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r1}, @void}}}, 0x24}}, 0x0) 01:49:08 executing program 5: clone3(0x0, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:49:08 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r1}, @void}}}, 0x24}}, 0x0) 01:49:08 executing program 4: recvmmsg$unix(0xffffffffffffffff, &(0x7f0000004240)=[{{&(0x7f00000000c0)=@abs, 0x6e, &(0x7f00000003c0)=[{&(0x7f0000000040)=""/27, 0x1b}, {&(0x7f0000000140)=""/203, 0xcb}, {&(0x7f0000000240)=""/106, 0x6a}, {&(0x7f00000002c0)=""/220, 0xdc}], 0x4, &(0x7f0000000400)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}], 0x120}}, {{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f0000000540)=""/77, 0x4d}, {&(0x7f00000005c0)=""/156, 0x9c}, {&(0x7f0000000680)=""/11, 0xb}, {&(0x7f00000006c0)=""/4096, 0x1000}], 0x4, &(0x7f0000001700)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}], 0xd0}}, {{&(0x7f0000001800), 0x6e, &(0x7f0000001980)=[{&(0x7f0000001880)=""/125, 0x7d}, {&(0x7f0000001e00)=""/4096, 0x1000}, {&(0x7f0000001900)=""/127, 0x7f}], 0x3}}, {{0x0, 0x0, &(0x7f0000001c00)=[{&(0x7f0000002e00)=""/4096, 0x1000}, {&(0x7f00000019c0)=""/150, 0x96}, {&(0x7f0000001a80)=""/28, 0x1c}, {&(0x7f0000001ac0)=""/210, 0xd2}, {&(0x7f0000001bc0)=""/11, 0xb}], 0x5}}, {{&(0x7f0000001c80), 0x6e, &(0x7f00000040c0)=[{&(0x7f0000003e00)=""/237, 0xed}, {&(0x7f0000003f00)=""/130, 0x82}, {&(0x7f0000003fc0)=""/135, 0x87}, {&(0x7f0000001d00)=""/9, 0x9}, {&(0x7f0000001d40)=""/37, 0x25}, {&(0x7f0000004080)=""/16, 0x10}], 0x6, &(0x7f0000004140)=[@cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xf0}}], 0x5, 0x40000001, &(0x7f0000004380)={0x77359400}) inotify_add_watch(r0, &(0x7f00000043c0)='./file0\x00', 0x40000200) perf_event_open(&(0x7f0000001d80)={0x3, 0x80, 0x46, 0x0, 0x0, 0x3, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) 01:49:08 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 80) [ 955.268113] FAULT_INJECTION: forcing a failure. [ 955.268113] name failslab, interval 1, probability 0, space 0, times 0 [ 955.270572] CPU: 0 PID: 7210 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 955.271986] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 955.273697] Call Trace: [ 955.274249] dump_stack+0x107/0x167 [ 955.275009] should_fail.cold+0x5/0xa [ 955.275797] ? alloc_vfsmnt+0x23/0x680 [ 955.276599] should_failslab+0x5/0x20 [ 955.277406] kmem_cache_alloc+0x5b/0x360 [ 955.278241] ? copy_tree+0x61a/0xa60 [ 955.279006] alloc_vfsmnt+0x23/0x680 [ 955.279776] clone_mnt+0x6c/0xce0 [ 955.280499] copy_tree+0x3b0/0xa60 [ 955.281259] copy_mnt_ns+0x144/0xa00 [ 955.282031] ? rcu_read_lock_sched_held+0x3e/0x80 [ 955.283014] ? kmem_cache_alloc+0x2b4/0x360 [ 955.283898] create_new_namespaces+0xd6/0xb20 [ 955.284830] copy_namespaces+0x39e/0x480 [ 955.285691] copy_process+0x2549/0x67d0 [ 955.286496] ? find_held_lock+0x2c/0x110 [ 955.287330] ? __cleanup_sighand+0xb0/0xb0 [ 955.288205] ? _copy_from_user+0xfb/0x1b0 [ 955.289061] kernel_clone+0xe7/0xa20 [ 955.289819] ? __lockdep_reset_lock+0x180/0x180 [ 955.290772] ? create_io_thread+0xf0/0xf0 [ 955.291627] ? ksys_write+0x21a/0x260 [ 955.292409] ? lock_downgrade+0x6d0/0x6d0 [ 955.293271] __do_sys_clone3+0x1e5/0x320 [ 955.294100] ? __do_sys_clone+0x110/0x110 [ 955.294967] ? rcu_read_lock_any_held+0x75/0xa0 [ 955.295912] ? vfs_write+0x354/0xa30 [ 955.296681] ? fput_many+0x2f/0x1a0 [ 955.297452] ? ksys_write+0x1a9/0x260 [ 955.298250] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 955.299332] ? syscall_enter_from_user_mode+0x1d/0x50 [ 955.300387] ? trace_hardirqs_on+0x5b/0x180 [ 955.301285] do_syscall_64+0x33/0x40 [ 955.302054] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 955.303095] RIP: 0033:0x7f48f386eb19 [ 955.303858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 955.307631] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 955.309195] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 955.310649] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 955.312109] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 955.313588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 955.315056] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:49:08 executing program 4: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fstat(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r6, r5, 0x9, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r5, 0xc028660f, &(0x7f0000000240)={0x0, r2, 0x4, 0x6, 0x100000000}) openat(r1, &(0x7f0000000040)='./file0\x00', 0x280000, 0x150) setsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000000140)={{{@in=@private=0xa010100, @in6=@dev={0xfe, 0x80, '\x00', 0x40}, 0x4e24, 0x3, 0x4e21, 0x8001, 0xa, 0x20, 0x0, 0x2a, 0x0, r3}, {0x1, 0x10001, 0x1, 0x3, 0xde, 0x848, 0x1, 0x4}, {0x6a9, 0x7, 0x20, 0x4}, 0x9, 0x6e6bb8, 0x2, 0x0, 0xb7bcd0f3ea71b4da, 0x3}, {{@in=@loopback, 0x4d3, 0xff}, 0x2, @in=@broadcast, 0x3503, 0x4, 0x89925f04ffad650f, 0xbf, 0x0, 0x1f, 0x4}}, 0xe8) fchown(r0, 0x0, r4) 01:49:08 executing program 3: socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r0}, @void}}}, 0x24}}, 0x0) 01:49:08 executing program 0: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:49:26 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 81) 01:49:26 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x80000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r2, r1, 0x9, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r4, r3, 0x9, 0x0) close_range(r1, r4, 0x2) lseek(r0, 0x20, 0x1) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) pipe2(&(0x7f0000000040), 0x800) 01:49:26 executing program 0: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:49:26 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:49:26 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:49:26 executing program 2: clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:49:26 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:49:26 executing program 3: socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r0}, @void}}}, 0x24}}, 0x0) [ 972.619260] FAULT_INJECTION: forcing a failure. [ 972.619260] name failslab, interval 1, probability 0, space 0, times 0 [ 972.621665] CPU: 1 PID: 7234 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 972.623049] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 972.624716] Call Trace: [ 972.625271] dump_stack+0x107/0x167 [ 972.626011] should_fail.cold+0x5/0xa [ 972.626785] ? create_object.isra.0+0x3a/0xa20 [ 972.627709] should_failslab+0x5/0x20 [ 972.628477] kmem_cache_alloc+0x5b/0x360 [ 972.629326] create_object.isra.0+0x3a/0xa20 [ 972.630220] kmemleak_alloc_percpu+0xa0/0x100 [ 972.631136] pcpu_alloc+0x4e2/0x12f0 [ 972.631913] alloc_vfsmnt+0xfd/0x680 [ 972.632671] clone_mnt+0x6c/0xce0 [ 972.633395] copy_tree+0x3b0/0xa60 [ 972.634138] copy_mnt_ns+0x144/0xa00 [ 972.634889] ? rcu_read_lock_sched_held+0x3e/0x80 [ 972.635854] ? kmem_cache_alloc+0x2b4/0x360 [ 972.636728] create_new_namespaces+0xd6/0xb20 [ 972.637643] copy_namespaces+0x39e/0x480 [ 972.638463] copy_process+0x2549/0x67d0 [ 972.639263] ? find_held_lock+0x2c/0x110 [ 972.640102] ? __cleanup_sighand+0xb0/0xb0 [ 972.640963] ? _copy_from_user+0xfb/0x1b0 [ 972.641828] kernel_clone+0xe7/0xa20 [ 972.642577] ? __lockdep_reset_lock+0x180/0x180 [ 972.643512] ? create_io_thread+0xf0/0xf0 [ 972.644360] ? ksys_write+0x21a/0x260 [ 972.645135] ? lock_downgrade+0x6d0/0x6d0 [ 972.645973] __do_sys_clone3+0x1e5/0x320 [ 972.646786] ? __do_sys_clone+0x110/0x110 [ 972.647639] ? rcu_read_lock_any_held+0x75/0xa0 [ 972.648566] ? vfs_write+0x354/0xa30 [ 972.649327] ? fput_many+0x2f/0x1a0 [ 972.650059] ? ksys_write+0x1a9/0x260 [ 972.650834] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 972.651889] ? syscall_enter_from_user_mode+0x1d/0x50 [ 972.652922] ? trace_hardirqs_on+0x5b/0x180 [ 972.653814] do_syscall_64+0x33/0x40 [ 972.654564] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 972.655592] RIP: 0033:0x7f48f386eb19 [ 972.656341] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 972.659999] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 972.661537] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 972.662955] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 972.664408] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 972.665870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 972.667332] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:49:26 executing program 3: socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r0}, @void}}}, 0x24}}, 0x0) 01:49:26 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) getsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000e80)={@private2, 0x0}, &(0x7f0000000ec0)=0x14) sendmmsg$inet6(r0, &(0x7f00000011c0)=[{{0x0, 0x0, &(0x7f0000000a80)=[{&(0x7f0000000780)="3f4b795f003df446a5612cf9a6af004ca4e87856e90eeaa0dd28113b6664595675e8b9a667ca3bd92de68fd16f4fcafecc", 0x31}, {&(0x7f00000007c0)="c39c5a5406ad3278180a46607f7579bcdc44ca19e4f54aab691a6b4d75793af149efcc179beb4e7c50f3d084e330728530075c9e04e8477fee555f6c20cdfceb8120bf3f18d128ed2ea87100bd85edea8e8490f316761759e597c5865f3c74de5636408c648f149934602074301b76276e89fc26892659d6113888d48a88a0b5411f5f33867b15beca564879bf0faec27c14c1e31589d5568e740f87352d3938738ebfbfd733712c0d537a2234a5a4d8a5f17ea29c7fd948986571", 0xbb}, {&(0x7f0000000880)="6afb6cb2dbbafaaf5a7479920ad2134e809697539413314e5065d99f6c9ef59f1e37aa86a186a004eab5b01cff41b0fe05cd1f856e6ff6b4dfc805ba64871258f808200ac393102a1b7c7d5db51a07c91b1199caf04b324a00839cc497444775fa64af61d66ccf", 0x67}, {&(0x7f0000000900)="774245719ebed25af5a40d25614ec3ed568b0c384b6018f370d4711115bebe491951fbd4add471e182df51ccb6c76d8581c977feff5d82b26a6058dc6df2d6f55cc6e1ad5a505142ee0a42722da279b3acd784484544752f5cc402ca4bea2a6deb68ed79db88e445c0af02d1a2f9e0f4", 0x70}, {&(0x7f0000000980)="ad45f362df79b3fdffe09e3141bfdc3d9b1d15bf5b1fb261cc3e45c66b358d62f9a3728738fa6e69ec9beea47f66636824c2a26223a0dfdeb15ae5cc351dbe15fca8", 0x42}, {&(0x7f0000000a00)="f7bf5885dfa099ecb251746f3576ad1910d085a981e5e50844f34e3b216623cd496789bde5e9ea39099355f54ab8011045c1ef2eaa27e51f0cfd0d0a3eaf09d99417f1c3824694", 0x47}], 0x6}}, {{&(0x7f0000000b00)={0xa, 0x4e20, 0x3b5, @empty, 0x3}, 0x1c, &(0x7f0000000e40)=[{&(0x7f0000000b40)="44ea4d728a2951afe1822105077fbeabae9ef8a5902d98e34fc8daae90357edd33587ae83f858fc829f77378195ff7347a3cd1b79d3f0fc814562795429a32bb21dd5d7b1ecaa67c5c6878b8caa636b96307b2936919c24bd50e46d87366667fef1ba2cae60f9d7749ff3232def0630aa61375f7f716d984639dd892f41591603fc55c52dffbcc550192151999f5c2f794f313f5c5b6b7ef37f3ac6358a4420013652c70a4978c6637d50b5704dc5cb9a26e0fb4f62860c2d8a99c6eae20a8d0905dddf211f25bbf1583e1c53ec8bec809263dbe32829e7b01bc5cb4b46dc2", 0xdf}, {&(0x7f0000000c40)="de049b5eb216cf2058bf45a02d292a2211d3ab6df2011eeb75aef87f81432a4780b8b074f81fba3fe85fe43441d74e3b9f2c3b8fe4b637f3db190e278a823ebec913210d8b4efd5792f6bf29ff6e2865a27a6bdb4a270c716c6dddc9c0cea14907082815825539b314f9f0373f40e0822c21687455b3b5a8c891ab3a7aa7cb78c670dc836abe1f82e2b8b9f646b74ca5e20f5067d91475485db5e54951bce614064cec54ddba32beee29d5e21fd3d36c67d6058bd3519e47d78a48f6bac5c1e0de3e62b11ea568137b91a9185345d1b55f0d65aae0ce137dc86e367e8f5ab8830c40f6b5049e5ef6be5c", 0xea}, {&(0x7f0000000d40)="099ccea3a45e4780bdb8b9f569fe393628b5a514e13e98e6069fc35ebfd8544da1d1d7cfab39b91dc7127863b8063d6085af0ac3abbf5ebf6670546123c8084f07edab2c66c0f568475bdba60b2c2e9ccb953324896644233aab82abdd2a53e87ab0e8e6ae322e0b98583c069bcf5440f032abac37cd005b3ffd9c3241687f6e674a6e45cbe4488d103f94ca29b55916842a2ef4b64aba243636d6aecf1169e52845c31d569e7566ba86fa3072ee37d37a10c68d2195e030020ce9c17714dd7dccf9b8cca38bfc1cf1115a5430c4079d40b030", 0xd3}], 0x3, &(0x7f0000000f00)=[@hopopts_2292={{0x28, 0x29, 0x36, {0x67, 0x1, '\x00', [@pad1, @enc_lim={0x4, 0x1, 0x1}, @ra={0x5, 0x2, 0x80}]}}}, @rthdrdstopts={{0x40, 0x29, 0x37, {0x6, 0x4, '\x00', [@generic={0x6, 0x22, "2ace46b0a75f9a88366e2e7a0457d03a673c3688b3715b2f13cef82082a02b9c8250"}]}}}, @pktinfo={{0x24, 0x29, 0x32, {@ipv4={'\x00', '\xff\xff', @loopback}, r1}}}], 0x90}}, {{&(0x7f0000000fc0)={0xa, 0x4e24, 0x100, @private0, 0x5}, 0x1c, &(0x7f0000001080)=[{&(0x7f0000001e00)="d9df65ca9e3e591bb47eca3da1e4d3ebf6a5f1d2f2560c04c024f60736604bed7365648fed820de445dbb9b1fb4c3cfd7d6b13437e57a4bf017a2b734a2bc1eac299afcb27f53fdd68485027f3ae5ef73165bfca5a2f462f705c2a12f0bcf79beb23e70fd63f6429c3641119f0f09beda6fbe0b340f9fcdf073c7478569e40d4ab1f1500c0f4b90d5156a42653446803487ec2dc5150faf560bcd882a8aadcac267a9794e550cbc2e31c769667a5e43ec7e4e84284d0adf51797722cfb96f0b1576e4b747a6758348a6d262a5f5d95912e028036cf260d737c3bc927581c841986f3abf907fd8bb69cef3175ddd0ceb6602616660bad1e239433d2658d07e624bdaf8601ffb56fd9bf7f8ece698ddf177a75ae086ffd85d9d96d37bfa69f1e0a13ac4b06b431eff30b5fe854c60eb4998e453c343a273b2aac58531d6902899c832d76d6ef3eb6642671ce8d97133410f2af45db31e7eba824c423f63220ddfac2c799e453c07469691cded6ef1a0fdf169c0ccebd096e6fc21ca118b5c044dcded8a78cea0df9581f05d8a7babf1eaf3cf68d5acca53d471e90ea6f50099e7e8872acb7939c0b1f2c96938651b914c2d56c3eb4ea84c5317c6916a70855ddb7b8d7ab756319b0ddf8238034a310736e7d50271718066475269cc77a5b236533d2df3368bc6fd315a33552c8c98a9b343854681f415e2288a94f9f1d63d5e067f9c09a97ac27af404e6379820deca26f5a2bdd01055685aa41fbb51682dbe80f2b486ecf8a0f29225c293b0b4e056050d52f75e6e04b27771105ab0f0b292909fa964385a87eed5b7f49772485fe657f9f77eb3590c35fd7fc367e919edb830df0577ae31a8b03a026ef01c4db060bd4a0b39a8c3b60c5348d602415363a0782457a2bfa50cbeeb34a7cce9c65f1bdc248f11c26e48ecdfad24b7823d37baae148ebc2b4500c82a68f6eb8de1eae00d0e4483c07e7d9cc7c7c56a98442485500e6bd7b14f44fad89968e830697a44383b3988aeb6e60f9b8196d9cd7d3e4e51f8d9351e70bd113b6cbcbc21bbfc327adb295bc85b9b76533d27cb7fb73a536c2afcfe84d6f0c2005a420e606c24813a74be1021e67591cc6d8c08f7518fd9df9dea6a058695e8a101867261574176c1711ab7e3ef59883a55d25519427d31fe74381297ce46c02c366437a89dfdae08a3011fd4e32c7a1828e52af042b6c22232f2578ebeb009c1e578a05e81e7df2fd839e5feae1a064dd0d5eafa864fa111f80ecba4ebd2a53d09475b4ea24ebd396c782af66218bf59b0b9e99389fee8d40efbec80c659af3f36ca0d80f36078c9c918dc7f49c3cb4a76ab265eafefba9c3977e2c90c85c4236985b2d989f51286b9df28b391e62be6fa637a738c7dc80225c5b2474f967b819bdf2145697f19321151bed1d8c49183247b63a13245d42af205e4c4f22c4d792ca650209b488670c2eed83d2d1353e9d6fbbc7ee5c9f00cc7ff7576638183714e959f532868c6c1b4905bdb85ecdd3b1ade0e18138da4b3ef745133badc9ad27dbb0ee1a1ec207573baba06adb06f5ab130560dd5fc041da4acaa8aa75e108f0e508d4bcf0cedb7d4f0d267e4171aadd1a0da187c3078d1d46f26deafa0ac2c0064969fdadc54ae74ef5d29a9ae5a164d54085c0144ef4ce2d0a0757e40ee675e482c31e36056e2cb8dbf458d0c472ef2aea3277eaba157df40b71e17fa0dcda966c7740f10acf4a77320a68f18d90d096bc7063d3a6d46ee6c9ecdc040c1609ec74d40c29849fc91379810903c6628a653515e7d241d2db0cd7d03e290ef0a8a1ff9458c2252e27f75d663429ee4053e974ea45520a884dc9aa0178227fbfd42bf2c15e92a023b4640ae3c5c632d051818531c8176babfaae9bedc98a72849f7c70fba0456088fdd4b3caccf213fd80a493ab62c05585b62623f91077fc0c9acbf90c222672688dbc4de9100492a8e1b0757eedba8ec7ba23ef658fddcc82c3454022169f2f1e9ec9c53063827eb020e658dd90d0ccac8e687872b6079ca808a74fc9659af5d824df2b58391e869075c79487ee8b58289d5231c7df596de3c97a2fd251f5ddb8991c53f55281e47dea384515db3a022a50363180c792445e25464ba7954ea73d9cf0952f0e67faa822a885ac73fab6c58f87db85e6a3f7bace2b3d454bef5ede6368d4cc6d7bddb65b5a06ea93546be9c6a524ee2e906c25d8af160c89977b75254055e420dbe1ef650bd32b893b13c27f0f897fdc2d7e4c8e4396dcc9b9aa8cc1159cb87912a3a4cb56b78320fe870fa95c2003ed91caa5c7e6a79c5fea2761b3a3aaf6cb45b6997b5593e869c2263fe78414b322283ba7913aa6a8047a26a911c0e0a8c45db07d2fa326c25bf1ea6e16e4dd01de2d2fa58bd0d572fc53d823e83a09e34dbdfc48bc0e082d2825dbd023ef87d5ce1b2776767d9c5077bc67d577aa78af0850034bfdd71bb6965882fbfe8b8a3df05d44a58433a243c2a085e9794509cb1aad34a93465cb0bbce343766ba7f7ed141d4e6f8ca56ba4e27869e37d6b7c3456ab16e6e4b95db5300505dcd26fd9b54b0d57b74cc7d247db9e23b660f8af8cdfbb213cbb951f79e0306be95cee2d31e82df1eadbd9dfdf540ddadcd6f8909283a38f09b1c3587eae0b8c859999e6dae188024b46cbeb0f45462cae0706c2552cdbd11d8e3bd0ecef6973752a5ea522184b058ac56e17f17a0ae5daa3f267da7a54f98c29176c6ebf6f252057acada93337e150fa9f9fc707bb79e842c9afa9f4f12aaf4a1e7b373251d88e490b33195a49c99614b61b2a539b8d688d70d997d960c30827ebfb890a068421f86710088cd5d2c7903df93256c57720c5c4bcedc06e0d648bdc1132148f4d1351f1b8c0d3b7553d51832f31a5b2bc68559600300b9baec436212c5a2f3aa00736ae325b8dc38ee061148caeaa0ebd9ef826652b372f8a42f092ddae82ddc873ec9179771f231a4682073cb5c8886d08d9f11e3c98e2d51393618553da0bd26a64b27e77367a5e5e34ee09a36e0de9f0ed6d655356bf3f5da64cb57e64b12ff3542cf5f0e59801aacca54859836bdf98b67f42c5fdf93a6a969899a02d8ecc64ea2d724407f9a087cfbff3352869fbe636f36427bcd6dcaca6b123bfc58fcb224463cc9c3bbe97f295f1bbdb215ab38c32f302ff5f10e345eca79e85ec7adb75eda124fbc014075543cd93000431b095e1d80fd5653d53026ab6ff542340348d05a2c59a1bf0139834604e0d86ecb3354d5ad4067dcfff124c59b158578182df57dd6bce4b32112542d271a417970f18b1af5e3bac910e8bb77cca22072c0abc2a826455897bd40e7692d69f4f07c741b9f65d942454cd4eac4e13f8990bfed9afd1de3259e75162b9fe0567cb43ef50d5e0e6d4234d61421792a43aa973e9bc60c723b060ae778c257994911c88678feb04b9d4ac06d5bc3fec1e2989ef543c87e3b12bf2efe416437677eeae076aa35d7bbff5e79702514b283ea241b5ee95801cce46b0bf22227792c16806f23ed32906b8f9780cdb262e66ddab4594d0deebd7161a4a649ba8b40399198fd2557e68547b9f50baa1306caf3c526f295108428f82420c468e4da1097d07109c287757b44cb98c45a05eb7b098815f5f7bfd4181742f50476613c9678305f4e4ea0f503175442f0f3b39103e5c7caa9bb8087fc2b7eb107f599ec9b0ae20e77f4dcf81e77024c396e05fea87c5ea2f9c1b183272b6304b7a911ed2db80b9aa5573536faf02eace08ac8783e55935a26c4a25ff073c7498b12dc256a3414e486711e1e3c5f35bdfeaf0671e0227166ee5fc5421647cd8f8c64d58c47ba2e6b1f7f72e2da51f4a0ec8037877c9c952fa8171cf55dcf3f67045f5374055cbacaf2aa5dc03e56f2505ef1dc96f2d10251a35e592ff1ef69e9279b6a8cb77bf6116242d865e2e9d141485ce31414ea4c6a85c363facda988298f04271f060e564bb6b1087fca7b63e19e8f335ffc4c94396dbbf6dda245087772337364f738bb9dc12ecadf14381d33f338d52ba67ec707fcf5ad7b0742c365936647e07a43e60ad5b319ae08f971d296481c354c905d1611c0d527146828b14d72f14c039954cd7e2d16873077833004a8ddd778333d73a2d35cb31db7e4e1de02dee5af48970ccb285fcd45e42e906a63de53f21c5497a52233c63471b7cd7b4f966faf5a2761e3626b54a7ef8a02cc514f9a6d7743bf2b0d0a7ff0cd879315f2abc767c319596e9d147af3cb11643d2880cc9e48f751f99e705a32695cfd37c7b434203be2dad82c5d196b8f3a3a56735f695eaa049506a60b56a0f599003f99c12a8b93c52cd12ff94bb6bd0801a9b428d992e02261aaa0090a3cbed66fd3c0a6bc7c02dd035d4afe973931dc8935349659c2d1ed04eadf0d785075dcb38dbdc415653817c42d54dc32b2b137cf0fb67d12d44f6ad8aff63742962d2a364b8b223cdd2d0156e8a936406bd000ed0b435e6c558bbf4ab52df12eae836c97b665e5645fb8827bc243c85fca620ad5d58193d2cb671340c85ba04bf8c4953685f440695ee42adc8c721a423d46cde12b714e3eec0dfd212394e592801af441bbee4e6d526901f9165033f5601f7a781dee7ada1d0b1d301e10fd14eecb049c77194dfb00b32d8dc317acacb968275bac3e49a4569192d12a9d7e7361291eb69f2bffa7137d0524048998e5b89596758067113db710b36d33fe25471ae6240c60fd282e365dab251bf86047613f0f2561b057a98d8e548061b67ae086a31af414afc15dd5b8e34f57c334e05221b7251070d1d90fb1929d87915f99dc4aeac6d326c573113a9b2199b865f1be0a1ec8c58edb1e7971567f12ef76d885644773208ea85595012980698ffd1566bbc76fc08b919be326c08f616fbedfa29dc79e4c1d621e16b171e8f3e1f9b9456a973b8e92399d09bc0a4c9d51993eba55f81b641ccd41d830cb7b4e4a2c260a134af8fa99b5b6a09fdcb4cc630351ad54f1587aecc42a22a407e8586dde42f91d5b7f00556d3007554ad2aff6dde12e6125929b32ade8fe8e03863395f21652fb3beb17eec66d2e673c30210ef999b34028bc782c2e8900c06a120a586929022c4a5124e1c9c6772dafa4b39c52a2b0ce2c36fd15e477d570693cacbecfe67fb0dd617774091ff7da4de9f56319d5d5fb31e6bed19b5d6cd4de73cd80ed0656e44c847afc00586343ac35d192c2a2a08479f2897c3b57115674b3ca0186a00a61ed8cb7c6e87b278216145f76f85d8b337f451d84a106c3faeaedd44da27180da6cd754b920465d818a11df3b249fd67fa0d2b6a0cf16ca0b12e2e5c391f50ebb33036ec28912dd877b80994f78cab966ab015edffe157f230baef884b2ddb3a82ad6da1ebf9f8135f4d03408b9c7079e53e17350cecc243221c744ca490b27ec525113e97189e6fbaf271b29287221473cf7c9565c18c620504280650469a93db8369af3063b842df08822f77d57e416c8c17a72dcca7994ab62bc60490c1ad819c86536ca4b19784193da1b22211f8e777c8d671b2c9cfd0e52738e58d27b7c70c25dc01f427e10421271e2d7f7fc8af0ad81932a36a60e68b82e41da23d1afb9dba2d115c8e575d6e66a34f20d532565f22c8914be240ac17dd794675a8f42688fb5ef6da0b86698728f33e78ecc7ba13ffe1a3c4170e8b313ca453cd299f538666191bf4888108a35d25cac2759563e638217182e240707e5009654df7670c67b8cf06be13c3fb27d1eb764557", 0x1000}, {&(0x7f0000001000)="6e44c2cd640f32ef8b22db20f31aed9e283acfdc8782e7ecf28de08f3512007c66dd12b49baa266fd71474f32957c3027918f0cfca8a2e51ca593b6b1beaa8623235f1d28ef9c0658e6013a66754f95d916d7b2e42fc4675b698a51677d307ab50b131fc8c91cf", 0x67}], 0x2, &(0x7f00000010c0)=[@hopopts_2292={{0x68, 0x29, 0x36, {0x87, 0x9, '\x00', [@calipso={0x7, 0x48, {0x1, 0x10, 0x1, 0xb0, [0x857, 0xffffffffffffffff, 0x8, 0x8, 0xfffffffffffffff7, 0x20, 0x5, 0x5]}}]}}}, @rthdr_2292={{0x78, 0x29, 0x39, {0x64, 0xc, 0x2, 0x4, 0x0, [@private1={0xfc, 0x1, '\x00', 0x1}, @empty, @local, @local, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @empty]}}}], 0xe0}}], 0x3, 0x4801) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r3, r2, 0x9, 0x0) ftruncate(r2, 0x7) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r5, r4, 0x9, 0x0) r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000001280)='/sys/module/nf_conntrack_ftp', 0x80000, 0x110) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r5, 0x2405, r6) ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0xfffffffffffffff9) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x8000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x11, &(0x7f00000004c0)=[{&(0x7f0000000080)='K', 0x1}], 0x1}, 0x200000}], 0x7ffff000, 0x0) r7 = creat(&(0x7f00000000c0)='./file0\x00', 0x43) copy_file_range(r0, &(0x7f0000000000)=0x3, r7, &(0x7f0000000100)=0xfffffffffffffffe, 0x6, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000000c0)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x4, 0x4, 0x4, 0x4, {0xa, 0x4e24, 0x9, @empty, 0x8}}}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000140)="7bd9d0b0f9eefe6614f249f7d8d9ac85075341b0a663334583f5ec933678a445b5803fb3f675cf8562609cb3171570e151b742c88481bb5c9c4d98c8d7bdbb5b6dbdc6500318195b1353e501154b2cd85411e8a48f7d0e2400d12b46dfea59df5208b1e7fa0ab549ff6e65", 0x6b}, {&(0x7f0000000040)="0d7657351e6c448eb0eb325d1597519fdf0c79020e81822af8970274a5d0ad9362ce4d9a0c91f3f076791fbfcc8690a978e6ea254b9e500a16", 0x39}, {&(0x7f00000001c0)="24d394c2f1ceb7fe5e3f7ef47234c61e7af0cb6b9853be27a3db1ace90f0dc06cb2e0b847102e3b73a70fa281956d849aef8bf730d6512cdb53776df4723d97f08c480c5178d1b97d073afe4658a91515266a3c73b96b7998173916db231cf4e5a1a4c1598b3b96e4cb72935bda47f884e667bc824bbfa7d8f3a3dfc07a2e8a4fee5efd7939f12bcf2ed7f8147687c870458a8603e05deb1e5c82fb1afedd6a4c502fe45914de69e02a225fd4da3a3388244c0a34786f1a46197506863fbb6e3e76c8635ae255001c76a74a452625064c681c8e77a6a9f83f77a0f4930b5dfcf073b0b0ae6297ddd9d501aac", 0xec}, {&(0x7f00000002c0)="3c97f6fd4ff5b0f00e8fbc64198c12b6bf6e9d37549568c110b8bdc2d566cf314c9750fff548ffe16d66d2766e45c3720c40b774f4cbef7638ce9176811d513468b67a70edf6acdf221c151367c3760ab58fa83c80f9fb69dddac93ba3d09e9f2c7a3f00f74233c8d72cfc2e36b78d61b9d50eced933262e59d08e40a876151368a93b071690c67def0d1ff8e3960df63a2764a10c6f1870356b4893d2fb2cf112ba5589094f39e357b6759996054fc05db34ba564ed352b235b507e4cef03b604fd512623b10c26b64efb9123646295ed305a1e6c28", 0xd6}, {&(0x7f00000003c0)="5508fa84ade7f0a3761ee42a7b63a58fb5bedf4429b4c2ec18dd9638c8cb22e14b7cfccaa5cd027898dff8c76553e6442da068", 0x33}, {&(0x7f0000000400)="eabc3eac42292849c1d8b21f39723d8ce4e1064d879134e77173f7b2c7771f653d967de98a0d6b9f3500daaa602759772188a39156530145f185ba50bb6f181fc6d938", 0x43}, {&(0x7f0000000480)="bc4447ebb3100589e0e235d63b1f51b566e421b57c2bd351bd0e8ac4ff0e02f2c6f9322716abf1a16b7dabdba9a079662df24ed235ea5dd199531bde96b5bf7919737db8600748113a6e57a432e7d8af7181e6256ce127daf5d5abf9d63a1aa0966bd0b4ca6559fe2097a012c45712e0faa5cead96ecbd317dbf51101f4967bed76a7b736e78304fc8e3ebe453ac23432822cb696d93040127958cee8866f578ca8d20987c343f27aca63bc744c13ed53ea77d07aa7a2dabb87c71c87b96248a144bf2e8e7529db6d7ac7c6d01fe5089b01aee", 0xd3}, {&(0x7f0000000580)="879d6e", 0x3}], 0x8, &(0x7f0000000640)=[{0xf0, 0x112, 0x620, "6fca041845d104780b222c7ae9f491dd394728c3af9b3c7c7e228ed6d5fdec07ef5c5dcf35b30384ac52d7a8172a929b96a2a4737374e71d28f4d9723e013920ef5b2215ff034af2a76698f98d1a3664de8aec921e954555a32b1d63ac6b7b22cdbbd25807a3b626f8959acd736e0b874424e64d6f67d1abdb5fc0efa885f87995012539d7325cd45f42fdb1f99c118b815075209230460729ff9e3bd79534469027fb4c2760f78554598892665cc75dbe1d1249f5b8925b985837b10065002e18a84644116f44b2aee5d60e16ca45766d03ef12e9252c0a6aca"}], 0xf0}, 0x4c084) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) 01:49:26 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8}, @void}}}, 0x24}}, 0x0) 01:49:26 executing program 0: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:49:26 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 82) [ 972.904102] FAULT_INJECTION: forcing a failure. [ 972.904102] name failslab, interval 1, probability 0, space 0, times 0 [ 972.906314] CPU: 1 PID: 7359 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 972.907606] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 972.909195] Call Trace: [ 972.909697] dump_stack+0x107/0x167 [ 972.910401] should_fail.cold+0x5/0xa [ 972.911119] ? create_object.isra.0+0x3a/0xa20 [ 972.911991] should_failslab+0x5/0x20 [ 972.912719] kmem_cache_alloc+0x5b/0x360 [ 972.913506] ? mark_held_locks+0x9e/0xe0 [ 972.914277] create_object.isra.0+0x3a/0xa20 [ 972.915124] kmemleak_alloc_percpu+0xa0/0x100 [ 972.915984] pcpu_alloc+0x4e2/0x12f0 [ 972.916705] alloc_vfsmnt+0xfd/0x680 [ 972.917426] clone_mnt+0x6c/0xce0 [ 972.918107] copy_tree+0x3b0/0xa60 [ 972.918801] copy_mnt_ns+0x144/0xa00 [ 972.919509] ? rcu_read_lock_sched_held+0x3e/0x80 [ 972.920429] ? kmem_cache_alloc+0x2b4/0x360 [ 972.921286] create_new_namespaces+0xd6/0xb20 [ 972.922141] copy_namespaces+0x39e/0x480 [ 972.922912] copy_process+0x2549/0x67d0 [ 972.923660] ? find_held_lock+0x2c/0x110 [ 972.924458] ? __cleanup_sighand+0xb0/0xb0 [ 972.925278] ? _copy_from_user+0xfb/0x1b0 [ 972.926073] kernel_clone+0xe7/0xa20 [ 972.926781] ? __lockdep_reset_lock+0x180/0x180 [ 972.927663] ? create_io_thread+0xf0/0xf0 [ 972.928461] ? ksys_write+0x21a/0x260 [ 972.929194] ? lock_downgrade+0x6d0/0x6d0 [ 972.929973] __do_sys_clone3+0x1e5/0x320 [ 972.930738] ? __do_sys_clone+0x110/0x110 [ 972.931539] ? rcu_read_lock_any_held+0x75/0xa0 [ 972.932424] ? vfs_write+0x354/0xa30 [ 972.933153] ? fput_many+0x2f/0x1a0 [ 972.933842] ? ksys_write+0x1a9/0x260 [ 972.934572] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 972.935573] ? syscall_enter_from_user_mode+0x1d/0x50 [ 972.936552] ? trace_hardirqs_on+0x5b/0x180 [ 972.937379] do_syscall_64+0x33/0x40 [ 972.938089] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 972.939059] RIP: 0033:0x7f48f386eb19 [ 972.939769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 972.943237] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 972.944649] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 972.945996] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 972.947314] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 972.948631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 972.949958] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:49:26 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8}, @void}}}, 0x24}}, 0x0) 01:49:42 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 83) 01:49:42 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8}, @void}}}, 0x24}}, 0x0) 01:49:42 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:49:42 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:49:42 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:49:42 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x0, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:49:42 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000040), 0x800) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r1, r0, 0x9, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000)) 01:49:42 executing program 5: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) r3 = dup(r2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r3, 0xc04c5349, &(0x7f00000000c0)) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:49:42 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 989.367353] FAULT_INJECTION: forcing a failure. [ 989.367353] name failslab, interval 1, probability 0, space 0, times 0 [ 989.369999] CPU: 0 PID: 7386 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 989.371510] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 989.373359] Call Trace: [ 989.373949] dump_stack+0x107/0x167 [ 989.374756] should_fail.cold+0x5/0xa [ 989.375603] ? alloc_vfsmnt+0x23/0x680 [ 989.376459] should_failslab+0x5/0x20 [ 989.377298] kmem_cache_alloc+0x5b/0x360 [ 989.378199] ? copy_tree+0x61a/0xa60 [ 989.379025] alloc_vfsmnt+0x23/0x680 [ 989.379851] clone_mnt+0x6c/0xce0 [ 989.380627] copy_tree+0x3b0/0xa60 [ 989.381446] copy_mnt_ns+0x144/0xa00 [ 989.382272] ? rcu_read_lock_sched_held+0x3e/0x80 [ 989.383320] ? kmem_cache_alloc+0x2b4/0x360 [ 989.384270] create_new_namespaces+0xd6/0xb20 [ 989.385259] copy_namespaces+0x39e/0x480 [ 989.386160] copy_process+0x2549/0x67d0 [ 989.387029] ? find_held_lock+0x2c/0x110 [ 989.387934] ? __cleanup_sighand+0xb0/0xb0 [ 989.388887] ? _copy_from_user+0xfb/0x1b0 [ 989.389818] kernel_clone+0xe7/0xa20 [ 989.390637] ? __lockdep_reset_lock+0x180/0x180 [ 989.391654] ? create_io_thread+0xf0/0xf0 [ 989.392584] ? ksys_write+0x21a/0x260 [ 989.393428] ? lock_downgrade+0x6d0/0x6d0 [ 989.394364] __do_sys_clone3+0x1e5/0x320 [ 989.395253] ? __do_sys_clone+0x110/0x110 [ 989.396184] ? rcu_read_lock_any_held+0x75/0xa0 [ 989.397190] ? vfs_write+0x354/0xa30 [ 989.398025] ? fput_many+0x2f/0x1a0 [ 989.398818] ? ksys_write+0x1a9/0x260 [ 989.399666] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 989.400817] ? syscall_enter_from_user_mode+0x1d/0x50 [ 989.401955] ? trace_hardirqs_on+0x5b/0x180 [ 989.402902] do_syscall_64+0x33/0x40 [ 989.403720] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 989.404835] RIP: 0033:0x7f48f386eb19 [ 989.405653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 989.409646] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 989.411303] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 989.412844] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 989.414396] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 989.415938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 989.417488] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:49:42 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r1}, @void}}}, 0x24}}, 0x0) 01:49:42 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r1}, @void}}}, 0x24}}, 0x0) 01:49:42 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:49:42 executing program 4: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0xfd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r2, r1, 0x9, 0x0) r3 = fcntl$dupfd(r1, 0x406, r0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r5, r4, 0x9, 0x0) ioctl$FIBMAP(r5, 0x1, &(0x7f0000000180)=0x81) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r3, 0x4008240b, &(0x7f0000000100)={0x2, 0x80, 0x80, 0x97, 0x7f, 0x0, 0x0, 0x8, 0xc014f, 0x6, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0xff, 0x0, @perf_bp={&(0x7f00000000c0), 0x2}, 0x8102, 0x6, 0x2, 0x6, 0x0, 0x7, 0x8, 0x0, 0x1, 0x0, 0x5}) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x0) read$eventfd(r6, &(0x7f0000000040), 0x8) 01:49:42 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:49:43 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 84) [ 989.616027] FAULT_INJECTION: forcing a failure. [ 989.616027] name failslab, interval 1, probability 0, space 0, times 0 [ 989.617692] CPU: 1 PID: 7405 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 989.618650] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 989.619810] Call Trace: [ 989.620165] dump_stack+0x107/0x167 [ 989.620685] should_fail.cold+0x5/0xa [ 989.621223] ? create_object.isra.0+0x3a/0xa20 [ 989.621881] should_failslab+0x5/0x20 [ 989.622418] kmem_cache_alloc+0x5b/0x360 [ 989.622999] ? __lockdep_reset_lock+0x180/0x180 [ 989.623656] create_object.isra.0+0x3a/0xa20 [ 989.624278] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 989.625000] kmem_cache_alloc+0x159/0x360 [ 989.625612] alloc_vfsmnt+0x23/0x680 [ 989.626147] clone_mnt+0x6c/0xce0 [ 989.626630] copy_tree+0x3b0/0xa60 [ 989.627141] copy_mnt_ns+0x144/0xa00 [ 989.627662] ? rcu_read_lock_sched_held+0x3e/0x80 [ 989.628340] ? kmem_cache_alloc+0x2b4/0x360 [ 989.628962] create_new_namespaces+0xd6/0xb20 [ 989.629615] copy_namespaces+0x39e/0x480 [ 989.630191] copy_process+0x2549/0x67d0 [ 989.630753] ? find_held_lock+0x2c/0x110 [ 989.631346] ? __cleanup_sighand+0xb0/0xb0 [ 989.631953] ? _copy_from_user+0xfb/0x1b0 [ 989.632542] kernel_clone+0xe7/0xa20 [ 989.633066] ? __lockdep_reset_lock+0x180/0x180 [ 989.633733] ? create_io_thread+0xf0/0xf0 [ 989.634331] ? ksys_write+0x21a/0x260 [ 989.634876] ? lock_downgrade+0x6d0/0x6d0 [ 989.635466] __do_sys_clone3+0x1e5/0x320 [ 989.636028] ? __do_sys_clone+0x110/0x110 [ 989.636633] ? rcu_read_lock_any_held+0x75/0xa0 [ 989.637294] ? vfs_write+0x354/0xa30 [ 989.637816] ? fput_many+0x2f/0x1a0 [ 989.638318] ? ksys_write+0x1a9/0x260 [ 989.638851] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 989.639592] ? syscall_enter_from_user_mode+0x1d/0x50 [ 989.640294] ? trace_hardirqs_on+0x5b/0x180 [ 989.640900] do_syscall_64+0x33/0x40 [ 989.641422] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 989.642122] RIP: 0033:0x7f48f386eb19 [ 989.642631] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 989.645136] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 989.646199] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 989.647173] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 989.648153] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 989.649127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 989.650108] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:49:43 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r1}, @void}}}, 0x24}}, 0x0) 01:49:43 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) getsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000e80)={@private2, 0x0}, &(0x7f0000000ec0)=0x14) sendmmsg$inet6(r0, &(0x7f00000011c0)=[{{0x0, 0x0, &(0x7f0000000a80)=[{&(0x7f0000000780)="3f4b795f003df446a5612cf9a6af004ca4e87856e90eeaa0dd28113b6664595675e8b9a667ca3bd92de68fd16f4fcafecc", 0x31}, {&(0x7f00000007c0)="c39c5a5406ad3278180a46607f7579bcdc44ca19e4f54aab691a6b4d75793af149efcc179beb4e7c50f3d084e330728530075c9e04e8477fee555f6c20cdfceb8120bf3f18d128ed2ea87100bd85edea8e8490f316761759e597c5865f3c74de5636408c648f149934602074301b76276e89fc26892659d6113888d48a88a0b5411f5f33867b15beca564879bf0faec27c14c1e31589d5568e740f87352d3938738ebfbfd733712c0d537a2234a5a4d8a5f17ea29c7fd948986571", 0xbb}, {&(0x7f0000000880)="6afb6cb2dbbafaaf5a7479920ad2134e809697539413314e5065d99f6c9ef59f1e37aa86a186a004eab5b01cff41b0fe05cd1f856e6ff6b4dfc805ba64871258f808200ac393102a1b7c7d5db51a07c91b1199caf04b324a00839cc497444775fa64af61d66ccf", 0x67}, {&(0x7f0000000900)="774245719ebed25af5a40d25614ec3ed568b0c384b6018f370d4711115bebe491951fbd4add471e182df51ccb6c76d8581c977feff5d82b26a6058dc6df2d6f55cc6e1ad5a505142ee0a42722da279b3acd784484544752f5cc402ca4bea2a6deb68ed79db88e445c0af02d1a2f9e0f4", 0x70}, {&(0x7f0000000980)="ad45f362df79b3fdffe09e3141bfdc3d9b1d15bf5b1fb261cc3e45c66b358d62f9a3728738fa6e69ec9beea47f66636824c2a26223a0dfdeb15ae5cc351dbe15fca8", 0x42}, {&(0x7f0000000a00)="f7bf5885dfa099ecb251746f3576ad1910d085a981e5e50844f34e3b216623cd496789bde5e9ea39099355f54ab8011045c1ef2eaa27e51f0cfd0d0a3eaf09d99417f1c3824694", 0x47}], 0x6}}, {{&(0x7f0000000b00)={0xa, 0x4e20, 0x3b5, @empty, 0x3}, 0x1c, &(0x7f0000000e40)=[{&(0x7f0000000b40)="44ea4d728a2951afe1822105077fbeabae9ef8a5902d98e34fc8daae90357edd33587ae83f858fc829f77378195ff7347a3cd1b79d3f0fc814562795429a32bb21dd5d7b1ecaa67c5c6878b8caa636b96307b2936919c24bd50e46d87366667fef1ba2cae60f9d7749ff3232def0630aa61375f7f716d984639dd892f41591603fc55c52dffbcc550192151999f5c2f794f313f5c5b6b7ef37f3ac6358a4420013652c70a4978c6637d50b5704dc5cb9a26e0fb4f62860c2d8a99c6eae20a8d0905dddf211f25bbf1583e1c53ec8bec809263dbe32829e7b01bc5cb4b46dc2", 0xdf}, {&(0x7f0000000c40)="de049b5eb216cf2058bf45a02d292a2211d3ab6df2011eeb75aef87f81432a4780b8b074f81fba3fe85fe43441d74e3b9f2c3b8fe4b637f3db190e278a823ebec913210d8b4efd5792f6bf29ff6e2865a27a6bdb4a270c716c6dddc9c0cea14907082815825539b314f9f0373f40e0822c21687455b3b5a8c891ab3a7aa7cb78c670dc836abe1f82e2b8b9f646b74ca5e20f5067d91475485db5e54951bce614064cec54ddba32beee29d5e21fd3d36c67d6058bd3519e47d78a48f6bac5c1e0de3e62b11ea568137b91a9185345d1b55f0d65aae0ce137dc86e367e8f5ab8830c40f6b5049e5ef6be5c", 0xea}, {&(0x7f0000000d40)="099ccea3a45e4780bdb8b9f569fe393628b5a514e13e98e6069fc35ebfd8544da1d1d7cfab39b91dc7127863b8063d6085af0ac3abbf5ebf6670546123c8084f07edab2c66c0f568475bdba60b2c2e9ccb953324896644233aab82abdd2a53e87ab0e8e6ae322e0b98583c069bcf5440f032abac37cd005b3ffd9c3241687f6e674a6e45cbe4488d103f94ca29b55916842a2ef4b64aba243636d6aecf1169e52845c31d569e7566ba86fa3072ee37d37a10c68d2195e030020ce9c17714dd7dccf9b8cca38bfc1cf1115a5430c4079d40b030", 0xd3}], 0x3, &(0x7f0000000f00)=[@hopopts_2292={{0x28, 0x29, 0x36, {0x67, 0x1, '\x00', [@pad1, @enc_lim={0x4, 0x1, 0x1}, @ra={0x5, 0x2, 0x80}]}}}, @rthdrdstopts={{0x40, 0x29, 0x37, {0x6, 0x4, '\x00', [@generic={0x6, 0x22, "2ace46b0a75f9a88366e2e7a0457d03a673c3688b3715b2f13cef82082a02b9c8250"}]}}}, @pktinfo={{0x24, 0x29, 0x32, {@ipv4={'\x00', '\xff\xff', @loopback}, r1}}}], 0x90}}, {{&(0x7f0000000fc0)={0xa, 0x4e24, 0x100, @private0, 0x5}, 0x1c, &(0x7f0000001080)=[{&(0x7f0000001e00)="d9df65ca9e3e591bb47eca3da1e4d3ebf6a5f1d2f2560c04c024f60736604bed7365648fed820de445dbb9b1fb4c3cfd7d6b13437e57a4bf017a2b734a2bc1eac299afcb27f53fdd68485027f3ae5ef73165bfca5a2f462f705c2a12f0bcf79beb23e70fd63f6429c3641119f0f09beda6fbe0b340f9fcdf073c7478569e40d4ab1f1500c0f4b90d5156a42653446803487ec2dc5150faf560bcd882a8aadcac267a9794e550cbc2e31c769667a5e43ec7e4e84284d0adf51797722cfb96f0b1576e4b747a6758348a6d262a5f5d95912e028036cf260d737c3bc927581c841986f3abf907fd8bb69cef3175ddd0ceb6602616660bad1e239433d2658d07e624bdaf8601ffb56fd9bf7f8ece698ddf177a75ae086ffd85d9d96d37bfa69f1e0a13ac4b06b431eff30b5fe854c60eb4998e453c343a273b2aac58531d6902899c832d76d6ef3eb6642671ce8d97133410f2af45db31e7eba824c423f63220ddfac2c799e453c07469691cded6ef1a0fdf169c0ccebd096e6fc21ca118b5c044dcded8a78cea0df9581f05d8a7babf1eaf3cf68d5acca53d471e90ea6f50099e7e8872acb7939c0b1f2c96938651b914c2d56c3eb4ea84c5317c6916a70855ddb7b8d7ab756319b0ddf8238034a310736e7d50271718066475269cc77a5b236533d2df3368bc6fd315a33552c8c98a9b343854681f415e2288a94f9f1d63d5e067f9c09a97ac27af404e6379820deca26f5a2bdd01055685aa41fbb51682dbe80f2b486ecf8a0f29225c293b0b4e056050d52f75e6e04b27771105ab0f0b292909fa964385a87eed5b7f49772485fe657f9f77eb3590c35fd7fc367e919edb830df0577ae31a8b03a026ef01c4db060bd4a0b39a8c3b60c5348d602415363a0782457a2bfa50cbeeb34a7cce9c65f1bdc248f11c26e48ecdfad24b7823d37baae148ebc2b4500c82a68f6eb8de1eae00d0e4483c07e7d9cc7c7c56a98442485500e6bd7b14f44fad89968e830697a44383b3988aeb6e60f9b8196d9cd7d3e4e51f8d9351e70bd113b6cbcbc21bbfc327adb295bc85b9b76533d27cb7fb73a536c2afcfe84d6f0c2005a420e606c24813a74be1021e67591cc6d8c08f7518fd9df9dea6a058695e8a101867261574176c1711ab7e3ef59883a55d25519427d31fe74381297ce46c02c366437a89dfdae08a3011fd4e32c7a1828e52af042b6c22232f2578ebeb009c1e578a05e81e7df2fd839e5feae1a064dd0d5eafa864fa111f80ecba4ebd2a53d09475b4ea24ebd396c782af66218bf59b0b9e99389fee8d40efbec80c659af3f36ca0d80f36078c9c918dc7f49c3cb4a76ab265eafefba9c3977e2c90c85c4236985b2d989f51286b9df28b391e62be6fa637a738c7dc80225c5b2474f967b819bdf2145697f19321151bed1d8c49183247b63a13245d42af205e4c4f22c4d792ca650209b488670c2eed83d2d1353e9d6fbbc7ee5c9f00cc7ff7576638183714e959f532868c6c1b4905bdb85ecdd3b1ade0e18138da4b3ef745133badc9ad27dbb0ee1a1ec207573baba06adb06f5ab130560dd5fc041da4acaa8aa75e108f0e508d4bcf0cedb7d4f0d267e4171aadd1a0da187c3078d1d46f26deafa0ac2c0064969fdadc54ae74ef5d29a9ae5a164d54085c0144ef4ce2d0a0757e40ee675e482c31e36056e2cb8dbf458d0c472ef2aea3277eaba157df40b71e17fa0dcda966c7740f10acf4a77320a68f18d90d096bc7063d3a6d46ee6c9ecdc040c1609ec74d40c29849fc91379810903c6628a653515e7d241d2db0cd7d03e290ef0a8a1ff9458c2252e27f75d663429ee4053e974ea45520a884dc9aa0178227fbfd42bf2c15e92a023b4640ae3c5c632d051818531c8176babfaae9bedc98a72849f7c70fba0456088fdd4b3caccf213fd80a493ab62c05585b62623f91077fc0c9acbf90c222672688dbc4de9100492a8e1b0757eedba8ec7ba23ef658fddcc82c3454022169f2f1e9ec9c53063827eb020e658dd90d0ccac8e687872b6079ca808a74fc9659af5d824df2b58391e869075c79487ee8b58289d5231c7df596de3c97a2fd251f5ddb8991c53f55281e47dea384515db3a022a50363180c792445e25464ba7954ea73d9cf0952f0e67faa822a885ac73fab6c58f87db85e6a3f7bace2b3d454bef5ede6368d4cc6d7bddb65b5a06ea93546be9c6a524ee2e906c25d8af160c89977b75254055e420dbe1ef650bd32b893b13c27f0f897fdc2d7e4c8e4396dcc9b9aa8cc1159cb87912a3a4cb56b78320fe870fa95c2003ed91caa5c7e6a79c5fea2761b3a3aaf6cb45b6997b5593e869c2263fe78414b322283ba7913aa6a8047a26a911c0e0a8c45db07d2fa326c25bf1ea6e16e4dd01de2d2fa58bd0d572fc53d823e83a09e34dbdfc48bc0e082d2825dbd023ef87d5ce1b2776767d9c5077bc67d577aa78af0850034bfdd71bb6965882fbfe8b8a3df05d44a58433a243c2a085e9794509cb1aad34a93465cb0bbce343766ba7f7ed141d4e6f8ca56ba4e27869e37d6b7c3456ab16e6e4b95db5300505dcd26fd9b54b0d57b74cc7d247db9e23b660f8af8cdfbb213cbb951f79e0306be95cee2d31e82df1eadbd9dfdf540ddadcd6f8909283a38f09b1c3587eae0b8c859999e6dae188024b46cbeb0f45462cae0706c2552cdbd11d8e3bd0ecef6973752a5ea522184b058ac56e17f17a0ae5daa3f267da7a54f98c29176c6ebf6f252057acada93337e150fa9f9fc707bb79e842c9afa9f4f12aaf4a1e7b373251d88e490b33195a49c99614b61b2a539b8d688d70d997d960c30827ebfb890a068421f86710088cd5d2c7903df93256c57720c5c4bcedc06e0d648bdc1132148f4d1351f1b8c0d3b7553d51832f31a5b2bc68559600300b9baec436212c5a2f3aa00736ae325b8dc38ee061148caeaa0ebd9ef826652b372f8a42f092ddae82ddc873ec9179771f231a4682073cb5c8886d08d9f11e3c98e2d51393618553da0bd26a64b27e77367a5e5e34ee09a36e0de9f0ed6d655356bf3f5da64cb57e64b12ff3542cf5f0e59801aacca54859836bdf98b67f42c5fdf93a6a969899a02d8ecc64ea2d724407f9a087cfbff3352869fbe636f36427bcd6dcaca6b123bfc58fcb224463cc9c3bbe97f295f1bbdb215ab38c32f302ff5f10e345eca79e85ec7adb75eda124fbc014075543cd93000431b095e1d80fd5653d53026ab6ff542340348d05a2c59a1bf0139834604e0d86ecb3354d5ad4067dcfff124c59b158578182df57dd6bce4b32112542d271a417970f18b1af5e3bac910e8bb77cca22072c0abc2a826455897bd40e7692d69f4f07c741b9f65d942454cd4eac4e13f8990bfed9afd1de3259e75162b9fe0567cb43ef50d5e0e6d4234d61421792a43aa973e9bc60c723b060ae778c257994911c88678feb04b9d4ac06d5bc3fec1e2989ef543c87e3b12bf2efe416437677eeae076aa35d7bbff5e79702514b283ea241b5ee95801cce46b0bf22227792c16806f23ed32906b8f9780cdb262e66ddab4594d0deebd7161a4a649ba8b40399198fd2557e68547b9f50baa1306caf3c526f295108428f82420c468e4da1097d07109c287757b44cb98c45a05eb7b098815f5f7bfd4181742f50476613c9678305f4e4ea0f503175442f0f3b39103e5c7caa9bb8087fc2b7eb107f599ec9b0ae20e77f4dcf81e77024c396e05fea87c5ea2f9c1b183272b6304b7a911ed2db80b9aa5573536faf02eace08ac8783e55935a26c4a25ff073c7498b12dc256a3414e486711e1e3c5f35bdfeaf0671e0227166ee5fc5421647cd8f8c64d58c47ba2e6b1f7f72e2da51f4a0ec8037877c9c952fa8171cf55dcf3f67045f5374055cbacaf2aa5dc03e56f2505ef1dc96f2d10251a35e592ff1ef69e9279b6a8cb77bf6116242d865e2e9d141485ce31414ea4c6a85c363facda988298f04271f060e564bb6b1087fca7b63e19e8f335ffc4c94396dbbf6dda245087772337364f738bb9dc12ecadf14381d33f338d52ba67ec707fcf5ad7b0742c365936647e07a43e60ad5b319ae08f971d296481c354c905d1611c0d527146828b14d72f14c039954cd7e2d16873077833004a8ddd778333d73a2d35cb31db7e4e1de02dee5af48970ccb285fcd45e42e906a63de53f21c5497a52233c63471b7cd7b4f966faf5a2761e3626b54a7ef8a02cc514f9a6d7743bf2b0d0a7ff0cd879315f2abc767c319596e9d147af3cb11643d2880cc9e48f751f99e705a32695cfd37c7b434203be2dad82c5d196b8f3a3a56735f695eaa049506a60b56a0f599003f99c12a8b93c52cd12ff94bb6bd0801a9b428d992e02261aaa0090a3cbed66fd3c0a6bc7c02dd035d4afe973931dc8935349659c2d1ed04eadf0d785075dcb38dbdc415653817c42d54dc32b2b137cf0fb67d12d44f6ad8aff63742962d2a364b8b223cdd2d0156e8a936406bd000ed0b435e6c558bbf4ab52df12eae836c97b665e5645fb8827bc243c85fca620ad5d58193d2cb671340c85ba04bf8c4953685f440695ee42adc8c721a423d46cde12b714e3eec0dfd212394e592801af441bbee4e6d526901f9165033f5601f7a781dee7ada1d0b1d301e10fd14eecb049c77194dfb00b32d8dc317acacb968275bac3e49a4569192d12a9d7e7361291eb69f2bffa7137d0524048998e5b89596758067113db710b36d33fe25471ae6240c60fd282e365dab251bf86047613f0f2561b057a98d8e548061b67ae086a31af414afc15dd5b8e34f57c334e05221b7251070d1d90fb1929d87915f99dc4aeac6d326c573113a9b2199b865f1be0a1ec8c58edb1e7971567f12ef76d885644773208ea85595012980698ffd1566bbc76fc08b919be326c08f616fbedfa29dc79e4c1d621e16b171e8f3e1f9b9456a973b8e92399d09bc0a4c9d51993eba55f81b641ccd41d830cb7b4e4a2c260a134af8fa99b5b6a09fdcb4cc630351ad54f1587aecc42a22a407e8586dde42f91d5b7f00556d3007554ad2aff6dde12e6125929b32ade8fe8e03863395f21652fb3beb17eec66d2e673c30210ef999b34028bc782c2e8900c06a120a586929022c4a5124e1c9c6772dafa4b39c52a2b0ce2c36fd15e477d570693cacbecfe67fb0dd617774091ff7da4de9f56319d5d5fb31e6bed19b5d6cd4de73cd80ed0656e44c847afc00586343ac35d192c2a2a08479f2897c3b57115674b3ca0186a00a61ed8cb7c6e87b278216145f76f85d8b337f451d84a106c3faeaedd44da27180da6cd754b920465d818a11df3b249fd67fa0d2b6a0cf16ca0b12e2e5c391f50ebb33036ec28912dd877b80994f78cab966ab015edffe157f230baef884b2ddb3a82ad6da1ebf9f8135f4d03408b9c7079e53e17350cecc243221c744ca490b27ec525113e97189e6fbaf271b29287221473cf7c9565c18c620504280650469a93db8369af3063b842df08822f77d57e416c8c17a72dcca7994ab62bc60490c1ad819c86536ca4b19784193da1b22211f8e777c8d671b2c9cfd0e52738e58d27b7c70c25dc01f427e10421271e2d7f7fc8af0ad81932a36a60e68b82e41da23d1afb9dba2d115c8e575d6e66a34f20d532565f22c8914be240ac17dd794675a8f42688fb5ef6da0b86698728f33e78ecc7ba13ffe1a3c4170e8b313ca453cd299f538666191bf4888108a35d25cac2759563e638217182e240707e5009654df7670c67b8cf06be13c3fb27d1eb764557", 0x1000}, {&(0x7f0000001000)="6e44c2cd640f32ef8b22db20f31aed9e283acfdc8782e7ecf28de08f3512007c66dd12b49baa266fd71474f32957c3027918f0cfca8a2e51ca593b6b1beaa8623235f1d28ef9c0658e6013a66754f95d916d7b2e42fc4675b698a51677d307ab50b131fc8c91cf", 0x67}], 0x2, &(0x7f00000010c0)=[@hopopts_2292={{0x68, 0x29, 0x36, {0x87, 0x9, '\x00', [@calipso={0x7, 0x48, {0x1, 0x10, 0x1, 0xb0, [0x857, 0xffffffffffffffff, 0x8, 0x8, 0xfffffffffffffff7, 0x20, 0x5, 0x5]}}]}}}, @rthdr_2292={{0x78, 0x29, 0x39, {0x64, 0xc, 0x2, 0x4, 0x0, [@private1={0xfc, 0x1, '\x00', 0x1}, @empty, @local, @local, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @empty]}}}], 0xe0}}], 0x3, 0x4801) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r3, r2, 0x9, 0x0) ftruncate(r2, 0x7) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r5, r4, 0x9, 0x0) r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000001280)='/sys/module/nf_conntrack_ftp', 0x80000, 0x110) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r5, 0x2405, r6) ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0xfffffffffffffff9) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x8000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x11, &(0x7f00000004c0)=[{&(0x7f0000000080)='K', 0x1}], 0x1}, 0x200000}], 0x7ffff000, 0x0) r7 = creat(&(0x7f00000000c0)='./file0\x00', 0x43) copy_file_range(r0, &(0x7f0000000000)=0x3, r7, &(0x7f0000000100)=0xfffffffffffffffe, 0x6, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000000c0)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x4, 0x4, 0x4, 0x4, {0xa, 0x4e24, 0x9, @empty, 0x8}}}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000140)="7bd9d0b0f9eefe6614f249f7d8d9ac85075341b0a663334583f5ec933678a445b5803fb3f675cf8562609cb3171570e151b742c88481bb5c9c4d98c8d7bdbb5b6dbdc6500318195b1353e501154b2cd85411e8a48f7d0e2400d12b46dfea59df5208b1e7fa0ab549ff6e65", 0x6b}, {&(0x7f0000000040)="0d7657351e6c448eb0eb325d1597519fdf0c79020e81822af8970274a5d0ad9362ce4d9a0c91f3f076791fbfcc8690a978e6ea254b9e500a16", 0x39}, {&(0x7f00000001c0)="24d394c2f1ceb7fe5e3f7ef47234c61e7af0cb6b9853be27a3db1ace90f0dc06cb2e0b847102e3b73a70fa281956d849aef8bf730d6512cdb53776df4723d97f08c480c5178d1b97d073afe4658a91515266a3c73b96b7998173916db231cf4e5a1a4c1598b3b96e4cb72935bda47f884e667bc824bbfa7d8f3a3dfc07a2e8a4fee5efd7939f12bcf2ed7f8147687c870458a8603e05deb1e5c82fb1afedd6a4c502fe45914de69e02a225fd4da3a3388244c0a34786f1a46197506863fbb6e3e76c8635ae255001c76a74a452625064c681c8e77a6a9f83f77a0f4930b5dfcf073b0b0ae6297ddd9d501aac", 0xec}, {&(0x7f00000002c0)="3c97f6fd4ff5b0f00e8fbc64198c12b6bf6e9d37549568c110b8bdc2d566cf314c9750fff548ffe16d66d2766e45c3720c40b774f4cbef7638ce9176811d513468b67a70edf6acdf221c151367c3760ab58fa83c80f9fb69dddac93ba3d09e9f2c7a3f00f74233c8d72cfc2e36b78d61b9d50eced933262e59d08e40a876151368a93b071690c67def0d1ff8e3960df63a2764a10c6f1870356b4893d2fb2cf112ba5589094f39e357b6759996054fc05db34ba564ed352b235b507e4cef03b604fd512623b10c26b64efb9123646295ed305a1e6c28", 0xd6}, {&(0x7f00000003c0)="5508fa84ade7f0a3761ee42a7b63a58fb5bedf4429b4c2ec18dd9638c8cb22e14b7cfccaa5cd027898dff8c76553e6442da068", 0x33}, {&(0x7f0000000400)="eabc3eac42292849c1d8b21f39723d8ce4e1064d879134e77173f7b2c7771f653d967de98a0d6b9f3500daaa602759772188a39156530145f185ba50bb6f181fc6d938", 0x43}, {&(0x7f0000000480)="bc4447ebb3100589e0e235d63b1f51b566e421b57c2bd351bd0e8ac4ff0e02f2c6f9322716abf1a16b7dabdba9a079662df24ed235ea5dd199531bde96b5bf7919737db8600748113a6e57a432e7d8af7181e6256ce127daf5d5abf9d63a1aa0966bd0b4ca6559fe2097a012c45712e0faa5cead96ecbd317dbf51101f4967bed76a7b736e78304fc8e3ebe453ac23432822cb696d93040127958cee8866f578ca8d20987c343f27aca63bc744c13ed53ea77d07aa7a2dabb87c71c87b96248a144bf2e8e7529db6d7ac7c6d01fe5089b01aee", 0xd3}, {&(0x7f0000000580)="879d6e", 0x3}], 0x8, &(0x7f0000000640)=[{0xf0, 0x112, 0x620, "6fca041845d104780b222c7ae9f491dd394728c3af9b3c7c7e228ed6d5fdec07ef5c5dcf35b30384ac52d7a8172a929b96a2a4737374e71d28f4d9723e013920ef5b2215ff034af2a76698f98d1a3664de8aec921e954555a32b1d63ac6b7b22cdbbd25807a3b626f8959acd736e0b874424e64d6f67d1abdb5fc0efa885f87995012539d7325cd45f42fdb1f99c118b815075209230460729ff9e3bd79534469027fb4c2760f78554598892665cc75dbe1d1249f5b8925b985837b10065002e18a84644116f44b2aee5d60e16ca45766d03ef12e9252c0a6aca"}], 0xf0}, 0x4c084) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) 01:50:00 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 85) 01:50:00 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) getsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000e80)={@private2, 0x0}, &(0x7f0000000ec0)=0x14) sendmmsg$inet6(r0, &(0x7f00000011c0)=[{{0x0, 0x0, &(0x7f0000000a80)=[{&(0x7f0000000780)="3f4b795f003df446a5612cf9a6af004ca4e87856e90eeaa0dd28113b6664595675e8b9a667ca3bd92de68fd16f4fcafecc", 0x31}, {&(0x7f00000007c0)="c39c5a5406ad3278180a46607f7579bcdc44ca19e4f54aab691a6b4d75793af149efcc179beb4e7c50f3d084e330728530075c9e04e8477fee555f6c20cdfceb8120bf3f18d128ed2ea87100bd85edea8e8490f316761759e597c5865f3c74de5636408c648f149934602074301b76276e89fc26892659d6113888d48a88a0b5411f5f33867b15beca564879bf0faec27c14c1e31589d5568e740f87352d3938738ebfbfd733712c0d537a2234a5a4d8a5f17ea29c7fd948986571", 0xbb}, {&(0x7f0000000880)="6afb6cb2dbbafaaf5a7479920ad2134e809697539413314e5065d99f6c9ef59f1e37aa86a186a004eab5b01cff41b0fe05cd1f856e6ff6b4dfc805ba64871258f808200ac393102a1b7c7d5db51a07c91b1199caf04b324a00839cc497444775fa64af61d66ccf", 0x67}, {&(0x7f0000000900)="774245719ebed25af5a40d25614ec3ed568b0c384b6018f370d4711115bebe491951fbd4add471e182df51ccb6c76d8581c977feff5d82b26a6058dc6df2d6f55cc6e1ad5a505142ee0a42722da279b3acd784484544752f5cc402ca4bea2a6deb68ed79db88e445c0af02d1a2f9e0f4", 0x70}, {&(0x7f0000000980)="ad45f362df79b3fdffe09e3141bfdc3d9b1d15bf5b1fb261cc3e45c66b358d62f9a3728738fa6e69ec9beea47f66636824c2a26223a0dfdeb15ae5cc351dbe15fca8", 0x42}, {&(0x7f0000000a00)="f7bf5885dfa099ecb251746f3576ad1910d085a981e5e50844f34e3b216623cd496789bde5e9ea39099355f54ab8011045c1ef2eaa27e51f0cfd0d0a3eaf09d99417f1c3824694", 0x47}], 0x6}}, {{&(0x7f0000000b00)={0xa, 0x4e20, 0x3b5, @empty, 0x3}, 0x1c, &(0x7f0000000e40)=[{&(0x7f0000000b40)="44ea4d728a2951afe1822105077fbeabae9ef8a5902d98e34fc8daae90357edd33587ae83f858fc829f77378195ff7347a3cd1b79d3f0fc814562795429a32bb21dd5d7b1ecaa67c5c6878b8caa636b96307b2936919c24bd50e46d87366667fef1ba2cae60f9d7749ff3232def0630aa61375f7f716d984639dd892f41591603fc55c52dffbcc550192151999f5c2f794f313f5c5b6b7ef37f3ac6358a4420013652c70a4978c6637d50b5704dc5cb9a26e0fb4f62860c2d8a99c6eae20a8d0905dddf211f25bbf1583e1c53ec8bec809263dbe32829e7b01bc5cb4b46dc2", 0xdf}, {&(0x7f0000000c40)="de049b5eb216cf2058bf45a02d292a2211d3ab6df2011eeb75aef87f81432a4780b8b074f81fba3fe85fe43441d74e3b9f2c3b8fe4b637f3db190e278a823ebec913210d8b4efd5792f6bf29ff6e2865a27a6bdb4a270c716c6dddc9c0cea14907082815825539b314f9f0373f40e0822c21687455b3b5a8c891ab3a7aa7cb78c670dc836abe1f82e2b8b9f646b74ca5e20f5067d91475485db5e54951bce614064cec54ddba32beee29d5e21fd3d36c67d6058bd3519e47d78a48f6bac5c1e0de3e62b11ea568137b91a9185345d1b55f0d65aae0ce137dc86e367e8f5ab8830c40f6b5049e5ef6be5c", 0xea}, {&(0x7f0000000d40)="099ccea3a45e4780bdb8b9f569fe393628b5a514e13e98e6069fc35ebfd8544da1d1d7cfab39b91dc7127863b8063d6085af0ac3abbf5ebf6670546123c8084f07edab2c66c0f568475bdba60b2c2e9ccb953324896644233aab82abdd2a53e87ab0e8e6ae322e0b98583c069bcf5440f032abac37cd005b3ffd9c3241687f6e674a6e45cbe4488d103f94ca29b55916842a2ef4b64aba243636d6aecf1169e52845c31d569e7566ba86fa3072ee37d37a10c68d2195e030020ce9c17714dd7dccf9b8cca38bfc1cf1115a5430c4079d40b030", 0xd3}], 0x3, &(0x7f0000000f00)=[@hopopts_2292={{0x28, 0x29, 0x36, {0x67, 0x1, '\x00', [@pad1, @enc_lim={0x4, 0x1, 0x1}, @ra={0x5, 0x2, 0x80}]}}}, @rthdrdstopts={{0x40, 0x29, 0x37, {0x6, 0x4, '\x00', [@generic={0x6, 0x22, "2ace46b0a75f9a88366e2e7a0457d03a673c3688b3715b2f13cef82082a02b9c8250"}]}}}, @pktinfo={{0x24, 0x29, 0x32, {@ipv4={'\x00', '\xff\xff', @loopback}, r1}}}], 0x90}}, {{&(0x7f0000000fc0)={0xa, 0x4e24, 0x100, @private0, 0x5}, 0x1c, &(0x7f0000001080)=[{&(0x7f0000001e00)="d9df65ca9e3e591bb47eca3da1e4d3ebf6a5f1d2f2560c04c024f60736604bed7365648fed820de445dbb9b1fb4c3cfd7d6b13437e57a4bf017a2b734a2bc1eac299afcb27f53fdd68485027f3ae5ef73165bfca5a2f462f705c2a12f0bcf79beb23e70fd63f6429c3641119f0f09beda6fbe0b340f9fcdf073c7478569e40d4ab1f1500c0f4b90d5156a42653446803487ec2dc5150faf560bcd882a8aadcac267a9794e550cbc2e31c769667a5e43ec7e4e84284d0adf51797722cfb96f0b1576e4b747a6758348a6d262a5f5d95912e028036cf260d737c3bc927581c841986f3abf907fd8bb69cef3175ddd0ceb6602616660bad1e239433d2658d07e624bdaf8601ffb56fd9bf7f8ece698ddf177a75ae086ffd85d9d96d37bfa69f1e0a13ac4b06b431eff30b5fe854c60eb4998e453c343a273b2aac58531d6902899c832d76d6ef3eb6642671ce8d97133410f2af45db31e7eba824c423f63220ddfac2c799e453c07469691cded6ef1a0fdf169c0ccebd096e6fc21ca118b5c044dcded8a78cea0df9581f05d8a7babf1eaf3cf68d5acca53d471e90ea6f50099e7e8872acb7939c0b1f2c96938651b914c2d56c3eb4ea84c5317c6916a70855ddb7b8d7ab756319b0ddf8238034a310736e7d50271718066475269cc77a5b236533d2df3368bc6fd315a33552c8c98a9b343854681f415e2288a94f9f1d63d5e067f9c09a97ac27af404e6379820deca26f5a2bdd01055685aa41fbb51682dbe80f2b486ecf8a0f29225c293b0b4e056050d52f75e6e04b27771105ab0f0b292909fa964385a87eed5b7f49772485fe657f9f77eb3590c35fd7fc367e919edb830df0577ae31a8b03a026ef01c4db060bd4a0b39a8c3b60c5348d602415363a0782457a2bfa50cbeeb34a7cce9c65f1bdc248f11c26e48ecdfad24b7823d37baae148ebc2b4500c82a68f6eb8de1eae00d0e4483c07e7d9cc7c7c56a98442485500e6bd7b14f44fad89968e830697a44383b3988aeb6e60f9b8196d9cd7d3e4e51f8d9351e70bd113b6cbcbc21bbfc327adb295bc85b9b76533d27cb7fb73a536c2afcfe84d6f0c2005a420e606c24813a74be1021e67591cc6d8c08f7518fd9df9dea6a058695e8a101867261574176c1711ab7e3ef59883a55d25519427d31fe74381297ce46c02c366437a89dfdae08a3011fd4e32c7a1828e52af042b6c22232f2578ebeb009c1e578a05e81e7df2fd839e5feae1a064dd0d5eafa864fa111f80ecba4ebd2a53d09475b4ea24ebd396c782af66218bf59b0b9e99389fee8d40efbec80c659af3f36ca0d80f36078c9c918dc7f49c3cb4a76ab265eafefba9c3977e2c90c85c4236985b2d989f51286b9df28b391e62be6fa637a738c7dc80225c5b2474f967b819bdf2145697f19321151bed1d8c49183247b63a13245d42af205e4c4f22c4d792ca650209b488670c2eed83d2d1353e9d6fbbc7ee5c9f00cc7ff7576638183714e959f532868c6c1b4905bdb85ecdd3b1ade0e18138da4b3ef745133badc9ad27dbb0ee1a1ec207573baba06adb06f5ab130560dd5fc041da4acaa8aa75e108f0e508d4bcf0cedb7d4f0d267e4171aadd1a0da187c3078d1d46f26deafa0ac2c0064969fdadc54ae74ef5d29a9ae5a164d54085c0144ef4ce2d0a0757e40ee675e482c31e36056e2cb8dbf458d0c472ef2aea3277eaba157df40b71e17fa0dcda966c7740f10acf4a77320a68f18d90d096bc7063d3a6d46ee6c9ecdc040c1609ec74d40c29849fc91379810903c6628a653515e7d241d2db0cd7d03e290ef0a8a1ff9458c2252e27f75d663429ee4053e974ea45520a884dc9aa0178227fbfd42bf2c15e92a023b4640ae3c5c632d051818531c8176babfaae9bedc98a72849f7c70fba0456088fdd4b3caccf213fd80a493ab62c05585b62623f91077fc0c9acbf90c222672688dbc4de9100492a8e1b0757eedba8ec7ba23ef658fddcc82c3454022169f2f1e9ec9c53063827eb020e658dd90d0ccac8e687872b6079ca808a74fc9659af5d824df2b58391e869075c79487ee8b58289d5231c7df596de3c97a2fd251f5ddb8991c53f55281e47dea384515db3a022a50363180c792445e25464ba7954ea73d9cf0952f0e67faa822a885ac73fab6c58f87db85e6a3f7bace2b3d454bef5ede6368d4cc6d7bddb65b5a06ea93546be9c6a524ee2e906c25d8af160c89977b75254055e420dbe1ef650bd32b893b13c27f0f897fdc2d7e4c8e4396dcc9b9aa8cc1159cb87912a3a4cb56b78320fe870fa95c2003ed91caa5c7e6a79c5fea2761b3a3aaf6cb45b6997b5593e869c2263fe78414b322283ba7913aa6a8047a26a911c0e0a8c45db07d2fa326c25bf1ea6e16e4dd01de2d2fa58bd0d572fc53d823e83a09e34dbdfc48bc0e082d2825dbd023ef87d5ce1b2776767d9c5077bc67d577aa78af0850034bfdd71bb6965882fbfe8b8a3df05d44a58433a243c2a085e9794509cb1aad34a93465cb0bbce343766ba7f7ed141d4e6f8ca56ba4e27869e37d6b7c3456ab16e6e4b95db5300505dcd26fd9b54b0d57b74cc7d247db9e23b660f8af8cdfbb213cbb951f79e0306be95cee2d31e82df1eadbd9dfdf540ddadcd6f8909283a38f09b1c3587eae0b8c859999e6dae188024b46cbeb0f45462cae0706c2552cdbd11d8e3bd0ecef6973752a5ea522184b058ac56e17f17a0ae5daa3f267da7a54f98c29176c6ebf6f252057acada93337e150fa9f9fc707bb79e842c9afa9f4f12aaf4a1e7b373251d88e490b33195a49c99614b61b2a539b8d688d70d997d960c30827ebfb890a068421f86710088cd5d2c7903df93256c57720c5c4bcedc06e0d648bdc1132148f4d1351f1b8c0d3b7553d51832f31a5b2bc68559600300b9baec436212c5a2f3aa00736ae325b8dc38ee061148caeaa0ebd9ef826652b372f8a42f092ddae82ddc873ec9179771f231a4682073cb5c8886d08d9f11e3c98e2d51393618553da0bd26a64b27e77367a5e5e34ee09a36e0de9f0ed6d655356bf3f5da64cb57e64b12ff3542cf5f0e59801aacca54859836bdf98b67f42c5fdf93a6a969899a02d8ecc64ea2d724407f9a087cfbff3352869fbe636f36427bcd6dcaca6b123bfc58fcb224463cc9c3bbe97f295f1bbdb215ab38c32f302ff5f10e345eca79e85ec7adb75eda124fbc014075543cd93000431b095e1d80fd5653d53026ab6ff542340348d05a2c59a1bf0139834604e0d86ecb3354d5ad4067dcfff124c59b158578182df57dd6bce4b32112542d271a417970f18b1af5e3bac910e8bb77cca22072c0abc2a826455897bd40e7692d69f4f07c741b9f65d942454cd4eac4e13f8990bfed9afd1de3259e75162b9fe0567cb43ef50d5e0e6d4234d61421792a43aa973e9bc60c723b060ae778c257994911c88678feb04b9d4ac06d5bc3fec1e2989ef543c87e3b12bf2efe416437677eeae076aa35d7bbff5e79702514b283ea241b5ee95801cce46b0bf22227792c16806f23ed32906b8f9780cdb262e66ddab4594d0deebd7161a4a649ba8b40399198fd2557e68547b9f50baa1306caf3c526f295108428f82420c468e4da1097d07109c287757b44cb98c45a05eb7b098815f5f7bfd4181742f50476613c9678305f4e4ea0f503175442f0f3b39103e5c7caa9bb8087fc2b7eb107f599ec9b0ae20e77f4dcf81e77024c396e05fea87c5ea2f9c1b183272b6304b7a911ed2db80b9aa5573536faf02eace08ac8783e55935a26c4a25ff073c7498b12dc256a3414e486711e1e3c5f35bdfeaf0671e0227166ee5fc5421647cd8f8c64d58c47ba2e6b1f7f72e2da51f4a0ec8037877c9c952fa8171cf55dcf3f67045f5374055cbacaf2aa5dc03e56f2505ef1dc96f2d10251a35e592ff1ef69e9279b6a8cb77bf6116242d865e2e9d141485ce31414ea4c6a85c363facda988298f04271f060e564bb6b1087fca7b63e19e8f335ffc4c94396dbbf6dda245087772337364f738bb9dc12ecadf14381d33f338d52ba67ec707fcf5ad7b0742c365936647e07a43e60ad5b319ae08f971d296481c354c905d1611c0d527146828b14d72f14c039954cd7e2d16873077833004a8ddd778333d73a2d35cb31db7e4e1de02dee5af48970ccb285fcd45e42e906a63de53f21c5497a52233c63471b7cd7b4f966faf5a2761e3626b54a7ef8a02cc514f9a6d7743bf2b0d0a7ff0cd879315f2abc767c319596e9d147af3cb11643d2880cc9e48f751f99e705a32695cfd37c7b434203be2dad82c5d196b8f3a3a56735f695eaa049506a60b56a0f599003f99c12a8b93c52cd12ff94bb6bd0801a9b428d992e02261aaa0090a3cbed66fd3c0a6bc7c02dd035d4afe973931dc8935349659c2d1ed04eadf0d785075dcb38dbdc415653817c42d54dc32b2b137cf0fb67d12d44f6ad8aff63742962d2a364b8b223cdd2d0156e8a936406bd000ed0b435e6c558bbf4ab52df12eae836c97b665e5645fb8827bc243c85fca620ad5d58193d2cb671340c85ba04bf8c4953685f440695ee42adc8c721a423d46cde12b714e3eec0dfd212394e592801af441bbee4e6d526901f9165033f5601f7a781dee7ada1d0b1d301e10fd14eecb049c77194dfb00b32d8dc317acacb968275bac3e49a4569192d12a9d7e7361291eb69f2bffa7137d0524048998e5b89596758067113db710b36d33fe25471ae6240c60fd282e365dab251bf86047613f0f2561b057a98d8e548061b67ae086a31af414afc15dd5b8e34f57c334e05221b7251070d1d90fb1929d87915f99dc4aeac6d326c573113a9b2199b865f1be0a1ec8c58edb1e7971567f12ef76d885644773208ea85595012980698ffd1566bbc76fc08b919be326c08f616fbedfa29dc79e4c1d621e16b171e8f3e1f9b9456a973b8e92399d09bc0a4c9d51993eba55f81b641ccd41d830cb7b4e4a2c260a134af8fa99b5b6a09fdcb4cc630351ad54f1587aecc42a22a407e8586dde42f91d5b7f00556d3007554ad2aff6dde12e6125929b32ade8fe8e03863395f21652fb3beb17eec66d2e673c30210ef999b34028bc782c2e8900c06a120a586929022c4a5124e1c9c6772dafa4b39c52a2b0ce2c36fd15e477d570693cacbecfe67fb0dd617774091ff7da4de9f56319d5d5fb31e6bed19b5d6cd4de73cd80ed0656e44c847afc00586343ac35d192c2a2a08479f2897c3b57115674b3ca0186a00a61ed8cb7c6e87b278216145f76f85d8b337f451d84a106c3faeaedd44da27180da6cd754b920465d818a11df3b249fd67fa0d2b6a0cf16ca0b12e2e5c391f50ebb33036ec28912dd877b80994f78cab966ab015edffe157f230baef884b2ddb3a82ad6da1ebf9f8135f4d03408b9c7079e53e17350cecc243221c744ca490b27ec525113e97189e6fbaf271b29287221473cf7c9565c18c620504280650469a93db8369af3063b842df08822f77d57e416c8c17a72dcca7994ab62bc60490c1ad819c86536ca4b19784193da1b22211f8e777c8d671b2c9cfd0e52738e58d27b7c70c25dc01f427e10421271e2d7f7fc8af0ad81932a36a60e68b82e41da23d1afb9dba2d115c8e575d6e66a34f20d532565f22c8914be240ac17dd794675a8f42688fb5ef6da0b86698728f33e78ecc7ba13ffe1a3c4170e8b313ca453cd299f538666191bf4888108a35d25cac2759563e638217182e240707e5009654df7670c67b8cf06be13c3fb27d1eb764557", 0x1000}, {&(0x7f0000001000)="6e44c2cd640f32ef8b22db20f31aed9e283acfdc8782e7ecf28de08f3512007c66dd12b49baa266fd71474f32957c3027918f0cfca8a2e51ca593b6b1beaa8623235f1d28ef9c0658e6013a66754f95d916d7b2e42fc4675b698a51677d307ab50b131fc8c91cf", 0x67}], 0x2, &(0x7f00000010c0)=[@hopopts_2292={{0x68, 0x29, 0x36, {0x87, 0x9, '\x00', [@calipso={0x7, 0x48, {0x1, 0x10, 0x1, 0xb0, [0x857, 0xffffffffffffffff, 0x8, 0x8, 0xfffffffffffffff7, 0x20, 0x5, 0x5]}}]}}}, @rthdr_2292={{0x78, 0x29, 0x39, {0x64, 0xc, 0x2, 0x4, 0x0, [@private1={0xfc, 0x1, '\x00', 0x1}, @empty, @local, @local, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @empty]}}}], 0xe0}}], 0x3, 0x4801) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r3, r2, 0x9, 0x0) ftruncate(r2, 0x7) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r5, r4, 0x9, 0x0) r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000001280)='/sys/module/nf_conntrack_ftp', 0x80000, 0x110) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r5, 0x2405, r6) ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0xfffffffffffffff9) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x8000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x11, &(0x7f00000004c0)=[{&(0x7f0000000080)='K', 0x1}], 0x1}, 0x200000}], 0x7ffff000, 0x0) r7 = creat(&(0x7f00000000c0)='./file0\x00', 0x43) copy_file_range(r0, &(0x7f0000000000)=0x3, r7, &(0x7f0000000100)=0xfffffffffffffffe, 0x6, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000000c0)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x4, 0x4, 0x4, 0x4, {0xa, 0x4e24, 0x9, @empty, 0x8}}}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000140)="7bd9d0b0f9eefe6614f249f7d8d9ac85075341b0a663334583f5ec933678a445b5803fb3f675cf8562609cb3171570e151b742c88481bb5c9c4d98c8d7bdbb5b6dbdc6500318195b1353e501154b2cd85411e8a48f7d0e2400d12b46dfea59df5208b1e7fa0ab549ff6e65", 0x6b}, {&(0x7f0000000040)="0d7657351e6c448eb0eb325d1597519fdf0c79020e81822af8970274a5d0ad9362ce4d9a0c91f3f076791fbfcc8690a978e6ea254b9e500a16", 0x39}, {&(0x7f00000001c0)="24d394c2f1ceb7fe5e3f7ef47234c61e7af0cb6b9853be27a3db1ace90f0dc06cb2e0b847102e3b73a70fa281956d849aef8bf730d6512cdb53776df4723d97f08c480c5178d1b97d073afe4658a91515266a3c73b96b7998173916db231cf4e5a1a4c1598b3b96e4cb72935bda47f884e667bc824bbfa7d8f3a3dfc07a2e8a4fee5efd7939f12bcf2ed7f8147687c870458a8603e05deb1e5c82fb1afedd6a4c502fe45914de69e02a225fd4da3a3388244c0a34786f1a46197506863fbb6e3e76c8635ae255001c76a74a452625064c681c8e77a6a9f83f77a0f4930b5dfcf073b0b0ae6297ddd9d501aac", 0xec}, {&(0x7f00000002c0)="3c97f6fd4ff5b0f00e8fbc64198c12b6bf6e9d37549568c110b8bdc2d566cf314c9750fff548ffe16d66d2766e45c3720c40b774f4cbef7638ce9176811d513468b67a70edf6acdf221c151367c3760ab58fa83c80f9fb69dddac93ba3d09e9f2c7a3f00f74233c8d72cfc2e36b78d61b9d50eced933262e59d08e40a876151368a93b071690c67def0d1ff8e3960df63a2764a10c6f1870356b4893d2fb2cf112ba5589094f39e357b6759996054fc05db34ba564ed352b235b507e4cef03b604fd512623b10c26b64efb9123646295ed305a1e6c28", 0xd6}, {&(0x7f00000003c0)="5508fa84ade7f0a3761ee42a7b63a58fb5bedf4429b4c2ec18dd9638c8cb22e14b7cfccaa5cd027898dff8c76553e6442da068", 0x33}, {&(0x7f0000000400)="eabc3eac42292849c1d8b21f39723d8ce4e1064d879134e77173f7b2c7771f653d967de98a0d6b9f3500daaa602759772188a39156530145f185ba50bb6f181fc6d938", 0x43}, {&(0x7f0000000480)="bc4447ebb3100589e0e235d63b1f51b566e421b57c2bd351bd0e8ac4ff0e02f2c6f9322716abf1a16b7dabdba9a079662df24ed235ea5dd199531bde96b5bf7919737db8600748113a6e57a432e7d8af7181e6256ce127daf5d5abf9d63a1aa0966bd0b4ca6559fe2097a012c45712e0faa5cead96ecbd317dbf51101f4967bed76a7b736e78304fc8e3ebe453ac23432822cb696d93040127958cee8866f578ca8d20987c343f27aca63bc744c13ed53ea77d07aa7a2dabb87c71c87b96248a144bf2e8e7529db6d7ac7c6d01fe5089b01aee", 0xd3}, {&(0x7f0000000580)="879d6e", 0x3}], 0x8, &(0x7f0000000640)=[{0xf0, 0x112, 0x620, "6fca041845d104780b222c7ae9f491dd394728c3af9b3c7c7e228ed6d5fdec07ef5c5dcf35b30384ac52d7a8172a929b96a2a4737374e71d28f4d9723e013920ef5b2215ff034af2a76698f98d1a3664de8aec921e954555a32b1d63ac6b7b22cdbbd25807a3b626f8959acd736e0b874424e64d6f67d1abdb5fc0efa885f87995012539d7325cd45f42fdb1f99c118b815075209230460729ff9e3bd79534469027fb4c2760f78554598892665cc75dbe1d1249f5b8925b985837b10065002e18a84644116f44b2aee5d60e16ca45766d03ef12e9252c0a6aca"}], 0xf0}, 0x4c084) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) 01:50:00 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:50:00 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r1}, @void}}}, 0x24}}, 0x0) 01:50:00 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:50:00 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r1, r0, 0x9, 0x0) fallocate(r0, 0x0, 0x2, 0x3) pipe2(&(0x7f0000000000), 0x0) 01:50:00 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:50:00 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x1, 0x0, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:50:00 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 1007.379314] FAULT_INJECTION: forcing a failure. [ 1007.379314] name failslab, interval 1, probability 0, space 0, times 0 [ 1007.381859] CPU: 0 PID: 7531 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 1007.383364] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1007.385177] Call Trace: [ 1007.385791] dump_stack+0x107/0x167 [ 1007.386596] should_fail.cold+0x5/0xa [ 1007.387441] ? alloc_vfsmnt+0x23/0x680 [ 1007.388300] should_failslab+0x5/0x20 [ 1007.389133] kmem_cache_alloc+0x5b/0x360 [ 1007.390034] ? copy_tree+0x61a/0xa60 [ 1007.390853] alloc_vfsmnt+0x23/0x680 [ 1007.391666] clone_mnt+0x6c/0xce0 [ 1007.392416] copy_tree+0x3b0/0xa60 [ 1007.393208] copy_mnt_ns+0x144/0xa00 [ 1007.394039] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1007.395087] ? kmem_cache_alloc+0x2b4/0x360 [ 1007.396028] create_new_namespaces+0xd6/0xb20 [ 1007.397011] copy_namespaces+0x39e/0x480 [ 1007.397907] copy_process+0x2549/0x67d0 [ 1007.398774] ? find_held_lock+0x2c/0x110 [ 1007.399679] ? __cleanup_sighand+0xb0/0xb0 [ 1007.400615] ? _copy_from_user+0xfb/0x1b0 [ 1007.401530] kernel_clone+0xe7/0xa20 [ 1007.402389] ? __lockdep_reset_lock+0x180/0x180 [ 1007.403539] ? create_io_thread+0xf0/0xf0 [ 1007.404580] ? ksys_write+0x21a/0x260 [ 1007.405508] ? lock_downgrade+0x6d0/0x6d0 [ 1007.406549] __do_sys_clone3+0x1e5/0x320 [ 1007.407541] ? __do_sys_clone+0x110/0x110 [ 1007.408582] ? rcu_read_lock_any_held+0x75/0xa0 [ 1007.409734] ? vfs_write+0x354/0xa30 [ 1007.410652] ? fput_many+0x2f/0x1a0 [ 1007.411540] ? ksys_write+0x1a9/0x260 [ 1007.412487] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1007.413809] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1007.415071] ? trace_hardirqs_on+0x5b/0x180 [ 1007.416120] do_syscall_64+0x33/0x40 [ 1007.417020] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1007.418272] RIP: 0033:0x7f48f386eb19 [ 1007.419167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1007.423588] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1007.425420] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 1007.427146] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 1007.428838] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 1007.430542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1007.432237] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:50:00 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r1}, @void}}}, 0x24}}, 0x0) 01:50:00 executing program 5: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r2) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:50:01 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 86) 01:50:01 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, 0x0, 0x0) 01:50:01 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x140}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) [ 1007.623405] FAULT_INJECTION: forcing a failure. [ 1007.623405] name failslab, interval 1, probability 0, space 0, times 0 [ 1007.624855] CPU: 1 PID: 7596 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 1007.625697] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1007.626700] Call Trace: [ 1007.627029] dump_stack+0x107/0x167 [ 1007.627481] should_fail.cold+0x5/0xa [ 1007.627954] ? create_object.isra.0+0x3a/0xa20 [ 1007.628513] should_failslab+0x5/0x20 [ 1007.628988] kmem_cache_alloc+0x5b/0x360 [ 1007.629488] ? __lockdep_reset_lock+0x180/0x180 [ 1007.630077] create_object.isra.0+0x3a/0xa20 [ 1007.630628] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1007.631256] kmem_cache_alloc+0x159/0x360 [ 1007.631770] alloc_vfsmnt+0x23/0x680 [ 1007.632243] clone_mnt+0x6c/0xce0 [ 1007.632686] copy_tree+0x3b0/0xa60 [ 1007.633176] copy_mnt_ns+0x144/0xa00 [ 1007.633681] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1007.634322] ? kmem_cache_alloc+0x2b4/0x360 [ 1007.634907] create_new_namespaces+0xd6/0xb20 [ 1007.635510] copy_namespaces+0x39e/0x480 [ 1007.636056] copy_process+0x2549/0x67d0 [ 1007.636589] ? find_held_lock+0x2c/0x110 [ 1007.637149] ? __cleanup_sighand+0xb0/0xb0 [ 1007.637740] ? _copy_from_user+0xfb/0x1b0 [ 1007.638306] kernel_clone+0xe7/0xa20 [ 1007.638807] ? __lockdep_reset_lock+0x180/0x180 [ 1007.639422] ? create_io_thread+0xf0/0xf0 [ 1007.639990] ? ksys_write+0x21a/0x260 [ 1007.640502] ? lock_downgrade+0x6d0/0x6d0 [ 1007.641069] __do_sys_clone3+0x1e5/0x320 [ 1007.641605] ? __do_sys_clone+0x110/0x110 [ 1007.642165] ? rcu_read_lock_any_held+0x75/0xa0 [ 1007.642784] ? vfs_write+0x354/0xa30 [ 1007.643272] ? fput_many+0x2f/0x1a0 [ 1007.643753] ? ksys_write+0x1a9/0x260 [ 1007.644258] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1007.644953] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1007.645644] ? trace_hardirqs_on+0x5b/0x180 [ 1007.646220] do_syscall_64+0x33/0x40 [ 1007.646719] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1007.647400] RIP: 0033:0x7f48f386eb19 [ 1007.647904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1007.650351] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1007.651354] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 1007.652300] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 1007.653232] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 1007.654149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1007.655091] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:50:01 executing program 5: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r2) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:50:01 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r1}, @void}}}, 0x24}}, 0x0) 01:50:01 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, 0x0, 0x0) 01:50:01 executing program 5: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r2) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:50:19 executing program 5: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r2) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:50:19 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) getsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000e80)={@private2, 0x0}, &(0x7f0000000ec0)=0x14) sendmmsg$inet6(r0, &(0x7f00000011c0)=[{{0x0, 0x0, &(0x7f0000000a80)=[{&(0x7f0000000780)="3f4b795f003df446a5612cf9a6af004ca4e87856e90eeaa0dd28113b6664595675e8b9a667ca3bd92de68fd16f4fcafecc", 0x31}, {&(0x7f00000007c0)="c39c5a5406ad3278180a46607f7579bcdc44ca19e4f54aab691a6b4d75793af149efcc179beb4e7c50f3d084e330728530075c9e04e8477fee555f6c20cdfceb8120bf3f18d128ed2ea87100bd85edea8e8490f316761759e597c5865f3c74de5636408c648f149934602074301b76276e89fc26892659d6113888d48a88a0b5411f5f33867b15beca564879bf0faec27c14c1e31589d5568e740f87352d3938738ebfbfd733712c0d537a2234a5a4d8a5f17ea29c7fd948986571", 0xbb}, {&(0x7f0000000880)="6afb6cb2dbbafaaf5a7479920ad2134e809697539413314e5065d99f6c9ef59f1e37aa86a186a004eab5b01cff41b0fe05cd1f856e6ff6b4dfc805ba64871258f808200ac393102a1b7c7d5db51a07c91b1199caf04b324a00839cc497444775fa64af61d66ccf", 0x67}, {&(0x7f0000000900)="774245719ebed25af5a40d25614ec3ed568b0c384b6018f370d4711115bebe491951fbd4add471e182df51ccb6c76d8581c977feff5d82b26a6058dc6df2d6f55cc6e1ad5a505142ee0a42722da279b3acd784484544752f5cc402ca4bea2a6deb68ed79db88e445c0af02d1a2f9e0f4", 0x70}, {&(0x7f0000000980)="ad45f362df79b3fdffe09e3141bfdc3d9b1d15bf5b1fb261cc3e45c66b358d62f9a3728738fa6e69ec9beea47f66636824c2a26223a0dfdeb15ae5cc351dbe15fca8", 0x42}, {&(0x7f0000000a00)="f7bf5885dfa099ecb251746f3576ad1910d085a981e5e50844f34e3b216623cd496789bde5e9ea39099355f54ab8011045c1ef2eaa27e51f0cfd0d0a3eaf09d99417f1c3824694", 0x47}], 0x6}}, {{&(0x7f0000000b00)={0xa, 0x4e20, 0x3b5, @empty, 0x3}, 0x1c, &(0x7f0000000e40)=[{&(0x7f0000000b40)="44ea4d728a2951afe1822105077fbeabae9ef8a5902d98e34fc8daae90357edd33587ae83f858fc829f77378195ff7347a3cd1b79d3f0fc814562795429a32bb21dd5d7b1ecaa67c5c6878b8caa636b96307b2936919c24bd50e46d87366667fef1ba2cae60f9d7749ff3232def0630aa61375f7f716d984639dd892f41591603fc55c52dffbcc550192151999f5c2f794f313f5c5b6b7ef37f3ac6358a4420013652c70a4978c6637d50b5704dc5cb9a26e0fb4f62860c2d8a99c6eae20a8d0905dddf211f25bbf1583e1c53ec8bec809263dbe32829e7b01bc5cb4b46dc2", 0xdf}, {&(0x7f0000000c40)="de049b5eb216cf2058bf45a02d292a2211d3ab6df2011eeb75aef87f81432a4780b8b074f81fba3fe85fe43441d74e3b9f2c3b8fe4b637f3db190e278a823ebec913210d8b4efd5792f6bf29ff6e2865a27a6bdb4a270c716c6dddc9c0cea14907082815825539b314f9f0373f40e0822c21687455b3b5a8c891ab3a7aa7cb78c670dc836abe1f82e2b8b9f646b74ca5e20f5067d91475485db5e54951bce614064cec54ddba32beee29d5e21fd3d36c67d6058bd3519e47d78a48f6bac5c1e0de3e62b11ea568137b91a9185345d1b55f0d65aae0ce137dc86e367e8f5ab8830c40f6b5049e5ef6be5c", 0xea}, {&(0x7f0000000d40)="099ccea3a45e4780bdb8b9f569fe393628b5a514e13e98e6069fc35ebfd8544da1d1d7cfab39b91dc7127863b8063d6085af0ac3abbf5ebf6670546123c8084f07edab2c66c0f568475bdba60b2c2e9ccb953324896644233aab82abdd2a53e87ab0e8e6ae322e0b98583c069bcf5440f032abac37cd005b3ffd9c3241687f6e674a6e45cbe4488d103f94ca29b55916842a2ef4b64aba243636d6aecf1169e52845c31d569e7566ba86fa3072ee37d37a10c68d2195e030020ce9c17714dd7dccf9b8cca38bfc1cf1115a5430c4079d40b030", 0xd3}], 0x3, &(0x7f0000000f00)=[@hopopts_2292={{0x28, 0x29, 0x36, {0x67, 0x1, '\x00', [@pad1, @enc_lim={0x4, 0x1, 0x1}, @ra={0x5, 0x2, 0x80}]}}}, @rthdrdstopts={{0x40, 0x29, 0x37, {0x6, 0x4, '\x00', [@generic={0x6, 0x22, "2ace46b0a75f9a88366e2e7a0457d03a673c3688b3715b2f13cef82082a02b9c8250"}]}}}, @pktinfo={{0x24, 0x29, 0x32, {@ipv4={'\x00', '\xff\xff', @loopback}, r1}}}], 0x90}}, {{&(0x7f0000000fc0)={0xa, 0x4e24, 0x100, @private0, 0x5}, 0x1c, &(0x7f0000001080)=[{&(0x7f0000001e00)="d9df65ca9e3e591bb47eca3da1e4d3ebf6a5f1d2f2560c04c024f60736604bed7365648fed820de445dbb9b1fb4c3cfd7d6b13437e57a4bf017a2b734a2bc1eac299afcb27f53fdd68485027f3ae5ef73165bfca5a2f462f705c2a12f0bcf79beb23e70fd63f6429c3641119f0f09beda6fbe0b340f9fcdf073c7478569e40d4ab1f1500c0f4b90d5156a42653446803487ec2dc5150faf560bcd882a8aadcac267a9794e550cbc2e31c769667a5e43ec7e4e84284d0adf51797722cfb96f0b1576e4b747a6758348a6d262a5f5d95912e028036cf260d737c3bc927581c841986f3abf907fd8bb69cef3175ddd0ceb6602616660bad1e239433d2658d07e624bdaf8601ffb56fd9bf7f8ece698ddf177a75ae086ffd85d9d96d37bfa69f1e0a13ac4b06b431eff30b5fe854c60eb4998e453c343a273b2aac58531d6902899c832d76d6ef3eb6642671ce8d97133410f2af45db31e7eba824c423f63220ddfac2c799e453c07469691cded6ef1a0fdf169c0ccebd096e6fc21ca118b5c044dcded8a78cea0df9581f05d8a7babf1eaf3cf68d5acca53d471e90ea6f50099e7e8872acb7939c0b1f2c96938651b914c2d56c3eb4ea84c5317c6916a70855ddb7b8d7ab756319b0ddf8238034a310736e7d50271718066475269cc77a5b236533d2df3368bc6fd315a33552c8c98a9b343854681f415e2288a94f9f1d63d5e067f9c09a97ac27af404e6379820deca26f5a2bdd01055685aa41fbb51682dbe80f2b486ecf8a0f29225c293b0b4e056050d52f75e6e04b27771105ab0f0b292909fa964385a87eed5b7f49772485fe657f9f77eb3590c35fd7fc367e919edb830df0577ae31a8b03a026ef01c4db060bd4a0b39a8c3b60c5348d602415363a0782457a2bfa50cbeeb34a7cce9c65f1bdc248f11c26e48ecdfad24b7823d37baae148ebc2b4500c82a68f6eb8de1eae00d0e4483c07e7d9cc7c7c56a98442485500e6bd7b14f44fad89968e830697a44383b3988aeb6e60f9b8196d9cd7d3e4e51f8d9351e70bd113b6cbcbc21bbfc327adb295bc85b9b76533d27cb7fb73a536c2afcfe84d6f0c2005a420e606c24813a74be1021e67591cc6d8c08f7518fd9df9dea6a058695e8a101867261574176c1711ab7e3ef59883a55d25519427d31fe74381297ce46c02c366437a89dfdae08a3011fd4e32c7a1828e52af042b6c22232f2578ebeb009c1e578a05e81e7df2fd839e5feae1a064dd0d5eafa864fa111f80ecba4ebd2a53d09475b4ea24ebd396c782af66218bf59b0b9e99389fee8d40efbec80c659af3f36ca0d80f36078c9c918dc7f49c3cb4a76ab265eafefba9c3977e2c90c85c4236985b2d989f51286b9df28b391e62be6fa637a738c7dc80225c5b2474f967b819bdf2145697f19321151bed1d8c49183247b63a13245d42af205e4c4f22c4d792ca650209b488670c2eed83d2d1353e9d6fbbc7ee5c9f00cc7ff7576638183714e959f532868c6c1b4905bdb85ecdd3b1ade0e18138da4b3ef745133badc9ad27dbb0ee1a1ec207573baba06adb06f5ab130560dd5fc041da4acaa8aa75e108f0e508d4bcf0cedb7d4f0d267e4171aadd1a0da187c3078d1d46f26deafa0ac2c0064969fdadc54ae74ef5d29a9ae5a164d54085c0144ef4ce2d0a0757e40ee675e482c31e36056e2cb8dbf458d0c472ef2aea3277eaba157df40b71e17fa0dcda966c7740f10acf4a77320a68f18d90d096bc7063d3a6d46ee6c9ecdc040c1609ec74d40c29849fc91379810903c6628a653515e7d241d2db0cd7d03e290ef0a8a1ff9458c2252e27f75d663429ee4053e974ea45520a884dc9aa0178227fbfd42bf2c15e92a023b4640ae3c5c632d051818531c8176babfaae9bedc98a72849f7c70fba0456088fdd4b3caccf213fd80a493ab62c05585b62623f91077fc0c9acbf90c222672688dbc4de9100492a8e1b0757eedba8ec7ba23ef658fddcc82c3454022169f2f1e9ec9c53063827eb020e658dd90d0ccac8e687872b6079ca808a74fc9659af5d824df2b58391e869075c79487ee8b58289d5231c7df596de3c97a2fd251f5ddb8991c53f55281e47dea384515db3a022a50363180c792445e25464ba7954ea73d9cf0952f0e67faa822a885ac73fab6c58f87db85e6a3f7bace2b3d454bef5ede6368d4cc6d7bddb65b5a06ea93546be9c6a524ee2e906c25d8af160c89977b75254055e420dbe1ef650bd32b893b13c27f0f897fdc2d7e4c8e4396dcc9b9aa8cc1159cb87912a3a4cb56b78320fe870fa95c2003ed91caa5c7e6a79c5fea2761b3a3aaf6cb45b6997b5593e869c2263fe78414b322283ba7913aa6a8047a26a911c0e0a8c45db07d2fa326c25bf1ea6e16e4dd01de2d2fa58bd0d572fc53d823e83a09e34dbdfc48bc0e082d2825dbd023ef87d5ce1b2776767d9c5077bc67d577aa78af0850034bfdd71bb6965882fbfe8b8a3df05d44a58433a243c2a085e9794509cb1aad34a93465cb0bbce343766ba7f7ed141d4e6f8ca56ba4e27869e37d6b7c3456ab16e6e4b95db5300505dcd26fd9b54b0d57b74cc7d247db9e23b660f8af8cdfbb213cbb951f79e0306be95cee2d31e82df1eadbd9dfdf540ddadcd6f8909283a38f09b1c3587eae0b8c859999e6dae188024b46cbeb0f45462cae0706c2552cdbd11d8e3bd0ecef6973752a5ea522184b058ac56e17f17a0ae5daa3f267da7a54f98c29176c6ebf6f252057acada93337e150fa9f9fc707bb79e842c9afa9f4f12aaf4a1e7b373251d88e490b33195a49c99614b61b2a539b8d688d70d997d960c30827ebfb890a068421f86710088cd5d2c7903df93256c57720c5c4bcedc06e0d648bdc1132148f4d1351f1b8c0d3b7553d51832f31a5b2bc68559600300b9baec436212c5a2f3aa00736ae325b8dc38ee061148caeaa0ebd9ef826652b372f8a42f092ddae82ddc873ec9179771f231a4682073cb5c8886d08d9f11e3c98e2d51393618553da0bd26a64b27e77367a5e5e34ee09a36e0de9f0ed6d655356bf3f5da64cb57e64b12ff3542cf5f0e59801aacca54859836bdf98b67f42c5fdf93a6a969899a02d8ecc64ea2d724407f9a087cfbff3352869fbe636f36427bcd6dcaca6b123bfc58fcb224463cc9c3bbe97f295f1bbdb215ab38c32f302ff5f10e345eca79e85ec7adb75eda124fbc014075543cd93000431b095e1d80fd5653d53026ab6ff542340348d05a2c59a1bf0139834604e0d86ecb3354d5ad4067dcfff124c59b158578182df57dd6bce4b32112542d271a417970f18b1af5e3bac910e8bb77cca22072c0abc2a826455897bd40e7692d69f4f07c741b9f65d942454cd4eac4e13f8990bfed9afd1de3259e75162b9fe0567cb43ef50d5e0e6d4234d61421792a43aa973e9bc60c723b060ae778c257994911c88678feb04b9d4ac06d5bc3fec1e2989ef543c87e3b12bf2efe416437677eeae076aa35d7bbff5e79702514b283ea241b5ee95801cce46b0bf22227792c16806f23ed32906b8f9780cdb262e66ddab4594d0deebd7161a4a649ba8b40399198fd2557e68547b9f50baa1306caf3c526f295108428f82420c468e4da1097d07109c287757b44cb98c45a05eb7b098815f5f7bfd4181742f50476613c9678305f4e4ea0f503175442f0f3b39103e5c7caa9bb8087fc2b7eb107f599ec9b0ae20e77f4dcf81e77024c396e05fea87c5ea2f9c1b183272b6304b7a911ed2db80b9aa5573536faf02eace08ac8783e55935a26c4a25ff073c7498b12dc256a3414e486711e1e3c5f35bdfeaf0671e0227166ee5fc5421647cd8f8c64d58c47ba2e6b1f7f72e2da51f4a0ec8037877c9c952fa8171cf55dcf3f67045f5374055cbacaf2aa5dc03e56f2505ef1dc96f2d10251a35e592ff1ef69e9279b6a8cb77bf6116242d865e2e9d141485ce31414ea4c6a85c363facda988298f04271f060e564bb6b1087fca7b63e19e8f335ffc4c94396dbbf6dda245087772337364f738bb9dc12ecadf14381d33f338d52ba67ec707fcf5ad7b0742c365936647e07a43e60ad5b319ae08f971d296481c354c905d1611c0d527146828b14d72f14c039954cd7e2d16873077833004a8ddd778333d73a2d35cb31db7e4e1de02dee5af48970ccb285fcd45e42e906a63de53f21c5497a52233c63471b7cd7b4f966faf5a2761e3626b54a7ef8a02cc514f9a6d7743bf2b0d0a7ff0cd879315f2abc767c319596e9d147af3cb11643d2880cc9e48f751f99e705a32695cfd37c7b434203be2dad82c5d196b8f3a3a56735f695eaa049506a60b56a0f599003f99c12a8b93c52cd12ff94bb6bd0801a9b428d992e02261aaa0090a3cbed66fd3c0a6bc7c02dd035d4afe973931dc8935349659c2d1ed04eadf0d785075dcb38dbdc415653817c42d54dc32b2b137cf0fb67d12d44f6ad8aff63742962d2a364b8b223cdd2d0156e8a936406bd000ed0b435e6c558bbf4ab52df12eae836c97b665e5645fb8827bc243c85fca620ad5d58193d2cb671340c85ba04bf8c4953685f440695ee42adc8c721a423d46cde12b714e3eec0dfd212394e592801af441bbee4e6d526901f9165033f5601f7a781dee7ada1d0b1d301e10fd14eecb049c77194dfb00b32d8dc317acacb968275bac3e49a4569192d12a9d7e7361291eb69f2bffa7137d0524048998e5b89596758067113db710b36d33fe25471ae6240c60fd282e365dab251bf86047613f0f2561b057a98d8e548061b67ae086a31af414afc15dd5b8e34f57c334e05221b7251070d1d90fb1929d87915f99dc4aeac6d326c573113a9b2199b865f1be0a1ec8c58edb1e7971567f12ef76d885644773208ea85595012980698ffd1566bbc76fc08b919be326c08f616fbedfa29dc79e4c1d621e16b171e8f3e1f9b9456a973b8e92399d09bc0a4c9d51993eba55f81b641ccd41d830cb7b4e4a2c260a134af8fa99b5b6a09fdcb4cc630351ad54f1587aecc42a22a407e8586dde42f91d5b7f00556d3007554ad2aff6dde12e6125929b32ade8fe8e03863395f21652fb3beb17eec66d2e673c30210ef999b34028bc782c2e8900c06a120a586929022c4a5124e1c9c6772dafa4b39c52a2b0ce2c36fd15e477d570693cacbecfe67fb0dd617774091ff7da4de9f56319d5d5fb31e6bed19b5d6cd4de73cd80ed0656e44c847afc00586343ac35d192c2a2a08479f2897c3b57115674b3ca0186a00a61ed8cb7c6e87b278216145f76f85d8b337f451d84a106c3faeaedd44da27180da6cd754b920465d818a11df3b249fd67fa0d2b6a0cf16ca0b12e2e5c391f50ebb33036ec28912dd877b80994f78cab966ab015edffe157f230baef884b2ddb3a82ad6da1ebf9f8135f4d03408b9c7079e53e17350cecc243221c744ca490b27ec525113e97189e6fbaf271b29287221473cf7c9565c18c620504280650469a93db8369af3063b842df08822f77d57e416c8c17a72dcca7994ab62bc60490c1ad819c86536ca4b19784193da1b22211f8e777c8d671b2c9cfd0e52738e58d27b7c70c25dc01f427e10421271e2d7f7fc8af0ad81932a36a60e68b82e41da23d1afb9dba2d115c8e575d6e66a34f20d532565f22c8914be240ac17dd794675a8f42688fb5ef6da0b86698728f33e78ecc7ba13ffe1a3c4170e8b313ca453cd299f538666191bf4888108a35d25cac2759563e638217182e240707e5009654df7670c67b8cf06be13c3fb27d1eb764557", 0x1000}, {&(0x7f0000001000)="6e44c2cd640f32ef8b22db20f31aed9e283acfdc8782e7ecf28de08f3512007c66dd12b49baa266fd71474f32957c3027918f0cfca8a2e51ca593b6b1beaa8623235f1d28ef9c0658e6013a66754f95d916d7b2e42fc4675b698a51677d307ab50b131fc8c91cf", 0x67}], 0x2, &(0x7f00000010c0)=[@hopopts_2292={{0x68, 0x29, 0x36, {0x87, 0x9, '\x00', [@calipso={0x7, 0x48, {0x1, 0x10, 0x1, 0xb0, [0x857, 0xffffffffffffffff, 0x8, 0x8, 0xfffffffffffffff7, 0x20, 0x5, 0x5]}}]}}}, @rthdr_2292={{0x78, 0x29, 0x39, {0x64, 0xc, 0x2, 0x4, 0x0, [@private1={0xfc, 0x1, '\x00', 0x1}, @empty, @local, @local, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @empty]}}}], 0xe0}}], 0x3, 0x4801) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r3, r2, 0x9, 0x0) ftruncate(r2, 0x7) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r5, r4, 0x9, 0x0) r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000001280)='/sys/module/nf_conntrack_ftp', 0x80000, 0x110) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r5, 0x2405, r6) ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0xfffffffffffffff9) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x8000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x11, &(0x7f00000004c0)=[{&(0x7f0000000080)='K', 0x1}], 0x1}, 0x200000}], 0x7ffff000, 0x0) r7 = creat(&(0x7f00000000c0)='./file0\x00', 0x43) copy_file_range(r0, &(0x7f0000000000)=0x3, r7, &(0x7f0000000100)=0xfffffffffffffffe, 0x6, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000000c0)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x4, 0x4, 0x4, 0x4, {0xa, 0x4e24, 0x9, @empty, 0x8}}}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000140)="7bd9d0b0f9eefe6614f249f7d8d9ac85075341b0a663334583f5ec933678a445b5803fb3f675cf8562609cb3171570e151b742c88481bb5c9c4d98c8d7bdbb5b6dbdc6500318195b1353e501154b2cd85411e8a48f7d0e2400d12b46dfea59df5208b1e7fa0ab549ff6e65", 0x6b}, {&(0x7f0000000040)="0d7657351e6c448eb0eb325d1597519fdf0c79020e81822af8970274a5d0ad9362ce4d9a0c91f3f076791fbfcc8690a978e6ea254b9e500a16", 0x39}, {&(0x7f00000001c0)="24d394c2f1ceb7fe5e3f7ef47234c61e7af0cb6b9853be27a3db1ace90f0dc06cb2e0b847102e3b73a70fa281956d849aef8bf730d6512cdb53776df4723d97f08c480c5178d1b97d073afe4658a91515266a3c73b96b7998173916db231cf4e5a1a4c1598b3b96e4cb72935bda47f884e667bc824bbfa7d8f3a3dfc07a2e8a4fee5efd7939f12bcf2ed7f8147687c870458a8603e05deb1e5c82fb1afedd6a4c502fe45914de69e02a225fd4da3a3388244c0a34786f1a46197506863fbb6e3e76c8635ae255001c76a74a452625064c681c8e77a6a9f83f77a0f4930b5dfcf073b0b0ae6297ddd9d501aac", 0xec}, {&(0x7f00000002c0)="3c97f6fd4ff5b0f00e8fbc64198c12b6bf6e9d37549568c110b8bdc2d566cf314c9750fff548ffe16d66d2766e45c3720c40b774f4cbef7638ce9176811d513468b67a70edf6acdf221c151367c3760ab58fa83c80f9fb69dddac93ba3d09e9f2c7a3f00f74233c8d72cfc2e36b78d61b9d50eced933262e59d08e40a876151368a93b071690c67def0d1ff8e3960df63a2764a10c6f1870356b4893d2fb2cf112ba5589094f39e357b6759996054fc05db34ba564ed352b235b507e4cef03b604fd512623b10c26b64efb9123646295ed305a1e6c28", 0xd6}, {&(0x7f00000003c0)="5508fa84ade7f0a3761ee42a7b63a58fb5bedf4429b4c2ec18dd9638c8cb22e14b7cfccaa5cd027898dff8c76553e6442da068", 0x33}, {&(0x7f0000000400)="eabc3eac42292849c1d8b21f39723d8ce4e1064d879134e77173f7b2c7771f653d967de98a0d6b9f3500daaa602759772188a39156530145f185ba50bb6f181fc6d938", 0x43}, {&(0x7f0000000480)="bc4447ebb3100589e0e235d63b1f51b566e421b57c2bd351bd0e8ac4ff0e02f2c6f9322716abf1a16b7dabdba9a079662df24ed235ea5dd199531bde96b5bf7919737db8600748113a6e57a432e7d8af7181e6256ce127daf5d5abf9d63a1aa0966bd0b4ca6559fe2097a012c45712e0faa5cead96ecbd317dbf51101f4967bed76a7b736e78304fc8e3ebe453ac23432822cb696d93040127958cee8866f578ca8d20987c343f27aca63bc744c13ed53ea77d07aa7a2dabb87c71c87b96248a144bf2e8e7529db6d7ac7c6d01fe5089b01aee", 0xd3}, {&(0x7f0000000580)="879d6e", 0x3}], 0x8, &(0x7f0000000640)=[{0xf0, 0x112, 0x620, "6fca041845d104780b222c7ae9f491dd394728c3af9b3c7c7e228ed6d5fdec07ef5c5dcf35b30384ac52d7a8172a929b96a2a4737374e71d28f4d9723e013920ef5b2215ff034af2a76698f98d1a3664de8aec921e954555a32b1d63ac6b7b22cdbbd25807a3b626f8959acd736e0b874424e64d6f67d1abdb5fc0efa885f87995012539d7325cd45f42fdb1f99c118b815075209230460729ff9e3bd79534469027fb4c2760f78554598892665cc75dbe1d1249f5b8925b985837b10065002e18a84644116f44b2aee5d60e16ca45766d03ef12e9252c0a6aca"}], 0xf0}, 0x4c084) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) 01:50:19 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r1, 0x0, 0x0) 01:50:19 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 87) 01:50:19 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, 0x0, 0x0) 01:50:19 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:50:19 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:50:19 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x0) ioctl$FIGETBSZ(r0, 0x2, &(0x7f0000000040)) [ 1026.113890] FAULT_INJECTION: forcing a failure. 01:50:19 executing program 5: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r2) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 1026.113890] name failslab, interval 1, probability 0, space 0, times 0 [ 1026.115625] CPU: 1 PID: 7687 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 1026.116562] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1026.117795] Call Trace: [ 1026.118187] dump_stack+0x107/0x167 [ 1026.118712] should_fail.cold+0x5/0xa [ 1026.119258] ? create_object.isra.0+0x3a/0xa20 [ 1026.119915] should_failslab+0x5/0x20 [ 1026.120461] kmem_cache_alloc+0x5b/0x360 [ 1026.121049] create_object.isra.0+0x3a/0xa20 [ 1026.121683] kmemleak_alloc_percpu+0xa0/0x100 [ 1026.122316] pcpu_alloc+0x4e2/0x12f0 [ 1026.122841] alloc_vfsmnt+0xfd/0x680 [ 1026.123353] clone_mnt+0x6c/0xce0 [ 1026.123836] copy_tree+0x3b0/0xa60 [ 1026.124335] copy_mnt_ns+0x144/0xa00 [ 1026.124876] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1026.125560] ? kmem_cache_alloc+0x2b4/0x360 [ 1026.126173] create_new_namespaces+0xd6/0xb20 [ 1026.126806] copy_namespaces+0x39e/0x480 [ 1026.127380] copy_process+0x2549/0x67d0 [ 1026.127939] ? find_held_lock+0x2c/0x110 01:50:19 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 1026.128534] ? __cleanup_sighand+0xb0/0xb0 [ 1026.129221] ? _copy_from_user+0xfb/0x1b0 [ 1026.129841] kernel_clone+0xe7/0xa20 [ 1026.130367] ? __lockdep_reset_lock+0x180/0x180 [ 1026.131031] ? create_io_thread+0xf0/0xf0 [ 1026.131627] ? ksys_write+0x21a/0x260 [ 1026.132163] ? lock_downgrade+0x6d0/0x6d0 [ 1026.132747] __do_sys_clone3+0x1e5/0x320 [ 1026.133321] ? __do_sys_clone+0x110/0x110 [ 1026.133925] ? rcu_read_lock_any_held+0x75/0xa0 [ 1026.134577] ? vfs_write+0x354/0xa30 [ 1026.135111] ? fput_many+0x2f/0x1a0 [ 1026.135624] ? ksys_write+0x1a9/0x260 [ 1026.136168] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1026.136898] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1026.137615] ? trace_hardirqs_on+0x5b/0x180 [ 1026.138248] do_syscall_64+0x33/0x40 [ 1026.138781] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1026.139495] RIP: 0033:0x7f48f386eb19 [ 1026.140022] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1026.142599] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1026.143670] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 1026.144660] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 1026.145661] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 1026.146673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1026.147658] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:50:19 executing program 5: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r2) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:50:19 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r1, 0x0, 0x0) 01:50:19 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:50:19 executing program 5: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r2) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:50:19 executing program 4: sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, 0x0, 0x400, 0x70bd26, 0x25dfdbfe, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0xc1}, 0x4800) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040)={0x0}, &(0x7f0000000140)=0xc) perf_event_open(&(0x7f00000000c0)={0x4, 0x80, 0x2, 0xb3, 0x8, 0x5, 0x0, 0x401, 0x4000, 0xc, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x4426}, 0x5000, 0x100000000, 0x3b20, 0x6, 0x4, 0x61e2, 0xc4, 0x0, 0xffff, 0x0, 0x6}, r2, 0x6, r1, 0x1) tee(r1, r0, 0x9, 0x0) ftruncate(r1, 0x401) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) 01:50:49 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r1, 0x0, 0x0) 01:50:49 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x0, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:50:49 executing program 5: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r2) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:50:49 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/custom1\x00', 0x0, 0x0) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f00000000c0)={0x0, 0x0, 0x3, 0x0, '\x00', [{0x8000, 0x8, 0xffffffff, 0x4, 0x7fff, 0x1f}, {0x101, 0x0, 0x620, 0x0, 0x5, 0x61}], ['\x00', '\x00', '\x00']}) pipe2(&(0x7f0000000000), 0x0) 01:50:49 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:50:49 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 88) 01:50:49 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:50:49 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:50:49 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) [ 1056.552965] FAULT_INJECTION: forcing a failure. [ 1056.552965] name failslab, interval 1, probability 0, space 0, times 0 [ 1056.555456] CPU: 1 PID: 7832 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 1056.556839] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1056.558554] Call Trace: [ 1056.559099] dump_stack+0x107/0x167 [ 1056.559858] should_fail.cold+0x5/0xa [ 1056.560637] should_failslab+0x5/0x20 [ 1056.561412] __kmalloc_track_caller+0x79/0x3c0 [ 1056.562346] ? kstrdup_const+0x53/0x80 [ 1056.563141] kstrdup+0x36/0x70 [ 1056.563798] kstrdup_const+0x53/0x80 [ 1056.564552] alloc_vfsmnt+0xb5/0x680 [ 1056.565313] clone_mnt+0x6c/0xce0 [ 1056.566113] copy_tree+0x3b0/0xa60 [ 1056.567045] copy_mnt_ns+0x144/0xa00 [ 1056.567964] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1056.569147] ? kmem_cache_alloc+0x2b4/0x360 [ 1056.570231] create_new_namespaces+0xd6/0xb20 [ 1056.571161] copy_namespaces+0x39e/0x480 [ 1056.572163] copy_process+0x2549/0x67d0 [ 1056.572989] ? find_held_lock+0x2c/0x110 [ 1056.574007] ? __cleanup_sighand+0xb0/0xb0 [ 1056.574912] ? _copy_from_user+0xfb/0x1b0 [ 1056.575821] kernel_clone+0xe7/0xa20 [ 1056.576571] ? __lockdep_reset_lock+0x180/0x180 [ 1056.577510] ? create_io_thread+0xf0/0xf0 [ 1056.578383] ? ksys_write+0x21a/0x260 [ 1056.579151] ? lock_downgrade+0x6d0/0x6d0 [ 1056.579990] __do_sys_clone3+0x1e5/0x320 [ 1056.580808] ? __do_sys_clone+0x110/0x110 [ 1056.581663] ? rcu_read_lock_any_held+0x75/0xa0 [ 1056.582625] ? vfs_write+0x354/0xa30 [ 1056.583380] ? fput_many+0x2f/0x1a0 [ 1056.584120] ? ksys_write+0x1a9/0x260 [ 1056.584928] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1056.586313] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1056.587650] ? trace_hardirqs_on+0x5b/0x180 [ 1056.588778] do_syscall_64+0x33/0x40 [ 1056.589668] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1056.590814] RIP: 0033:0x7f48f386eb19 [ 1056.591582] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1056.595422] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1056.596967] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 1056.598446] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 1056.599898] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 1056.601339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1056.602834] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:50:49 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r1, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) 01:50:50 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) 01:50:50 executing program 2: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x0, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:50:50 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000200)='./file0/../file0\x00', 0x40000, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x3ee5, 0x0, 0x1, 0x332}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, 0x0, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getdents(r0, &(0x7f0000001180)=""/4091, 0xffb) 01:50:50 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r1, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) 01:50:50 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 89) [ 1056.798890] FAULT_INJECTION: forcing a failure. [ 1056.798890] name failslab, interval 1, probability 0, space 0, times 0 [ 1056.801594] CPU: 0 PID: 7853 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 1056.803201] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1056.805129] Call Trace: [ 1056.805754] dump_stack+0x107/0x167 [ 1056.806639] should_fail.cold+0x5/0xa [ 1056.807536] ? create_object.isra.0+0x3a/0xa20 [ 1056.808626] should_failslab+0x5/0x20 [ 1056.809520] kmem_cache_alloc+0x5b/0x360 [ 1056.810506] create_object.isra.0+0x3a/0xa20 [ 1056.811547] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1056.812754] __kmalloc_track_caller+0x177/0x3c0 [ 1056.813852] ? kstrdup_const+0x53/0x80 [ 1056.814795] kstrdup+0x36/0x70 [ 1056.815562] kstrdup_const+0x53/0x80 [ 1056.816452] alloc_vfsmnt+0xb5/0x680 [ 1056.817320] clone_mnt+0x6c/0xce0 [ 1056.818175] copy_tree+0x3b0/0xa60 [ 1056.819029] copy_mnt_ns+0x144/0xa00 [ 1056.819942] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1056.821050] ? kmem_cache_alloc+0x2b4/0x360 [ 1056.822073] create_new_namespaces+0xd6/0xb20 [ 1056.823144] copy_namespaces+0x39e/0x480 [ 1056.824113] copy_process+0x2549/0x67d0 [ 1056.825040] ? find_held_lock+0x2c/0x110 [ 1056.826029] ? __cleanup_sighand+0xb0/0xb0 [ 1056.827048] ? _copy_from_user+0xfb/0x1b0 [ 1056.828045] kernel_clone+0xe7/0xa20 [ 1056.828906] ? __lockdep_reset_lock+0x180/0x180 [ 1056.830010] ? create_io_thread+0xf0/0xf0 [ 1056.831010] ? ksys_write+0x21a/0x260 [ 1056.831906] ? lock_downgrade+0x6d0/0x6d0 [ 1056.832896] __do_sys_clone3+0x1e5/0x320 [ 1056.833841] ? __do_sys_clone+0x110/0x110 [ 1056.834876] ? rcu_read_lock_any_held+0x75/0xa0 [ 1056.835974] ? vfs_write+0x354/0xa30 [ 1056.836843] ? fput_many+0x2f/0x1a0 [ 1056.837683] ? ksys_write+0x1a9/0x260 [ 1056.838605] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1056.839812] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1056.841039] ? trace_hardirqs_on+0x5b/0x180 [ 1056.842068] do_syscall_64+0x33/0x40 [ 1056.842958] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1056.844174] RIP: 0033:0x7f48f386eb19 [ 1056.845033] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1056.849378] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1056.851204] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 1056.852875] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 1056.854565] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 1056.856264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1056.857969] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:50:50 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r1, r0, 0x9, 0x0) mmap$perf(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x4000010, r0, 0xfffffffffffffff8) mprotect(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0xb678cff553b68b8d) 01:50:50 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) (fail_nth: 1) 01:50:50 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r1, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) [ 1057.054852] FAULT_INJECTION: forcing a failure. [ 1057.054852] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1057.057362] CPU: 0 PID: 7861 Comm: syz-executor.2 Not tainted 5.10.164 #1 [ 1057.058788] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1057.060517] Call Trace: [ 1057.061124] dump_stack+0x107/0x167 [ 1057.061939] should_fail.cold+0x5/0xa [ 1057.062749] _copy_from_user+0x2e/0x1b0 [ 1057.063588] move_addr_to_kernel.part.0+0x31/0x110 [ 1057.064620] __sys_connect+0xda/0x1a0 [ 1057.065474] ? __sys_connect_file+0x1a0/0x1a0 [ 1057.066479] ? rcu_read_lock_any_held+0x75/0xa0 [ 1057.067506] ? vfs_write+0x354/0xa30 [ 1057.068333] ? fput_many+0x2f/0x1a0 [ 1057.069134] ? ksys_write+0x1a9/0x260 [ 1057.069981] __x64_sys_connect+0x6f/0xb0 [ 1057.070903] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1057.072038] do_syscall_64+0x33/0x40 [ 1057.072863] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1057.074003] RIP: 0033:0x7fa31633cb19 [ 1057.074844] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1057.078963] RSP: 002b:00007fa3138b2188 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 1057.080638] RAX: ffffffffffffffda RBX: 00007fa31644ff60 RCX: 00007fa31633cb19 [ 1057.082187] RDX: 000000000000000e RSI: 0000000020000000 RDI: 0000000000000004 [ 1057.083748] RBP: 00007fa3138b21d0 R08: 0000000000000000 R09: 0000000000000000 [ 1057.085311] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1057.086879] R13: 00007ffe037eddaf R14: 00007fa3138b2300 R15: 0000000000022000 01:51:09 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) (fail_nth: 1) [ 1076.539990] Zero length message leads to an empty skb 01:51:09 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:51:09 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) 01:51:09 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:51:09 executing program 4: r0 = perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x42692, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') fcntl$dupfd(r0, 0x0, r1) pipe2(&(0x7f0000000000), 0x84800) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000140)={0x0, 0x0}) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r4, r3, 0x9, 0x0) perf_event_open(&(0x7f00000000c0)={0x7, 0x80, 0x2, 0x0, 0x2e, 0x0, 0x0, 0xe5cd, 0x40801, 0x4, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_bp={&(0x7f0000000040), 0xc}, 0x10, 0x9, 0x4, 0x0, 0x400, 0x3, 0xfffc, 0x0, 0x0, 0x0, 0x8}, r2, 0x8, r4, 0x8) 01:51:09 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 90) 01:51:09 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) (fail_nth: 2) 01:51:09 executing program 5: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r2) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 1076.582671] FAULT_INJECTION: forcing a failure. [ 1076.582671] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1076.582852] FAULT_INJECTION: forcing a failure. [ 1076.582852] name failslab, interval 1, probability 0, space 0, times 0 [ 1076.585141] CPU: 1 PID: 7883 Comm: syz-executor.0 Not tainted 5.10.164 #1 [ 1076.589175] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1076.590876] Call Trace: [ 1076.591430] dump_stack+0x107/0x167 [ 1076.592183] should_fail.cold+0x5/0xa [ 1076.592975] _copy_from_user+0x2e/0x1b0 [ 1076.593793] move_addr_to_kernel.part.0+0x31/0x110 [ 1076.594807] __sys_connect+0xda/0x1a0 [ 1076.595579] ? __sys_connect_file+0x1a0/0x1a0 [ 1076.596490] ? rcu_read_lock_any_held+0x75/0xa0 [ 1076.597457] ? vfs_write+0x354/0xa30 [ 1076.598224] ? fput_many+0x2f/0x1a0 [ 1076.598980] ? ksys_write+0x1a9/0x260 [ 1076.599788] __x64_sys_connect+0x6f/0xb0 [ 1076.600636] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1076.601688] do_syscall_64+0x33/0x40 [ 1076.602461] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1076.603499] RIP: 0033:0x7fd2f4669b19 [ 1076.604258] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1076.608007] RSP: 002b:00007fd2f1bdf188 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 1076.609560] RAX: ffffffffffffffda RBX: 00007fd2f477cf60 RCX: 00007fd2f4669b19 [ 1076.611027] RDX: 000000000000000e RSI: 0000000020000000 RDI: 0000000000000004 [ 1076.612492] RBP: 00007fd2f1bdf1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1076.613939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1076.615418] R13: 00007ffed311acdf R14: 00007fd2f1bdf300 R15: 0000000000022000 [ 1076.616912] CPU: 0 PID: 7885 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 1076.618563] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1076.620515] Call Trace: [ 1076.621155] dump_stack+0x107/0x167 [ 1076.622030] should_fail.cold+0x5/0xa [ 1076.622955] ? create_object.isra.0+0x3a/0xa20 [ 1076.624048] should_failslab+0x5/0x20 [ 1076.624948] kmem_cache_alloc+0x5b/0x360 [ 1076.625911] ? __lockdep_reset_lock+0x180/0x180 [ 1076.627037] create_object.isra.0+0x3a/0xa20 [ 1076.628080] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1076.629290] kmem_cache_alloc+0x159/0x360 [ 1076.630283] alloc_vfsmnt+0x23/0x680 [ 1076.631196] clone_mnt+0x6c/0xce0 [ 1076.632029] copy_tree+0x3b0/0xa60 [ 1076.632894] copy_mnt_ns+0x144/0xa00 [ 1076.633783] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1076.634939] ? kmem_cache_alloc+0x2b4/0x360 [ 1076.635970] create_new_namespaces+0xd6/0xb20 [ 1076.637047] copy_namespaces+0x39e/0x480 [ 1076.638018] copy_process+0x2549/0x67d0 [ 1076.638975] ? find_held_lock+0x2c/0x110 [ 1076.639970] ? __cleanup_sighand+0xb0/0xb0 [ 1076.640975] ? _copy_from_user+0xfb/0x1b0 [ 1076.641956] kernel_clone+0xe7/0xa20 [ 1076.642848] ? __lockdep_reset_lock+0x180/0x180 [ 1076.643942] ? create_io_thread+0xf0/0xf0 [ 1076.644946] ? ksys_write+0x21a/0x260 [ 1076.645848] ? lock_downgrade+0x6d0/0x6d0 [ 1076.646842] __do_sys_clone3+0x1e5/0x320 [ 1076.647802] ? __do_sys_clone+0x110/0x110 [ 1076.648798] ? rcu_read_lock_any_held+0x75/0xa0 [ 1076.649879] ? vfs_write+0x354/0xa30 [ 1076.650780] ? fput_many+0x2f/0x1a0 [ 1076.651638] ? ksys_write+0x1a9/0x260 [ 1076.652544] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1076.653780] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1076.654999] ? trace_hardirqs_on+0x5b/0x180 [ 1076.656023] do_syscall_64+0x33/0x40 [ 1076.656901] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1076.658115] RIP: 0033:0x7f48f386eb19 [ 1076.659007] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1076.663337] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1076.665134] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 1076.666826] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 1076.668499] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 1076.670172] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1076.671853] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:51:10 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) 01:51:10 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) 01:51:10 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) (fail_nth: 2) 01:51:10 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x80000000000, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x77b}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f0000000040)) pipe2(&(0x7f0000000000), 0x0) 01:51:10 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r1}, @void}}}, 0x24}}, 0x0) 01:51:10 executing program 4: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') ioctl$HIDIOCGDEVINFO(r1, 0x801c4803, &(0x7f00000000c0)=""/136) fgetxattr(r0, &(0x7f0000000040)=@known='trusted.overlay.impure\x00', &(0x7f0000000180)=""/226, 0xe2) pipe2(&(0x7f0000000000), 0x0) 01:51:10 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r1}, @void}}}, 0x24}}, 0x0) 01:51:10 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 91) [ 1077.056234] FAULT_INJECTION: forcing a failure. [ 1077.056234] name failslab, interval 1, probability 0, space 0, times 0 [ 1077.058634] CPU: 1 PID: 7910 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 1077.060039] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1077.061736] Call Trace: [ 1077.062283] dump_stack+0x107/0x167 [ 1077.063068] should_fail.cold+0x5/0xa [ 1077.063859] ? create_object.isra.0+0x3a/0xa20 [ 1077.064798] should_failslab+0x5/0x20 [ 1077.065574] kmem_cache_alloc+0x5b/0x360 [ 1077.066416] create_object.isra.0+0x3a/0xa20 [ 1077.067341] kmemleak_alloc_percpu+0xa0/0x100 [ 1077.068262] pcpu_alloc+0x4e2/0x12f0 [ 1077.069048] alloc_vfsmnt+0xfd/0x680 [ 1077.069813] clone_mnt+0x6c/0xce0 [ 1077.070545] copy_tree+0x3b0/0xa60 [ 1077.071283] copy_mnt_ns+0x144/0xa00 [ 1077.072044] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1077.073019] ? kmem_cache_alloc+0x2b4/0x360 [ 1077.073907] create_new_namespaces+0xd6/0xb20 [ 1077.074859] copy_namespaces+0x39e/0x480 [ 1077.075694] copy_process+0x2549/0x67d0 [ 1077.076505] ? find_held_lock+0x2c/0x110 [ 1077.077368] ? __cleanup_sighand+0xb0/0xb0 [ 1077.078247] ? _copy_from_user+0xfb/0x1b0 [ 1077.079114] kernel_clone+0xe7/0xa20 [ 1077.079878] ? __lockdep_reset_lock+0x180/0x180 [ 1077.080828] ? create_io_thread+0xf0/0xf0 [ 1077.081696] ? ksys_write+0x21a/0x260 [ 1077.082477] ? lock_downgrade+0x6d0/0x6d0 [ 1077.083325] __do_sys_clone3+0x1e5/0x320 [ 1077.084159] ? __do_sys_clone+0x110/0x110 [ 1077.085029] ? rcu_read_lock_any_held+0x75/0xa0 [ 1077.085982] ? vfs_write+0x354/0xa30 [ 1077.086778] ? fput_many+0x2f/0x1a0 [ 1077.087528] ? ksys_write+0x1a9/0x260 [ 1077.088314] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1077.089386] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1077.090435] ? trace_hardirqs_on+0x5b/0x180 [ 1077.091318] do_syscall_64+0x33/0x40 [ 1077.092075] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1077.093111] RIP: 0033:0x7f48f386eb19 [ 1077.093870] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1077.097614] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1077.099167] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 1077.100632] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 1077.102088] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 1077.103545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1077.105003] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 [ 1077.404622] FAULT_INJECTION: forcing a failure. [ 1077.404622] name failslab, interval 1, probability 0, space 0, times 0 [ 1077.407103] CPU: 1 PID: 7881 Comm: syz-executor.2 Not tainted 5.10.164 #1 [ 1077.408507] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1077.410229] Call Trace: [ 1077.410804] dump_stack+0x107/0x167 [ 1077.411581] should_fail.cold+0x5/0xa [ 1077.412367] ? taskstats_exit+0x64d/0xb60 [ 1077.413212] should_failslab+0x5/0x20 [ 1077.413985] kmem_cache_alloc+0x5b/0x360 [ 1077.414828] taskstats_exit+0x64d/0xb60 [ 1077.415643] ? taskstats_user_cmd+0x1050/0x1050 [ 1077.416596] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1077.417684] do_exit+0x5f2/0x26a0 [ 1077.418395] ? find_held_lock+0x2c/0x110 [ 1077.419239] ? mm_update_next_owner+0x7d0/0x7d0 [ 1077.420189] ? get_signal+0x37e/0x2340 [ 1077.420975] ? lock_downgrade+0x6d0/0x6d0 [ 1077.421813] ? do_raw_spin_lock+0x121/0x260 [ 1077.422712] ? rwlock_bug.part.0+0x90/0x90 [ 1077.423589] do_group_exit+0x125/0x310 [ 1077.424380] get_signal+0x4bc/0x2340 [ 1077.425142] ? l2cap_sock_connect+0x403/0x8c0 [ 1077.426043] ? __local_bh_enable_ip+0x9d/0x100 [ 1077.426989] ? l2cap_sock_connect+0x436/0x8c0 [ 1077.427916] arch_do_signal_or_restart+0x2b7/0x1990 [ 1077.428934] ? selinux_socket_connect+0x6d/0x90 [ 1077.429903] ? task_work_add+0x98/0x190 [ 1077.430726] ? restore_sigcontext+0x630/0x630 [ 1077.431655] ? __sys_connect+0x10a/0x1a0 [ 1077.432482] ? __sys_connect_file+0x1a0/0x1a0 [ 1077.433397] ? rcu_read_lock_any_held+0x75/0xa0 [ 1077.434381] ? vfs_write+0x354/0xa30 [ 1077.435180] ? fput_many+0x2f/0x1a0 [ 1077.435949] ? ksys_write+0x1a9/0x260 [ 1077.436744] exit_to_user_mode_prepare+0x10f/0x190 [ 1077.437778] syscall_exit_to_user_mode+0x38/0x230 [ 1077.438767] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1077.439812] RIP: 0033:0x7fa31633cb19 [ 1077.440569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1077.444251] RSP: 002b:00007fa3138b2188 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 1077.445785] RAX: fffffffffffffffc RBX: 00007fa31644ff60 RCX: 00007fa31633cb19 [ 1077.447238] RDX: 000000000000000e RSI: 0000000020000000 RDI: 0000000000000004 [ 1077.448667] RBP: 00007fa3138b21d0 R08: 0000000000000000 R09: 0000000000000000 [ 1077.450100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1077.451545] R13: 00007ffe037eddaf R14: 00007fa3138b2300 R15: 0000000000022000 [ 1077.457314] FAULT_INJECTION: forcing a failure. [ 1077.457314] name failslab, interval 1, probability 0, space 0, times 0 [ 1077.459580] CPU: 1 PID: 7917 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 1077.460955] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1077.462623] Call Trace: [ 1077.463160] dump_stack+0x107/0x167 [ 1077.463899] should_fail.cold+0x5/0xa [ 1077.464666] ? create_object.isra.0+0x3a/0xa20 [ 1077.465588] should_failslab+0x5/0x20 [ 1077.466363] kmem_cache_alloc+0x5b/0x360 [ 1077.467221] create_object.isra.0+0x3a/0xa20 [ 1077.468091] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1077.469092] __kmalloc_track_caller+0x177/0x3c0 [ 1077.470034] ? kstrdup_const+0x53/0x80 [ 1077.470833] kstrdup+0x36/0x70 [ 1077.471497] kstrdup_const+0x53/0x80 [ 1077.472262] alloc_vfsmnt+0xb5/0x680 [ 1077.473017] clone_mnt+0x6c/0xce0 [ 1077.473725] copy_tree+0x3b0/0xa60 [ 1077.474465] copy_mnt_ns+0x144/0xa00 [ 1077.475215] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1077.476219] ? kmem_cache_alloc+0x2b4/0x360 [ 1077.477127] create_new_namespaces+0xd6/0xb20 [ 1077.478068] copy_namespaces+0x39e/0x480 [ 1077.478919] copy_process+0x2549/0x67d0 [ 1077.479744] ? find_held_lock+0x2c/0x110 [ 1077.480600] ? __cleanup_sighand+0xb0/0xb0 [ 1077.481473] ? _copy_from_user+0xfb/0x1b0 [ 1077.482312] kernel_clone+0xe7/0xa20 [ 1077.483043] ? __lockdep_reset_lock+0x180/0x180 [ 1077.483980] ? create_io_thread+0xf0/0xf0 [ 1077.484883] ? ksys_write+0x21a/0x260 [ 1077.485647] ? lock_downgrade+0x6d0/0x6d0 [ 1077.486507] __do_sys_clone3+0x1e5/0x320 [ 1077.487346] ? __do_sys_clone+0x110/0x110 [ 1077.488233] ? rcu_read_lock_any_held+0x75/0xa0 [ 1077.489202] ? vfs_write+0x354/0xa30 [ 1077.489956] ? fput_many+0x2f/0x1a0 [ 1077.490725] ? ksys_write+0x1a9/0x260 01:51:10 executing program 5: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:51:10 executing program 4: ioctl$BTRFS_IOC_SYNC(0xffffffffffffffff, 0x9408, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r1, r0, 0x9, 0x1) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r3, r2, 0x9, 0x0) sendfile(r0, r2, &(0x7f0000000040)=0x3, 0xffffffff) 01:51:10 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 92) 01:51:10 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r1}, @void}}}, 0x24}}, 0x0) 01:51:10 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:51:10 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 1077.491499] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1077.492792] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1077.493848] ? trace_hardirqs_on+0x5b/0x180 [ 1077.494734] do_syscall_64+0x33/0x40 [ 1077.495485] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1077.496508] RIP: 0033:0x7f48f386eb19 [ 1077.497251] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1077.500965] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1077.502535] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 1077.504009] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 1077.505469] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 1077.506945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1077.508430] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:51:10 executing program 5: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 1077.623542] FAULT_INJECTION: forcing a failure. [ 1077.623542] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1077.626708] CPU: 1 PID: 7895 Comm: syz-executor.0 Not tainted 5.10.164 #1 [ 1077.628046] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1077.629921] Call Trace: [ 1077.630512] dump_stack+0x107/0x167 [ 1077.631310] should_fail.cold+0x5/0xa [ 1077.632137] ? perf_trace_lock+0xac/0x490 [ 1077.632952] __alloc_pages_nodemask+0x182/0x680 [ 1077.633871] ? __lockdep_reset_lock+0x180/0x180 [ 1077.634802] ? __alloc_pages_slowpath.constprop.0+0x2220/0x2220 [ 1077.636101] alloc_pages_current+0x187/0x280 [ 1077.637035] ? lock_page_memcg+0xcd/0x260 [ 1077.638001] __get_free_pages+0xc/0xa0 [ 1077.638823] __tlb_remove_page_size+0x257/0x420 [ 1077.639821] unmap_page_range+0x1190/0x1ea0 [ 1077.640652] ? vm_normal_page+0x2e0/0x2e0 [ 1077.641430] ? lock_downgrade+0x6d0/0x6d0 [ 1077.642225] ? uprobe_munmap+0x1c/0x560 [ 1077.642993] unmap_single_vma+0x198/0x300 [ 1077.643935] unmap_vmas+0x16d/0x300 [ 1077.644608] ? zap_vma_ptes+0x100/0x100 [ 1077.645363] exit_mmap+0x27f/0x4f0 [ 1077.646134] ? __ia32_sys_remap_file_pages+0x150/0x150 [ 1077.647338] mmput+0xca/0x340 [ 1077.648010] do_exit+0xa96/0x26a0 [ 1077.648774] ? find_held_lock+0x2c/0x110 [ 1077.649608] ? mm_update_next_owner+0x7d0/0x7d0 [ 1077.650464] ? get_signal+0x37e/0x2340 [ 1077.651179] ? lock_downgrade+0x6d0/0x6d0 [ 1077.651948] ? do_raw_spin_lock+0x121/0x260 [ 1077.652788] ? rwlock_bug.part.0+0x90/0x90 [ 1077.653574] do_group_exit+0x125/0x310 [ 1077.654350] get_signal+0x4bc/0x2340 [ 1077.655209] ? l2cap_sock_connect+0x403/0x8c0 [ 1077.656206] ? __local_bh_enable_ip+0x9d/0x100 [ 1077.657169] ? l2cap_sock_connect+0x436/0x8c0 [ 1077.658026] arch_do_signal_or_restart+0x2b7/0x1990 [ 1077.658981] ? selinux_socket_connect+0x6d/0x90 [ 1077.659868] ? task_work_add+0x98/0x190 [ 1077.660630] ? restore_sigcontext+0x630/0x630 [ 1077.661450] ? __sys_connect+0x10a/0x1a0 [ 1077.662233] ? __sys_connect_file+0x1a0/0x1a0 [ 1077.663109] ? rcu_read_lock_any_held+0x75/0xa0 [ 1077.664013] ? vfs_write+0x354/0xa30 [ 1077.664737] ? fput_many+0x2f/0x1a0 [ 1077.665441] ? ksys_write+0x1a9/0x260 [ 1077.666190] exit_to_user_mode_prepare+0x10f/0x190 [ 1077.667141] syscall_exit_to_user_mode+0x38/0x230 [ 1077.668079] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1077.669007] RIP: 0033:0x7fd2f4669b19 [ 1077.669709] Code: Unable to access opcode bytes at RIP 0x7fd2f4669aef. [ 1077.670944] RSP: 002b:00007fd2f1bdf188 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 1077.672361] RAX: fffffffffffffffc RBX: 00007fd2f477cf60 RCX: 00007fd2f4669b19 [ 1077.673664] RDX: 000000000000000e RSI: 0000000020000000 RDI: 0000000000000004 [ 1077.675016] RBP: 00007fd2f1bdf1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1077.676365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1077.677724] R13: 00007ffed311acdf R14: 00007fd2f1bdf300 R15: 0000000000022000 01:51:11 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:51:11 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r3, 0x0, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r1}, @void}}}, 0x24}}, 0x0) 01:51:11 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) 01:51:27 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:51:27 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:51:27 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:51:27 executing program 5: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:51:27 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 93) 01:51:27 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x5, @fixed}, 0xe) 01:51:27 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r3, 0x0, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r1}, @void}}}, 0x24}}, 0x0) 01:51:27 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r1, r0, 0x9, 0x0) pipe2(&(0x7f00000000c0), 0x0) r2 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r2}, 0x0) perf_event_open(0x0, r2, 0x4, 0xffffffffffffffff, 0xa) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x2, 0x0, 0x8, 0x2, 0x0, 0x10000, 0x50480, 0xa, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x80000001, 0x4, @perf_bp={&(0x7f0000000100), 0x7}, 0x18848, 0x8, 0x8, 0x5, 0x2, 0x4, 0x9, 0x0, 0x8}, r2, 0x1, 0xffffffffffffffff, 0xa) ioctl$BTRFS_IOC_DEFRAG_RANGE(r1, 0x40309410, &(0x7f0000000040)={0x4, 0x7f, 0x1, 0x9, 0x1, [0x20, 0x0, 0xc6bf, 0x9]}) [ 1094.175704] FAULT_INJECTION: forcing a failure. [ 1094.175704] name failslab, interval 1, probability 0, space 0, times 0 [ 1094.178371] CPU: 0 PID: 7963 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 1094.179630] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1094.181150] Call Trace: [ 1094.181648] dump_stack+0x107/0x167 [ 1094.182329] should_fail.cold+0x5/0xa [ 1094.183068] should_failslab+0x5/0x20 [ 1094.183771] __kmalloc_track_caller+0x79/0x3c0 [ 1094.184609] ? kstrdup_const+0x53/0x80 [ 1094.185338] kstrdup+0x36/0x70 [ 1094.185934] kstrdup_const+0x53/0x80 [ 1094.186628] alloc_vfsmnt+0xb5/0x680 [ 1094.187323] clone_mnt+0x6c/0xce0 [ 1094.187974] copy_tree+0x3b0/0xa60 [ 1094.188644] copy_mnt_ns+0x144/0xa00 [ 1094.189332] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1094.190216] ? kmem_cache_alloc+0x2b4/0x360 [ 1094.191026] create_new_namespaces+0xd6/0xb20 [ 1094.191861] copy_namespaces+0x39e/0x480 [ 1094.192762] copy_process+0x2549/0x67d0 [ 1094.193520] ? find_held_lock+0x2c/0x110 [ 1094.194308] ? __cleanup_sighand+0xb0/0xb0 [ 1094.195270] ? _copy_from_user+0xfb/0x1b0 [ 1094.196043] kernel_clone+0xe7/0xa20 [ 1094.196846] ? __lockdep_reset_lock+0x180/0x180 [ 1094.197678] ? create_io_thread+0xf0/0xf0 [ 1094.198591] ? ksys_write+0x21a/0x260 [ 1094.199310] ? lock_downgrade+0x6d0/0x6d0 [ 1094.200212] __do_sys_clone3+0x1e5/0x320 [ 1094.200949] ? __do_sys_clone+0x110/0x110 [ 1094.201863] ? rcu_read_lock_any_held+0x75/0xa0 [ 1094.202741] ? vfs_write+0x354/0xa30 [ 1094.203560] ? fput_many+0x2f/0x1a0 [ 1094.204250] ? ksys_write+0x1a9/0x260 [ 1094.205090] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1094.206225] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1094.207180] ? trace_hardirqs_on+0x5b/0x180 [ 1094.207973] do_syscall_64+0x33/0x40 [ 1094.208659] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1094.209590] RIP: 0033:0x7f48f386eb19 [ 1094.210273] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1094.213617] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1094.215012] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 1094.216306] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 1094.217598] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 1094.218898] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1094.220199] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:51:27 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r3, 0x0, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r1}, @void}}}, 0x24}}, 0x0) 01:51:27 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:51:27 executing program 5: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) r1 = open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000280)={r1, 0x9, 0x0, 0x4}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:51:27 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x2}}, 0xe) 01:51:27 executing program 5: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:51:27 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @val={0x8, 0x3, r1}, @void}}}, 0x24}}, 0x0) 01:51:27 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x87, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r1, r0, 0x9, 0x0) perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x40, 0xf8, 0x7, 0x96, 0x0, 0x7, 0x1c110, 0x2, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x408000, 0x4, @perf_config_ext={0x1, 0x6}, 0x15017, 0xe68a, 0x0, 0x1, 0xff53, 0x1000, 0x7f, 0x0, 0x9, 0x0, 0x6}, 0xffffffffffffffff, 0x9, r0, 0x1) 01:51:27 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x3}}, 0xe) [ 1096.385683] Bluetooth: hci3: command 0x0405 tx timeout [ 1098.433574] Bluetooth: hci3: command 0x0405 tx timeout [ 1109.741082] FAULT_INJECTION: forcing a failure. [ 1109.741082] name failslab, interval 1, probability 0, space 0, times 0 [ 1109.742466] CPU: 0 PID: 8006 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 1109.743272] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1109.744230] Call Trace: [ 1109.744544] dump_stack+0x107/0x167 [ 1109.744969] should_fail.cold+0x5/0xa [ 1109.745409] ? create_object.isra.0+0x3a/0xa20 [ 1109.745939] should_failslab+0x5/0x20 [ 1109.746397] kmem_cache_alloc+0x5b/0x360 [ 1109.746904] ? mark_held_locks+0x9e/0xe0 [ 1109.747410] create_object.isra.0+0x3a/0xa20 [ 1109.747953] kmemleak_alloc_percpu+0xa0/0x100 [ 1109.748501] pcpu_alloc+0x4e2/0x12f0 [ 1109.748976] alloc_vfsmnt+0xfd/0x680 [ 1109.749419] clone_mnt+0x6c/0xce0 [ 1109.749848] copy_tree+0x3b0/0xa60 [ 1109.750294] copy_mnt_ns+0x144/0xa00 [ 1109.750752] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1109.751331] ? kmem_cache_alloc+0x2b4/0x360 [ 1109.751863] create_new_namespaces+0xd6/0xb20 [ 1109.752411] copy_namespaces+0x39e/0x480 [ 1109.752907] copy_process+0x2549/0x67d0 [ 1109.753393] ? find_held_lock+0x2c/0x110 [ 1109.753904] ? __cleanup_sighand+0xb0/0xb0 [ 1109.754424] ? _copy_from_user+0xfb/0x1b0 [ 1109.754948] kernel_clone+0xe7/0xa20 [ 1109.755401] ? __lockdep_reset_lock+0x180/0x180 [ 1109.755969] ? create_io_thread+0xf0/0xf0 [ 1109.756492] ? ksys_write+0x21a/0x260 [ 1109.756955] ? lock_downgrade+0x6d0/0x6d0 [ 1109.757465] __do_sys_clone3+0x1e5/0x320 [ 1109.757957] ? __do_sys_clone+0x110/0x110 [ 1109.758472] ? rcu_read_lock_any_held+0x75/0xa0 [ 1109.759045] ? vfs_write+0x354/0xa30 [ 1109.759495] ? fput_many+0x2f/0x1a0 [ 1109.759937] ? ksys_write+0x1a9/0x260 [ 1109.760408] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1109.761046] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1109.761672] ? trace_hardirqs_on+0x5b/0x180 [ 1109.762197] do_syscall_64+0x33/0x40 [ 1109.762653] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1109.763249] RIP: 0033:0x7f48f386eb19 [ 1109.763698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1109.765914] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1109.766835] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 1109.767693] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 1109.768556] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 1109.769410] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1109.770274] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:51:43 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x5, @fixed}, 0xe) 01:51:43 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:51:43 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:51:43 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:51:43 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 94) 01:51:43 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @val={0x8, 0x3, r1}, @void}}}, 0x24}}, 0x0) 01:51:43 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x4}}, 0xe) 01:51:43 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) tee(0xffffffffffffffff, 0xffffffffffffffff, 0x9, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r1, r0, 0x9, 0x0) dup2(0xffffffffffffffff, r0) syz_open_dev$mouse(&(0x7f00000000c0), 0x1ff, 0x406000) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r3, r2, 0x9, 0x0) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) r5 = dup(r4) r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r5, 0x8936, &(0x7f0000000080)={@local, 0x78, r7}) ioctl$sock_inet6_SIOCDIFADDR(r5, 0x8916, &(0x7f0000000000)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, r7}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000040)={@loopback, 0x22, r7}) 01:51:43 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @val={0x8, 0x3, r1}, @void}}}, 0x24}}, 0x0) 01:51:43 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:51:43 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:51:43 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r1, r0, 0x9, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000000)) pipe2(&(0x7f0000000040), 0x0) 01:51:43 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:51:43 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 95) 01:51:43 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8}, @void}}}, 0x24}}, 0x0) 01:51:43 executing program 5: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 1110.010064] FAULT_INJECTION: forcing a failure. [ 1110.010064] name failslab, interval 1, probability 0, space 0, times 0 [ 1110.012558] CPU: 1 PID: 8044 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 1110.013958] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1110.015649] Call Trace: [ 1110.016208] dump_stack+0x107/0x167 [ 1110.016954] should_fail.cold+0x5/0xa [ 1110.017748] ? alloc_vfsmnt+0x23/0x680 [ 1110.018546] should_failslab+0x5/0x20 [ 1110.019334] kmem_cache_alloc+0x5b/0x360 [ 1110.020159] ? copy_tree+0x61a/0xa60 [ 1110.020928] alloc_vfsmnt+0x23/0x680 [ 1110.021709] clone_mnt+0x6c/0xce0 [ 1110.022427] copy_tree+0x3b0/0xa60 [ 1110.023190] copy_mnt_ns+0x144/0xa00 [ 1110.023956] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1110.024944] ? kmem_cache_alloc+0x2b4/0x360 [ 1110.025835] create_new_namespaces+0xd6/0xb20 [ 1110.026764] copy_namespaces+0x39e/0x480 [ 1110.027525] copy_process+0x2549/0x67d0 [ 1110.028293] ? find_held_lock+0x2c/0x110 [ 1110.029135] ? __cleanup_sighand+0xb0/0xb0 [ 1110.030011] ? _copy_from_user+0xfb/0x1b0 [ 1110.030875] kernel_clone+0xe7/0xa20 [ 1110.031631] ? __lockdep_reset_lock+0x180/0x180 [ 1110.032578] ? create_io_thread+0xf0/0xf0 [ 1110.033443] ? ksys_write+0x21a/0x260 [ 1110.034218] ? lock_downgrade+0x6d0/0x6d0 [ 1110.035070] __do_sys_clone3+0x1e5/0x320 [ 1110.035898] ? __do_sys_clone+0x110/0x110 [ 1110.036763] ? rcu_read_lock_any_held+0x75/0xa0 [ 1110.037703] ? vfs_write+0x354/0xa30 [ 1110.038464] ? fput_many+0x2f/0x1a0 [ 1110.039214] ? ksys_write+0x1a9/0x260 [ 1110.040000] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1110.041064] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1110.042117] ? trace_hardirqs_on+0x5b/0x180 [ 1110.043016] do_syscall_64+0x33/0x40 [ 1110.043780] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1110.044824] RIP: 0033:0x7f48f386eb19 [ 1110.045594] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1110.049392] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1110.050956] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 1110.052390] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 1110.053834] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 1110.055280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1110.056724] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 [ 1110.746832] cgroup: fork rejected by pids controller in /syz2 [ 1111.809594] Bluetooth: hci3: command 0x0405 tx timeout 01:52:00 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed, 0x2}, 0xe) 01:52:00 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:52:00 executing program 5: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:52:00 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') r1 = perf_event_open$cgroup(&(0x7f00000002c0)={0x4, 0x80, 0x81, 0x20, 0x5, 0x4, 0x0, 0x5, 0x8, 0x3, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x0, @perf_bp={&(0x7f0000000280)}, 0x188c4, 0x20, 0x1, 0x5, 0x400, 0x9, 0xb055, 0x0, 0x64, 0x0, 0x6}, r0, 0xb, 0xffffffffffffffff, 0x1a28c118948ee653) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0xff, 0x8, 0x3, 0x81, 0x0, 0xf577, 0x10000, 0x8, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x6, 0x2, @perf_config_ext={0x9, 0x3f}, 0x80, 0x405b, 0x7, 0x0, 0x5, 0x8, 0x20, 0x0, 0xfffffff9, 0x0, 0x64134d4a}, 0xffffffffffffffff, 0xc, r1, 0x9) pipe2(&(0x7f0000000000), 0x0) perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x3f, 0x9, 0x3, 0x1, 0x0, 0x7, 0x22100, 0x2, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x9, 0x4, @perf_bp={&(0x7f0000000040), 0x8}, 0x4100, 0x80000001, 0x3, 0x1, 0x6, 0xffff, 0x100, 0x0, 0x709a, 0x0, 0x3}, 0x0, 0x1, 0xffffffffffffffff, 0x8) fallocate(r0, 0x8, 0x1, 0x101) 01:52:00 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 96) 01:52:00 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:52:00 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8}, @void}}}, 0x24}}, 0x0) 01:52:00 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 1127.100748] FAULT_INJECTION: forcing a failure. [ 1127.100748] name failslab, interval 1, probability 0, space 0, times 0 [ 1127.102540] CPU: 1 PID: 8265 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 1127.103620] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1127.104908] Call Trace: [ 1127.105326] dump_stack+0x107/0x167 [ 1127.105892] should_fail.cold+0x5/0xa [ 1127.106485] ? create_object.isra.0+0x3a/0xa20 [ 1127.107259] should_failslab+0x5/0x20 [ 1127.107883] kmem_cache_alloc+0x5b/0x360 [ 1127.108564] ? mark_held_locks+0x9e/0xe0 [ 1127.109242] create_object.isra.0+0x3a/0xa20 [ 1127.109982] kmemleak_alloc_percpu+0xa0/0x100 [ 1127.110745] pcpu_alloc+0x4e2/0x12f0 [ 1127.111364] alloc_vfsmnt+0xfd/0x680 [ 1127.111987] clone_mnt+0x6c/0xce0 [ 1127.112552] copy_tree+0x3b0/0xa60 [ 1127.113155] copy_mnt_ns+0x144/0xa00 [ 1127.113772] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1127.114550] ? kmem_cache_alloc+0x2b4/0x360 [ 1127.115298] create_new_namespaces+0xd6/0xb20 [ 1127.116048] copy_namespaces+0x39e/0x480 [ 1127.116691] copy_process+0x2549/0x67d0 [ 1127.117346] ? find_held_lock+0x2c/0x110 [ 1127.118039] ? __cleanup_sighand+0xb0/0xb0 [ 1127.118722] ? _copy_from_user+0xfb/0x1b0 [ 1127.119414] kernel_clone+0xe7/0xa20 [ 1127.120021] ? __lockdep_reset_lock+0x180/0x180 [ 1127.120783] ? create_io_thread+0xf0/0xf0 [ 1127.121477] ? ksys_write+0x21a/0x260 [ 1127.122100] ? lock_downgrade+0x6d0/0x6d0 [ 1127.122782] __do_sys_clone3+0x1e5/0x320 [ 1127.123459] ? __do_sys_clone+0x110/0x110 [ 1127.124165] ? rcu_read_lock_any_held+0x75/0xa0 [ 1127.124929] ? vfs_write+0x354/0xa30 [ 1127.125534] ? fput_many+0x2f/0x1a0 [ 1127.126133] ? ksys_write+0x1a9/0x260 [ 1127.126753] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1127.127610] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1127.128466] ? trace_hardirqs_on+0x5b/0x180 [ 1127.129169] do_syscall_64+0x33/0x40 [ 1127.129780] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1127.130621] RIP: 0033:0x7f48f386eb19 [ 1127.131232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1127.134272] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1127.135526] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 1127.136679] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 1127.137827] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 1127.138979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1127.140126] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:52:00 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8}, @void}}}, 0x24}}, 0x0) 01:52:00 executing program 4: perf_event_open(&(0x7f0000001d80)={0x4, 0x80, 0x46, 0x40, 0x0, 0x0, 0x0, 0x1, 0x38000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ip_tables_targets\x00') pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) tee(r1, r0, 0x9, 0x0) readv(r0, &(0x7f00000012c0)=[{&(0x7f0000000080)=""/36, 0x24}, {&(0x7f00000000c0)=""/66, 0x42}, {&(0x7f0000000140)=""/4096, 0x1000}, {&(0x7f0000001140)=""/91, 0x5b}, {&(0x7f00000011c0)=""/144, 0x90}, {&(0x7f0000001280)=""/10, 0xa}], 0x6) pipe2(&(0x7f0000000000), 0x0) 01:52:00 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 97) [ 1127.342360] FAULT_INJECTION: forcing a failure. [ 1127.342360] name failslab, interval 1, probability 0, space 0, times 0 [ 1127.343902] CPU: 1 PID: 8489 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 1127.344781] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1127.345840] Call Trace: [ 1127.346185] dump_stack+0x107/0x167 [ 1127.346666] should_fail.cold+0x5/0xa [ 1127.347170] ? create_object.isra.0+0x3a/0xa20 [ 1127.347767] should_failslab+0x5/0x20 [ 1127.348260] kmem_cache_alloc+0x5b/0x360 [ 1127.348790] create_object.isra.0+0x3a/0xa20 [ 1127.349370] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1127.350030] __kmalloc_track_caller+0x177/0x3c0 [ 1127.350625] ? kstrdup_const+0x53/0x80 [ 1127.351149] kstrdup+0x36/0x70 [ 1127.351571] kstrdup_const+0x53/0x80 [ 1127.352063] alloc_vfsmnt+0xb5/0x680 [ 1127.352567] clone_mnt+0x6c/0xce0 [ 1127.353052] copy_tree+0x3b0/0xa60 [ 1127.353558] copy_mnt_ns+0x144/0xa00 [ 1127.354073] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1127.354739] ? kmem_cache_alloc+0x2b4/0x360 [ 1127.355345] create_new_namespaces+0xd6/0xb20 [ 1127.355958] copy_namespaces+0x39e/0x480 [ 1127.356525] copy_process+0x2549/0x67d0 [ 1127.357068] ? find_held_lock+0x2c/0x110 [ 1127.357654] ? __cleanup_sighand+0xb0/0xb0 [ 1127.358256] ? _copy_from_user+0xfb/0x1b0 [ 1127.358834] kernel_clone+0xe7/0xa20 [ 1127.359358] ? __lockdep_reset_lock+0x180/0x180 [ 1127.360003] ? create_io_thread+0xf0/0xf0 [ 1127.360585] ? ksys_write+0x21a/0x260 [ 1127.361109] ? lock_downgrade+0x6d0/0x6d0 [ 1127.361679] __do_sys_clone3+0x1e5/0x320 [ 1127.362245] ? __do_sys_clone+0x110/0x110 [ 1127.362830] ? rcu_read_lock_any_held+0x75/0xa0 [ 1127.363468] ? vfs_write+0x354/0xa30 [ 1127.363993] ? fput_many+0x2f/0x1a0 [ 1127.364490] ? ksys_write+0x1a9/0x260 [ 1127.365012] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1127.365739] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1127.366433] ? trace_hardirqs_on+0x5b/0x180 [ 1127.367036] do_syscall_64+0x33/0x40 [ 1127.367551] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1127.368254] RIP: 0033:0x7f48f386eb19 [ 1127.368775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1127.371312] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1127.372351] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 1127.373324] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 1127.374304] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 1127.375302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1127.376277] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:52:18 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:52:18 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed, 0x3}, 0xe) 01:52:18 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:52:18 executing program 3: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:52:18 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r2) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_ADD(r1, 0x4c80, r3) 01:52:18 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x2}}, 0xe) 01:52:18 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 98) 01:52:18 executing program 5: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:52:18 executing program 5: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 1145.081874] FAULT_INJECTION: forcing a failure. [ 1145.081874] name failslab, interval 1, probability 0, space 0, times 0 [ 1145.084311] CPU: 1 PID: 8520 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 1145.085702] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1145.087422] Call Trace: [ 1145.087974] dump_stack+0x107/0x167 [ 1145.088731] should_fail.cold+0x5/0xa [ 1145.089509] ? create_object.isra.0+0x3a/0xa20 [ 1145.090448] should_failslab+0x5/0x20 [ 1145.091239] kmem_cache_alloc+0x5b/0x360 [ 1145.092088] create_object.isra.0+0x3a/0xa20 [ 1145.092990] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1145.094035] __kmalloc_track_caller+0x177/0x3c0 [ 1145.094991] ? kstrdup_const+0x53/0x80 [ 1145.095815] kstrdup+0x36/0x70 [ 1145.096481] kstrdup_const+0x53/0x80 [ 1145.097241] alloc_vfsmnt+0xb5/0x680 [ 1145.098008] clone_mnt+0x6c/0xce0 [ 1145.098721] copy_tree+0x3b0/0xa60 [ 1145.099477] copy_mnt_ns+0x144/0xa00 [ 1145.100235] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1145.101221] ? kmem_cache_alloc+0x2b4/0x360 [ 1145.102107] create_new_namespaces+0xd6/0xb20 [ 1145.103041] copy_namespaces+0x39e/0x480 [ 1145.103905] copy_process+0x2549/0x67d0 [ 1145.104728] ? find_held_lock+0x2c/0x110 [ 1145.105591] ? __cleanup_sighand+0xb0/0xb0 [ 1145.106476] ? _copy_from_user+0xfb/0x1b0 [ 1145.107345] kernel_clone+0xe7/0xa20 [ 1145.108116] ? __lockdep_reset_lock+0x180/0x180 [ 1145.109079] ? create_io_thread+0xf0/0xf0 [ 1145.109950] ? ksys_write+0x21a/0x260 [ 1145.110743] ? lock_downgrade+0x6d0/0x6d0 [ 1145.111609] __do_sys_clone3+0x1e5/0x320 [ 1145.112446] ? __do_sys_clone+0x110/0x110 [ 1145.113320] ? rcu_read_lock_any_held+0x75/0xa0 [ 1145.114275] ? vfs_write+0x354/0xa30 [ 1145.115046] ? fput_many+0x2f/0x1a0 [ 1145.115804] ? ksys_write+0x1a9/0x260 [ 1145.116600] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1145.117677] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1145.118733] ? trace_hardirqs_on+0x5b/0x180 [ 1145.119624] do_syscall_64+0x33/0x40 [ 1145.120391] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1145.121436] RIP: 0033:0x7f48f386eb19 01:52:18 executing program 5: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 1145.122202] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1145.126141] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1145.127707] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 1145.129169] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 1145.130623] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 1145.132101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1145.133556] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:52:18 executing program 5: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) clone3(0x0, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:52:18 executing program 4: r0 = openat$incfs(0xffffffffffffffff, &(0x7f0000000180)='.log\x00', 0x40882, 0x129) ioctl$KDSKBENT(r0, 0x4b47, &(0x7f00000001c0)={0x2b, 0xc0, 0x4}) r1 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x2, 0xbcfd}, 0x0, 0x0, 0x0, 0x0, 0x100000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) readv(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/154, 0x9a}], 0x1) 01:52:18 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed, 0x4}, 0xe) 01:52:18 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 99) 01:52:18 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$sock_SIOCGIFVLAN_GET_VLAN_VID_CMD(r0, 0x8982, &(0x7f00000000c0)) tee(r1, r0, 0x9, 0x0) ioctl$F2FS_IOC_GET_FEATURES(r1, 0x8004f50c, &(0x7f0000000040)) pipe2(&(0x7f0000000000), 0x0) [ 1145.389635] FAULT_INJECTION: forcing a failure. [ 1145.389635] name failslab, interval 1, probability 0, space 0, times 0 [ 1145.391969] CPU: 0 PID: 8738 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 1145.393337] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1145.394997] Call Trace: [ 1145.395537] dump_stack+0x107/0x167 [ 1145.396282] should_fail.cold+0x5/0xa [ 1145.397062] ? create_object.isra.0+0x3a/0xa20 [ 1145.397983] should_failslab+0x5/0x20 [ 1145.398750] kmem_cache_alloc+0x5b/0x360 [ 1145.399613] create_object.isra.0+0x3a/0xa20 [ 1145.400488] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1145.401514] kmem_cache_alloc+0x159/0x360 [ 1145.402354] alloc_vfsmnt+0x23/0x680 [ 1145.403106] clone_mnt+0x6c/0xce0 [ 1145.403882] copy_tree+0x3b0/0xa60 [ 1145.404619] copy_mnt_ns+0x144/0xa00 [ 1145.405387] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1145.406357] ? kmem_cache_alloc+0x2b4/0x360 [ 1145.407279] create_new_namespaces+0xd6/0xb20 [ 1145.408209] copy_namespaces+0x39e/0x480 [ 1145.409047] copy_process+0x2549/0x67d0 [ 1145.409883] ? find_held_lock+0x2c/0x110 [ 1145.410726] ? __cleanup_sighand+0xb0/0xb0 [ 1145.411625] ? _copy_from_user+0xfb/0x1b0 [ 1145.412512] kernel_clone+0xe7/0xa20 [ 1145.413273] ? create_io_thread+0xf0/0xf0 [ 1145.414153] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1145.415261] ? trace_hardirqs_on+0x5b/0x180 [ 1145.416195] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1145.417314] ? __do_sys_clone3+0x19e/0x320 [ 1145.418187] __do_sys_clone3+0x1e5/0x320 [ 1145.419009] ? __do_sys_clone+0x110/0x110 [ 1145.419900] ? rcu_read_lock_any_held+0x75/0xa0 [ 1145.420867] ? vfs_write+0x354/0xa30 [ 1145.421646] ? fput_many+0x2f/0x1a0 [ 1145.422402] ? ksys_write+0x1a9/0x260 [ 1145.423190] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1145.424269] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1145.425303] ? trace_hardirqs_on+0x5b/0x180 [ 1145.426191] do_syscall_64+0x33/0x40 [ 1145.426947] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1145.428007] RIP: 0033:0x7f48f386eb19 [ 1145.428755] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1145.432504] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1145.434054] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 1145.435516] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 1145.436965] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 1145.438431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1145.439909] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:52:18 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed, 0x300}, 0xe) 01:52:19 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 100) 01:52:19 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x100000000000}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000140)='.pending_reads\x00', 0x3a1400, 0x102) mmap$perf(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1000001, 0x11, r0, 0x5c41) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x9, &(0x7f00000000c0)=[{0x8, 0x7f, 0x6, 0x83}, {0xffff, 0x3a, 0x0, 0x6}, {0x86c, 0x9c, 0x6, 0x3ff}, {0x4, 0xa4, 0xec, 0x1}, {0x2, 0x41, 0x0, 0x6}, {0x2, 0x7, 0x4, 0x8}, {0x1be6, 0x1, 0x7, 0xee1}, {0x3, 0xbe, 0x1, 0x3ff}, {0x8, 0xff, 0x1, 0x200}]}) readv(r1, &(0x7f0000000140), 0x0) ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r0, 0xf502, 0x0) pipe2(&(0x7f0000000000), 0x0) [ 1145.929430] FAULT_INJECTION: forcing a failure. [ 1145.929430] name failslab, interval 1, probability 0, space 0, times 0 [ 1145.931733] CPU: 0 PID: 8907 Comm: syz-executor.1 Not tainted 5.10.164 #1 [ 1145.933006] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1145.934565] Call Trace: [ 1145.935065] dump_stack+0x107/0x167 [ 1145.935760] should_fail.cold+0x5/0xa [ 1145.936470] should_failslab+0x5/0x20 [ 1145.937167] __kmalloc_track_caller+0x79/0x3c0 [ 1145.938056] ? kstrdup_const+0x53/0x80 [ 1145.938795] kstrdup+0x36/0x70 [ 1145.939434] kstrdup_const+0x53/0x80 [ 1145.940143] alloc_vfsmnt+0xb5/0x680 [ 1145.940862] clone_mnt+0x6c/0xce0 [ 1145.941535] copy_tree+0x3b0/0xa60 [ 1145.942224] copy_mnt_ns+0x144/0xa00 [ 1145.942926] ? rcu_read_lock_sched_held+0x3e/0x80 [ 1145.943844] ? kmem_cache_alloc+0x2b4/0x360 [ 1145.944669] create_new_namespaces+0xd6/0xb20 [ 1145.945538] copy_namespaces+0x39e/0x480 [ 1145.946310] copy_process+0x2549/0x67d0 [ 1145.947074] ? find_held_lock+0x2c/0x110 [ 1145.947884] ? __cleanup_sighand+0xb0/0xb0 [ 1145.948691] ? _copy_from_user+0xfb/0x1b0 [ 1145.949472] kernel_clone+0xe7/0xa20 [ 1145.950169] ? __lockdep_reset_lock+0x180/0x180 [ 1145.951043] ? create_io_thread+0xf0/0xf0 [ 1145.951848] ? ksys_write+0x21a/0x260 [ 1145.952559] ? lock_downgrade+0x6d0/0x6d0 [ 1145.953340] __do_sys_clone3+0x1e5/0x320 [ 1145.954098] ? __do_sys_clone+0x110/0x110 [ 1145.954899] ? rcu_read_lock_any_held+0x75/0xa0 [ 1145.955778] ? vfs_write+0x354/0xa30 [ 1145.956473] ? fput_many+0x2f/0x1a0 [ 1145.957151] ? ksys_write+0x1a9/0x260 [ 1145.957872] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1145.958859] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1145.959833] ? trace_hardirqs_on+0x5b/0x180 [ 1145.960640] do_syscall_64+0x33/0x40 [ 1145.961336] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1145.962292] RIP: 0033:0x7f48f386eb19 [ 1145.962993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1145.966430] RSP: 002b:00007f48f0de4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1145.967861] RAX: ffffffffffffffda RBX: 00007f48f3981f60 RCX: 00007f48f386eb19 [ 1145.969171] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 00000000200001c0 [ 1145.970478] RBP: 00007f48f0de41d0 R08: 0000000000000000 R09: 0000000000000000 [ 1145.971821] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 1145.973132] R13: 00007ffc33cc73cf R14: 00007f48f0de4300 R15: 0000000000022000 01:52:19 executing program 3: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:52:19 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:52:19 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:52:37 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x3}}, 0xe) 01:52:37 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:52:37 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:52:37 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:52:37 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) 01:52:37 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r1, r0, 0x9, 0x0) syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), r0) 01:52:37 executing program 5: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) clone3(0x0, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:52:37 executing program 3: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:52:37 executing program 3: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:52:37 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x6}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') chdir(0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) fcntl$lock(r0, 0x26, &(0x7f0000000600)={0x1}) rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000180)='./file0\x00') pipe2(&(0x7f0000000000), 0x0) 01:52:37 executing program 1: clone3(&(0x7f00000001c0)={0x50820004, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:52:37 executing program 3: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:52:37 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed, 0x0, 0x3}, 0xe) 01:52:37 executing program 4: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x6}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) getpid() r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x10001, 0x10) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e23, 0x3, @ipv4={'\x00', '\xff\xff', @multicast1}, 0xffffc3c8}, 0x1c) pipe2(&(0x7f0000000000), 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r3, r2, 0x9, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r3, 0xc0189376, &(0x7f0000000140)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="01006b49a81300002e2f668c41438e99696cf4c3f8"]) 01:52:37 executing program 3: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:52:38 executing program 1: clone3(&(0x7f00000001c0)={0x50822500, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:52:52 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x4}}, 0xe) 01:52:52 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed, 0x0, 0x4}, 0xe) 01:52:52 executing program 3: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:52:52 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000000340)={0x84100, &(0x7f0000000040), &(0x7f0000000140), &(0x7f0000000180)=0x0, {0xd}, &(0x7f00000001c0)=""/109, 0x6d, &(0x7f0000000240)=""/188, &(0x7f0000000300)=[0xffffffffffffffff, 0x0], 0x2}, 0x58) r1 = syz_io_uring_complete(0x0) perf_event_open(&(0x7f00000000c0)={0x3, 0x80, 0x1, 0xf7, 0xe1, 0x4, 0x0, 0x1, 0x8100, 0xc, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3, 0x1, @perf_config_ext={0x2, 0x100}, 0x11000, 0x7f, 0x9, 0x5, 0x10000, 0x9, 0x800, 0x0, 0x4}, r0, 0x9, r1, 0x1) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r3, r2, 0x9, 0x0) write$binfmt_elf64(r2, &(0x7f00000003c0)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x2, 0xb1, 0xc7, 0x2, 0x3, 0x3, 0x5, 0x2c7, 0x40, 0x33b, 0x4, 0xee, 0x38, 0x2, 0x2, 0x7ff, 0x81}, [{0x5, 0x0, 0x80000001, 0x0, 0x1000, 0xdfab, 0x3, 0x6}, {0x5, 0x1000, 0xf1, 0x4, 0xd1, 0x2, 0x3f, 0x4}], "28a1d949d3f52ae463935df1d4afba0d2534b36182a41df2bd74d86a3e9b0c7a14706441100b10fe8fd03cc29a4417944edd2796a6506456c7998a012f4fab358959351e9a5a97369aeb12abfc679ea781292fb5ec58066fdf19b5fad391dda83f8d4ea90f0ef723bbc90758ac1ab186a85d1ebe4adee8e0b0e66ce951adf9cbb0abe46be0c0033ea02bb07aa2d170c06bdb2d3a99e55a", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x747) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) 01:52:52 executing program 5: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) clone3(0x0, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:52:52 executing program 1: clone3(&(0x7f00000001c0)={0x50824902, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:52:52 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:52:52 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:52:52 executing program 1: clone3(&(0x7f00000001c0)={0x50824903, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:52:52 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r1, r0, 0x9, 0x0) write$binfmt_elf64(r1, &(0x7f00000000c0)={{0x7f, 0x45, 0x4c, 0x46, 0x1, 0x81, 0x0, 0x5, 0x0, 0x3, 0x5, 0x3ff, 0x2f5, 0x40, 0x269, 0x0, 0x200, 0x38, 0x2, 0x2, 0x8, 0xf1}, [{0x3, 0x100, 0x10001, 0x1df, 0x100000000, 0x387, 0x7, 0x9}], "82bd6d215fd6d5d9390c08fa18a87ed2e422e3b9b3bc697b9bc79ade219b4baf7642f4472ba1642e14035a9f6373ce90f7d320e19ebfc4527cde3191676b91a534a4334ec41aa0159d8089ac085168b57d910ca1b73a336fe5967e2cbc9dee8b542652a0b95b77570bd9e88d7749bbb135df5d3ec360b55750211f38e1ec915bf4df7a28bd0be48f604ed97b9e3856d9d2595d5db7996a06b31098087d884ee8f7de48e263bd88386dbce8299e2ed8db3ae5e9e022fdb3b09f78dbe247bd02b995424af297a088020de4111807694e2e3c94d5abc44160df8921d78c96a08adca78737fc7b5cb22a0c4867686069fe4ca44134412a56ded28df8099c6dad6058c84897062f844e96911316dce6579843d401f8719983757ad9fef7b6e97b7b5cda7c4e4565cb8dc11e8dc8cea1e9d6df0d55fbeaa2f4b69ae26409e3db3fb4f71a3f8e1df371d2c02e4e6d5a853ed271a49aa5b2e977556704c9ec611a7ab27aa4d87c6b7bcb71917a651e71f644dca1ce13495385a77bfa70e97e8152377ef0b7f34079d0777dd0d532713f3ac85769fd52dc2c718fc234732dea66825d3e071e6ad789bf8fed886c4b765738bb25af4a1640a1eb9fa935e5a1b6df6a375b4a30169edd67b77d7af101105258a448944571ec9dd4b62516390a090641465730171afed378f520d966929d8572b5d26626cd616bf50c060d5e4ad3d8f83de8cbf6ec16590d91ae05d319a1b5c26a8b6df0e2899a4507d55dab2b2cc70e5d29c7661a420585dce8a3b6101f19eaca542fd74d58dca989269387e2f2d6ba3901d96406a527f93932f62234cd8df3d4f085a9de797b3bc09af475069d78a2595a552f12bc0589be508f740cc30509994d979d87913027e4460d5815443f0d42f452e4c25a75f5ead58ffdcb89e1f420c876c3d8d4de3994c9faaf06c3d9aacb6e8c0d31a0a04711a55fb5fcdaf2b7eb13bb992b0b8fc4f3fed21feb7833f5264779d59cb6f9fd62f6b40fce2f2e2925e890298e55613d1d0ecd9c1039f13feaff3d73c09aaaa9b84686651385a83f981f2a8a7478b66de3fcd3e9fe9a1b0ec09dca446eb0c5287e4474ca46747206d11923b1e0cc3856c1424d7daefbe973c52321af3bd5203bcd09e241bd4433305c8c655b3bc60747e5bc72c58d9cb5b974a6fbb70e4ad4395bb432dbee4b5340b885a51a9948cf7ed80cc0ee2cd03a3b542cb9ce40e4a90089572b088be384cf3a9d2f5628835688fe392a8d6bc3ac8184f52813ecccf7fcb5a5659b21e4e529e42102a7dfacfd6aac84b8f407ae6520a918e2b551f5c74f0c55f8481d6148177c3d1326b3e389189c79a928a15ef56d6966b7931696865b368479383d5d6e77d1c7158d1ff03ca0785d679e8d4f8165a715a0836a0826d9bbede3ff0d4f74ba9753fd8f4fed0b396cedb9b4507908057da03e9562fe37455a6b691e6056d2d73370e8e084109b64d1b329158025dea9611c493a4fbe34efd33b344e8e01548dbb5969929bd9a9d761e443ed4ac38679888da37f5a0f3ffd67bf230463130f6a8cdaccc9197a40e13f69127dafc6449028847c9230f255612cdddfd990e193a5c7c11d9b57db2ab0d6e702573453f1e1f902034a992d083370a2f03aac84ad77d5b4cd756cc9768122482c478df79e1e2abd86094c07a6369ca3a7ecc195a139112ec2c12fcd3088ea01cafee69503a272d26d25e3b86c48692bedb6eca6678eba00033f2546bd6ba143dd8e7c7d6ab16c24abd8e895e52676085b33286f43a22d1ed878574841baa2b59ceac3e6fa402923612e2ff0351cdfcca3b68f4231f318383969a0f2c22a442c8b5496934cf91ead4685967e0dfd5b86c2f745ae4e0492f245d78fb1fc52fea1d7448880403f8cf9cd2a2c4682621de74a5673f3021e99b31818f7117c22f93aa9219f7e22cf08561f3b79dea2be25b33458f222cd15a94c355c5f694816a3795b8ed4795558c8e87059717817f8b9b828bf9b68844e6e5e5d3e10a075eeefe3687dd7623e221dd16bdcbf4102d23555241b93e13757a3d0d81f511c857e435c91d3bdfcd0f566cafc03a6d8cdbadf150956e16a643e3fa12895a939406b8293b9587a9928ec84e314f00c1d42721006defe7362a64ed36ecc8b85e5ff91ab2efc62e18d90edba10d42a6d1f984e109afeba4b0cfe767d3c4a1412b909d19589f4441484b09a59d0cc4fff274df8aebd64c9b1050b1ec0343b6575d21f865bc3255047c614f61a3275afdfb58ab740e1a1e594fc3ad7938a881d18377fef50d69b9ad07bf87fbed7487a172f56d68d63580a787256563ff137a44c154374714fc9b47ed0cc2f31f386841b93591c52d7c8e98f290710b2327a0c321a4f78dcfca6738321e20cdc11deb84e4f9edcae12e8cb91e6cdcbfdea9b8456ff22423c48d2d4e2d7715fdb20620912a67db15c233522b550a197b7846654ded089a3a1e16c3ea9d24c5d4042ebc2c3b26cb10e72ce66dd2810fda1515881b9839e65bb3d4e6cf51180d10c5a7718922b1c9b34521abef783c6a11b7dd103f79ea7834fda99e44f4fae7049ea612dcc7f0173fd823fe1eb7c136b9b5d0ff196bd92ef3c8b4ce1461cb678426c0c23fb5af9958eb6f64dbf8a694214f2abcdf821702d6ddccb64cb8e3c64fbf4b9b70e4d545fbbf38c2add016f11b8f841e86dd9599b0319b7ef9ec46b74048576cd2259129ffb34470e63cdd55e2177ca163617e557be2a1c5069d069940a7f5ca752b57d6c5f27531966853f7bbff529d6c9cb7198165734874ab4b6d6211c261463f8be48f670a0c4f7afec1bac107dc2725bbd212bb7b20a9c0aa96a8027ddd7ccf5c8425ccaa108a62e21babc9e81fc6338a05c9476f0a5c81c4a2dcf0d2d18c2bc55d4bae059e14d2d6824a2e479c83417aa60f8c625d8bac7792d6b188077dcc458869859317a4fb38dee12717f0a660dea8407b6dbba7a1369974eb04d1c0ed930a3f61b8ac043ed6b8ae60ef79209faeca4c38a18d7da4f772452e91d19ec916f80c86b961770ca04baa04509cb70171ee9e8b038a1af8e9cc8e284474010bad2085968e269f4a9e22ca83febeba042df6d6220858ed578c4ef919727aacbc1ce25395f0fb04ca4a8fc1e929c75ded2a4cd43fac223955f05fe530870400520a1fffb6f61adfaa00af6c758c07229a76d2f97bf251f95c3df1e0f32959855cc770ff8f3a04234a41b5b9cfb340ff21b6da53f023d2429883afecc9a56d04b01144e6e7c42818c96e747186a928418e5ff911c8db53bb8bf8c444405ed8c6fb2c906832ee9da295b5f30b1d16d5f486567fa680597db4d9c11cd31fe3343bcd2bef9f6d51cb9e28b110ae9a731079fad3eece1458780d1c4be77e45e2789bd259620f7de480f5ba1f093a124ec14b79414bf5b6150e6661f3a4ea40273d54a728a1c6c2891241dc2f93826f175ddfea3aa0f94a64a2885ab222599b563e6469ad76e24586e44193fbad9e23c6420cb3cee3b0205c3db3e8908a3f1d74aaac232315fc0d0259f250571bef694f1dd1a5fbba518b25fff7165150e7c3d26e3cb3c466864dece88ed6b220095da48cbaf3b24353915440a129d3825daf9a286c46f88cdcd931ca4aa6903faf3f670209bbd992ba6a3048d35426c09633e7ff57cd62df501bd52aceba5db3954c1c760e72cd3f4bd363985e5d2c5e0588ea9395511a8c4c4090d3d096e57ce6bb3fa967b5d2e5370e77be5d52cb9e01716bff4c4f481f9cc3a26d5ad3ae9615b5d275ca168868fe71cb702d7d5ce5cac219cc8d8101bad188cdba09af30d4dbf240cd9e235f791d248e30c37865a48e8740d84b72e47a02a1f668d15f135083390476ce1323f9bf83c30489491630cc2ff5651b13bbdb6a7991c34a54343a8e9faa3bbc2e11c1a0ff871d42dc1cd53423ed50197ed67150efa1c53a95492be4e6729c725abaaa888e96ca400b15ab397bc84148c7e615e9549c591aeba9a57b7766e8059683dccc78fb7b203b0685702633776403dbd949b0750fe2e4038336224b0a89dea06c4b526dde86fcac3ea6be95a1d2c5f3ccbe85e786e29002d62db8c9d9b55c3b6e7c6022e37c5436d2368c283469890ac9dd0b268077bbc73d14ba99ad7d9c3869e868276df943a7f2d6649ea960e6a6e0abdd0f7e05e36057f2e1980e42d400b83b3af68293cabc13f4bf367c9aca12eed67ef01c597499143ef1a7cac31f51b28e5b29f3852d46819675a1a05927752367a414b8cea85240431ae130ee5c6fa1818f77f8353df91e8aa5dcfed2e4cfd8943a01d8f9627f9f445b81cd3a542fdfcbb5823a2ffcb792b74b24e6f61fc19ce01f62e86e3bb8a3cf0fcdd50507bb964635824031ab65e8b2f022031b38bc7fd9cec2fdcb7756e5eebf34052d5fce2d647fa07c264444fb47189077ce5e3526aa384afca5391cb59c4b4b50958519575e02c688a0b6225075c7d13610ade90837be3a6d9a0c93e6019d9e21f0431bc5241d4409e49e7c6d70fca9f17ae06b8875bd92e61856f73d3ef2da9d1c2e15f2c40f756dcb224165e0ed752d5f5d505cf8dc0ed7198937a2cf2468ae327dbf59ed4e2d4d7f2502aa859ae0e40a1b3eee8630c874c733b35c3778eb6bc6d18063a5231442261b9e1d125cd77ec1e007413a5f3981976612c510db736b22325decfd126ad5415f06fe268523dd302ece2271b21e6399335d4acbcbc1f2fa1a198120a313fc21746c74d3c464d8f8b0e3261fe808dc9475e5f4885d2bde212cfa5d7f60dc15c9e85c8b19cc0f5d83f3d11f1d1634eb016f7029e1c9a502d28908cdb541028b07bae45631648c84287baaf2abea6bd1745a5badd7ecbfe6cca47aa58133295aa89092040c3504f235cc1c6575992d36edf821b28fcc0723d01b4ca6eae38c19e2c4959debd4a4ad630ffad478ab8657fdcdf87f2eaab72a899acbdcbd2bcf8b3b505b7e3ef768d2373d379c5513de9509466217552f486e7042751756adaec1c86f2699c0d6124c426dc23c40a4911a25966380feaa6b2a52d298427c30e1dd5c538a178457581e354511345bed3eb449ea7335efce5ff6ec81d15c8daba5a380dfb4e3b07d6c2b2a7f4d7125356be2a483c4af9fc4f55335586274a597d03e1a8d8460aa555c0eb2f0f58e977139c578498790d6ab9949a1a3d3acd49f4054d7c902277506a0ab22a425e8ed283960c6b06ea365ff39919be411e1383e2aad8cda331e9e09efcb1f791454645420f4c1ff8670c3403a225203f980d52615437b22e378db1033d5820541f6ef25e021430f8a21e927353a327c5748e73f34370e202e6e36ffe0d7d86293038af7895997cf365d1bcd19591542f25ba9991dc33385a3d313ff20c34edbcafac4e993c718cf9c659c9b633e7a6860863bb6026c3c76fc547e73d7ca87a32f911e8b07fb5693f6593bfcf58a8bf49f0e82893abde95c84f8d0d0a25a121b70679d46206cd7443bfc6cabe9230cbad2e2a4498781fe3290d70c6733c7333ca99cc3ef1977a42d52953c1dc08e3100ede2a0f2568b248f47be260a78c9686fc6455ef2f2d9982513ddf336f9aac53c25469bf1145ad523353267cad822427f0a21c9310acf1362decb7bc9d810e809d683c54069faed1e7aa04cd29dce26231306971a0116b2eb5cd5327023065e8ad2f737e1a0e7ec3765bb9665bb5db5dd7ef3334310a88169ce064af6d6bd7c53181436b44231fa29d3428210cf5f2531b877f4c6d00bcb6538339f2b22f0ee9b82b5ee50f3868bae6d883a3148c", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x1678) 01:52:52 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0x2000000e) 01:52:52 executing program 1: clone3(&(0x7f00000001c0)={0x50824904, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:52:53 executing program 4: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r3 = fcntl$getown(r2, 0x9) kcmp$KCMP_EPOLL_TFD(0x0, r3, 0x7, r1, &(0x7f0000000040)={r2, r0, 0x1}) 01:52:53 executing program 1: clone3(&(0x7f00000001c0)={0x50824905, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:52:53 executing program 1: clone3(&(0x7f00000001c0)={0x50824906, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:52:53 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') r1 = getpgrp(0xffffffffffffffff) perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0x20, 0x3f, 0x1, 0x4, 0x0, 0xfffffffffffffffb, 0x10, 0x3, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0xc9, 0x0, @perf_config_ext={0x30000, 0x1}, 0x1080, 0x5, 0x3ff, 0x1, 0x8, 0x7, 0x6, 0x0, 0x0, 0x0, 0x2}, r1, 0x2, r0, 0x9) pipe2(&(0x7f0000000000), 0x0) 01:53:11 executing program 4: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r0) readv(r0, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/187, 0xbb}, {&(0x7f0000000180)=""/74, 0x4a}], 0x2) r1 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r1}, 0x0) perf_event_open(0x0, r1, 0x4, 0xffffffffffffffff, 0xa) r2 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r2}, 0x0) perf_event_open(0x0, r2, 0x4, 0xffffffffffffffff, 0xa) syz_open_procfs(r1, &(0x7f0000000080)='net/raw\x00') socket$inet6_udplite(0xa, 0x2, 0x88) pipe2(&(0x7f0000000000), 0x0) 01:53:11 executing program 2: clone3(&(0x7f00000008c0)={0x410f4200, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) r1 = creat(&(0x7f00000001c0)='./file0\x00', 0x30) connect$bt_l2cap(r1, &(0x7f0000000180)={0x1f, 0x1, @any, 0x0, 0x1}, 0xe) r2 = fcntl$dupfd(r0, 0x406, r0) bind$bt_l2cap(r2, &(0x7f0000000140)={0x1f, 0x0, @any, 0x1000}, 0xe) ioctl$sock_SIOCSIFBR(r0, 0x8941, &(0x7f0000000080)=@add_del={0x2, &(0x7f0000000040)='netdevsim0\x00'}) pipe2(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) ioctl$SG_GET_RESERVED_SIZE(r3, 0x2272, &(0x7f0000000100)) pipe2(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) fcntl$addseals(r4, 0x409, 0x2) tee(r5, r4, 0x9, 0x0) recvfrom$inet6(r4, &(0x7f0000000280)=""/250, 0xfa, 0x0, 0x0, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r7, r6, 0x9, 0x0) close(r7) connect$inet6(r6, &(0x7f0000000240)={0xa, 0x4e23, 0x9, @private0={0xfc, 0x0, '\x00', 0x1}, 0x800}, 0x1c) connect$bt_l2cap(r3, &(0x7f0000000200)={0x1f, 0x2, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x3ff, 0x2}, 0xe) 01:53:11 executing program 1: clone3(&(0x7f00000001c0)={0x50824907, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:53:11 executing program 5: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:53:11 executing program 3: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:53:11 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:53:11 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:53:11 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) [ 1197.729722] audit: type=1400 audit(1674438791.149:17): avc: denied { read } for pid=9778 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 01:53:11 executing program 1: clone3(&(0x7f00000001c0)={0x50824908, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:53:29 executing program 2: r0 = clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r1}, 0x0) perf_event_open(0x0, r1, 0x4, 0xffffffffffffffff, 0xa) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r3, r2, 0x9, 0x0) timer_settime(0x0, 0x1, &(0x7f00000003c0)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000400)) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f0000000480)={{r4, r5+10000000}}, &(0x7f00000004c0)) clone3(&(0x7f0000000340)={0x4806300, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000000100), {0x5}, &(0x7f0000000140)=""/144, 0x90, &(0x7f0000000200)=""/247, &(0x7f0000000300)=[r0, r0, r0, r1, r0, r0], 0x6, {r3}}, 0x58) tee(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x13) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) connect$bt_l2cap(r6, &(0x7f0000000080)={0x1f, 0x8000, @any, 0x2}, 0x49) 01:53:29 executing program 4: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r2, r1, 0x9, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000100)={0x0, r1, 0x7, 0x8001, 0x2, 0x4}) openat(r2, &(0x7f0000000140)='./file0\x00', 0x40, 0x100) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x0) ioctl$TIOCGPGRP(r3, 0x540f, &(0x7f0000000040)=0x0) syz_open_procfs(r4, &(0x7f00000000c0)='maps\x00') 01:53:29 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed, 0x2}, 0xe) 01:53:29 executing program 5: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:53:29 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, 0x0) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:53:29 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:53:29 executing program 3: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:53:29 executing program 1: clone3(&(0x7f00000001c0)={0x5082490a, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:53:45 executing program 1: clone3(&(0x7f00000001c0)={0x5082490c, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:53:45 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, 0x0) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:53:45 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84000) tee(r2, r1, 0x9, 0x0) bind$bt_l2cap(r2, &(0x7f0000000040)={0x1f, 0x3, @none, 0x2, 0x2}, 0xe) 01:53:45 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x80000) 01:53:45 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed, 0x3}, 0xe) 01:53:45 executing program 5: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:53:45 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:53:45 executing program 3: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 1232.207643] cgroup: fork rejected by pids controller in /syz5 01:53:45 executing program 4: r0 = perf_event_open(&(0x7f0000001d80)={0x4, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x98e9, 0x32c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x2}, 0xffffffffffffffff, 0xe, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) readv(r0, &(0x7f00000000c0)=[{&(0x7f0000000040)=""/36, 0x24}], 0x1) 01:53:45 executing program 1: clone3(&(0x7f00000001c0)={0x50824910, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:53:45 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r1, r0, 0x9, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r3}, @void}}}, 0x24}}, 0x0) sendmsg$NL80211_CMD_STOP_SCHED_SCAN(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x68, r5, 0x200, 0x70bd2b, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x8, 0x40}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x54}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x11}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x5a}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x7a}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x14}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x60}]}, 0x68}, 0x1, 0x0, 0x0, 0xc1}, 0x4800) 01:53:45 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0xfe, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x80010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x8619, 0x4, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x0, 0xc7, 0xec, 0xaa, 0x0, 0xf57, 0x0, 0x4, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, @perf_bp={&(0x7f0000000040), 0x3}, 0x40000, 0xfffffffffffffff8, 0x8, 0x6, 0x5, 0xffffffff, 0x80, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xf, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) 01:53:45 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed, 0x4}, 0xe) 01:53:45 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) openat$cgroup(0xffffffffffffffff, &(0x7f0000000040)='syz0\x00', 0x200002, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x4, @none, 0xfff8}, 0xe) r1 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x181000, 0x0) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000100)=""/27, 0x1b}, {&(0x7f0000000140)=""/6, 0x6}], 0x2, &(0x7f00000001c0)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0}}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x108}, 0x100) fsetxattr$security_capability(r1, &(0x7f00000000c0), &(0x7f0000000340)=@v3={0x3000000, [{0xabc9, 0xb324}, {0xf9, 0x5e34}], r2}, 0x18, 0x1) 01:53:45 executing program 1: clone3(&(0x7f00000001c0)={0x50824911, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:53:45 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') r0 = fork() perf_event_open(&(0x7f00000000c0)={0xa195319ad23d3a55, 0x80, 0xff, 0x0, 0x1, 0x6, 0x0, 0x1, 0x4000, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x3, 0x2, @perf_config_ext={0xfff, 0x5}, 0x1a424, 0x800, 0x1f806f6d, 0x1, 0x1ff, 0x5, 0x8000, 0x0, 0x1, 0x0, 0x4c3a}, r0, 0x5, 0xffffffffffffffff, 0x0) pipe2(&(0x7f0000000000), 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/pcmcia_core', 0x200, 0x118) 01:53:45 executing program 1: clone3(&(0x7f00000001c0)={0x50824912, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:54:04 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = accept4(0xffffffffffffffff, &(0x7f0000000040)=@rc, &(0x7f00000000c0)=0x80, 0x80800) r1 = signalfd4(r0, &(0x7f0000000100)={[0x8001]}, 0x8, 0x800) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(r1, 0x3312, 0x4) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) fsetxattr$trusted_overlay_redirect(r2, &(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x8, 0x3) ftruncate(r2, 0x12) 01:54:04 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, 0x0) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:54:04 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:54:04 executing program 1: clone3(&(0x7f00000001c0)={0x50824914, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:54:04 executing program 5: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:54:04 executing program 3: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:54:04 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed, 0x300}, 0xe) 01:54:04 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc5, 0x0, 0x0, 0x0, 0x10000}, 0x0, 0x0, 0xffffffffffffffff, 0x2) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x0) tee(0xffffffffffffffff, 0xffffffffffffffff, 0x9, 0x0) tee(0xffffffffffffffff, r0, 0x9, 0x8) ioctl$TIOCL_SELLOADLUT(r0, 0x541c, &(0x7f0000000040)={0x5, 0x1, 0x7, 0x2, 0xfff}) pipe2(&(0x7f0000000000), 0x0) 01:54:04 executing program 3: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:54:04 executing program 1: clone3(&(0x7f00000001c0)={0x50824915, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:54:04 executing program 3: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:54:04 executing program 5: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:54:04 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:54:04 executing program 3: clone3(0x0, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:54:04 executing program 1: clone3(&(0x7f00000001c0)={0x5082491c, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:54:04 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8}, @void}}}, 0x24}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000280)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_LEAVE_OCB(r0, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x1c, 0x0, 0x300, 0x70bd2d, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r2}, @void}}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40010}, 0x4c040) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r1}, @void}}}, 0x24}}, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL80211_CMD_REGISTER_BEACONS(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r8, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r6}, @void}}}, 0x24}}, 0x0) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x40, r4, 0x400, 0x70bd2a, 0x25dfdbfd, {{}, {@val={0x8, 0x1, 0x33}, @void, @val={0xc, 0x99, {0x2, 0x79}}}}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r6}, @NL80211_ATTR_PID={0x8, 0x52, 0xffffffffffffffff}, @NL80211_ATTR_IFINDEX={0x8}]}, 0x40}, 0x1, 0x0, 0x0, 0x24004800}, 0x41030) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) accept4(0xffffffffffffffff, &(0x7f00000000c0)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @remote}}}, &(0x7f0000000040)=0x80, 0x400) r10 = socket$netlink(0x10, 0x3, 0xc) close_range(r9, r10, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) 01:54:04 executing program 2: r0 = clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r1}, 0x0) perf_event_open(0x0, r1, 0x4, 0xffffffffffffffff, 0xa) r2 = getpid() r3 = syz_open_dev$vcsu(&(0x7f0000000340), 0x5, 0x14000) close(r3) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000240)=0x0) clone3(&(0x7f00000002c0)={0x200000000, &(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0), {0x1f}, &(0x7f0000000100)=""/29, 0x1d, &(0x7f0000000140)=""/209, &(0x7f0000000280)=[r0, r1, 0x0, r2, r0, r4, r0, r0, r0], 0x9}, 0x58) r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r5, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:54:19 executing program 2: clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {0x10}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) fsetxattr$trusted_overlay_origin(r0, &(0x7f0000000040), &(0x7f0000000080), 0x2, 0x3) 01:54:19 executing program 4: pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={r1, 0xffff, 0x8, 0xeab7}) ioctl$EXT4_IOC_GROUP_ADD(r2, 0x40286608, &(0x7f00000000c0)={0x0, 0x3ff, 0xffff, 0x401, 0x1, 0x4}) 01:54:19 executing program 3: clone3(0x0, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:54:19 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x0, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:54:19 executing program 7: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(0xffffffffffffffff, &(0x7f0000000140)='./file1\x00', 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:54:19 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) 01:54:20 executing program 5: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:54:20 executing program 1: clone3(&(0x7f00000001c0)={0x5082491d, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:54:20 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) 01:54:20 executing program 1: clone3(&(0x7f00000001c0)={0x5082491e, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:54:20 executing program 5: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:54:20 executing program 4: ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x100}}, './file0\x00'}) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x1}}, 0xffffffffffffffff, 0x5, r0, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r4, r3, 0x9, 0x0) ioctl$int_out(r3, 0x5462, &(0x7f0000000180)) tee(r2, r1, 0x9, 0x0) pread64(r1, &(0x7f00000000c0)=""/148, 0x94, 0x401) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) 01:54:20 executing program 1: clone3(&(0x7f00000001c0)={0x50824938, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:54:20 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed, 0x0, 0x3}, 0xe) 01:54:20 executing program 5: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:54:20 executing program 2: pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r3, r2, 0x9, 0x0) ppoll(&(0x7f0000000100)=[{r1, 0x210}, {r1}, {0xffffffffffffffff, 0x40}, {r0, 0x2001}, {r2, 0x8009}], 0x5, &(0x7f0000000140), &(0x7f0000000180)={[0x100000001]}, 0x8) tee(r1, r0, 0x9, 0x0) ioctl$KDGETKEYCODE(r1, 0x4b4c, &(0x7f0000000040)={0x0, 0x1}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {0x1}, 0x0, 0x0, 0x0, 0x0}, 0x58) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) tee(r4, 0xffffffffffffffff, 0xffffffffffffffc1, 0xa) connect$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) setsockopt(r1, 0x4b44, 0xffffffff, &(0x7f0000000080)="1cd03ffd5d7e794bfc8fc2a3349e2f053186b0afaa3ef1588966adcbb9235d1accda3dd5ea69a2d98bb12ce07c113f43ee5a78eafce87537929533eae3035ba248e06c6dde0cf67bd50942df802027d855f2248b37fc6d8bf3aae3907e42da1b21ae532cce96aba3632b249e28bba7a44b7abb4e81d969919778b4e5dde96e", 0x7f) getsockopt$IP_SET_OP_GET_BYINDEX(r4, 0x1, 0x53, &(0x7f00000001c0)={0x7, 0x7, 0x1}, &(0x7f0000000200)=0x28) 01:54:20 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r1, r0, 0x9, 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000040)=0x20) r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000240), 0x40000, 0x0) sendmsg$NFNL_MSG_ACCT_GET_CTRZERO(r1, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x20, 0x2, 0x7, 0x5, 0x0, 0x0, {0xc, 0x0, 0xa}, [@NFACCT_FILTER={0xc, 0x7, 0x0, 0x1, [@NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x6}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x20004010}, 0x24040000) pipe2(&(0x7f00000002c0), 0x4000) pwrite64(r2, &(0x7f0000000280)="ee8ce23717915220761e021f77423ab5ac", 0x11, 0x200) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r1) pread64(r0, &(0x7f0000000400)=""/30, 0x1e, 0xffff) sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x2c, r3, 0x4, 0x70bd29, 0x25dfdbfc, {{}, {@void, @void}}, [@crypto_settings=[@NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x3}, @NL80211_ATTR_CONTROL_PORT={0x4}, @NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}], @NL80211_ATTR_PRIVACY={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0xc8}, 0x20000850) pipe2(&(0x7f0000000200), 0x0) 01:54:20 executing program 1: clone3(&(0x7f00000001c0)={0x5082493a, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:54:36 executing program 3: clone3(0x0, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:54:36 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed, 0x0, 0x4}, 0xe) 01:54:36 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x0, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:54:36 executing program 5: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:54:36 executing program 2: r0 = clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r3, r2, 0x9, 0x0) clone3(&(0x7f0000000280)={0x4008000, &(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0), {0x37}, &(0x7f0000000100)=""/208, 0xd0, &(0x7f0000000200)=""/60, &(0x7f0000000240)=[r0], 0x1, {r3}}, 0x58) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:54:36 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x3, 0x80, 0x38, 0x4, 0x40, 0x4, 0x0, 0xffffffffffffffe9, 0x520e0, 0x2, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x5579, 0x1, @perf_config_ext={0x8, 0xe4e}, 0x800, 0x7, 0x200, 0x1, 0x0, 0x8, 0xfe01, 0x0, 0x8, 0x0, 0x401}, 0x0, 0xe, r0, 0x8) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) 01:54:36 executing program 1: clone3(&(0x7f00000001c0)={0x5082493e, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:54:36 executing program 7: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(0xffffffffffffffff, &(0x7f0000000140)='./file1\x00', 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:54:36 executing program 1: clone3(&(0x7f00000001c0)={0x50824948, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:54:36 executing program 5: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, 0x0, 0x0) 01:54:36 executing program 4: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={r1, 0x3, 0x7fffffff, 0x2785}) ioctl$FICLONE(r2, 0x40049409, r2) sendmsg$unix(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000000c0)="decb07b238af0c4dc8e8e07c7e6ac06e3a7d2ceb69113089e3121f17be567e69b6617961ebc2", 0x26}, {&(0x7f0000000100)="1fbc6320d8ff5c18154eefcb36f9184f4cd97637dce5b143976ecbbaf6521349d861ddd95d35835c25b84334d28dcbed20e1cc0da53ed9fad8070c6fe184a02aec61dcfc1780615b2734b0d96238c4daa48e308cecce158cdc7d", 0x5a}, {&(0x7f0000000180)="0e05e54f4e26218994ca5f4143542e169f159adf93658598ac3f573ac6a0d162b4f160170c1420d069690fb05b0a75413e219640fcbb9e12837f0da0affebbad3419ef8c98b582638ca96495d6a3280579d01e264bcda9f225d06832a8b2689e3bbecb402e822d5089241e83ecd41bd0c7ba409dfc945863a49ba08cf6f580cc94331a9812c4c54caddc7d9d28b7952e5720ba9eb23ef69ae96dd78490a97e5a4ad74d4c57ecf39ca69a09f37e34a6a5ec3f4b7c190e7918e9191610373e1c0f12c5485c393b96110abf5727a58bbbf33a73685c2b073a0dc5a8cd8659b0ca1ccbbc5f6782155b8e50d695d307685fbfa0e24a", 0xf3}, {&(0x7f0000000280)="80ea7584c1be103493605f642733d94b9ffbf4b1d776825362641ebbb56b98573389830582e96b4e7d18f83e42c74720c08b0e9df01cabaf2b7dfe7c2303cf39e84a33f4fea9c9f8", 0x48}, {&(0x7f0000000300)="736cdb69bb4772cdd60195c56b184d559fbd660de24f3392e9cf21ad630e9ec8282f84efcd428e357d6e0ae2e5e8c39d1ba8f6f457c0202563db67b32baac2e16abddd2bd1b24ffe3753b235f12b9942203b6c716e0cc9ee4c3fcdf6b8b3aff1272f0a32291a340a7f970e86a6e0984f8d412210f1e1898c8d48784bda77acfb454c234eb4bfe5606555f05c241601d51a1ac3ac3d04cc37e88b", 0x9a}], 0x5, 0x0, 0x0, 0x8044}, 0x810) pipe2(&(0x7f0000000000), 0x0) 01:54:37 executing program 1: clone3(&(0x7f00000001c0)={0x5082494a, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:54:37 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x0) fcntl$notify(r0, 0x402, 0x8000002e) 01:54:37 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0x2000000e) 01:54:37 executing program 5: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, 0x0, 0x0) 01:54:55 executing program 1: clone3(&(0x7f00000001c0)={0x5082494c, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:54:55 executing program 5: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, 0x0, 0x0) 01:54:55 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1}, 0xe) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xffffffffffffffff, 0xffffffffffffffff}}, './file0\x00'}) connect$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x9, @none, 0x7, 0x2}, 0xe) 01:54:55 executing program 7: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(0xffffffffffffffff, &(0x7f0000000140)='./file1\x00', 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:54:55 executing program 0: pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r1, r0, 0x9, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r3, r2, 0x9, 0x0) r4 = openat$cgroup_netprio_ifpriomap(r3, &(0x7f00000001c0), 0x2, 0x0) ioctl$FIONCLEX(r4, 0x5450) bind(r1, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, r2, {0x2, 0x4e20, @multicast2}, 0x1, 0x1, 0x2, 0x4}}, 0x80) clone3(&(0x7f0000000300)={0x21040100, 0x0, 0x0, 0x0, {0x2c}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r3, &(0x7f00000000c0)={0x1f, 0x2a, @any, 0xc2, 0x1}, 0xe) connect$bt_l2cap(r5, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) r6 = gettid() r7 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r7}, 0x0) perf_event_open(0x0, r7, 0x4, 0xffffffffffffffff, 0xa) timer_create(0x5, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r7}, 0x0) perf_event_open(0x0, r6, 0x4, 0xffffffffffffffff, 0xa) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r9, r8, 0x9, 0x0) perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x9, 0x2, 0xf1, 0x80, 0x0, 0xffffffff, 0x8, 0x4, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x3ff, 0x0, @perf_bp={&(0x7f0000000100), 0xb}, 0x4, 0x0, 0x1, 0x7, 0xffffffff00000001, 0x8, 0x6, 0x0, 0x7b42, 0x0, 0x8}, r6, 0xc, r9, 0x10) 01:54:55 executing program 3: clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:54:55 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x0, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:54:55 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r1, r0, 0x9, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r3, r2, 0x9, 0x0) dup3(r1, r2, 0x80000) 01:54:55 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r0}, 0x0) perf_event_open(0x0, r0, 0x4, 0xffffffffffffffff, 0xa) timer_create(0x0, &(0x7f0000000140)={0x0, 0x401, 0x1, @tid=r0}, &(0x7f0000000180)) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r2, r1, 0x9, 0x0) perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xa4, 0x9, 0x28, 0x4, 0x0, 0x9, 0x33d9e06252262eed, 0x3, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x8, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x1080, 0x80, 0x4, 0x4, 0x100000001, 0x1ff, 0x7, 0x0, 0x7, 0x0, 0x66}, r0, 0xd, r2, 0xa) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) 01:54:55 executing program 1: clone3(&(0x7f00000001c0)={0x5082495e, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:54:55 executing program 5: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:54:55 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r1, r0, 0x9, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r3, r2, 0x9, 0x0) r4 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x12442, 0x0) fcntl$dupfd(r3, 0x406, r4) dup(r0) 01:54:55 executing program 1: clone3(&(0x7f00000001c0)={0x50824960, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:54:55 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r2, r1, 0x9, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r4, r3, 0x9, 0x0) dup2(r2, r4) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:54:56 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') r0 = syz_open_dev$vcsu(&(0x7f0000000140), 0x4, 0x10080) perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x3, 0xff, 0xbf, 0x8, 0x0, 0xd50b, 0x11, 0x2, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x48, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x808, 0x6, 0x5, 0x9, 0x16, 0xfffffffe, 0x7, 0x0, 0x72, 0x0, 0x101}, 0x0, 0x9, r0, 0x1) pipe2(&(0x7f0000000000), 0x0) 01:54:56 executing program 5: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:54:56 executing program 2: r0 = clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = gettid() clone3(&(0x7f0000000280)={0x46014000, &(0x7f0000000040), &(0x7f0000000080), &(0x7f0000000380), {0x18}, &(0x7f0000000100)=""/186, 0xba, &(0x7f00000001c0)=""/92, &(0x7f0000000240)=[r1, r0, r0], 0x3}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) getsockopt$bt_l2cap_L2CAP_OPTIONS(r2, 0x6, 0x1, &(0x7f0000000300), &(0x7f0000000340)=0xc) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @none, 0xfffd}, 0x5e) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r5 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r5}, 0x0) perf_event_open(0x0, r5, 0x4, 0xffffffffffffffff, 0xa) r6 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000600), 0x400, 0x0) clone3(&(0x7f0000000640)={0x800000, &(0x7f00000000c0), &(0x7f00000003c0), &(0x7f0000000400), {0x36}, &(0x7f0000000440)=""/121, 0x79, &(0x7f00000004c0)=""/232, &(0x7f00000005c0)=[0x0, r5], 0x2, {r6}}, 0x58) tee(r4, r3, 0x9, 0x0) shutdown(r3, 0x1) [ 1304.321595] Bluetooth: hci3: command 0x0405 tx timeout 01:55:21 executing program 1: clone3(&(0x7f00000001c0)={0x50824962, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:55:21 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') fallocate(r0, 0x4, 0x3, 0x7c4) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r2, 0xc0189379, &(0x7f00000002c0)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x7, 0x5, 0xff, 0x54, 0x0, 0x1, 0x201, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x7, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x4042, 0x8000, 0x8, 0x5, 0x8000, 0x7ff, 0x8, 0x0, 0x7f, 0x0, 0x7b1a7fcd}, 0x0, 0x1, r3, 0x3) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000140)={0x0, 0x0}) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r6, r5, 0x9, 0x0) r7 = openat$hpet(0xffffffffffffff9c, &(0x7f00000001c0), 0x101002, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x3, 0x3, 0x8, 0x0, 0x0, 0x1, 0x48000, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x4, @perf_bp={&(0x7f0000000200), 0x2}, 0x81, 0x100000001, 0x2a3, 0x3, 0x401, 0x10000, 0x200, 0x0, 0x1, 0x0, 0x6c}, r4, 0xffffffffffffffff, r7, 0x9) 01:55:21 executing program 5: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:55:21 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:55:21 executing program 2: r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000003880)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000003840)={&(0x7f0000000240)={0x35f0, r0, 0x300, 0x70bd2c, 0x25dfdbfe, {}, [@ETHTOOL_A_LINKMODES_DUPLEX={0x5, 0x6, 0x1}, @ETHTOOL_A_LINKMODES_OURS={0x116c, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_MASK={0x3c, 0x5, "0655c301111fdd8213db1e477a2fdace837779dce1d9b00ffa1953fe392ac72bfab8185beab25efc28f9ca0d01bcea3c16ea932677f7830d"}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x3a2}, @ETHTOOL_A_BITSET_VALUE={0x1004, 0x4, "bb5e23c0fc2f19742b095d39013c344572a6037a920b28cdd56ec295b98aeb82b4e6f11bba8695ff7a1e9286ceb66037f96d59e50bc66fe318269dbbdf37f87352acead501173ff055a6968abf647c78f0dad7576aae55fb2860a1b8a1ff0e7d8e1c4bab97a9da8100bb529d0f046972bf1ac385b92436f47719e0af5ca27242d0cdd5769e3a9eee88b6f0cec86ab5e0ed83ecc38a9e7a57f5db8e37b7c24d9022a1ee28898b9c4a87ff2c3ae19390d1c165d6b677448dfc8d75f718cc594f9a2c1f5f01f209be312c11e54a4c664b5be068d2556c3647b9fa77e97b5e649f4820b83c61f81bc6cc4fc87f81dd19afc214031651a9813b0acc45f965871f2f2355295ba8cdcf3127b3e5d4c995095ef1e4a2fb4444cbe5e46db4f52c9073880735ae8b6dec01fb644fccd06c434f15b7224178389afd07ac0a109fa260c474d1a85ca4bf97ba1b179374b15b0a1cb6b8d3cb164b632e3c91c85664354a2f6efa28c61d447b0a42fb4f0ef9462150f157c3f1f840ae3c14e00199059c27af2613e9f42f5aa36e2659aa189df018b656980505a845d52d509eb153df6f6c02de62159f5929fd2c8055c5d276b3a78f03c273e6669322f897fd0ec31c2b9202e0ea7efa1059c8b8240a9b2987002522291fd8df4fcc8b573db10c85e3858876d8dd0725246cc07c697fd6190127dcde1d0fb5d918f104c61d88c89362dcc183972b66fd1198d2ab0e8cb6585fb835fd19f4e2dca4752c05d686eab5f7f3a7181d3a102c1d2a1f124f5c5d4995cfdca06da25a34e7b63418fbb47cabb682cb3f780e8230423423d613f240318796266ea3f043a037c64cb12610995329fb3c658f7217f78c137a7da2689b259065727e74e1a12b40af4fa3d7186911a4b2d10dd2a63eb50db2c7443c8eff9420d45287e71f8142da3b2013523f7f47d47d28112aa845f0dbaa5d151ea64447de9fd4e97bcf3decf7c3d75227a9b5678a17b3b60c92dfbf92fe3cfd7997b960602c2ffb74a005417fc97effad9b237bd8e3a39765faedad56ee062a45c567fc53acf03e56c661f3e8af0a3ad45e5a6550b9ea296f40b1a302a27da010a587f4cd4470515458903db389dd5fa79c01ad702c128498451341de967feb370297cfff435af373fda3e382896166cc49d447c4f3337ce98e5a9695dfd1fbe44a7dfc2c949c7b018c129981ecb65ee0e03839960fb65592f9199e4905967dd8d9f66d1dbf059b577415123bd0de6061101c905121d8fa86aa8f2c982cb04b0826e4397ee702e7c5f5e7b6eda7b0cff0479e9e378098c7598f7b260271f53c2ae5b331a3de9adfc9fe745c3b3ed89aa6e6fda97d28ce43e3a3955a3172cd1a4d77b7aeaeac68a50ed084d800403a51de7b31bffd87db550f5e94349c2238a55857b4c16cf19af9306a0095f32c1b57c8f719476cc0afcea16c66ba1de5db8a8f9930d019f849edece2261737259b159e1f68a3206046513bd352a1977c41016943c689ae954e3ca47025620d6aedbd9c43887b5588ba33d07b22c74f4206cae5a262d56ea1d1518c9e68738899a5ef83addedfd9ed1733a6688a23325497c5eb973898f2cc0dd04974d5bd14760b6d03c38fed61c5d722d567a0323d5ae22ebdbe59b2602ec1469ce0de76e3cd45ac0085d19abc4a267af647252aeb107ec4c1317926355def3bb79d30b3ed4e231c4dc339dc2ddf442951e0f5006fb6bc7b02420c8d0eefa7432485ced5098016a532b7895b617fb93a4b4c86928ac78577e0dd1051934f0fc27591a06f70bd368ae4d89f893e9402c4a2755bdb3f50413afe0d3ff8e641a92a9dde585d7df43803334501bbe8ccae5680cca2b915732314ac577fc9d0505bbbf14115d26b157bef9d8dbe9f6d512db336911e7c51149533820440db2845c711fa316f0b77597dda283f08b38f58cb40913d426a150639b6940ba2ac244a3e6c8b37a63dad0fb43f61ec44a9c40551a5165db6b454946142709b928e31bcb84b20794a22bb9ec0ae7791051ea593abaad4f7777356b5c82af77d81fe2e58c6280708e1a716a16f5fa5f96a0f36ebb28134d03c7ab884cbfbf64331579b327b9b9d66f330d14e161e8b1fd35daee7ea2dedb4b26702bacc1ecc16f0074363677e2f330374393b9775be7f7b47d22b166852f1b7a2e165fa607097094368d874ccc216d1961a18eae720fbb6bc21b5858dcd323889d04b0f867aebf3af675071bc2605a4a3fa50c50190de177d51aba56b198676b2f5a4bad347524f2a90074b5d1e362712a86c6c5d2a9c4cad9cd714687d60eb8cf052e40d74591021abd946b723b8557990b01bd8d5fcafc20c6a9b7a3fded93dbaef111e822776f33e1241f5163bc0c31f4251fe85f816e717ebf088c643409965c269a651da6774c077e537493c6a000cfba44cd7d55c5beb468c6c91922b13fbae665af6dd925ddc43bcfcf60a8e51f0c3f1cfbe8531931c735450033e98308bb37cd3dce5d1338c702e870ecc2a95344766cca39db1ac526ade5dc6555dee85b80058a737a6b0a4c167ce0582a4a5f104814724a9743623ac02c5acb817404cd694ed2a2c89c5acc8f8aa129c08420ae6f1413d0347542f218abd09ad972f6b7fc7a5dea12faacc606d1bfcb9f5e66f2b2e9eabe7db8dbf93ccedd279126662e9a76b6a699432ee4501b146d6be6981295618527514f8ee5a2fc784c6716bedb3c5c83055c67f1268258dbb55b0455235deaeac41c6e3456bc6788735b711d8b475d402c6d43f2ddefdeab9364eb8f3e29c92e55a8ef6cd8bb876758ca7800746b23857798280a529b217a437d0d922b0edc7473b8656622de9d259acbfe2e55105616b51136250d4bf75c94d6054cf4c62f464e20476c6371b027e863f804afd715e49259cdf051892e565a7fc7490f417a5521247dc9c57439b9e41fc5c29bd00778b560010689e48a02ca0e9e88f63f41f0cfd8a38ac96f6e65ec4040afcd705bd582e0b8ab8969fbaf10c21d06a02f486245ae802d5e3c9c00cb45cd64c698c9e36b52a4366335f8e04a3102c7f4dd1c7672126b5e873d3cfe47e608eb590afd10346247b485f1656cc28696bbcb2b456a747d2172bb8d33f133107a5e90d092500fb6c57ea90c8e5afae47607e4512a0704f73701641467a4aa5c23f0bd7f011ebf57b3acf1443db2fcb063730231f8835073c8eeb41a4f2f67e748ac833ce70efbd2ec569a323000d1a70de24374f8b5982392b4e405c86b80ae7c61638f2b4cfcb57c4eeac6e643fe8864c7cee494834a68087259185247791bbf822f74f0e83e46f2320585439a62d92ed201a8cbefdbcea1d84bdef4bdec4d0749c0b36d105dd3016a8da1d05b28959385163a3a85b09db5df496f366104ffba6896b5b9cbdcb0a8dc33db2cf43b0594ddbcdb1b148aaeb4def68f90c471be45c02133afbf4f0e6d27ee11ee56cecc06a75a6d2edd54b9b549dd31d1f036357d4ea845893f7d6f19f7899d3d0f8091877d117acb40cdc882beab67e9a5ec115aa4925b07d0a058162b518f38c50080f436861f0428600ee6994ffdbc7a1a036f3ebf6eb4fdefb864ef611cf6047a6c3c7bfa6e27ab1b5a07430301caa35c52b48929a0c52512dc166094b2a16bc07c2dba8b3cad80e5dc22450a622e4f1e7698e932f27a1c2b62726b1d8a92a5b486adda810bf9649093bd251092aaee5650f783e257bf710111f3af14333b9993f199fc0ff009bb40954f74ec3dd9c8bf20aa436c3c1edcef7e9e076877b590d0cc48b9aa011adae05a7a7e407d951113f0d820adb453c0749bb54eb380925ac300473c0f73346f97e28926975c77caa70f7bd427a642a1be0d653ea3c8e0f2c2434c2d6df0a7deddfd9c7834259e08455e064e15db6e369371fee5f4945823e6fed94f71bed179e31bb6ad589e7d70bb097c4d31832f488ab7c37c9ab55a7f00b0cf3a6a04c9397b113b106ca50e3914f4cacd5c8cbe3751d0d8b05f915cb597d26aa8ea53a7da1c59ed7a84fc675bc7e46ceb399c4b6cd89979238948252aff71e99b1b2b75ca8fe44136755ca9fa8d0d232117781ae5478cfa476750a38c8554434b08eb1d579493c6e7a4ec9ecc381052fd8b3b3cf660bce43a3bd281c85123e86937f0cf5944e7e0f71fcabf3eac805e782eaae94921d28c70038407f7ea42c2d9c979a43f8f1663f12da83e7ea7da4a07ff6c838242995d16d877a7a0504a94920e522bf34f63ecae9dea39e5e27cabd2e317bc748f86d9d0435119c90dea2bc31920efe8d55840f5758558c9e23ccf0a73117e10884043a4bf36e54c4cc1b0c6ba605083f23ff190ae7cb580a47dff777fe33436a88518b4bda9a49eca9c61dc4827dd8bffe49f7428394738c6e2770cf3e224582232754ef9bdc177ecbc2af2fa3db4bb6bbf32b91145c23f2e6ea0a8f9d0296582f4d3b2437b512466b9792d8f4f13264f4ecffd492203ffef49ed7cebce003023bb045baa56585f3865caee3a38bc12d29301fe9c6a11903eea0d2b6ba21cfacbc7530e71b26073b54a6aef74180f89ecdf07ad12ae726e58e1d6b53188faa54172c588245931c27031c659f80917d417921e3954a24066c0fa8df0ce2d3f1b71ed7b5526537b1ab22b2655e3fdf2accefa051a4dd8623dc9e61ad9777ce164848aa7047607d01bca3978ce8da78105f31176daf127019c4bb8a5d86d0d121e91577ea5699f6f77c3f0ab6d7817b21234350d4cda4ba1f9ecd0da77b7a65e70fdfeda8408706d2e37a021e8bbc56c0763e8dfdddd773e8c7159096c7629764f632f2bcd7e6bb4c2fffd990aadc3099476be15405741a476192186d5ba4d8674f7180f2f9e95d79bd249e2c7c093982c8a0125895801a21043a540f47a759594bc4bb69b36b185010228851856e16cacdf0cfdd86b2baced70e87b82578f0d4706d7266efdb63af7c2ac2cdf905ed08f49086a6a64b32579d2d33f5185350f88910bcc4a0bd67a918ab963b5f18d8683f362d49b1fd592279b009354f0dd37147f5b7a08ae45d05c708ccfe4431bac708ae87bd4bca48687e61431782b1139d39f50284f52a8d761d6d04aa43a990051827e060c8f937551e47fc38e75249c41a90e0540adf404bfe41893f3a8a79f23d94ee44009514a5f6af6baa50a29d5e447a78d8f04b2b37b4e321fc3ccd6ad788f64bfda4a23ec6940ef6508fde209a2298f62c2e9fbd07f127b0dcefd87c98659968c2768d5deae7e4946d6b9e4fbca6eff402f3719798edc6e984b323f210143ef04c7d0f8f0b37fb2d18ee88046ef91a2cf3143cc400396fa060ac17ab54c95d6d47f80f1b62a31a01918ada08f044a4d5404b0bd125defadb1698a3147d21b92fa68b42d76b98b97e4cf580e78424b5661564d7049577205f0177d005723f387088cb710b4293e4741f16d3dc0edf34060a03dee76f6b9bc6e397142e54165ad897cf1930f985c54d118d169a4724efdd32c500aae378d1ac5a77c67d16b4bae2843291021cea5fee21b709a0c23be80435a57e97d1488d3b5385c9b2fd8f5ce828eb6164f0f33e40a8cc0dee53ecffe0a2979a99bb059ec4cdd20b0044dd736dc4d1e9bf5cd4ffcf2c5754c08c775341a9497d604064e9032029c15ec6fa33ecd1d966595fad7e5cb1e64a88e94307fbc732395bbe0a108cd7f41f214bdadb6e31672e83259352dcfb04857ffbc6494f66315588d88741477d9bc35dd09056fc6bc0662dd560330923bef1fd5f41dd23e211a392e88e200b03ba0c4bb575f392edc81ea5dca3fe"}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x200}, @ETHTOOL_A_BITSET_BITS={0x114, 0x3, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '@-\xdf)\x00'}]}, {0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '\xaa\xaa\xaa\xaa\xaa'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7fffffff}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '\xaa\xaa\xaa\xaa\xaa'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '^#%\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '!\'(&\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}]}, {0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '\xaa\xaa\xaa\xaa\xaa'}]}, {0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '-&\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '\xaa\xaa\xaa\xaa\xaa'}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '[(\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xbd}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, ']\x00'}]}, {0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xcf}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x4}]}]}, @ETHTOOL_A_LINKMODES_DUPLEX={0x5, 0x6, 0x4}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5}, @ETHTOOL_A_LINKMODES_OURS={0xcc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x50, 0x3, 0x0, 0x1, [{0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '\xaa\xaa\xaa\xaa\xaa'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '}\x89\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xb5e4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x10000}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}]}]}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x9}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_BITS={0x6c, 0x3, 0x0, 0x1, [{0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '\xaa\xaa\xaa\xaa\xaa'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '\xaa\xaa\xaa\xaa\xaa'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x400}]}, {0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}]}, @ETHTOOL_A_LINKMODES_OURS={0x236c, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x7f}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x6afc}, @ETHTOOL_A_BITSET_VALUE={0xe7, 0x4, "9c2b9bdb595600fc3e7e6108fa78e2002015b92523de656dfaf042d9a724dfeb525166457ee7bacc1879495934dc19c722892ee72f44cb6a46ea90aac599ab623def3125ab899f7154d57abed269e30004478b759c2ba8ed61f789e928b28462b840e107ee711605538a3706caa4b87421db7069cc6c2abb2f07643eef4ff6d12e547fc93aebbc4d1f69b427275768922efbcf1717b465aac075ee15ffa0941ef1ee448a7538f544f97c13907af029e07ad41f3863ced93e2dbb3c8c4942d2f2ee2629dda3740a2200f760f413e52900b4b1c4e9a6ba2c681635b59d086c80aabe0ad0"}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_VALUE={0x1004, 0x4, "48d935356a2cfd18faecb308b2e27fbe98007ec8fabcdaec5c9af6a31423a1dfb7e925314ad8e7c59ead659d51286c037596bbe0de4a397aed72a56b5cf2890e5ce6cb1101ac8915d03ce2418746c5bc5607f1ca4d64f764af396e0e763256245fb9e35804205bc820eeabeec502ea94de7c1434a38489fa9f5b67c6bc5c9f02a9836991ff71e4734dfe93aea0b648f06a7ada9612121e9344de63b2b18c8179a7e69679d2e11adb69abe9ab3a7eebec7854970dd9eee3d08feb9908337565431e1b8a3dc9f82d87927cf45b36e89638f13a05bc7366fbdeccbf8970b3009b69a940bc036433f615961e68e715a7f3be388a891b2cfa8ad1c2d7728e12831dfbe16b6203baf377399b8f029e4db3bf62ace1d39210b88cb7f36b7fe02260edd5dfd8d2cd9da76f8d1e85da59af2f442498da9b501d433100cb8999e89ef725f17ae876226ec546f5c2760f1986dd9c301af15e565f4fc1ba90de630545000f245378d921855a754efccdb16bf4e716f24ffa943cae051d9a4781f7a666a8020baa97a1381208f283ebe2340eea9b47f25410c9e879b93efcec9657c88aba7e6b7998620adadd7d647dd589294b5defbe68d80b420371526eb1e36abc141e7ff03303c9343881dc45c718d5c1bab7d71d84002378aee0fd8011c982beffef5cb71362a3d2289e222ae531fe79c0aad1c9bd2909f7ee2080157f4b45903f7e3a22ba08a2a1cf92a54a46b1ec712ea7a10fea26f5d83baf3871b5af207d8f77933937cc1a3760e9f7ba7230f7c922f452dcfc08b57641a8c96f847e7aed3fd830f9d55dc4420a49ac47368026a1551ea1e3fc4b4b33e2fbc7defcc2bdf23da370e4095027c8825c68bca643e716e8c4bfa725d241d4de5f46d2e9f271c58f96c7cedc742cdf1596cabb47ad1f48ced2ab78a1667880824c82e0f6914d910074aaa3d91f21ca9402cf0e38ced7df0f5077d5726b63af6ed1422c9debe4005ba1814e774c3010635e3a725d5dd12fbeffb35d6c48376cb9c27c7ba12fde911e5aba80a1ee9122ea92534a7fa577237548dfc731eef8b6e54731660849e3af05422378af53a2dcd808fce9c068f6800e2a6ab27652157b8fb3623436dfb91fe694ebc02b7463bfd16837caedaa0a566525af85743d888d9e5bc8c479fca1abc9bd5dfb1cb90b1aa938bd608ded669095329768835f78f13d951b6e1ea80e3924721a834e5f4e05275934626dfe600ba5fd061dc6dde237810f135b2725240976d59a9e80f79fde7c4dec6457c34c20f5d3ba60a878c5492247979645e095be40f4c426611888e746c942455705aad36f9da4c4953775811a56bd5fed9cd41de01e75cb4d4b8ce909e3203efa4f57d9e77294d1490c89df1580f981f4540338d7c10b5df50d804a75ab45675dd53dc92c654d0f916bd60bdc298f40e1d76d02def3b3596093f8d29363abaf3c92722f0cf5008c50bb96a54d2a77aecd2a250b9f8d1a9db53f864efd6bf82a4d0ba174d7beb26fc14eed119fcee9489470690a46c2dcc2e71810b12cc086aef5777561559a871a2426b0fa3b294d3dabd37da50ecf54517125004783e3df61200b193de0c68204a9443789b55fcaea128e7cef8239373de9e014432178c9868b1eef46fec8b196a7366de18645bc71e3d2b18bf925cc8fbd6dbacf93ce8ecd176b82eadce2d8c071ac4b6be20da73f0714f8e777df82ae15bc00f8dd821263a3d5b2bce19fc69a9d8f206b4850b609306b14e76faf40704675eb9f75e03c412e149dd20b833aacc36d8e0397f88b3cf8ab673d3dd709262eb2356b0eab37c80fb9b67c5256c826c4c34366a4d690499a2192ced18e4478d981cbf904879dd50b9f5ae30a52eb86e5edac3f1079e799592c9cbfcf923e545d5271d7a4f21968ed0c94de52258a0eb1dfcef5f85d278ef8d9277ba37913366ec702880338130ea6a2548bcf7982cba487a190fae6171641d92a00d1cc87ad780c0408f2ed2ab8951ce5e21432beab7a726eb29fea3c43822ccab8045cc4ce4fb350171944a64a5e496247bd908e50ee365ef864ae3dad7526a5a65df665271fc0b273c41770153e681f9ee57dfc488bf7f48108f1dd3989c8df28927c3e46913c6d9cb835b40dcd7d8c09ba2a0fe9e80bbf0ee60c768122c4d2ddc6cfaa9bc54c55d4ccda3de241a27ed7dbe19c9e5ea4334fc2cb0b2564e3d6969ac721167251ac4d4ac5148a98f2fa7a4166608d856360e079fd0991290fd831a515afe094663822eb56e1446f97f5c9251ca1cfbf345e4e003433fa405a0f72d2057feaa2a9b26259a40c63206a093470a40664f1046d50b27ae6e139cbadf319ea17380b2ad69efcf3106521e34e01be843b48fb651ea3d7db35bf28fe262ba5f1f5a5c38a239a73259832bbf78e20538b77e9f400ad8c416781521ddbee711612e1ff75ef7ee1db44105db88f63866cdffb0f6b574968d28f0282a3ba58a2d71cbae629a03b15f9d1786958790edef14412e57cff1df3e275a797df7e08852f87b9cd56a3db52dc75da8eeda4aeafbf9e8f1b4811b738e2731945f7398af5b75d8fb15b5e9d11d2d42faefb17a0b8366061bfa592bdf59d00ce45f6add96a2981d7a7037002d6c0b53e38a6c6e1e3b5e0c2734d2369cf1b7792d9f0d7d532a02e43d082f59f6cf938fc42b4f7d761c89b2c44ade50f5638e9eda785b339dac2b41de0e5bcfe71d8504ff18193afb8460471fd25b86ae618e38d6a91bea31e94fdd8989b6d3dc396f14422cbbcdd79502fffa68592801cf89ab3900ce272329966c2e6b1f788b0c4557528f47167beea99de8587177f78c7f35b5137e28f3552f38c731c6f603b55fc47979f889c6dd496c735589753da003615fa962231133ab6126299cd17373888bf05e042c5c615bdd7a803b49b3f011a224fb4924a0ca525c5afdcfb847c4f528857ad17d76f73b4a61ba950dfa503af0eb976da40333474a7f3fb132e752a520e9cc282b79494396bc0b2c37ee9e3373761fc78a4a7b25f7b88bfa3f735a9585ad47c6eaeb0133ccca174b6456137055e61268a8e7229eab29e965a335a1b4c73869a7f2d7a412342a243469d776fe1e1790059c554cdf6e406635eda553df928fd018688c83b35cd98cdf9bb3ef7c9eb847dda2fb07fd019a14f37f4d9c005fed4fb1517e3d7a0cab4ea1e473b2baa36aef3a26581a802d1e9b05db67b6cd8587d3585e44eb98d3c88d93b1337178bbc6f95c6b3415eca3c8bbf7b32c6ff9869d0f12443859fb1a007634659589ebadbdde1cfb3dcd8f7bd4d98819676841178dade1718b7eba13431072564560b52d52c1105b9af8b2d9acfbbe466d9777b19673285b83277475a24f3190710ead1e9ee1aca07e61c4e06c1638d165b5ebdc52405ab276346427bc49977dbd9a9c29e510e0764660da3ee280012c8173666b45978c642c4d28aa95830534fd15bea91693374ea56fc18ca4613461c5e2dae198840e23c7a3590693229cd2ef5cdd0d318d4d6b829f67e054f8e6c65b576f40ca07b543cf84bab14c7875f8e2dc2aead838735f0da98f480b071e9901f8b7b9cb742a25aab861900f6a11a44ce5ef943e93bd8a4784b9226d7f517fea9285bad872c733f04705e70c11e40972b60b32975b36457dceb629751feecf71ead14e2d04f498d9e75b67d456417fa5d69df63afbd6e4d6bab781451a16761b95352e975b4ae728e455362f2670fbe66108c75af8a6399f2e88aaaf3f20a513f98a9d7ca30e0911da4f3f70976ffcd1776810c79b750b7cd890cf257bf1df32b2c321a4b68e676d71ab3bf9778dfb7cbc7441f2b33b9fa76397a7ea56b5ec87a23698654eceb097e9068d87d099230ff96650f1500e489efdab01828d52002d74e27a44f878387cc66c3207a06d3ce9cbad456322a0ac665e3fe49aa22bbb9aa7a36344703b5b031fdda97c3f60f61ff006df49d1107f728a16a1f63557c7081c887f64570c4a1dfae192bf3d0b155f57314e02b625c23bed48a00bff9131958305f88248aca482e7cb6168270462722c9e4c3d572b4ca35a146a02ea21b926636c25c9935a2bc07f9e701ee8cb49e784510c27f3b68efd15881df226e9ad5bdfe795d67d4cde838a489910d3a4c63eff97487b999e4bc6a1462408f8b0c765229ee5beb91cf07a26fbe3ef97d2474fe7d025e2b5122950205b4837b7bdeb92e47e0ac52b0eceb71be939e72bf726eb24c0d58a11ff4d125cc96293c0a1fee8ebc5b8914c02848d0315575b2a0b1f9ac9aed78b256ece9947054eb208cceeb04036e2ecff96cce99f08d5679fd728c14950ca068bced0cad49c821ab09136d8fad1af5347f4d822cb90a9d493183723d519b9fcb1b28ed975eb468b9603566ccea7fb45c809f556f6ae852881f8740dc06dde2105a7aa4e023fc67886c0065b39d659c0578cc5f514fa13d4148e6e9f1607aab9872d91a089920bff7068a5ec7d4f398eff37b6c602fc843fd6206c5367127ef10cc2ba9d49b3cdb8ff9316a1103dc44d6022683322192a7a5a6856adf318d9e1959df3bb31b830fdf60deddc851677713d9c3b0db5668a7ea8a3a45c9babd9036b64adfd3fb6887907d10b2075c24d78882b0117518c3a0a03bd8376410c9d5406478f6d1dc23ad35cf93dc26deb438e198cdc303482feb64004399b24923996188f3e307146f33c2d8c5edaf7e1b608c53c56b9c1522452a3d391203f4bc30f619093c5cddd1337369345ac165f5eb274ea2f5545b7e2e6e8c2ed220a140b1df664704396eb3937443d831ba123b25e6c50aaca2bbbbc05e97cdff66219103ad0c70f501bb6f0592beb968b17957bf1b5c13b9c921c4138fa85b80d1dcb41efa4c163a41eb2f883c107c5ef595f94c7adb1459268bb2bf4bd5215333f5c6b1b68acd5c2479c1c049c039eba1a28e26d3bb16e6349b1c729c94ff5723d814e7b37bc994095d358a168560f74343172564039f83835d8c75c1dce000ab7be3dd716d3f1a26d759522badb12a60526cb467106c1b658f1b1d2a5944925a283ce089032ed0c9b8cbab6743b972e193f5754a4d7365a19bb2e1f235467839bcd6bd7f8025ea38333f5e504a2bc8cf5f7dd1f01f61d96eb25383d32463e0f5aedea84213383765a8469fbb3c7833d68fcf0faa4c34e1f5c6c52d90e6cfedc6c6b3a3e1d3d1b7f56adc66ca71055cad8017c682fb8e9dae0b59b8361530f7b94d1822da444aaa177d8a7d74c50f286b5090119e9aa286a42a3db8a7c4505865d37809a6f580f47c23f33a2b4c3bd5f19891cc2a83ea1eabc5b603092faa2b4c1b4d2698add61e80545a137826f3c72c167004da2ee829c4d1a032ed1c4a96686b3228f18fac731ec0381c6ef247f20387c0bae098f0713bb87efff9b017915ceef0850e464b1f36e99ffa7d09370ce4c29f4fba4db409263160b635a188832c9f232b2b942c47600a22435e03e74ed55e945f3f30929a03fbd3df9928818fd99835be36691632b6925f8853670189beaae7bf400fd73c809594ab9ffed62a7df92930979e303cf564f9870556d37f6be2263ff7a73f6ecc17af06a3048409506ab10edf8b38eb7b7f3fcd216a70f15caf383f717d399e0595abf90aa39730c9ab027077e69fdbf457bdb1fb80f50b6ba0f85eceb0a122b038e351d2f84ca2f6839c3fd99b78ebda1aca49c1c3975ca4a3da6983ab669f404468e9bcd4a7c4a3e1346b50f1692a15f35add43697b3f2c62b8ad0306e9d3ffd08084f290457ae7ca397744aef414eafd79c8bf"}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x81}, @ETHTOOL_A_BITSET_VALUE={0x1004, 0x4, "7d615ae5f8a953cb83e2bd665cbc763b9599ccc644c4872fca18b0a4ed7fe3203f0393cab93c05cc7f4ab8725c4eff8c4b53e2e2454d9dcfa3847cc2d1af8ae197fa5cb1fa8b70c36ee0a0f54c41fbef5971b8be736f737e0b03d1d8a846ecbd4ccf0d3c42a0a6c01c9177a10c750051cfcd5369ce3ca12d4165a69dce0313f1854a669f3b577a52a9b59f464c35673682d66dbf98bbacbcacc794a1b9854e98cb6dbcd11e44da32a068968d8c9eaec2d855f9230e491e3a683826f734d2015ff1ba51a9bdc5b5adcd567d1ccac2dcafcbfc121534f2d305f2780d5452ab01a193c2e012a56b5fa284fb66f6f20babd02e653713799764fa2ecd9fdaa10082f86a5ee8d48111ae711643add41566d56282448d7055fc8481b4ada68f078fa993862c0138f96cb617dc3e3671dd0aeed66731071b8a731d9dbdf08671f15b48b0a4ddb0d0d3ca5be31ac3ba6661cc2d9419a4de1e514a45be777807d25503769c78dc9d57e19f9a08ab5263dcfbeba4efa49aa46cd0a2e0d652b7947375eb0f28d25fa6ec9e8d720a43731c39fd56577bf30f081187fa988a29e53535daf8d4660dad5467e8c9534aece9bcf89b418aa46b4ad99ff85e3b81710e35ae3d9342b246e1a664d41c29aa7253b3a63601f46bcfe31701e1fc3632e76b5c13c8c3cd7f46fbc6be17a469b9a4cd6d651104a782969f2e800b03391043a7ab9eda43dda41cd05cbaafb970ff7319a7baa4ebc14590c6028caeeb945ad8b683f23cfe22aa0947e76ea5c04d76eadec29ae9e4d2130ec55964f0a670bc00af3e06f161fd7e1ce119d25501b7cb92d2db83eaba1b7b4c5d119be5970a80119b7d0dc29c5baaf57389d7c8a415c9a034df638ecc3e0c3544a2e21b69ce65205cf7515bde0ce4f338655ea8d66e5f210b2af1c274785b7cb442eb3a3b5c158ec036ede98738ef754fc0039cf8bd076acadb8176d6e72dd7c56bc7d65c485e4ebec1653e87fed67379861c3f9f1e5813e9af41243de4117f9a4a74a076496a1019f081aa4af379b5368352595b4fe0e887b2a84830f95056b4ba5f79c4601581386f27ea5f9c72ef53704dc4e636da78da34383c8806b6f916f36a04cef3d8389a11dc8ca54ab300e16fbf51639961b055d34db519aeeea71c5c1b6078c63feef8321546eb8566d5eed8fecf4f48f5b866a631119d322be453f59369bafce69831ac7d846db285d9353193ac940921c3be6f937398fedeef82e4ded44c26c97646c4e6f2375fc439377d9b4ed180aaa457cdd45c4ab57316fa53efd1c5742c50a87c1c4d0a241d392c8515b5961f77d8492697ba161b5193536e124ee2b63480729c3084ed735f09741c4d667164f3b1b29abc51e377a37118e557be20767110a85c242d3466b6712587e90213818dde2c53edd801c5e688be470a4df2e579c61ebd8da11d9606feab1ca329cd0f4dfe3d310b68740407bcc9f369ab0067a7e8ad8972cb7f3a4d97a07ac7862d78662bec4148dd8111199718e350bc889681cd0c699c108299f5e96ddb73bfca326a0d5b5d4419ed6d1c05046fe401095f8c9c63048075ef414ffb400da44cd9ba700040eb516846b2424bdcc1e07e40eee1d746b0ac9296420825d6f1899f21c311a839e1aecbc54a6d8a929b6e42bf8e8059e35ebe3659c9d15530cca9f1899106fe2b2c67d66885717a4ac76aadc01630125656e83415c110c51c2a36b763ab57695fd62afcc3faa8a4ac5638b634d78550a803f69b5dc86bdbd7768e2d2d7f987c3b991e99a590e36bb311c1245e29104d14193c7510f03a3649c2e4020af95044a1a03463884a6dcc6a72f2ff712b5d0bc0a27093674b788143e53309ca597b9097eeadafaf91bae7e2141b3dcf9788801c6eeb92d0fac7501a6a3cac0c687f0880b5b1cc0ad3f0a9a4cd553820e0b3a37d8247a4b55f5d70765234ca37e3d866d19b41087ba53b66efaa117240b1f20a111d78f7b2fab324bb9c134417a29e37ab9466c64084e92582f252026561b209da4e279a502b205c63906bbe8ab446e7ff14705b6984ae244bc33563ee702a37aaa9b0d488ee5fa7acde74ffb6e2daee82e9ca8133f4b193a9fbfe83dd2d229d2e46c9625b8833e02148a50a37df7cdd1d7d5f4150d1de652fc74853a259cf40f957e629bdc3c90ff0c8c75843d6025973abd3539062848ea55c10c7b93f7ac2e0d22422d6e854e1e8b7d9646465dd0fa67cf3540a0bbd90669aa4537f3b6923edbc1be2166602e06fcb162ebe5d76b4d30a46ed58b783869725b82e92852e9dc60d56ce6211d19bc547f622476edef1d588ebbca9bd1c2763dffe3432dfcb86ef4366c043c83ddbe1b6303feba7ddde4b59faf908cc91cb070c589bda9870aba147a5e860356d5700f5b21c34d06e0e661f6814086d3025cb4792741d1651aaeb80895f9db880ee32ef0f0f1d5e706b23fc11f687cb3a3c698d5cb5ed98b9219f2f7c61c33b198785329b2046eed55b7fdc118eacc913c67c8f8a6499b8395f3bdcb4b90b22270e32d8b9d2e5a858fb6d602e4faf2f3d14d75b76876f74e858b05ce0e915a127a1b9dc13747210a9d9980bcee81c7f8c0138216e0e3beab685139d18511c75e69507f4c8d1d317b8a5bd0c55c172f9d1b5f131f07557ceab8ace107f57de93eecc487c28c328e3c9d03dfa71df19cfdd3b0eb847684da4799f94451b5308213e600d96e8c88dad7063749df31651fdb020f0fcf400d77427f94c37eccbf4cf1cac3644b8650459a1f0615213afbc50de1224552dd3fce874eb91aec31d7465dda677ff11ca58f67d22452d890405d91e7098446250c00f6982889cf3c4f03aeff5d87cd174588cd064b505f5bce5ad619b7ad7350181f9f8b0aaa67661b9cd257656e74d1519df9f3973ab381d3eb94672d2683ba7420fe003a41d35b63d0fd7eaf24c5a2c6949636a427add13dec635d09cb85ff1a295aed71f626d2a715060ad49dd2ca5edb7c7d30372de6922fbdb165c4f486a2aa258b1fca33513843c09c27eb889344b59281f36a26310ba622294295843e103a2a6aaa2621c48c76eb1c6f3e71cabce2ab3201c8899255ec6b1a5fbb1e96804f7d05d1f907f097d53de1fec072ab35e4d29fb04932544827755b4d1ee724beb33f768feb72175c08deca4591b777441dbd949737c6b6cdb918d4086753444a9237c6c66aceecccd43b40026c9834ef79eeeb5db8295fb908206f7013118ab0dc83771ac5aee55f1530461912cf469d2ef075fcf12bb7eceeaf2f1bde85b6b2b6a8a8bb9fc0bd6d6bfa77962e2775806b27b04ffb614bd82774b40774f0147c5236a029abedba14ff84ebb0338d8a6e077f12db430f01af48416dc3dd442c55d261602b0b82ce98b490a0eee15212d13839ec5122bf3e543c250e11df440f8a834b2d87b168c79b2e103db703ccdb6f1ac7c3fb5714a39c8546fe9e761f6589584b0c6bd34d9b69b445bb999c482bc80bc9d8e697452f2034f09cf50dc7c828109d7f70c84eb03d871449e30f9b19b2eb50334626f973b459ec9fb5da083c519ba7a6d8f8ecf738e19f29ad76f3ec2f11987f10a5ac33fca7d63a5fc1bca5ac21e983becc84e89cbac2e3c3bba961c05afb998c4bf09aba6d06529b7bffff15146db980d933030e4ac906af1cfb3b361a88dcfb8420110aff52f40bdc43238686f3403a0f27a05f8716d23bc48c459d396881f088f7bc14eb094c89338395aa0d8289bd32b92a9e71afb6dc38ae95ca5fd5f8aaee9d56aa2d2bcdc772abc633df38643e348e131f41aad432d7721a9420b9ff55259296a3fe8b2a094d02d6f4b9f849ca1229cbc8a2802b9c71407e4105d57b4399b9efcb1775bb708e22ead5fd86e99319f88d62e0c118788d911c7dbaa280d9a7094a566fa056df774dab43dd55fa6967fb85eaaf664bce37a4c51f0ccdb97f529b42d393fbeed4cc0d742b9c277a6818a644093a99c4fac27ce28a7eb1a9cce110cd0012160002aad06814ffc17b750e635ca389374bf442e3441cc2b904e1578000bc172ec16df25135dd7de15f37ca60fce5464f5550a401329d65724108636ee0a87fe686e54d4f4d1220b08347af7e56c15531225f587a20b49a737f8ae8faa6193da0bb9561ff615c72f881986b9bfac294a4b1ebeee83c216b8f785f9f80664a83f5a24922fbfe6cdad0e39b42efb78628da3b6d86d770de73ccc39cc913d9040a1043f8d0ad9650b2760086c65852945bb864acc2a0f4231fd9e80c42584cb997eed2e7bc8d2bafb8e82a42326e947866ad576aac42acc61ba141517e1b980b31adf4c1ed9d2e1d5a09398cbcedf507295f958b1cf7d57ff5650e01bd47c67909d78ed2c28a950317ee32620ba15e54245bf91fadc49353653317a27e8227a68028ed25fc8f44dfc47981fdde4ec8e25b40cc4851de705775ecf204e40e6da4bb70af171d49ad5486e9211d8d4c0bab7b63aa429ebf1fa81dba4ccf484a28b3c7b7cc9e5f579f452253f458bdfbf8f0d2445fd8809d358bd54ff415c87ca6fa1588a08e2f127ec324bbc987873fefed51663166d5688937d55cd17c82ff04928f65536ee12c717e60fd8a0645f3b25aa3c0ec7ca77667e626bb10ef142d028fb0298fd74898e4d35b74182c9a65678e546c11ba69c7214c59a83d5fd4d90282f390a6a46d733756be656b538b49e43a9b5d3a76026bde23f2d55cc346acb91c8cd4c013ae07ddd306df0827fa3abaa73a12401c63ef084fa5a8c7e96b55f7bdf48b3b605d590860a96fac8fadf47cc70ccbe714cab1ae41ad7de8e49921225cee4a159845d60a1c7ee0551aab2817a83e807b6193ffd42c1630b6123e5a5c1db18b765522f6d41f79892f5b3294fdb1eb13ac1f81a36451fe27454bd8cea8101fa3b24239c66aa36d3487be76c561ed397ae9549f61afd43575b43ce667e85fd3e84b8eb6228aa9e858a470fad9b069d3b1c4bbe911e11be1e07872f0fc0ceffb6f565e7c08c2eaeeb8437c8b1eefa72472057ebf84ca5062d3c3a7bcf0affb83f6b544a66833fc1d4d33704f8c5f3b5d2efe3d7bde51ab2371f23477545dfe5adf461b1398bc80a9f36c132b993114d4e18192c4a22aedbcfeeb5a7046f442961d0a0c999f8ec137cfeafa47ffce5e5b5be5d7b30a1f2411eac11aab360fae65019dd4a1e8def85ad6faa5d28e285bbc73d532802b45ff818cf212526191117fcd534dfc2902ec0a5892b1b38cae8079ba9b1419b64a4942913baddd5a4b7ddac839a89ec67328db8025139a91a10350ebec1420ba2dd0906f396bbce46a2d6dd892069e3cc636cd66834178e20353c38e3aea3dc5da98542517fcbb139d7811904014037857036fe639366ee9ecef344b47d6eba184a83ad2ce0bf93209053fd4f034813e47ff0c3c5b4ad79cee0151b56d9abd2f901958eec9c66f442eee90b09def69ed4cc298bd78482829aef1bf375bed918b8ee33bbad280302e28f13e54b8ca3ba9858651c51b75cfd7c548beb7d763d3baebe879652fcfd35a82b1ff01f0435aea50cd897d4e4c648f709afbaf779030801cc1dda79a31428baaa5308c97733a5dfe5cde99a4ec4d0d18db23cfd9c72d0478a884d2320e17ab4aa30ba52af87d2216f3a8ef10d9924a214849c1ecf46a3d182096c464be34ccfe9f4d667431ea3ad6acc0f579d483d49ca8add94a25f66258dc678378c19bd50fc4df39d35de101d5442183705a81a8d5888bcdbfc1b767da553aa52201f516f9fc82e69d71ad5654f1dcb28144c16b1f4270192"}, @ETHTOOL_A_BITSET_BITS={0x164, 0x3, 0x0, 0x1, [{0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '\xaa\xaa\xaa\xaa\xaa'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '\xaa\xaa\xaa\xaa\xaa'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '^^\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xedd}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '\xaa\xaa\xaa\xaa\xaa'}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '\xaa\xaa\xaa\xaa\xaa'}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '\xaa\xaa\xaa\xaa\xaa'}]}, {0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xfffffffc}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '\xaa\xaa\xaa\xaa\xaa'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '\xaa\xaa\xaa\xaa\xaa'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}]}, {0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8001}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '\xaa\xaa\xaa\xaa\xaa'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x40}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '*\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '\xaa\xaa\xaa\xaa\xaa'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xe, 0x2, '\').&#)@-\'\x00'}]}, {0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '\\*}\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1f}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '\xaa\xaa\xaa\xaa\xaa'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_VALUE={0xf8, 0x4, "fb42d02d62f5c16b7e05c71a7c9faf3f374ced44f8c5b05aaeb8d70674fb40cf88a0e56cfa1b03e32844f05983fafe48097f8a7ff34d7b85349cfb62cb66e3b804ce435c167c71f0a0b131a91d2ccc2f7126937aa95d3525b9d08e1deaf54e95ef019dc5fd8344ac7b1e33577185ce7a8ed512eaa72cb1f2b2f0416e626c397c62570723db9c08ba06b277a4a1e0d99a23567c15ca0e4f90267f7eadafab212c5e436566538162a2538cf536cb99db7239af2fa13726873dedbf1b11dd48bc3adb6238d42a230e7d9bd990e46ee4ca65d2d9734933a89c7be7ce953c1be6c9bbedaa52e5bf2fe75b92459c68df7230452067ac23"}]}, @ETHTOOL_A_LINKMODES_DUPLEX={0x5, 0x6, 0x7f}, @ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0x8001}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0x1}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0xf7}]}, 0x35f0}, 0x1, 0x0, 0x0, 0x40000c0}, 0x8080) clone3(&(0x7f00000000c0)={0x1840300, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) rename(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='./file0\x00') pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) tee(r3, r2, 0x9, 0x0) accept4$bt_l2cap(r2, &(0x7f0000000040)={0x1f, 0x0, @none}, &(0x7f0000000080)=0xe, 0x0) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(0xffffffffffffffff, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, r5}) r6 = socket$inet6_udplite(0xa, 0x2, 0x88) r7 = dup(r6) r8 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r7, 0x8936, &(0x7f0000000080)={@local, 0x78, r9}) ioctl$sock_inet6_SIOCDIFADDR(r7, 0x8916, &(0x7f0000000000)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, r9}) sendmsg$ETHTOOL_MSG_PAUSE_GET(r3, &(0x7f0000003a80)={&(0x7f00000038c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000003a40)={&(0x7f0000003900)=ANY=[@ANYBLOB="1c010000", @ANYRES16=r0, @ANYBLOB="000328bd7000fcdbdf251500000038000180080003000000000008000100", @ANYRES32=0x0, @ANYBLOB="140002007767320000000000000000000000000008000100", @ANYRES32=0x0, @ANYBLOB="0800030001000000540001801400020073797a6b616c6c65723000000000000008000100", @ANYRES32=0x0, @ANYBLOB="080003000300000008000300000000001400020076657468315f746f5f626f6e64000000080003000200000008000300010000004cba38801400020076657468315f746f5f68737200000000080003000000000008000100", @ANYRES32=0x0, @ANYBLOB="14000200766972745f776966693000000000000008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=r5, @ANYBLOB="300001800800030001000000080003000000000008000100", @ANYRES32=r9, @ANYBLOB="1400020076657468305f746f5f68737200000000"], 0x11c}}, 0x0) 01:55:21 executing program 3: clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:55:21 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, 0x0, 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:55:21 executing program 0: r0 = clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) r2 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r2}, 0x0) perf_event_open(0x0, r2, 0x4, 0xffffffffffffffff, 0xa) r3 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r3}, 0x0) perf_event_open(0x0, r3, 0x4, 0xffffffffffffffff, 0xa) r4 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r4}, 0x0) perf_event_open(0x0, r4, 0x4, 0xffffffffffffffff, 0xa) r5 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r5}, 0x0) perf_event_open(0x0, r5, 0x4, 0xffffffffffffffff, 0xa) clone3(&(0x7f0000000240)={0x4da08200, &(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0), {0xd}, &(0x7f0000000100)=""/142, 0x8e, &(0x7f00000001c0)=""/28, &(0x7f0000000200)=[r0, r0, r2, r3, r0, r0, r4, r0, r0, r5], 0xa}, 0x58) 01:55:21 executing program 1: clone3(&(0x7f00000001c0)={0x50824964, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:55:21 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400028020000400000004f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0f", 0xc, 0x4000}], 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="10"]) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) 01:55:21 executing program 5: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) [ 1328.311683] FAT-fs (loop4): Unrecognized mount option "" or missing value 01:55:21 executing program 1: clone3(&(0x7f00000001c0)={0x50824966, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1328.343056] FAT-fs (loop4): Unrecognized mount option "" or missing value 01:55:21 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r2, r1, 0x9, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r4, r3, 0x9, 0x0) connect$inet6(r3, &(0x7f0000000180)={0xa, 0x4e21, 0x8000, @private1={0xfc, 0x1, '\x00', 0x1}}, 0x1c) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r6, r5, 0x9, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x80000, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@version_L}, {@access_user}, {@nodevmap}], [{@smackfsdef={'smackfsdef', 0x3d, '^'}}, {@appraise_type}, {@dont_appraise}, {@uid_eq={'uid', 0x3d, 0xee01}}, {@permit_directio}]}}) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:55:38 executing program 1: clone3(&(0x7f00000001c0)={0x50824968, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:55:38 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) r1 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r1}, 0x0) perf_event_open(0x0, r1, 0x4, 0xffffffffffffffff, 0xa) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) kcmp(r1, 0x0, 0x4, r2, r0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:55:38 executing program 5: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:55:38 executing program 3: clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:55:38 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x201, @any, 0xd5, 0x2}, 0xe) bind$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x2, @none, 0x4}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x401, @none, 0x1f, 0x1}, 0xe) 01:55:38 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x6, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') r1 = fork() r2 = openat2(r0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)={0x800, 0x86}, 0x18) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x1f, 0x6, 0x1, 0x0, 0x8001, 0x40000, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x2, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x1, @perf_bp={&(0x7f0000000140), 0x2}, 0x13500, 0x3, 0xbc6e, 0x7, 0x2, 0x401, 0x4, 0x0, 0x1f, 0x0, 0x81}, r1, 0x10, r2, 0x8ef72aeb2838de82) perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x3, 0x5, 0x80, 0x8, 0x0, 0x4, 0x40, 0xa, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x5eed, 0x2, @perf_bp={&(0x7f0000000040), 0xb}, 0x10200, 0x9, 0x7ff00, 0x4, 0x4, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x100000001}, 0xffffffffffffffff, 0xb, 0xffffffffffffffff, 0xb) pipe2(&(0x7f0000000000), 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x9, 0x8, 0x8, 0x0, 0x1, 0x800, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000300), 0x9}, 0x10004, 0x32ec, 0x7, 0xb, 0x400, 0x3ff, 0xffff, 0x0, 0x7e, 0x0, 0x7}, 0x0, 0x9, r3, 0x1) 01:55:38 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:55:38 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, 0x0, 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:55:38 executing program 1: clone3(&(0x7f00000001c0)={0x5082496a, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:55:38 executing program 4: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pread64(r0, &(0x7f00000000c0)=""/211, 0xd3, 0x6) pipe2(&(0x7f0000000000), 0x0) 01:55:38 executing program 4: r0 = getpgrp(0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000040), 0x6}, 0x0, 0x0, 0x3, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000001}, r0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) r2 = ioctl$NS_GET_PARENT(r1, 0xb702, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r4, r3, 0x9, 0x0) r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) pread64(r5, &(0x7f00000000c0)=""/179, 0xb3, 0x7) tee(r2, r3, 0x7fffffff, 0x0) 01:55:38 executing program 1: clone3(&(0x7f00000001c0)={0x5082496c, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:55:38 executing program 0: pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r1, r0, 0x9, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:55:38 executing program 4: setsockopt$inet6_MRT6_ADD_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd2, &(0x7f0000000300)={{0xa, 0x4e20, 0x6, @private2, 0x1000}, {0xa, 0x4e23, 0x8000, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x7fff}, 0x0, [0x9, 0x400, 0xfffffffa, 0x4, 0x6f7, 0x7fff, 0x6, 0x3]}, 0x5c) r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f00000000c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0x7f, 0x33, 0x5c, 0x8, 0xffffffff, 0x3}, {0x1, 0x3f, 0x75b, 0x9, 0x6, 0x800}], ['\x00', '\x00', '\x00', '\x00']}) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r2, r1, 0x9, 0x0) r3 = inotify_init1(0x80000) ioctl$FAT_IOCTL_SET_ATTRIBUTES(r3, 0x40047211, &(0x7f0000000040)=0x2) read(r2, &(0x7f0000000280)=""/119, 0x77) pipe2(&(0x7f0000000000), 0x0) 01:55:38 executing program 1: clone3(&(0x7f00000001c0)={0x5082496e, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:55:38 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) pipe2(&(0x7f0000000000), 0x0) 01:55:56 executing program 1: clone3(&(0x7f00000001c0)={0x50824970, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:55:56 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x101000, 0x2) shutdown(r1, 0x0) 01:55:56 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, 0x0, 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:55:56 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:55:56 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd3a0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) 01:55:56 executing program 5: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:55:56 executing program 3: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:55:56 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:55:56 executing program 3: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:55:56 executing program 1: clone3(&(0x7f00000001c0)={0x50824972, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:55:56 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x9) ioctl$EXT4_IOC_PRECACHE_EXTENTS(r0, 0x6612) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) 01:55:56 executing program 3: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:55:56 executing program 1: clone3(&(0x7f00000001c0)={0x50824974, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:55:56 executing program 4: perf_event_open(&(0x7f0000001d80)={0x3, 0x80, 0x46, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xa4, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x1) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$netlink(0x10, 0x3, 0xb) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x20000090}, 0x0) ioctl$F2FS_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0xf50f, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, &(0x7f0000000080)) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1}, 0x1b) syncfs(0xffffffffffffffff) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8800000) ioctl$SG_SET_TIMEOUT(0xffffffffffffffff, 0x31e, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) write$9p(0xffffffffffffffff, 0x0, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syncfs(r1) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x240, 0x0) pipe2(&(0x7f0000000000), 0x0) fallocate(r2, 0x26, 0x6, 0xff) 01:55:56 executing program 3: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:55:56 executing program 1: clone3(&(0x7f00000001c0)={0x50824976, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:55:56 executing program 2: r0 = clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r2, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x2, &(0x7f0000000080)=[{0xdc, 0x20, 0xf9, 0x2}, {0xd16e, 0x1, 0xd9, 0x101}]}) r4 = getpgrp(r0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r6, r5, 0x9, 0x0) r7 = syz_open_dev$char_usb(0xc, 0xb4, 0x4) r8 = syz_open_dev$char_usb(0xc, 0xb4, 0x2) stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r9, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000a40)={&(0x7f0000000040)=@kern={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000840)=[{&(0x7f0000000100)={0x10c, 0x2d, 0x400, 0x70bd29, 0x25dfdbfc, "", [@nested={0xf9, 0x18, 0x0, 0x1, [@generic="f5c2b03e3a2807d644f897b4dbdfaa7144338e998f43c1b9f1d9f66c70ea2512a8a7ece52e5e2d7f0fe37600c5729aed6519bb3622d9afa890cc76dc20afb4bb035ebd1cfc098db5218b277aab4906d3ac48c94b44c0122e396320f8c2bdd2e53e447d80d3897f13a1a391449daf8c09af7b3f150b1b3416f08801e3584d0bdf98d2a800352210a79d2c2b930a99a0bb4398fc9c0c8cd99db3595979c0ecc02fcf974f7db23cc0081c50c1437428de566d05b06905714a1bc0b0583c087a503510ffb2eb27e06236435d900a1dec854f7658cffed767421199911eddb35b141b86c439050c", @typed={0x8, 0x1b, 0x0, 0x0, @uid=r2}, @typed={0x8, 0x16, 0x0, 0x0, @fd=r3}]}]}, 0x10c}, {&(0x7f0000000240)={0x7c, 0x2d, 0x300, 0x70bd2c, 0x25dfdbff, "", [@generic="38868bff5e9af430588cde8285e40a0295c2041af8de65b25a4c6da836c51e0a57e9c455da5c6d290287e74e7f099ab8909e9c99fb4826917301cc72efa2bb97d9c5f84a73f5b170342ff3f54e449f3037c9a45d373091de378ebfa9cdf4a500dc4f6b18f45c894138eb20"]}, 0x7c}, {&(0x7f00000002c0)={0x580, 0x36, 0x400, 0x70bd2c, 0x25dfdbfc, "", [@nested={0xa4, 0x57, 0x0, 0x1, [@generic="40d10241d88cf493adb48a184b730f7c065a4367a04e31e36e59d107a3ec090eea8368d415cc315755753fded1b77c98c24a7d123b6fb862ce595486c246f396191c806796d78e4a5524a8dbba6a1bec97555ce92ae54c6764f79febd797f27c15205abfe0b030e20d40d58d0c165bee11d9d461ef5d44b31f3aff5224678fca21742211313c69946da3ea992517c474cd91ca54b06ad00df501f7420addfceb"]}, @generic="bfe955445bd1affc8d76cddd491b17255e35c56c962ce18a3e8d447a6dd4166229e4bffc579ea34ec5b2bc95397acc849a250afb0067d48131abef08ed540b9483321ad46030785496ea9bb2eb3c672108c9e14a693d0d97c3970fd26ab1ebe1a733172acb0df31c3c5820ef25be352e368a5dadb1e821e8d03958c1085766a29ca13bd91defa25816d5fb897876904c0dc4a2db46a6ac829493671b05970780cc223d07ae6eca4d9e2cf5ba9cc1c119cb0f6ead0fc9feee20093456994776516020c18a6d6f4badb253aedd11aded4651", @nested={0x147, 0x3, 0x0, 0x1, [@generic="9b90571cd7fb5557b372d27a21aadc8612bb44d9ea16cedae9eae7e58643bc784482659a1043e1a91d9eab6edebdf62d8ec2cddc7e63123aa1ed3fdde53fbc781d5412af52fb2d016467163debdf6e9d2ca241ac69a4065a346552e0aa9bfbebd418f1425cd0190abebe4587854b751657927cd2b2246e18c016f1", @typed={0x8, 0x79, 0x0, 0x0, @ipv4=@multicast2}, @typed={0x8, 0x69, 0x0, 0x0, @pid=r4}, @typed={0xb6, 0x77, 0x0, 0x0, @binary="c57154e92eb54b498f51c3c068c3a5f69a43142c7eb0226dc24bd7dc54b7c7d41ba072d5a5e231c5f6fa7c62de55f2e0b243eedefef7fc754db6ad79c4f9c55b3d0d6a266377bd3a95a835ce7a9392115b55bb9dd716b127791f9ea7cfce4d6b74c9de8c57360505ea54f326762c82179ea608ec96a211725da10699fe92f2884405d77f3ae22ce75e90eac991af2eb9410f1bc08e387cd6ddbfa4db1d54f11f51fcdc50b7b9a0abd6620731ea524d5268f4"}]}, @typed={0x8, 0x81, 0x0, 0x0, @u32=0x67}, @generic="bbaa33ccf3b762e7167cd1160df51e154e8dbf0c2f00f0a30e9eb2e74fafe78b5560d58878d8993d0f009499d9fb6d4a0a6f7e2fc9cb4d8790e9f8db57b92733f61c44f11c0956de1384dd94c9f31d4a302eb0de69ec898eca14b827bdf4d56cdf3782a710931da69e2e938da962e5fdee9b0ece23b531a384400b2676e1e7430d46c3e86bce23dc324a70a898823569722ab726508d427487e441821575faee095c45a85dcd0c85b777312d249a4c653cd3fda63363d38c29b175460d5cf076650e0bd6d429a339bfb1ac53ff1f7a66f463c99ea0e66a1d2f19334bb7123d641b09954280353c3c", @generic="2d3fa901c43b6e53e28e93045c1e6f21c51e2e261659de60632dee342ebb3f352925fe2fc2932988f1c3204524b5f3fb352947970c542b72fec9a81d45b6bef0ae1550144ea1924bb4f616053c7fbc6a389f342fd39dea1a192ab49f6578d246c8f46277e5797da190663360e95ae5360103e1b4333c601495b7e79df27c44cd3c2dbe0ba8fced42872beb79397b3bb0ef57a5a8a2be882b5f4f26abf59164975c7828a65898f6757834b55e75a0f3b3344d8e1c787e9ea96748bd508e4b6438f84aea909a61df0227da22c307011955861f044c90531bd1f5a2a9b1893aa2", @typed={0x8, 0x0, 0x0, 0x0, @pid=r0}, @nested={0xda, 0x30, 0x0, 0x1, [@generic="e8029822860642a761cb478620913053f50caf5647a7cd2705f5f401f1a563b76eb3b7a7732cedd8184390154cc51884d1e558de3f3edd54b8c16d9afe04c991105026489994e8a4e22c9f747e804ce8a842fc67b90880d94459a697f09b732e0dbe76cca527adbd5c8f09d50a458b5e169adb184a338fad4a9447c91b76652cfb43f721f602c0fb6d4495a78aab902f2c1deb14496009d175bb60c52989390fd48aeac4efb2113cb7f42b9cad3bdf8a40ef15a05c9d75dde891818a9471f97d877c276ad94da72f7d1354d24c1aa2048bf6ed1f5770"]}]}, 0x580}, {&(0x7f0000000940)={0xf4, 0x2d, 0x8, 0x70bd2a, 0x25dfdbfb, "", [@generic="51b8ebf296df36c4c21b7aedfad9b78a6e923be86efc58fe77921190638750be98540cd70961801aa7fcbb847acbce3959c78d1b56d9fd7b0fa71dd83af8afed6c344e0b77c4d8d005d24533a1a7f258a7d8b72d1efcdcc76264acb49d7de76361dcb1acff2c15e7ecfd2cf477d4bcd2edaaf30f0b94f32bec9de2fe050d21897d3e04c584c1873b980bdadd5d189e0db58deed0696161248b8e2e4b2e33fa36edb3ec406981dd416dff62eaf354866cd16501a845a34874be1a978c9d2b56e1a9cb02260e255334518d85d61b166d4fc4e273ee562f7e8b5ddb9e16ad", @nested={0x4, 0x29}]}, 0xf4}], 0x4, &(0x7f0000000880)=[@rights={{0x1c, 0x1, 0x1, [r6, r7, r8]}}, @cred={{0x1c, 0x1, 0x2, {r0, r9}}}], 0x40, 0x405c840}, 0x884) 01:56:11 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) bind$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x7ff, @any, 0x8, 0x1}, 0xe) 01:56:11 executing program 3: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:56:11 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:56:11 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r2, r1, 0x9, 0x0) close(r2) 01:56:11 executing program 1: clone3(&(0x7f00000001c0)={0x5082497a, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:56:11 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r1, r0, 0x9, 0x0) ioctl$BTRFS_IOC_INO_LOOKUP(r0, 0xd0009412, &(0x7f00000000c0)={0x0, 0x101}) 01:56:11 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:56:11 executing program 5: perf_event_open(&(0x7f0000001d80)={0x3, 0x80, 0x46, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xa4, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x1) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$netlink(0x10, 0x3, 0xb) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x20000090}, 0x0) ioctl$F2FS_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0xf50f, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, &(0x7f0000000080)) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1}, 0x1b) syncfs(0xffffffffffffffff) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8800000) ioctl$SG_SET_TIMEOUT(0xffffffffffffffff, 0x31e, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) write$9p(0xffffffffffffffff, 0x0, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syncfs(r1) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x240, 0x0) pipe2(&(0x7f0000000000), 0x0) fallocate(r2, 0x26, 0x6, 0xff) 01:56:11 executing program 3: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:56:11 executing program 1: clone3(&(0x7f00000001c0)={0x508249f8, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:56:11 executing program 3: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, 0x0, 0x0) 01:56:11 executing program 1: clone3(&(0x7f00000001c0)={0x508249fc, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:56:11 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:56:11 executing program 3: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, 0x0, 0x0) 01:56:11 executing program 0: sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0xb0, 0x3, 0x1, 0x801, 0x0, 0x0, {0xa, 0x0, 0x9}, [@CTA_MARK_MASK={0x8, 0x15, 0x1, 0x0, 0x4}, @CTA_LABELS_MASK={0x10, 0x17, [0x40000, 0xffffff7f, 0x8]}, @CTA_NAT_DST={0x18, 0xd, 0x0, 0x1, [@CTA_NAT_V4_MAXIP={0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, @CTA_NAT_PROTO={0xc, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e24}]}]}, @CTA_HELP={0xc, 0x5, 0x0, 0x1, {0x8, 0x1, 'RAS\x00'}}, @CTA_HELP={0x14, 0x5, 0x0, 0x1, {0xe, 0x1, 'snmp_trap\x00'}}, @CTA_SEQ_ADJ_ORIG={0x44, 0xf, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x7}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x4}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x2}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x101}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x80}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x5}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x172}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x50c}]}, @CTA_MARK_MASK={0x8, 0x15, 0x1, 0x0, 0x2}]}, 0xb0}, 0x1, 0x0, 0x0, 0x4004010}, 0x4) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:56:11 executing program 1: clone3(&(0x7f00000001c0)={0x50826000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:56:29 executing program 5: perf_event_open(&(0x7f0000001d80)={0x3, 0x80, 0x46, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xa4, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x1) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$netlink(0x10, 0x3, 0xb) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x20000090}, 0x0) ioctl$F2FS_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0xf50f, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, &(0x7f0000000080)) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1}, 0x1b) syncfs(0xffffffffffffffff) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8800000) ioctl$SG_SET_TIMEOUT(0xffffffffffffffff, 0x31e, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) write$9p(0xffffffffffffffff, 0x0, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syncfs(r1) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x240, 0x0) pipe2(&(0x7f0000000000), 0x0) fallocate(r2, 0x26, 0x6, 0xff) 01:56:29 executing program 2: openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x40, 0x2) clone3(&(0x7f00000008c0)={0x658444382a3dd9d1, 0x0, 0x0, 0x0, {0xfffffffc}, 0x0, 0x0, 0x0, 0x0}, 0x58) socket$netlink(0x10, 0x3, 0x8) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x20040, 0x81) 01:56:29 executing program 3: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, 0x0, 0x0) 01:56:29 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:56:29 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:56:29 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:56:29 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000001c0)={&(0x7f0000000080)={0x130, 0x2a, 0x1, 0x70bd27, 0x25dfdbfb, {0x20}, [@generic="f240a32ca9b4afce64f9801d2ebc944babdfe1971c6e2f279810cf6be92b63557a126a4c0fcacabf20249695474959f5c732b075edc71738b84868c156fe7e35019774b01b62cc4216a1ce574831cb3b540fb239841b8b9387c378dc546114701665b7a47f9be2199be01a0b76ec3c0770fcd71066094fe1e4b66301c169655d9a0bdefc8499924b528f67072763022823c4d94e7137b750d5333f6a445114a45e4dadd8d4385be655b73f87550d9aad9fa2a33dd2807152f35e1c849e614a5313deae1e0c58352ec82691af827ca661fde5811c8e79db11b6d1b6d59292e244d575d4e8f0ffa07302691e525c68392ea424dfa7", @typed={0x8, 0x2d, 0x0, 0x0, @ipv4=@rand_addr=0x64010100}, @generic="0a24ca080655e223694001", @typed={0x8, 0x96, 0x0, 0x0, @u32=0x81}, @nested={0xc, 0x49, 0x0, 0x1, [@typed={0x8, 0x93, 0x0, 0x0, @u32=0x3}]}]}, 0x130}}, 0x40000) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:56:29 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = mq_open(&(0x7f0000005c00)='-@\x00', 0x42, 0x0, 0x0) mq_timedsend(r0, 0x0, 0x0, 0x0, &(0x7f0000000040)) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000007640)={0x7, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}], 0x4, "9755154351ac9a"}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000009640)={0x0, ""/256, 0x0}) mq_timedsend(r0, &(0x7f0000001e00)="3cd52ed97c9e213909d730166b17123f3294a3353d43c2bda33f8b46124feb3e574cb78ff55dae93c1d80f8b1b571caa5d0f953fdc20af7c2907f40c853111e5a4a6405dfd6510e2573f0cd5a14f722a746315bf5955d6443a167b62e37e70e67059a451add17b0ba3a4967e37a184c25fd56c25f32d2c08713830771e190d3e72e360fbae6eb7f69da7ae1b7575584eb3aad405c2e0cecf7c57c725e35199b38412b21fb229249cb5214590ea9c200b689ed99433fbbb389404f04d726fe19ef657f8896380c769f15ede2ebc816773d5730db7acb1828fbcdffc4da713e0944bca7028c47238c1aace7879fca945a836e4ff365b155de4a6b5e69df15c57c8c84a27359b026401b2d2ebb22fc4727115b803cbed672e1c10421e53aecb9848432f39231a6fe45af05a49d7f66593d188b01763da10fbe076c0103b005492008157072857ecefae4dfd561229bd8ecf19e938d25a4315e343c5ffc67c1810af17fff3e930e390dc021b8a020e9ad5750cbdb6ac2406d580f35c6776feba23704f457eb3c9e481a38ae02519b5561493b3a5a22682f0622f55b91bf3fe3b6eeb0b411767b39cf41b6ea7f7606bbbf59f038ed99313e9185bafa0f1fb0d7f8f854025afe6eb498d49d00f869ed3d4abccfb90d70f1dd88a92a1f6c2a1f62238ff8733e3b25225fe919598664429606c6ba859544fe0de3a9f18ed8fdd5e9ce15ab80c870a454b550e5fe805396bf4ed72b627314fad05b74a500135c9bb1b297b170356d42c9983c3275dc8c95a5a198f3b896c712d4c44d66ee10f29d4d71df5484c473cdcd107d66ded8e5219a066b00f45faca7ccbde009031f583819cffcba547c3b5707c7c1eba73dc6ade8f584244ba35302df2a0341c8e629d52fad82cc1c34dac09d39a975902e883ce1b648080e5855ad37961abaa7eecab4ac63cb839f4039f8b93d2ba6e618ebc437166e24e210171bc8ae12f31e90adadfdba265f9a8df86648ff4bcff451f289c9142ef5bac4ba3131852ff820087a5b7e1131eb05c8c857dd4cf2839501138174f70eca95c39a59220f47be95cbe4996c214f17e5a790679057bf0c05e7d79797fa74af891a0bb050183e9124f3677a94c92e3caaeb095d0746fa8a82e30f14b228fffee24ba0385ae2940a223aa6fdd3bee655aabb131e4660eefa4e65a0cd2197f54d94783a2513ab6ae8c548b7fae70692ffa367a95cde0cd90d37be42547f30d1583a913b11c9f998d60d8c78a3677d79c717dde50a0124d918e66655902e6cb60ddd82727bc05b31057693ee9d7601be6d8870edc47c328afa800911568d99655a271c65de3a07616806e280bd453217ee2420b32544c67e34bbcec1874b450af23af54048d3a10e71967bc1ee3c0029235d95f158895bbdddfa81a3cfbcc74c7c352820f75e00324e154441074853b7c2dc1c3ed42873c6323e0bd29058b62187f57ee8def92612a91b1598af90904e770a8788c05934b54f998ed0a4b54198e74a1bdcd6e5a07109f6bd0271384211633d2d70c28843fbed80968d3cf49a697bfaffb92101e0626dc34c4b9a8b47438606152c9eea6481597918ef7739be21f562c86289b842b1d9208459f41716f2518da7d3f4ba062c0ea28a221e44f071325deef0c9ce5e8bb729e8f393020db13ad241503f9c4dc21fee5bc58893e112a2bd2528aa825c3b8e19d8312b268a43c9c662737da60bf318a5cd9069a2d96653818733825f5808371ad593f124ce11272705b5dd827d269ea01ea8a3948418278ba34338fea40665bcb5365033785adbbc7f20ea2489a728670108781da688a9d2f327f7723b76e4d2dba9c05a8f15bc05fdd521ce44e606fb0daf61c3cf96094bc4c8ca55892cd55803da5ec5f72c9ea01273ba23d834061b1a4e7778470cb726d78692d1d00291b9753fe96e43b24f239b575978b0fc6855aae3e384fff6dca011d58ca718f5a64ce083744057fadce07c1569c0a2dd34cc2f990c2d0705d4ad2dd03ed74e005e495987f5dd3b561bfd610d372abd48da2cdaa6253b074b55a30c7663daf7268768a656ac8f36d0c61a6671f6b75b69634c5c3cb06bf7d28e5b01743d673ed200a51e70f7d72c908e21769144a72870fead7075c25ddadbfeb9a9818638c3829d329eac2eb542f190986977bf6b79ae967ede1bc3e998d271f8225d5ae195e1be0ae7be5dba2584bcda86187ccde07022a3a462f505557140b14646b8d2ccb67c82bcfbeb71ece2f3af3d2d522613571766fbc39716026361c6d109d1ca6616495a5c1186cb2009e8d365abaf16a81230ad8c05889f9fcbb7ce0c6a507f9b5a078dfe5a7483d376f16428d23eb15c688f252d8548b5d94f34f8cd430b1a31bcc3e1ce90d14e3e7a33021df06882d32b90e4c6968c8046a7410bb6920f278d1b1c166875217c8e8d417adf9b50c85c509fa0581d906ab12c339e7ce03a49693489e7965043c75e5950363f062e43933d848ac73cb5f8585eee7d22305f9332df9ad7a11377c01f15ae3009d92dc3fae370f8f817400fd7f5aeb5b103fa1ba707b86ebff9324e2d52a8d46baff356e4be977bab515127107916440e1867c4d6279b08479597b3268c98566723c935f96b569b2b60807f8a046ea6e2761c062c7913dc9d4bf71f60ee2fd0e7bb3e5b718e8d4a62c43f2d53d9ecdbfb6d1dea8d8ce51c574c5007a55bd1a5933e3895659255153d501e3419ecb2c63cf337b7de31b0830f7c5b4fe267ef576c7776d34e47c7ee204609284af5a10a88b0d2488574d50614b004c04285cadc63001ac023f570b6fa4c0a21635b2d53405c4279ce02ad7033cc5df8559e1cafb3e6b0dd169df0a980a27d5acd32f68e166ddd6c43e186de12bd09f14e644c5f7a696b1cec0cfc757dc64e8f0b64c8bab66db414fa724c175fa49676d0ae100537b7cb55751a54149b60653a20bbbdaa58a9172228e553a5ec93387db79eaa9cd542cf8035d4c50b7e09e3728f153641e7fd5c9cb8969df5374a25d3611aacc81ea1d195a4b2f7e1f861259fe1d2d6422e32acd44d2f996508c07e54b200a472e4782b0e5aa030898f4c51b578f60d17fc5c01055be225120118c20b171d8bffe38f194b0ef598ac5696825da3442eb0513e31dcf997a213ffb711392223c906b637c77a5ac612611b9d4f949bfa43d746b38fa61a2b736f116edfeda864cf56357f0d9ed25d27cb057c8227379a86d9f2bf00f289ea8fcf4a61f0bbc50045047e7ef0b097e4c65d749f4d40a89f6ff2e17990e837f81364faaf32cd0c5cdf9846173610759a22a424e00f57a3143c8cf561f12489ff01fa64ef27c39370e1eca076ecaa6fbd701ad2a29b80cca60bdccd34e5f26fd0ac661ef5da02883d55401b05b15770399f960c8749fdc90fc06ddc18bd88ad6d21a7db3aaf52e28ab741f211898192d4ab34b659e79eddd844a28b5c3d0125f5b8781f270f7832114c744bc5820a60b28d408291884c0f85b47e660f8545c412c235e85da5e33bd315067b9f89a36b76e204e82ee465031f0fc463d42254f73fe269bd7ba4f4f06dafe7057f58f5387f40b0bf3fa2e9ca6b2afc496d26ebd092e0373750cc649f16e1e35179825f3a51d8b015539a4ba1661addc540c776257ceadb0d795f8fd6737bc302fc39b4dda8bf0db0f4d0a62839b02ff488810413131a566082d864e5bfc3e073a63f17b28aa8929cd239f50689fef85a8de3308be69b82d7eca3d9e5190586362841d1ff6c562a3c6d74e57750e80baddf2aabd9cc40ff3aa30e2a9be9150815977e3292f171cd184074d00e90251ffb0943b276e67a87d7eed7af3d886519f54aec72d5eb01268202999e8d78532461a8524aa0fea7c49aa864f956bc4dd31047a529f8bbf4ba971ded87c6121533491863d6d2f4dbeac566839675a781f43c9ed27d0527c961a60f212deafd75ac331674b4e76d9151c9813aca07565b1e8b52a835d1693f36cdb9be6fa8cdd7431183467be6dc75c867268cbc7f7a6cd1059ccb123c47de06785d1deb8a2a4ab286929253e05107d07c80d2790af78fe59f022763514ade2fd2f2aa0fff6c99c6af7498c9024259f2f49d8e0f054b9e7d774b4e7b1552340012153d4c79451be6ffc71079da12c140d97f3a813256e93e22e3ff9045fc6075df39fab13ed8661a6a06bc083194ebe6bc40040840f08cd586d7a3a36fe7015d3a636f94553955325eeb3d5c538251202c6c1521cbe2b87e3a22ffd2744094a44be4a63e09271a29fbddc042872a53dfe54670d0028d640754c2aa06ab7e299244bcf5517eca5a0d50799ff872bdafe888a587633f3771c161c520e56764ae13e351dd4a4fbbc4c12e00986c58a3af279473acfa42cdd442d2ab36a1f2c8e15df74b9b9fdb7f4ed0a527e1b2522ea18b822d420e493a114031ef87dad32101c7002f7aacd435e3c952c5edf7f6317215709f673926e15feb3021c3d31adaf27f468ed93f65201963ce3ec173f8003d417961a503bfe5181ed3397bfe1299107235aa1562baf276ddc6b3e802a35042d0f8a79ee06102c8e9b0a92e7e92da2788c8e6450a924fe8d7637a183f9a0b69e949ee3d54bd5abf9b6a90bd3cb8a9bc9d8d91418c72b3fe665d54dec99eb53fcf474a0f42171e2f3fb16a00633408f77c205a168f70379d5f10988510ed2605f1811c5c22d9e3e44f483cfc65e373e431eb224414db926be369c40fd1e40f2938cc484b33f69d8ee518c33a91284d6e3635720b731c68011d6b467219a6deb3b6c47ae211375d738b6f77a4f6ea2b80579aa34b3d0bced65466b6946f386482db484af971f33f546f2c0b0bcf6135784fcf3f0f1006fe34617e86adbabf80935995d34b48b9d1f12ef089510dbbd616a59e875d3f3e0aa7aea1758d6c5f2a699d031823205a4ad815efee17395d817015c392a79e4d0ac9686e596220b0ecdd2c1646e54a5630cd6022b1f52d81de0b7c0e772ab6a9c931bf527b0a874f79fa860cc82283d36be2114a4ce514b60f2b1ef941fb4e1a8d2899467d6231f82fefa3bc2462677ffd1d2436b44bf4f7fe734064f0a0b16c3f16332a85895ff84494009e00440ff7940096065996741278b3652d6286545b10c77ab2e905c1bb8c2d538ca6521df0707f55e0054d2d87d060f863c9cc50db915ac404ff6017a48a04190d12168a647d803819879c0bc3e688663d1585493dc800727fb4775473005d0cc37c3941dddb31071cb5389083a0ee8aa5317326c7f8a29646e24bb32c6d6198d2e095a6694f5ad98e3940608d60e169cc7dc507564e043aebdde61d7adf96f0a52adbde8f9ce5f99a323c8cfbb35c23baef865a6a6f949b9ee425ed2dbf1f74eda38aea9bb1e814f8de792d106ffc2030223aed765a49a8c5225f986508d023b698226c40e366e93264fbf51c2fa8a889f13ef4b768c480ae4ef3d5f061d7cd2ea2456e0c2bca80c3e7b23209a4d221a1df8cc6b3e5fa6dead523253952380abf2ca49d628a4078e4c34c49caa2f84dbd9325c2459dcf8ffe65163a438dc1f204cfeca634cfd0a2f0f165539b88bbff3b4136f21cd050ea0c2959701aed2f44be88498bd6ccad2935aa459f91e146928eceef45a9dee8ac5d9ecedf6f3757a3058742aa743b74020dfbd925deacc4fc4c1e1d91653f93b190229888c5103c29a4b5ffc836babd2035e79d5742e32f663fa44ad2ccb40e547037ecfc1d8f1cf1f70638302c6b8e8524ffe1e1b33464ae0c4ad2b8f53350998a864ac84789fd0f48534295285e6", 0x1000, 0x5, &(0x7f0000000000)={0x0, 0x3938700}) mq_timedsend(r0, &(0x7f0000001200), 0x0, 0x3, &(0x7f00000012c0)) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f000000aa40)={0x0, 0x0, "c009b39830e4109622d7a29d0bd42e6d365c8384f665a2104b6faaa5427626b93311e77f0de4211e1217bc355a5246327eb7ba126bf7e4adb45535a4d9757c77f555e42c9254e9f9089be590271f821f5f6b632da2dabf1d6e618629da57a34a33f5e913338e628f32d84f60dbb9f94b70f1828e7d652bb2443c02901738d15cd72d14288f0d47dfe96e49988d0402f96628f97be361723e018daf71ab695fa4726664c00ec9aa53b8c092760da4cd088f03fad6504eceb8949dc35abc6c9f51916777bc38aa3669fb220546dbd1024eb87da205b46ec35180a8fcb898160855b5044023da75f2b1f285c1462a8afa95492a14be3f42052ff535612d226506a0", "7374bf600a2dbb0a10a4446998c60bc654676f080ecee8672b9b990319e9f34b4c45be9b1cbb8fbe1f4541599e2a8deeedad6067575d671432b4ba4028542704ab850b2cd326bd5a16431e3e06cbefba068d34f999e863befaed31fe2f898bdfe4043148f4d1cc27af274cc202dd9cd92b1891ba85c4048baa5cf0aa7a3d5dbef19adb89a7123a5c5cf1f42650df4c63aa25c0c5f606a072b8c1910206999409a39439cacd824f129adb4177e14f533050e77cfd6b9e760c12899b047feb4c8e5b746e5570db48fc8fafeccf98bad6d99a585091b403666ded97ce43cdf6dd1791052bc149861ea2585dfb28b538cc9fe6ffc5e07182615951fd668085ed124af574a07e3495491f19b1aa2a3b69028ccacd78524d988b224ab17ed905da0b840b4a9939e2af6efdf4221126075a8964d904883db014031e0924681a4ef3795071b256b75002a7df298c87c565b1d8a331e7d0c1000e1d707100917dfe107f87ebea9dca1b708b01cacf1c9f348c0d0fd64aa64193637c7169264d06f613c41be60f39b0cc9d813ae5fca2222832f86f2ae87e883efd48df36d16e6c1ca5c378f6ff0fbace91eb3099d744b16171fcc1ab7d5456392f0878ecf27e8caad7386663de490c3044eed7e7cb83e675716eda0cc09f219aadddd814c88048a7c6cefe69a79f2f7a234cfffbf19ac7a9f6ef59faf2776ac3d636904ec1bda09b1c9d8caeafa918983215d866f5cb6f1088e7e99a43425913d258a3dc8550fcbca3e0bec47503e24d709dd1fd1bb3cd92837d10387a0eebb98aab27950a2a66dc0b9bad3e4ef6393036d64949931ffe6479073790b3b885ac8563d4018e9227d644864c17f048daefbb192d15b56a2a440ad6d4ef5af2ac9904d8b69c64d2368928d7595594e6c3fd23229cb6aa80ec308301b1c94777900d34b1b3eea03dca765036a3f5351551affb585f22541074380b60ca062bf8a8a2324fe61ecad5733aec51e0c5ddc648280556b8a038b5816947b1637ef598cfd134cf9833d875fd23d22f5f74e74a4634d50a3ac908eed128f4297924296d95361b9504c08df4a0603eff93ee34bd45ed12e8d06b8f399fefef4ced732aad15b70f3e276101fa4b5a5c17435d0999b3345ccfe853c955e8b7927c7a171506b8e5b4de8a68cb5e80c3709a0e15643b5772d82d04859133e09fa8ab81ac042e67bc918f2847af14a4eb77c3fcac3132ec1af5a57d85acb9ce91d9d15019904396737ade63df938e6f054f8ee21e8994d45b0801ccd8ae8bda90128cb05eddd297d800412bc01fc5cfdfa9d473641fffc793b513da3f7565a27c4ff3678ac6f71560cc6cc95fb4d20f85b7934cb4a4f614182d331ab53b6a09ff47fc272b6c1f5aaca477bfdfed3fac942d639773b7a5656c526eb595d6fa9d301c425947f37088447cb4400c37750b76eb6c1f7933e43b27224c2fdc053e55125d00ab11428af674f58bd5c3ea1ce4762856afccbd37dd59a5e726f2e5e770bcc8372304fc2a33611234e3b0d411fcae8691e621b64581dc32b3d97c02920877b2c995018dcfff2da8687bc64332cffc3d355931561dc799d169f61d121f242dd3605e3fef8a46bf73998202d6a87671719896c61d729006104bdb7e926020f28260c75c2c754e5f073097d7031567e62cbfcbff541702cdaf498bbfe01e2948e6e164271ca4ab4df68a1569d29d3ce7029c0b58d2a1e6d179fa817ec9df17195c8b83a7a7508f18f0e3d07e8871f331d7a151bc11301c7dce402e6a5fda6f3096df2ddfeb48b3991e055c55d2a071ed66bf378e5c451f849cdbd7951cacad16d6b5734b71db866e77086bfab1797942633ec688d78bb2fccaae2b0e796b852b278bd4a4648d0811293e1bfe68e30b42eb27ac0a4e435e086b4cfeeb9fa539f0d800b6108e4c7b9d7237746770a3f3477646b7c9bfd2bc111679d40bffe221be492ba984df6cd4d7d8f9cbf7185e79804416be68d8a2bfa28e5bec4b57bf5f08eeecafabccd55744e49bb4a7dd1324908d91762b9884e7268d0bb6290be3b51091ae6ccf2ebbd4945dd7913bd38509a00ce38d955909bfa1f3740fc123a12e15b853b59b9b691460afdcda150d39e566a83eaa0c3b7bac9819bdbc7e0a620206be87ff2f8ea8091dbffa014d2f2eb919040a434cdeb3db68adf845d2ba751dc0e1ce4afd8672a5ecf0653b8c672c3265aa236a174185f4b4a291bda664bb79c13f8b6932a831385773898d194d2500b38fbfff8c4acafa5a80dfd3f1f906132885446f9f7ad787dbbdab593661ab1c255df879eaf4ca739deaa11379a5c6b650472257fa54b646b29ceb3dbe27e3584914f9f766bbbcc67abeffebb0df881a42b8671bba930b04d1d7710cc15d546ee69ad40e66f04eb28af8bd17b739e68ad75a239303fb97b18f8f08d2f95bdae0f245ebdfc3ecf555a6fd53f5a35af8b2dd016b227d209fc8323a7576e66a9913a0ad4f19d30d2b6f25ac8b5b6c762e2c68c76f9bd7818adbb3c9b194c09471482ec6898754469076b8674ab9e26b5977a0fa693160f18a01d2f2c362186ff75c205cec261d9e6c431ee672e4056b7e458ef02dca1167d09de5977210461758ed506290477a63c5af0698a1f4edf3bc569692bc9febd5fd641860dd34a6926af47ae7bdd3cce59a5b24b6944075e30ec2f2dbd043ebc57a39eaa5559bc4f21f08198e0daa2e8506b21160c8f9b629ad0e80d5e99e5cf4c4ceefb8d9fe5493ebcb066a647269fef2146f1ed55dac66974446e650e49db26ceb24c16c24885a2d2d011d11ec52d5b7a9c8096314d1dc7c992a1dee70be2fc0cc2d9fc94b0d02d479f6f4bfd3fa20df42568e27c0cea6caa1028d5dfbe6a9657053c06132387f9abfbaf93d9b335b69b168bf7fdaa0a44981dadc3358b50f1b24d390f8858d6775fa838388ff8a69b02bf446028485ba9e0c15731288c186b3cdf2fbc088f13f50e5eecc9b3a058d1369b7a254f11aa81a5fabd862bfd5226ce26e0199ef241badd55ba0d6087e9eb1661111a6afef1caf2bd54832bb5a3e8b864c8af220a8a115746c1646e78471ba2edb7c63fcff7f6be047a5f740525fbe5e259beee146dc2a609d3fd576e826ee1e4fce8ccbf75aa713514bda04ed4086cdd11a770cbe5782bca23f5f3ad8682609d5c5d4e5ca4e117d7423740b41081c6945b446223bb435c6ae2314552b7bf53a8b2c8a7a2a961d17315e0f7a660624b119c89ae81d2214b03cd79bc3eb355bf06811d7186b1f0a7219dd8d4096cb0df940719279357b853bc7c5bcf645aa65c12227859ce0851953fcefa6051f2a31e3666abde9ef1ece3eba658de696edf5d87a7d562dfe1f6bb9ac5e6773bc9069c732683715868cf14825345fb60665982549b9bb7c5b7d934ed0c4d136fa089f8459d473bf1ee678cf88c26f4f5ac681aa6dbe6ef78c26e7a3649ae0574f550f9fc64e8caa14586cbc43d8ec72a3170fc4f6c78fdbd40332c1f35adfc04be68a067f2c03325d624e21fa0e1fa6ea879caa84665bedefcd19759872824a0053a110af2b6099d8ea572b0c81cea39147bb2dca0eaefd4be8c3b59b98c27049f04ae5f3652ade0e1561238296d17979581b93d0ee26464fb5675b968cbc397558207fb1d5365f73994c0c8f2bcae0164e74d602a4856355b214af58b6357b2505779260ec73929eb4fe1047bbc2a125ff6c88718d2b8b8fb9c0d1cb1760748ffc5e4998dbaf8fad99df26b2eaf99bce2541d287b243d7b9cf0ecb25588d14c6228a6cb5413f48e3d07817d258c45ca0ab3494ca5b59f87abdf38e439b4a31d60d9474a52e465f36dd0cd56f00d4e5e563bfc6421b40a7522eb71894a698c19510fa7dc690b6b3f782d88e61ca635d5efd4c9c1725dbf24e0c8e246a2dc979e4750de8347687038f0441858bdf5a06bcba827d8d1327601943ca9fd004c121034fa6e1c8b9eff5da764961f5700eab97380e99b37f302239b528b36f5c9bbebaff25edae48fbe59dd272099af5c695a19b62f64485ba01ae8416c02f04360be933b8ba8a49c6c1188a78c3d36d0c61f61b4002bfeb669e29bbcb306f573528a749b085500c7649aea469fca867da4ca9eaecc75a70f41baeb80bf803402a9066dc1e8243192b78533e0ad590e14fd2bf2ce3ac943ade1fcefd247406785ee387d18e9afe8845481748fbadf4d081e01ecce50ef1fc5b457fa296b833d77390764e2af12f7930c6334476dc4cf45d9f272e364336810c11318bd0a95233005d66fe81a5708ae5fad8c7db17e6d97d2340651f7aa7a36e132a77a7a6206b36a95ccb5a48cb19bd3bb886ff0e77bc76653912149ca85895c4f80c373cbbd4305a91213e8ec5b7b18d8587d723c18f02854556aaaa540935eab2b7470a7c1c40c7e843ac1221a51e92eb05af2342fea7c853a46182c8384612aadb40145b95de565140003468eaca74b38bdf4dc640d0af80c3dd81747652c5fe15ffff8965a150a4ca6a9d9c91d067b4fac49b23cd2041dfdab22126c97d812b67ed638cc65d75d836bf439807cd7cd3cd0e6b30c81983e3f45a00282a14d401d81ac7c5544510dc7d157eeaa18b09df5ec949a22d7342b5b720b2a47251e995410f9b35d90824c1b19beb8575c9efe2aaa2a2011790a1099a924c01ca835fb7cc561eb2310a5331d4d9c4a9ee03a5f1364c17a7f4511c0c1b929c630cc110696f9e94b4107d0b75338fda2c5e0b8d46d19b98071e328f57debd56b4a0a9009913ac41518a08e6fa533edf20db0dc5eff43cd3ead623fc826ac03925490537d6b6a47f27031faa17f9852a3cb72d2088f33d35846a40758e60dab4b3980d032adc3e4faa61ff8aaea6b08bc9705cf097701e9af550fa43ec06c0ae2257927eebcbbbf4a05ad8097597943d6aed8a950ba32bc0d19827539019397e2fffa5f7379ffd7ec266f0c1cd947aab0c9e73c2796bd4c32fa0a0effbc84570efdebd3ac1eb57cc89cdbed91ed43a64cccfeba427a017a07d84acc850a45e2f26639598ed061ea81b60fb1873983591d446129ba8b27a4aef3311292017e3cbc00533824888ef80ef1a85c86a370dc11694d2f455e04ceb8811afa53aac77c65b38703d18167aedcc077c988dd9832ee1999a82c8752b921bceae484c19cee6828eef373c979b5c3f208080c8dcb38c53e384bebed6c41c3b9d6958bd2b952d82d17b262dbf30f90ab5c5d197ccee9f6b6525928b0100ffdeace644e159500495ff5a0ea7df7b9ab63617e3879818e25341e97d839beefdf248222cadd61a5d76b1ff34704bb78656afef7994904da269f973598217edc3be93157185aa15ef225f6471d7786a5e28d0f145b96566e101bf46723486867b9aa90f9eb4d1f5612d4950160c1504a367daf984"}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001300)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000007d440)={0x9, [{}, {}, {0x0, r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r3}, {}, {}, {}, {r6}, {}, {}, {}, {}, {r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r4}], 0x0, "46dacd8396fe92"}) ioctl$BTRFS_IOC_INO_LOOKUP(r0, 0xd0009412, &(0x7f0000000100)={r6, 0x1000}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000007640)={0x7, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}], 0x4, "9755154351ac9a"}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000009640)={0x0, ""/256, 0x0}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f000000aa40)={0x0, 0x0, "c009b39830e4109622d7a29d0bd42e6d365c8384f665a2104b6faaa5427626b93311e77f0de4211e1217bc355a5246327eb7ba126bf7e4adb45535a4d9757c77f555e42c9254e9f9089be590271f821f5f6b632da2dabf1d6e618629da57a34a33f5e913338e628f32d84f60dbb9f94b70f1828e7d652bb2443c02901738d15cd72d14288f0d47dfe96e49988d0402f96628f97be361723e018daf71ab695fa4726664c00ec9aa53b8c092760da4cd088f03fad6504eceb8949dc35abc6c9f51916777bc38aa3669fb220546dbd1024eb87da205b46ec35180a8fcb898160855b5044023da75f2b1f285c1462a8afa95492a14be3f42052ff535612d226506a0", "7374bf600a2dbb0a10a4446998c60bc654676f080ecee8672b9b990319e9f34b4c45be9b1cbb8fbe1f4541599e2a8deeedad6067575d671432b4ba4028542704ab850b2cd326bd5a16431e3e06cbefba068d34f999e863befaed31fe2f898bdfe4043148f4d1cc27af274cc202dd9cd92b1891ba85c4048baa5cf0aa7a3d5dbef19adb89a7123a5c5cf1f42650df4c63aa25c0c5f606a072b8c1910206999409a39439cacd824f129adb4177e14f533050e77cfd6b9e760c12899b047feb4c8e5b746e5570db48fc8fafeccf98bad6d99a585091b403666ded97ce43cdf6dd1791052bc149861ea2585dfb28b538cc9fe6ffc5e07182615951fd668085ed124af574a07e3495491f19b1aa2a3b69028ccacd78524d988b224ab17ed905da0b840b4a9939e2af6efdf4221126075a8964d904883db014031e0924681a4ef3795071b256b75002a7df298c87c565b1d8a331e7d0c1000e1d707100917dfe107f87ebea9dca1b708b01cacf1c9f348c0d0fd64aa64193637c7169264d06f613c41be60f39b0cc9d813ae5fca2222832f86f2ae87e883efd48df36d16e6c1ca5c378f6ff0fbace91eb3099d744b16171fcc1ab7d5456392f0878ecf27e8caad7386663de490c3044eed7e7cb83e675716eda0cc09f219aadddd814c88048a7c6cefe69a79f2f7a234cfffbf19ac7a9f6ef59faf2776ac3d636904ec1bda09b1c9d8caeafa918983215d866f5cb6f1088e7e99a43425913d258a3dc8550fcbca3e0bec47503e24d709dd1fd1bb3cd92837d10387a0eebb98aab27950a2a66dc0b9bad3e4ef6393036d64949931ffe6479073790b3b885ac8563d4018e9227d644864c17f048daefbb192d15b56a2a440ad6d4ef5af2ac9904d8b69c64d2368928d7595594e6c3fd23229cb6aa80ec308301b1c94777900d34b1b3eea03dca765036a3f5351551affb585f22541074380b60ca062bf8a8a2324fe61ecad5733aec51e0c5ddc648280556b8a038b5816947b1637ef598cfd134cf9833d875fd23d22f5f74e74a4634d50a3ac908eed128f4297924296d95361b9504c08df4a0603eff93ee34bd45ed12e8d06b8f399fefef4ced732aad15b70f3e276101fa4b5a5c17435d0999b3345ccfe853c955e8b7927c7a171506b8e5b4de8a68cb5e80c3709a0e15643b5772d82d04859133e09fa8ab81ac042e67bc918f2847af14a4eb77c3fcac3132ec1af5a57d85acb9ce91d9d15019904396737ade63df938e6f054f8ee21e8994d45b0801ccd8ae8bda90128cb05eddd297d800412bc01fc5cfdfa9d473641fffc793b513da3f7565a27c4ff3678ac6f71560cc6cc95fb4d20f85b7934cb4a4f614182d331ab53b6a09ff47fc272b6c1f5aaca477bfdfed3fac942d639773b7a5656c526eb595d6fa9d301c425947f37088447cb4400c37750b76eb6c1f7933e43b27224c2fdc053e55125d00ab11428af674f58bd5c3ea1ce4762856afccbd37dd59a5e726f2e5e770bcc8372304fc2a33611234e3b0d411fcae8691e621b64581dc32b3d97c02920877b2c995018dcfff2da8687bc64332cffc3d355931561dc799d169f61d121f242dd3605e3fef8a46bf73998202d6a87671719896c61d729006104bdb7e926020f28260c75c2c754e5f073097d7031567e62cbfcbff541702cdaf498bbfe01e2948e6e164271ca4ab4df68a1569d29d3ce7029c0b58d2a1e6d179fa817ec9df17195c8b83a7a7508f18f0e3d07e8871f331d7a151bc11301c7dce402e6a5fda6f3096df2ddfeb48b3991e055c55d2a071ed66bf378e5c451f849cdbd7951cacad16d6b5734b71db866e77086bfab1797942633ec688d78bb2fccaae2b0e796b852b278bd4a4648d0811293e1bfe68e30b42eb27ac0a4e435e086b4cfeeb9fa539f0d800b6108e4c7b9d7237746770a3f3477646b7c9bfd2bc111679d40bffe221be492ba984df6cd4d7d8f9cbf7185e79804416be68d8a2bfa28e5bec4b57bf5f08eeecafabccd55744e49bb4a7dd1324908d91762b9884e7268d0bb6290be3b51091ae6ccf2ebbd4945dd7913bd38509a00ce38d955909bfa1f3740fc123a12e15b853b59b9b691460afdcda150d39e566a83eaa0c3b7bac9819bdbc7e0a620206be87ff2f8ea8091dbffa014d2f2eb919040a434cdeb3db68adf845d2ba751dc0e1ce4afd8672a5ecf0653b8c672c3265aa236a174185f4b4a291bda664bb79c13f8b6932a831385773898d194d2500b38fbfff8c4acafa5a80dfd3f1f906132885446f9f7ad787dbbdab593661ab1c255df879eaf4ca739deaa11379a5c6b650472257fa54b646b29ceb3dbe27e3584914f9f766bbbcc67abeffebb0df881a42b8671bba930b04d1d7710cc15d546ee69ad40e66f04eb28af8bd17b739e68ad75a239303fb97b18f8f08d2f95bdae0f245ebdfc3ecf555a6fd53f5a35af8b2dd016b227d209fc8323a7576e66a9913a0ad4f19d30d2b6f25ac8b5b6c762e2c68c76f9bd7818adbb3c9b194c09471482ec6898754469076b8674ab9e26b5977a0fa693160f18a01d2f2c362186ff75c205cec261d9e6c431ee672e4056b7e458ef02dca1167d09de5977210461758ed506290477a63c5af0698a1f4edf3bc569692bc9febd5fd641860dd34a6926af47ae7bdd3cce59a5b24b6944075e30ec2f2dbd043ebc57a39eaa5559bc4f21f08198e0daa2e8506b21160c8f9b629ad0e80d5e99e5cf4c4ceefb8d9fe5493ebcb066a647269fef2146f1ed55dac66974446e650e49db26ceb24c16c24885a2d2d011d11ec52d5b7a9c8096314d1dc7c992a1dee70be2fc0cc2d9fc94b0d02d479f6f4bfd3fa20df42568e27c0cea6caa1028d5dfbe6a9657053c06132387f9abfbaf93d9b335b69b168bf7fdaa0a44981dadc3358b50f1b24d390f8858d6775fa838388ff8a69b02bf446028485ba9e0c15731288c186b3cdf2fbc088f13f50e5eecc9b3a058d1369b7a254f11aa81a5fabd862bfd5226ce26e0199ef241badd55ba0d6087e9eb1661111a6afef1caf2bd54832bb5a3e8b864c8af220a8a115746c1646e78471ba2edb7c63fcff7f6be047a5f740525fbe5e259beee146dc2a609d3fd576e826ee1e4fce8ccbf75aa713514bda04ed4086cdd11a770cbe5782bca23f5f3ad8682609d5c5d4e5ca4e117d7423740b41081c6945b446223bb435c6ae2314552b7bf53a8b2c8a7a2a961d17315e0f7a660624b119c89ae81d2214b03cd79bc3eb355bf06811d7186b1f0a7219dd8d4096cb0df940719279357b853bc7c5bcf645aa65c12227859ce0851953fcefa6051f2a31e3666abde9ef1ece3eba658de696edf5d87a7d562dfe1f6bb9ac5e6773bc9069c732683715868cf14825345fb60665982549b9bb7c5b7d934ed0c4d136fa089f8459d473bf1ee678cf88c26f4f5ac681aa6dbe6ef78c26e7a3649ae0574f550f9fc64e8caa14586cbc43d8ec72a3170fc4f6c78fdbd40332c1f35adfc04be68a067f2c03325d624e21fa0e1fa6ea879caa84665bedefcd19759872824a0053a110af2b6099d8ea572b0c81cea39147bb2dca0eaefd4be8c3b59b98c27049f04ae5f3652ade0e1561238296d17979581b93d0ee26464fb5675b968cbc397558207fb1d5365f73994c0c8f2bcae0164e74d602a4856355b214af58b6357b2505779260ec73929eb4fe1047bbc2a125ff6c88718d2b8b8fb9c0d1cb1760748ffc5e4998dbaf8fad99df26b2eaf99bce2541d287b243d7b9cf0ecb25588d14c6228a6cb5413f48e3d07817d258c45ca0ab3494ca5b59f87abdf38e439b4a31d60d9474a52e465f36dd0cd56f00d4e5e563bfc6421b40a7522eb71894a698c19510fa7dc690b6b3f782d88e61ca635d5efd4c9c1725dbf24e0c8e246a2dc979e4750de8347687038f0441858bdf5a06bcba827d8d1327601943ca9fd004c121034fa6e1c8b9eff5da764961f5700eab97380e99b37f302239b528b36f5c9bbebaff25edae48fbe59dd272099af5c695a19b62f64485ba01ae8416c02f04360be933b8ba8a49c6c1188a78c3d36d0c61f61b4002bfeb669e29bbcb306f573528a749b085500c7649aea469fca867da4ca9eaecc75a70f41baeb80bf803402a9066dc1e8243192b78533e0ad590e14fd2bf2ce3ac943ade1fcefd247406785ee387d18e9afe8845481748fbadf4d081e01ecce50ef1fc5b457fa296b833d77390764e2af12f7930c6334476dc4cf45d9f272e364336810c11318bd0a95233005d66fe81a5708ae5fad8c7db17e6d97d2340651f7aa7a36e132a77a7a6206b36a95ccb5a48cb19bd3bb886ff0e77bc76653912149ca85895c4f80c373cbbd4305a91213e8ec5b7b18d8587d723c18f02854556aaaa540935eab2b7470a7c1c40c7e843ac1221a51e92eb05af2342fea7c853a46182c8384612aadb40145b95de565140003468eaca74b38bdf4dc640d0af80c3dd81747652c5fe15ffff8965a150a4ca6a9d9c91d067b4fac49b23cd2041dfdab22126c97d812b67ed638cc65d75d836bf439807cd7cd3cd0e6b30c81983e3f45a00282a14d401d81ac7c5544510dc7d157eeaa18b09df5ec949a22d7342b5b720b2a47251e995410f9b35d90824c1b19beb8575c9efe2aaa2a2011790a1099a924c01ca835fb7cc561eb2310a5331d4d9c4a9ee03a5f1364c17a7f4511c0c1b929c630cc110696f9e94b4107d0b75338fda2c5e0b8d46d19b98071e328f57debd56b4a0a9009913ac41518a08e6fa533edf20db0dc5eff43cd3ead623fc826ac03925490537d6b6a47f27031faa17f9852a3cb72d2088f33d35846a40758e60dab4b3980d032adc3e4faa61ff8aaea6b08bc9705cf097701e9af550fa43ec06c0ae2257927eebcbbbf4a05ad8097597943d6aed8a950ba32bc0d19827539019397e2fffa5f7379ffd7ec266f0c1cd947aab0c9e73c2796bd4c32fa0a0effbc84570efdebd3ac1eb57cc89cdbed91ed43a64cccfeba427a017a07d84acc850a45e2f26639598ed061ea81b60fb1873983591d446129ba8b27a4aef3311292017e3cbc00533824888ef80ef1a85c86a370dc11694d2f455e04ceb8811afa53aac77c65b38703d18167aedcc077c988dd9832ee1999a82c8752b921bceae484c19cee6828eef373c979b5c3f208080c8dcb38c53e384bebed6c41c3b9d6958bd2b952d82d17b262dbf30f90ab5c5d197ccee9f6b6525928b0100ffdeace644e159500495ff5a0ea7df7b9ab63617e3879818e25341e97d839beefdf248222cadd61a5d76b1ff34704bb78656afef7994904da269f973598217edc3be93157185aa15ef225f6471d7786a5e28d0f145b96566e101bf46723486867b9aa90f9eb4d1f5612d4950160c1504a367daf984"}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001300)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000007d440)={0x9, [{}, {}, {0x0, r12}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r11}, {}, {}, {}, {r14}, {}, {}, {}, {}, {r15}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r13}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r10}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {r1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r16}], 0x0, "46dacd8396fe92"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000047340)={0x1f, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6, r16}], 0x52, "716c5fee927457"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000053e40)={0xde, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r16}], 0x1f, "d59f23b4384c22"}) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) 01:56:29 executing program 3: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:56:29 executing program 4: ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffe}, 0xffffffffffffffff, 0xf, 0xffffffffffffffff, 0x1) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) 01:56:29 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {0x2}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:56:29 executing program 3: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:56:29 executing program 4: pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r1, r0, 0x9, 0x0) close_range(0xffffffffffffffff, r1, 0x57d51fea3771aed9) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x300}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) 01:56:29 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x6, @any, 0x9}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:56:29 executing program 3: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:56:29 executing program 3: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:56:30 executing program 5: perf_event_open(&(0x7f0000001d80)={0x3, 0x80, 0x46, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xa4, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x1) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$netlink(0x10, 0x3, 0xb) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x20000090}, 0x0) ioctl$F2FS_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0xf50f, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, &(0x7f0000000080)) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1}, 0x1b) syncfs(0xffffffffffffffff) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8800000) ioctl$SG_SET_TIMEOUT(0xffffffffffffffff, 0x31e, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000) write$9p(0xffffffffffffffff, 0x0, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syncfs(r1) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x240, 0x0) pipe2(&(0x7f0000000000), 0x0) fallocate(r2, 0x26, 0x6, 0xff) 01:56:30 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa605, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={0x0}, 0x0, 0x3, 0x0, 0x6, 0x4000000000000000, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, &(0x7f0000000040)={0x730f, 0x6, 0xfffff800, 0x9, 0x8}) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000011c0), 0x1055c3, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN_STATUS(r1, 0x8040942d, &(0x7f0000000100)) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000140), 0x40, 0x0) writev(r2, &(0x7f0000001180)=[{&(0x7f0000000180)="db0389ad29be3fcf496950befcc558b5e855058dc3a534290d2f004d1891f544b1705ec5f3c8b2851f36540488afd301008cf49dabdbde86204d6baef2b05511ae15590fa3e7b937a7f838d64c0773ccb18589ab6a9f2c69e7d601cad1bcb21caeea39ef8edd15889092b91bcde55a7298856e24543e2a0e412f215da4f1e8273104875bbfa5510e6f01b71e6a5830b420b5f02176e14e6736f80e53f8ebcf1180e9d4440c4d3763583dd816e18ac128170831930077e881805a3aa1a3c164d2677a1b4fb81961603cca362079891a485a4fa982821e64e70e056db207f9b6ac6abe8645ff4e056de6cf5dcf8405bd052cbdd23b500d198cdff147101cf0935c4bcf70f48cdd09e9df3b1bbcbdca1a719a8bf7f32cc966232d7f142cab32e2c6e0167ec907c8aeb57adb2b0e1b1cda80dc86a12cebbcf963bb7c119532ff426f78a741f8390bbfa124cb2b5e0798a6abcb9337fc4adeb19fa43a695a1bd60b138c2d8511c175460aa2ff8d4ee74788a9ae4307926aab7998e1e3c69fee7673deb4f077246a6dbae7aa1e2ff40607251e74aa1b20c789d491c4fb8d27f5341f69e4670c1dc19783f87d7135425b1cd34183fd26cf36f6b170007efa02f52ddc83dd766f75f4c6c2e69d3ed7e9de139804fe4782b4f7758ca1d86e9dcaac6318f6898d71fef9260926633d187af5ce10ec1fe5b03e0dfb76e88b59d51eb87cbd9a810cdde01d522860581a66f63794621f660ec1c0970d955a9eaceff4263b9719d10d76043babe652422a4a534653cdc84732fd6074ff5eaefc8e03332a72cc14f2e92a7387ca8fb11b97548d9323a520647b2446d42ddb4018a9a2f1a5ba6081ae554161ba89adfa08f4f8651f748bf36892bb49b7f69e5439a24da5e0dd8b3a190c09fb5b1d3099cf35e84e4fc277746ba88e22ff48f4da3416cc21a55c18d333cebabf0881c17c8afdd1da2f6900d0ee6e1277bded016ace7f3b07fe0e39812bbcedb4ac4c7f4202b99ac8e84fa074094b9ac4b41fd50415be9b7bdbc73aca0886a2425a4883fba38f8c0823dd1738ab79afe7df478d3f1e72911066c4df91d6f42abd8c445fce256470b7a97aa4d5a3b2a0dd5805d4a8bb92bc0ab89c66c99a825e7adaf96ed225d4cd697e4083f2697a8ff8229f92f557b0dc514cfcff3886cd77fdaf7a6d457e595e8739e878f9d2c5257b81a0566ea263a8717e2680f0efd46fb023de17ba7c34665fbbbf2bfa0ca6496d2a20addb791c21a397023a6b0ae75bc21165ac182f65b169c2ba5e68c0bb39f4b85480ec16e0cb1b4e9132ef1baca1c72dbeea19a55f75d4ba4b07e4676bca059eb92065b6f357edb03b7c8dfe7480d4ec04f7a36a5cce234e87b7e7c5334f586026e56026c859883e5b2e5464806f04326e067f2345b3a28200e5af7424a769cc2fda48f631b7823c4346fca0b897707e623f0bb154b4ec2d3906638efdc361b33eb45f4d206665e485fe814c122894a41aec71e6927b9b1e51a065101d3655ef669a4640c29f79cc96370d80da78881e2cc6f6336f2ad2205de91f1d370c84f92562f99f53781603f682f905b0a542cda901ae89095adf06e046e7ffb19507beb938b5676c298c9b52d9fc0783aa84181172f006c47068f664ca819d0848d0c27014a8a73298dcdc8ecf5051eb2ec1bf47069c836a6d5e3ff3b1966a40f375f509ff03c247501a8e1acdb639a9cc848f4cb3295aaf5977613b2ee51fb9bd37cb8a583146b801ae01dac1d1f4ce2faa7590bfb4960e17a84bb5cf99fdf2a36f4d26483a96ef6758ff9ad4187e2fe4afea8dab6445c80be7eb3d14356ab330545e80cd0e8aed5bb3fb67ba321f7cb170ad3380b618e7e94eb584fa07cce6d6dcb4791f012f820e5762591ba9ecb25f919d72613ed6cccbc356e4cfe2862fc258d0ac6ce568c480909700eec01348f498c858f4885d0f0b2191a8cc25aca58efd48a151bc414514137b6caae1695d2b6f002c8b5d8a34d5a7cd1f454377977bcd24ab07caa0e316bc65f69c514f1506f74b30b5920205bad1c45488a2157666af6116b6a8002cdceb85bfe4a16bdaf116530dc47c3729a70bd9ba15da5c8216f7a53c272d467c52f0799ca739cc7b7cce9d78a38896f821c3695f42828c2ec3e7fff67dd5946129653a7da5eb469ebad12e3740ed9a0bc421a4077f3b84483482690bf262589cb5bb2268ca12a9ea881c595624376a5811aa3bb34f80656fd412979293a67f717027aae3d95e883ceb084abaf94246e3259057470990ce931c2bc078ba586f8e4e08079de06f9b1ea041ba10b81d391db1aeca9d637dbdd7a9a8d67db742a9c374f0a68f2a1937d43a32183412384ebde133641cd2bbfea0b31ad69b73cc202aaea23d042cc51df0209af9eba23a3acbb5361a4f15ba895b99ff1dad2954e67a1cbec8464e8d52bbb9345863c540b25a0be2cccca6e35200e1afd08cc22be860b5425eb2b71d5d07072f08182d2ef1b6e54955431d4541144c3e3fb1214abb2fd4fd5239af936dbaef822f0592014002c06958ec14102b3a14b0da2e3b0335ea25533c71bdb8e450ccc3cf1c344d11b11316f7514deacb662154a7b1876af06c071284fc84444e951949a256462ab4961abbdd7a7dd7512cac382f92f58f32ad3c242b2b6087bfb24307b86bdc00207b753a451bd24b23cb73ffc1881f430a95d1ac1585cf82f96f4856dc5634d02a92122975a097f7000eb1eeac383642ba5d14438c7fc5be6e5e31508d38d94a99ecee05860ce7b3f5e048f04765d00bffbb5c4c36080f29027df3625712368663f29bad67956cfa33e1b901d6aa1f0786c76d874f77ad10417e70e1db5cea4d60be088362a3f62eb4d9d42cdb10e2ce1107734a40f2956d5a470c976ef444235075009952dadbc50ad46a5199e6ae922d1dee45283c8d7fea1d5067bd9eaa722cddf6ff0d524b1a3bfb477200f64a7bc964a28db29e8a19654735becc4b3a1e6311307171c77f1172117c1940202cda8cdefb55398265c4760cfdda706f80909bf7cfe02baa67e4cff435ad12abce359dd53697a2102e7c35abe7cc55e5c0899c1c3f0c60640535f1ce81dfe96ffcb3419ab9bc0d4eff2033eb17fba9a67b7d26dfed6c8a961093528b89f2c9489049d8e8f4f5a2677c82d195210301ff830928b06926ea9a85cd01ac26cae00e54df4ad8e2423c91aea4cf6e14d136e9e26ec467fad1a32233abb1f498477d4f280b780e6045878e69141ed473cd177d4a1d99c63e8d9a56ac1ec8f446294598492b9e6c34c8e0a0682e80c308c3b45e2661ed3800ba11cf20e080cbcc21f480ca93d3e12055b2c46fa921432b508a2e243b31afaef7d1d0e4cb2eb2867470ed96f54d370f82aa215beccc6294ac1ed2216ddc4c4754414d9391fe8abcd809ab72b67ac04a0c52e9634c349cb704c947f9dfe6b1ec2ee8effbf9e357ff8f7edd50b0f5a32ec409e4a954ca0b1724362f9ab14a5c5696368a26514cdf24468e9f35ad2b62041998ea1dcf469692425ea548b1c44d22391175b29f4d4494e28b20428e9efa5d7eacb91c7f3c4902022114df7e715d0157e3d388aeb2815dc00a6d2b9dcbd9aa875169e0a10ae245267f5699c1f76613e6526e425ef467c5ba33e7884ad8f6137496a980af9cbc569d3c7b1eac1d3a199b5e4c9b9c0f39c5de6dd465ad285ac04f32bfe0625ef1ada87ddecd2a51db6482f8a8f32382f57007606dfc3543a5f9eeea663d3e133a49f469b410e66b4dd1615d85e665c136b42d92cd654e8bcb927091cfcd7dae4ff17a77b41e9e9371c0575e9e039f487c0eb8fb14c2c344893e9fcc720961411816cbdab8fbb3c12514a08b88f61c6647245744630a268f46b18f199c4f9c5d4aba95b60f2fd1a4fb432fc3ffcfedc37c43a5ee2cdbe687fbe4c54a3ff2e74b3511eac74baadeaade07bde3b1ee0e4dbe29eb721ec820192a1a0fa5e3f4bc9aca7c066685eb527cb945351d62fd332d93d50e6f109f71a9eb5cb64ecef013f3156ac7b9b6f1b1fb411dfd0e1b76815bc38637ac905a6985ff7c562c0cf06b0a230bfcc750422a14232c6471656b9157f7382af7a5ea4639b221ec1061bc12f8f5c38784ab8a96fc813293449685063359648f8cb2e0af529f16b102c6b46729c9f9698bb82e52878b85a440b2b04e497a70e5fa4147f180b3c6721cce4725e274cc99e61f4ff472f2800f70b13e3713c78d86b971ad48ebd1a8bec1e775c27efaf3432a66d1e773d79af3ddad2d4d261a22c34028c5aa91ef079519264c048a7b800dece80cc1977429cdb44539d53f4bc48fc718fba082d8a210a28c06b91a65e2601b0ccf127d6fc1519acc35409bbf100ba59c3316b480d2de203b3144c9bfd633b4b8c164bfcb256d2b006e3e5888f8f6e7fc4590ac58c0c9b72b9ab3cb5ec5a74b8b0fccc68656602ab5bba3ec67e4156af3ed0e03bfaa7ece520775749d1eb8819167e1ac4d99735b53c0b079bdb0f76f0df5628c10f5c83dc44622c289f7a00aab5efde96c3a75fd9e62c4a0efa8673df16557ad48dbb86320150e40f723edc4c86c99cde535bf1a0ff2c91b537b2d06e25592996ce06a76aef051725dbcf63bca571896bc330644a74d36f83328851090b55cb205482cc2aa2adc9c18959a775ec7591b524666331dc6958099347b21afab504ad613f640bea67aee55179f47c3cbbdc696782e9999a96c003fbc27c326335f582effdbede968928b5654c71bd46dd711f7b095ddef29f5c00d64c55f8f9e495fa4916fad1de8ba736973c04192daef6eb316a47ba63ae771f54a38c513ac29f7e096fc441e71566d696e4b9a554569c749f4c8e0cc86340949ac8dc8210310cd0803e7424b66b3c6e4846aae61bff0a4aa0e04e4b446a1e549c0a4306515e4fc66c26682ee096de8aceb6fb7801b7a7adaac4d1eceb16c0678221a93ae0ea54beed14621d721eabededb00d890795213ccff2501fbb423abd6ec49a81b79aab7ad6d35cdf90f7600f29db43d3fe33de838a988de72f974570dfe8fdbbf50470ce2c462347a42a8094d321a9b71a31e42cbe684a77ef5ba417bdbd010f50cb68e6e553a160f5b2866f382e78e940da637f322dc891b368fadae1a95f0e17fffc7198dc9bc2af3b371401a51ad6b5136bd887146b5e6f3270538f93bd83d325cc811c4b931815f544c5455654595262a98b93230c8795f0c157e7513e7cd6cfaea99271504121050f4df7c60458985c2dcf2762ee7b18abf3cbeda6c66f3f16b496474c6307e6712ffabf00c2f4031db6a53c6ed1b3d91f6d5ccc15563a48e1e3925597aa0254326092431a3acfa90bbf2e5612c99e1889aa86fd64b0ecef3066309943dea471e77ada276f6f407186217f2226bd330bdaf65a85adba5a3969085c4f10ca8f381396b7afbc35848591d2d42a2df7126435dfb857b38fdf1043d8a22365c3297d06717fd72179a680da373c1759ae26345545b8f78937743f1c0ab7f20e487b3f8d3a7424891f4b73a9a510d80c0e682bf744ca6bc3c0059bb9c0cd17eb1045c60e17c1cd740fea3faf8f3413f5d52daed5f94097b188b78f47f5898941f19310cea636a4590e855a57ef19b2e05042d08d05d58a5dcf0e3d2e4666d62234cd06bfd29b07f1bfe40e3601e6009f06c6a66d90749e4b620dc6928bc004f0a0b8d94ff6043175caba80e56682eed3a46265a4d6fb5b2f9c4af0a5dc4f6cca47800954e7f2cd984accdbf97b0720e79f130e904c06e46a75c09eb15c8d959a459dd9da5", 0x1000}], 0x1) pipe2(&(0x7f0000000000), 0x0) 01:56:30 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {0x3}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:56:30 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:56:30 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:56:30 executing program 0: ioctl$sock_inet_SIOCGARP(0xffffffffffffffff, 0x8954, &(0x7f0000000080)={{0x2, 0x4e22, @multicast1}, {0x6, @multicast}, 0x2, {0x2, 0x4e21, @multicast2}, 'tunl0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @none, 0xd0de}, 0xe) 01:56:30 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0xfffffffffffffffd, 0x1, 0x0, 0x0, 0x0, 0x0, 0x6}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') 01:56:30 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r2, r1, 0x9, 0x0) pipe2(&(0x7f0000000180), 0xc800) bind$bt_l2cap(r2, &(0x7f0000000140)={0x1f, 0x9, @any, 0x3ff}, 0xe) r3 = accept(r0, &(0x7f0000000040)=@nfc_llcp, &(0x7f00000000c0)=0x80) pread64(r0, &(0x7f00000001c0)=""/83, 0x53, 0x80000000) bind$bt_l2cap(r3, &(0x7f0000000100)={0x1f, 0x9, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x4}, 0xe) 01:56:30 executing program 4: recvmsg$unix(0xffffffffffffffff, &(0x7f0000001580)={&(0x7f0000000100), 0x6e, &(0x7f0000001440)=[{&(0x7f0000000180)=""/101, 0x65}, {&(0x7f0000000200)=""/219, 0xdb}, {&(0x7f0000000300)=""/4096, 0x1000}, {&(0x7f0000001300)=""/45, 0x2d}, {&(0x7f0000001340)=""/23, 0x17}, {&(0x7f0000001380)=""/33, 0x21}, {&(0x7f00000013c0)=""/108, 0x6c}], 0x7, &(0x7f0000001840)=ANY=[@ANYBLOB="18000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYBLOB="300000000000a9020100000001000000837caf257a2532dc7918e12bbea9358bdaac73dc317f079e237bac0848e161315427d3303b3593247ea63fbbdacef194283afbf01f0d8e8cdcc3d46b06a3cf1d69741f16904c296e9b43668f8ffe54d5bcc1fd4cabd33f1ba55393bd6106cf680da37d46c2b229381406594963d7c4fca71d94c9e5b11f28504ad046a9fd6fd0ad446777d207a36f509fd053e4682491f0f417a124dd66fb0b6a2ac2f19cf1fe9d6ce80ee118e13159d358b7def632e9a65395b11987c91914babceddadda02f1d5c5a88d473b2ffba03e889859564635367f076273f", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000ac070000002000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c0200006c85f50700"/22, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="38d4c37b"], 0xb8}, 0x120) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r0, 0x0, 0xffffffffffffffff, 0x2) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r3, r2, 0x9, 0x0) ioctl$EXT4_IOC_GROUP_ADD(r3, 0x40286608, &(0x7f0000000040)={0x101, 0xa41, 0xf8a, 0x8, 0x7fff, 0x4}) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000015c0)={{{@in6=@empty, @in=@broadcast}}, {{@in6=@remote}, 0x0, @in=@local}}, &(0x7f0000001500)=0xe8) dup(r1) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r5, r4, 0x9, 0x0) ftruncate(r4, 0x8000000000) pipe2(&(0x7f0000000000), 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r7, r6, 0x9, 0x0) syz_open_dev$vcsa(&(0x7f00000014c0), 0x1, 0xc0c00) pread64(r7, &(0x7f00000000c0)=""/48, 0x30, 0x1) 01:56:30 executing program 5: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:56:30 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {0x4}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:56:46 executing program 5: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x3}}, 0xe) 01:56:46 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {0x39}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) clone3(&(0x7f0000000280)={0x4010000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100), {0x1e}, &(0x7f0000000140)=""/178, 0xb2, &(0x7f0000000200)=""/47, &(0x7f0000000240)}, 0x58) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) bind$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x81, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0xffe1}, 0xe) 01:56:46 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(0xffffffffffffffff) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:56:46 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {0x5}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:56:46 executing program 4: syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) getsockopt(r0, 0x6, 0x4, &(0x7f00000000c0)=""/188, &(0x7f0000000040)=0xbc) pipe2(&(0x7f0000000000), 0x4800) ioctl$BTRFS_IOC_LOGICAL_INO(0xffffffffffffffff, 0xc0389424, &(0x7f00000001c0)={0x81, 0x10, '\x00', 0x1, &(0x7f0000000180)=[0x0, 0x0]}) 01:56:46 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x8001, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x4, 0x1}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x8, @none}, 0xe) 01:56:46 executing program 3: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:56:46 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(0x0, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:56:46 executing program 3: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:56:46 executing program 4: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') r1 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r1}, 0x0) perf_event_open(0x0, r1, 0x4, 0xffffffffffffffff, 0xa) syz_open_procfs(r1, &(0x7f0000000040)='cpuset\x00') pipe2(&(0x7f0000000000), 0x0) ioctl$F2FS_IOC_ABORT_VOLATILE_WRITE(r0, 0xf505, 0x0) 01:56:46 executing program 3: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x2}}, 0xe) 01:56:46 executing program 3: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x5, @fixed}, 0xe) 01:56:46 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000380)={{0x1, 0x1, 0x18, 0xffffffffffffffff, @out_args}, './file0\x00'}) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f00000003c0)={'rose0\x00'}) clone3(&(0x7f0000000300)={0x200000000, &(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0), {0x28}, &(0x7f0000000100)=""/235, 0xeb, &(0x7f0000000200)=""/190, &(0x7f00000002c0)=[0x0], 0x1}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:56:46 executing program 3: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x5, @fixed}, 0xe) 01:56:46 executing program 0: clone3(&(0x7f0000000040)={0x3002080, 0x0, 0x0, 0x0, {0xf}, 0x0, 0x0, 0x0, 0x0}, 0xfffffffffffffdf3) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:56:46 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r2, r1, 0x9, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) close_range(r1, r3, 0x0) openat(r0, &(0x7f0000000100)='./file0\x00', 0x10c80, 0x80) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r5, r4, 0x9, 0x0) r6 = openat$vcsu(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$FS_IOC_RESVSP(r6, 0x40305828, &(0x7f0000000040)={0x0, 0x2, 0x401, 0xf79}) 01:57:03 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r3, r2, 0x9, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x1002000, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_fscache}], [{@appraise}, {@obj_role={'obj_role', 0x3d, '#.-\'-'}}]}}) 01:57:03 executing program 0: clone3(&(0x7f00000008c0)={0x209040100, 0x0, 0x0, 0x0, {0x1}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) getsockopt$bt_l2cap_L2CAP_CONNINFO(r0, 0x6, 0x2, &(0x7f0000000040), &(0x7f0000000080)=0x6) r1 = accept4(r0, &(0x7f00000000c0)=@xdp, &(0x7f0000000140)=0x80, 0x0) setsockopt$bt_BT_FLUSHABLE(r1, 0x112, 0x8, &(0x7f0000000180)=0x80000001, 0x4) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r3, r2, 0x9, 0x0) write$binfmt_elf64(r3, 0xfffffffffffffffc, 0x0) ioctl$EXT4_IOC_CLEAR_ES_CACHE(r1, 0x6628) 01:57:03 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {0x6}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:57:03 executing program 3: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x5, @fixed}, 0xe) 01:57:03 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x40, 0x0, 0x0, 0x0, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000), 0x0) 01:57:03 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(0x0, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:57:03 executing program 5: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x3}}, 0xe) 01:57:03 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(0xffffffffffffffff) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:57:03 executing program 3: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x5, @fixed}, 0xe) 01:57:03 executing program 3: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x5, @fixed}, 0xe) 01:57:03 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r2, r1, 0x9, 0x0) ioctl$LOOP_SET_FD(r0, 0x4c00, r2) 01:57:03 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) creat(&(0x7f0000000040)='./file0\x00', 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:57:03 executing program 3: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x5, @fixed}, 0xe) 01:57:03 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r1, r0, 0x9, 0x0) splice(r0, &(0x7f0000000040)=0x5, 0xffffffffffffffff, &(0x7f0000000080)=0x7f, 0x1f, 0x1) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:57:03 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netlink\x00') perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x9, 0x1f, 0x5, 0x20, 0x0, 0xf1b, 0x20800, 0x2, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x6, 0x2, @perf_bp={&(0x7f0000000040), 0x7}, 0x2, 0x6, 0x3, 0x8, 0xcba6, 0x6, 0x0, 0x0, 0xff, 0x0, 0xbed}, 0x0, 0xd, 0xffffffffffffffff, 0x4) pipe2(&(0x7f0000000000), 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000200)={0x2, 0x4e23, @rand_addr=0x64010100}, 0x10) 01:57:22 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x0, 0x0) pipe2(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) tee(r3, r2, 0x9, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r5, r4, 0x9, 0x0) ioctl$AUTOFS_DEV_IOCTL_VERSION(r2, 0xc0189371, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r4}, './file0\x00'}) setsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, &(0x7f0000000080)={0x20, 0x8df, 0x3f, 0x0, 0x0, 0x1, 0x4}, 0xc) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:57:22 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {0x7}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:57:22 executing program 2: r0 = clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r2, r1, 0x9, 0x0) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) r4 = gettid() r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$FS_IOC_FSSETXATTR(r5, 0x401c5820, &(0x7f0000000300)={0x80000000, 0x7fffffff, 0x6, 0x4, 0x10001}) timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r4}, 0x0) perf_event_open(0x0, r4, 0x4, 0xffffffffffffffff, 0xa) r6 = getpgrp(r0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r8, r7, 0x9, 0x0) clone3(&(0x7f0000000280)={0x90000000, &(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0), {0x33}, &(0x7f0000000200)=""/38, 0x26, &(0x7f0000000940)=""/4096, &(0x7f0000000240)=[r0, r0, r0, r4, r0, r6], 0x6, {r7}}, 0x58) openat$cgroup(0xffffffffffffffff, &(0x7f00000000c0)='syz0\x00', 0x200002, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r10, r9, 0x9, 0x0) connect$bt_l2cap(r10, &(0x7f0000000100)={0x1f, 0x8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x8}, 0xe) connect$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r3, 0x80489439, &(0x7f0000000040)) 01:57:22 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(0x0, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:57:22 executing program 4: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) (fail_nth: 1) 01:57:22 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x5, @fixed}, 0xe) 01:57:22 executing program 5: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x3}}, 0xe) 01:57:22 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(0xffffffffffffffff) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 1448.828382] FAULT_INJECTION: forcing a failure. [ 1448.828382] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1448.830118] CPU: 0 PID: 15702 Comm: syz-executor.4 Not tainted 5.10.164 #1 [ 1448.831125] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1448.832328] Call Trace: [ 1448.832722] dump_stack+0x107/0x167 [ 1448.833255] should_fail.cold+0x5/0xa [ 1448.833814] _copy_from_user+0x2e/0x1b0 [ 1448.834521] move_addr_to_kernel.part.0+0x31/0x110 [ 1448.835269] __sys_connect+0xda/0x1a0 [ 1448.835829] ? __sys_connect_file+0x1a0/0x1a0 [ 1448.836487] ? rcu_read_lock_any_held+0x75/0xa0 [ 1448.837172] ? vfs_write+0x354/0xa30 [ 1448.837718] ? fput_many+0x2f/0x1a0 [ 1448.838250] ? ksys_write+0x1a9/0x260 [ 1448.838810] __x64_sys_connect+0x6f/0xb0 [ 1448.839407] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1448.840156] do_syscall_64+0x33/0x40 [ 1448.840693] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1448.841433] RIP: 0033:0x7f384e6f0b19 [ 1448.841973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1448.844658] RSP: 002b:00007f384bc66188 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 1448.845755] RAX: ffffffffffffffda RBX: 00007f384e803f60 RCX: 00007f384e6f0b19 [ 1448.846791] RDX: 000000000000000e RSI: 0000000020000000 RDI: 0000000000000004 [ 1448.847826] RBP: 00007f384bc661d0 R08: 0000000000000000 R09: 0000000000000000 [ 1448.848853] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1448.849883] R13: 00007ffe540b322f R14: 00007f384bc66300 R15: 0000000000022000 01:57:22 executing program 4: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:57:22 executing program 4: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x5, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:57:22 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {0x8}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:57:22 executing program 4: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:57:22 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @none, 0x0, 0x1}, 0xe) 01:57:22 executing program 2: r0 = clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r1}, 0x0) perf_event_open(0x0, r1, 0x4, 0xffffffffffffffff, 0xa) r2 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r2}, 0x0) perf_event_open(0x0, r2, 0x4, 0xffffffffffffffff, 0xa) perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x9, 0x0, 0x0, 0x0, 0x1, 0x4, 0xc, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x6, 0x0, @perf_bp={&(0x7f0000000040), 0x2}, 0x50, 0x8, 0x851, 0x2, 0x2, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x9}, r2, 0x5, 0xffffffffffffffff, 0x8) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r4, r3, 0x9, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r6, r5, 0x9, 0x0) kcmp(r1, r0, 0x2, r3, r6) r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r7, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:57:22 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {0xa}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:57:22 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {0xc}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1449.989523] syz-executor.4 (285) used greatest stack depth: 24088 bytes left [ 1454.529557] Bluetooth: hci1: command 0x0409 tx timeout [ 1456.577549] Bluetooth: hci1: command 0x041b tx timeout [ 1458.575090] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1458.577231] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1458.579863] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1458.625575] Bluetooth: hci1: command 0x040f tx timeout [ 1458.627104] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1458.629046] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1458.631675] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1460.673607] Bluetooth: hci1: command 0x0419 tx timeout 01:57:51 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {0x10}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:57:51 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:57:51 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(0x0, 0x0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:57:51 executing program 5: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) (fail_nth: 1) 01:57:51 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x5, @fixed}, 0xe) 01:57:51 executing program 4: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x2}, 0xe) 01:57:51 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r1, r0, 0x9, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r3, r2, 0x9, 0x0) close_range(r0, r3, 0x2) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:57:51 executing program 0: r0 = clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) r2 = getpgrp(r0) r3 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r3}, 0x0) perf_event_open(0x0, r3, 0x4, 0xffffffffffffffff, 0xa) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000280)={{0x1, 0x1, 0x18, r1, {0x8}}, './file0\x00'}) clone3(&(0x7f00000002c0)={0x210000000, &(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0), {0x2d}, &(0x7f0000000100)=""/4, 0x4, &(0x7f0000000140)=""/233, &(0x7f0000000240)=[r0, r2, r3], 0x3, {r4}}, 0x58) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) [ 1478.105392] FAULT_INJECTION: forcing a failure. [ 1478.105392] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1478.107971] CPU: 1 PID: 16618 Comm: syz-executor.5 Not tainted 5.10.164 #1 [ 1478.109393] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1478.111093] Call Trace: [ 1478.111647] dump_stack+0x107/0x167 [ 1478.112390] should_fail.cold+0x5/0xa [ 1478.113181] _copy_from_user+0x2e/0x1b0 [ 1478.113997] move_addr_to_kernel.part.0+0x31/0x110 [ 1478.115011] __sys_connect+0xda/0x1a0 [ 1478.115824] ? __sys_connect_file+0x1a0/0x1a0 [ 1478.116752] ? rcu_read_lock_any_held+0x75/0xa0 [ 1478.117703] ? vfs_write+0x354/0xa30 [ 1478.118467] ? fput_many+0x2f/0x1a0 [ 1478.119219] ? ksys_write+0x1a9/0x260 [ 1478.120020] __x64_sys_connect+0x6f/0xb0 [ 1478.120846] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1478.121903] do_syscall_64+0x33/0x40 [ 1478.122666] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1478.123733] RIP: 0033:0x7ff73d4cbb19 [ 1478.124499] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1478.128254] RSP: 002b:00007ff73aa41188 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 1478.129817] RAX: ffffffffffffffda RBX: 00007ff73d5def60 RCX: 00007ff73d4cbb19 [ 1478.131271] RDX: 000000000000000e RSI: 0000000020000000 RDI: 0000000000000004 [ 1478.132766] RBP: 00007ff73aa411d0 R08: 0000000000000000 R09: 0000000000000000 [ 1478.134239] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1478.135701] R13: 00007fff33dff27f R14: 00007ff73aa41300 R15: 0000000000022000 01:57:51 executing program 4: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3}, 0xe) [ 1480.129554] Bluetooth: hci1: command 0x0405 tx timeout 01:58:09 executing program 2: clone3(&(0x7f0000000040)={0x1040100, 0x0, 0x0, 0x0, {0x1}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:58:09 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:58:09 executing program 5: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) (fail_nth: 2) 01:58:09 executing program 0: r0 = clone3(&(0x7f00000008c0)={0x400, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) clone3(&(0x7f0000000240)={0x1000, &(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0), {0x17}, &(0x7f0000000100)=""/255, 0xff, &(0x7f0000000940)=""/4096, &(0x7f0000000200)=[0x0, r0], 0x2}, 0x58) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:58:09 executing program 4: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x4}, 0xe) 01:58:09 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {0x11}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:58:09 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(0x0, 0x0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:58:09 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x5, @fixed}, 0xe) 01:58:09 executing program 4: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x300}, 0xe) [ 1495.828764] FAULT_INJECTION: forcing a failure. [ 1495.828764] name failslab, interval 1, probability 0, space 0, times 0 [ 1495.831858] CPU: 0 PID: 16962 Comm: syz-executor.5 Not tainted 5.10.164 #1 [ 1495.833307] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1495.835034] Call Trace: [ 1495.835584] dump_stack+0x107/0x167 [ 1495.836346] should_fail.cold+0x5/0xa [ 1495.837136] ? __alloc_skb+0x6d/0x5b0 [ 1495.837928] should_failslab+0x5/0x20 [ 1495.838715] kmem_cache_alloc_node+0x55/0x370 [ 1495.839636] ? lock_chain_count+0x20/0x20 [ 1495.840487] __alloc_skb+0x6d/0x5b0 [ 1495.841240] l2cap_send_cmd+0x9a/0x8a0 [ 1495.842039] ? hci_conn_security+0x34e/0x920 [ 1495.842945] l2cap_send_conn_req+0x1dc/0x270 [ 1495.843886] ? l2cap_connect+0x1690/0x1690 [ 1495.844757] ? lock_downgrade+0x6d0/0x6d0 [ 1495.845616] l2cap_start_connection+0x11e/0x360 [ 1495.846576] l2cap_do_start+0x2f9/0x4a0 [ 1495.847397] l2cap_chan_connect+0x1803/0x2070 [ 1495.848338] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1495.849409] ? __local_bh_enable_ip+0x9d/0x100 [ 1495.850350] l2cap_sock_connect+0x377/0x8c0 [ 1495.851237] ? l2cap_sock_accept+0x530/0x530 [ 1495.852159] ? selinux_netlbl_socket_connect+0x2e/0x40 [ 1495.853237] ? selinux_netlbl_socket_connect+0x2e/0x40 [ 1495.854314] ? selinux_socket_connect+0x6d/0x90 [ 1495.855276] ? l2cap_sock_accept+0x530/0x530 [ 1495.856183] __sys_connect_file+0x15b/0x1a0 [ 1495.857067] __sys_connect+0x165/0x1a0 [ 1495.857859] ? __sys_connect_file+0x1a0/0x1a0 [ 1495.858778] ? rcu_read_lock_any_held+0x75/0xa0 [ 1495.859739] ? vfs_write+0x354/0xa30 [ 1495.860509] ? fput_many+0x2f/0x1a0 [ 1495.861257] ? ksys_write+0x1a9/0x260 [ 1495.862051] __x64_sys_connect+0x6f/0xb0 [ 1495.862881] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1495.863948] do_syscall_64+0x33/0x40 [ 1495.864711] entry_SYSCALL_64_after_hwframe+0x61/0xc6 [ 1495.865758] RIP: 0033:0x7ff73d4cbb19 [ 1495.866518] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1495.870270] RSP: 002b:00007ff73aa41188 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 1495.871839] RAX: ffffffffffffffda RBX: 00007ff73d5def60 RCX: 00007ff73d4cbb19 [ 1495.873292] RDX: 000000000000000e RSI: 0000000020000000 RDI: 0000000000000004 [ 1495.874745] RBP: 00007ff73aa411d0 R08: 0000000000000000 R09: 0000000000000000 [ 1495.876210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1495.877663] R13: 00007fff33dff27f R14: 00007ff73aa41300 R15: 0000000000022000 01:58:09 executing program 4: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:58:09 executing program 4: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x0, 0x2}, 0xe) 01:58:09 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @none}, 0xe) 01:58:09 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {0x12}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1498.113638] Bluetooth: hci1: command 0x0405 tx timeout 01:58:26 executing program 3: clone3(0x0, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x5, @fixed}, 0xe) 01:58:26 executing program 4: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x0, 0x3}, 0xe) 01:58:26 executing program 0: clone3(&(0x7f00000008c0)={0x35c101000, 0x0, 0x0, 0x0, {0x2b}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000080)={0xff, 0x5, 0xe0f, 0x1f, 0x1, 0x8, 0xcc27}, 0xc) r1 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r1}, 0x0) bind$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1b72, @none, 0x8001}, 0xe) perf_event_open(0x0, r1, 0x4, 0xffffffffffffffff, 0xa) getpgrp(r1) 01:58:26 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x8000, &(0x7f00000000c0)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@access_any}, {@cache_loose}, {@version_u}, {}, {@privport}, {@msize={'msize', 0x3d, 0x3}}, {@uname={'uname', 0x3d, '\xaa\xaa\xaa\xaa\xaa'}}, {@mmap}, {@uname={'uname', 0x3d, '\xaa\xaa\xaa\xaa\xaa'}}, {@fscache}], [{@obj_user={'obj_user', 0x3d, '@@\'**R#'}}, {@dont_measure}, {@fscontext={'fscontext', 0x3d, 'root'}}, {@func={'func', 0x3d, 'FILE_MMAP'}}, {@obj_user={'obj_user', 0x3d, '\xaa\xaa\xaa\xaa\xaa'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '\xaa\xaa\xaa\xaa\xaa'}}]}}) 01:58:26 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:58:26 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(0x0, 0x0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:58:26 executing program 5: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:58:26 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {0x14}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1513.197067] Bluetooth: hci1: link tx timeout [ 1513.198781] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa [ 1513.212283] Bluetooth: hci1: link tx timeout [ 1513.213275] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa 01:58:26 executing program 4: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x0, 0x4}, 0xe) 01:58:26 executing program 4: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x2000000e) 01:58:26 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {0x15}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:58:26 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:58:26 executing program 0: r0 = clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) r2 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r2}, 0x0) perf_event_open(0x0, r2, 0x4, 0xffffffffffffffff, 0xa) getpgrp(r2) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) clone3(&(0x7f0000000300)={0x800000, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140), {0x1a}, &(0x7f0000000180)=""/133, 0x85, &(0x7f0000000240)=""/112, &(0x7f00000002c0)=[r0], 0x1}, 0x58) 01:58:26 executing program 2: r0 = clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) fcntl$setflags(0xffffffffffffffff, 0x2, 0x0) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) r2 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r2}, 0x0) perf_event_open(0x0, r2, 0x4, 0xffffffffffffffff, 0xa) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r4, r3, 0x9, 0x0) clone3(&(0x7f0000000280)={0x14000400, &(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0), {0x9}, &(0x7f0000000100)=""/98, 0x62, &(0x7f0000000180)=""/139, &(0x7f0000000240)=[r0, r2, r0, r0, r0, r0, r0, r0], 0x8, {r3}}, 0x58) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:58:27 executing program 4: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) fstat(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0}) fstat(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000280)={&(0x7f0000000940)={0x1278, 0x19, 0x300, 0x70bd2b, 0x25dfdbfe, {0x10}, [@nested={0x10e4, 0x64, 0x0, 0x1, [@typed={0xc, 0x8d, 0x0, 0x0, @u64=0x8}, @typed={0xc0, 0x96, 0x0, 0x0, @binary="5bfb89e9bd2b4c4594174fef73b67823a45716fc819d6301f314e51cda2045cd720a8f1845b73efdafdc2a9e5853a5a5a1f11343f8f358b091581abfe485c125d9d9fe13f4a3f73ec05bee61c041ad4703d80257b1ef53a128e71536aa09fc943d2a3843125521ec25a326c31518efe0d5f3f0c1bb417d0df5261adaa4a5bcb81eb6be169f9f203bab7ea5fbeb10b6416bd0b124a684a199bbe7db8eb0637296999b4a899e1e89ffe2f9cecb3bd1811421fe9bff50a3d3cf10284e6a"}, @typed={0x14, 0x28, 0x0, 0x0, @ipv6=@local}, @generic="ca82f1bb3eb07f737306913b2d8a9af90171997769d4e7352b2fbbadec31f8f1ff32b8b18b9236ba6e56711ae835eee65e1429698e8c7ce8d041bb8b8822137676df5a62e2adea6207d4bf199bf412b5262766d1e34d91896f6374ca3b0172a8e352417769af7dfe6745afda425a2fca611a8cc324b0f900a36f10807789baae8e10db9cec33705c67e878a19c524437393a3aca682acdec2dc2b8bdd79c4551f5f8dd76eb16634eea10e8959b1beaa96bec7e2a74568b965659e930044c4e30d57d3826bc396a64ca7dfee8a26ac922b554fba809b0e9f648d822a4823f31dc833908a72639a20be651e9454c835a1c304cd99c1fab7cd685f098acbdb9b591a52b63a04537cb18fe4eab07c0d150bb899edac13c69149e9b00986d6ca5fee95b4954fe9f613e70e3843c2dff618dc2acff3db36116cd918fa18afb02fc941c1ccdcdcf2505b2d9de45fd922112f384f2e9b89b9ea51d17693b8e6e1b844c03f5b4459787e221bb0c771b30ce5967c8dc7026e2158d6244ae0412b6322166bd229b938bc98d90dc18ca78ccdb7313a46bba5c2031048260cf1d609c45f46940b8d69d3bbe7c10e9c64d078530e22c5e96ad36da25c84101a73eb68d368d2e2ea25e442ebbcd714b7bdc1a0e09dd4a6225797576e61727cc240b2b45ec7b6d21d3a5a89cd1f1c520a151d4b6e2ad7774efd85af5ccca606620ff40ca1b40741bd771c9e69146c5567a2bad51ca7478cb30454c9e4cc3dcc7040e04ed73918274610e40737c2444a34fff732f0708ef87877ad253e1982f0aacb505514efefd8d1350d20cc48965385c6e09e97a37b0a92ce454a5e98e24dc5bccc850ca8f14bd07e4a4f74b1d18901efa77bcf8b67e4e748f2baf6c6f184cebc8250762c64b66fb9522b2744c48d19b201ffbeb2008c5d14c0521174575611ed45601eeefe98a83c51d3fce1c678a348e37fc9058a98f681fa880894f067f4c3a174286a28b0fb0d824a08aa2c6a8475618f8e766588f492f2169deb5cd14ba8b5d9298c48bd973011662aa56738fb49dadc79830b3a75b0d6f10c69eddf2e2590fac5327fe6c6ccc4f460b30194b760994dce505e9df07559b3e3d1ddd1cb0635bb19d19a54e49696b09d7b628a74402f7a7573db338c95cb64a23661b8d7b71a3f56e39e472c19021f98d84a3165b95fb52d5a81a2dd9ececf2b8405feb29f41ac7a32fc856d58f8499dcb5a7222b06d488211a4a9e5ce1a5e16060bcb391b768e361f69fd997c88ecb10aadffbd127f62569f088f766384983c941ded872251c22f7803d24929e1b2a26ca1e54a61b667714e274dc733c61bbe5eb34d0c6c2fc5280dd5b9f43adb62f63aa0a13f7676be59cee6a6880d7ba3a2eece774ad590d4a194e237a2bdcbaeaf66f91e6df33583905ab68f793d02147672db643ad1539f3bc01716c7df9482d8dd788a340e9df3f8f7f859519a3a7750e4d31c0892c96cb6a13348c3e4c83560baf6858f9cb72648fe87bcac7bedf5221fe824db26f48e423c55f86dd72f9873be986bcdf4f2885a2e6add34b1b85eec3edeac4159b5f169249c4f29ea3d37e387d96da16d646e43b1cfbf99c222dd05db97cab302ff44719a48fabac9d542206a5030bb205e66fec507e27546a1c6f6340b58bb1d7784424667e9c4738440d0c2e7a3a467b0f9659a82a6908e74404b94aa67a206e6c310628a07bc01833acd9fd7c52ca3d7ff508fe2bcf2e6f5c229e7bf7f5db1d6ecdabe85566fda28a2e8676bd8395cd54f86b2113f5c630fdd22f6cd0afba35354728ef35ebbcb110f064ceb7ebd2e411ca4b6591d98b257ad27c9356d4de572c66e11a8f366d3e433218d4f67917a2257e31c2a37dbb5fb5620bd8c323e3565d0a281bc1eecbdd218aa8958e37ea6037e014d66cba934c83c02619dc6916eefc7bada1521aa09b61911edc3860ceaa78441c7c29cc4839e2109b159a463e7188e3fee06a4462072b04878560c1ad28d74c85ccdc580863e7788921337e7d56fb55a8d0c340b77563a9f407561021ac294ded3e945888342afc4d6c19a32f6043b3c521fefff98d8020ba606cd181f4f68d4b50c7fc5d66f9940c95b10d093221e0eca8d8c398bc3a6dcd7e77c81dd142d8be34dfbb9e46265370644e30a8b2ef4c79a845a694e15b249c4ec077cb21ac49299ccba9271e6cf5db989e7daecf3692a7a705d4874155dd7c87a64d3c493cc9544c820f0d2878721e0049a4d224ed3ecd543cce597649acd29dbfa3563c8f63b6901255bfed2588b75fd83b4d2453f3e28642eab4dc7a1097aebd1c52f52e8bfa32376cbe481070df509cc28d6575e25850086718cc90edc0046e9311b1d517cb79ab3203425a4c030ad31331f60cfa11e452b9ca02eb236110de13cda5dc9e3b56a40f5b3d642797decc6bab80c3bc97b23132fb5cb3637ae347307975457fcfc01a9a21265dded9370b9d01753c0f31dbfc749ab289003a10a16412f0a20d316acf2c2db42c9ead820a28a09616663f3cd127f3e3533381eb9f94acb84848f4a3124e8dd8e6146e43c8e1e63752b272c9188cc15bca45f257eb69bb2dc43f90d3773343e464f458737d826aab17e8b1a9b27fb29857ffe8dc83df71271d5960e04a03ff57497918a34d79d88b83b852ec7ccf06cfdd89566f4baa1f5eee9f59735fcd102eaef7a4ed829b747f5b10a58a68a5ab027a2945d5c9b365b2e4a6a4fbcec3c6cd2e9cc6832752ea6fbbfe338d68760f24cc03e19242bd7369d621d17e9fe6064ec2113c3e79f401ca20893f8e7044aabdcf8204cf3f9a1523c5e038c07e796cde6d4e79142a85a10259435f3a057da24c2be5643af8b9c6d9c1c1dc0d3305d7812a12216d8e1eba0d454adef5ab87a2915d20a504922bd5c9e404a5d394595c1ee0a19f9b8ecff5ef6b0e6af3a30bdb0ef8a174db1549d6dcc59e0339c675f2bbefd7dba465f59cdc0db0e769970ff07d513272cf3c9a54ad83d51d916451c6d8ebc863370c2b9160749602a687dee55a7ce5c7d91b189b85d4ac551e95a4ed73c4b922f5edf97955f095465e48e60f650b2b7e4b3bbfe4b149af5d279976ce247499298f799cd853f1b1fbe1ca283a1079013985267d8e7ad3728f46e2276435ac8462b9cd8fe1c75cb9a7136853c3815e59bff95accea30551bbc77fa2f8dbb2eaed3a192cdff8b061d3140289645fdcb2d53e7a83c36771a24bd0a6c08bffc992ff0374d29afd2d3d3a62ec7fe07c2a58c2300805cc396ab80a1820406c507b9f4ff72703eac99857bb6d70690b50f825a84e7cb08443a6e3acf858ec53239ecd2d8807917bf13ecf679ffae60277bbb29e77c0878e53eea3e1bb796c4c31c1cffb47df8dd306a14c212eeb958341a0c6db303ccb8e3d9a9693a14f415b6cb6eeb2990ba0150ee3846766daa57ffb8b8b7110d5fa8263d958169bd928cca7459649ffccda66afc99fa590fa74c0f25235d76ac6eeac3f5ad519245e4c97f838a92a586ffff091132255f0b15e9f742be03f3ad64eceecf66b62d07e17881727803474295ce4b4540faa6251da63107e473849c55f880e331aa19ff04ef64749992b07a3992abf2764db225817b2c8cff7ac132f4c19286f4a5514515ce4cc9d4e1ca9cf48226e420eb0e11c6afc4948abdc43f0c8662717abe3c3450736e235efb6faf6d6d0a9e7dce74d40231115e1e500cd0393ff081d4c904ad0586e2528edd97759ac2862b89c833c63e3956213dc10347a8cea7146eb995a748157714bbac0942d2c1a84fe8135cde20d023af6de3c63eda91de158d3c803ce39c12ef8f935b7602fb8533ee7cea00cc820a1ca6cc34dc962153eed2b78cbd616e25faed869482d8ff4b378caff81923c924fc69526bc09f9a85ddbe8844f5b0035cbbfbe0f9e1a6de42de65ac1575eef1de8d9df74e82017a7f94f59d22409cebcaa5a00e02fd382d4c71952c8ce4273e00dd76d217d7f8c70d7e650593954de6b0d91062348ec2d688ef3f9cb9ba99d94fab2393db2569deb27b00dc630941536bf3435d5e570c0c11688eabfe64ca96703a50b1e318eba3e425c33ad9e1ddc12eab8d0f875afae912c4547bf8cbac0c4987deb1dd18d25e5932ab2a4a38cd03400f163c33748655682c9024919c38fe25f96f4093d44a17fb168ab798eba352090f824564405599a4cb0c073c2e9d0b18ce18770f63efe83a6f72093381c5909e261b5b492db9c78c67b0e5a5451695883168a18a613bbcd9f4a0c6c4ed2eda9593e792e226c1f089bd2434f6ee4cafbb15730cee5889cd1cd760cf6aa701b96537f13df31b286c76198f4eadca8cab11ed0316ba70e8fc22f9c3277170aea7c28a701b5917d701d940a4c411a97e44286fdc0410987bb0a6eea66da49a321b4bc7ae6ad671f3b424f376a60181b0725b5066c7f9b3508cf04213a8ab02542e0b09cd002c1cab96965a7275605b5d094d2d254f417c1b8d6f0769a5c00d9af9d61d69a94ed29af843791eba3c10e89297caccdb7c40fae9c6e2eacc59e10fa72183f5deef004255b579e5ff8c9a1cb5b128608e159d80451a799411b441b57f5da6abb0edaa267513c337a6cf72ba1bb2dce71fa3f2fb60dcfa21468cee5b8da944de71e35c22e30bc108fda4e4bd528a0276aed1bdb7a00616faa571d98b5e9e4ba8ce83f1540f000a544ad037290bd50c0426198a3c7c5a49d01c0c0e39b1a5ff74979992703434aea8bb41953ad2a32bdddbdcf9b25cdf97c8e8b9c1addb002350d6e5b776bd8e0c9abbe2928b11a8e9bffcedd7eb7349199099e69d6c7a18fc5e69c532e09cfe866e9f8cd241540c81dce4d824e4b815fc60060aae410de35d9059de0352a37dafa3225f59e6e9a5f9b145ceb7b04d74435681c47d645385db272a33884d0b52548ee93124787fe27135d9f7daa4267a78b3bee0695c4a603f37e8e91087920a6ff48cdd614dfe073c5889c8bf0980a8bfee81df9d75fa2bc9191b932947648d6d1fb2e3c5ec8187198471452e741efa9579a0e94837c6620c47daee27575c6b131e36d40ee5a32db7c3b83272d98e7e731488cb95c8c831f1674d53d252c9e40b2e766222a3c1e30da0fef8d54e4a29d5756ca97070d0658abec0019ee93b1a03ccbed6057169f073303f2e6f849395eedb0562e44bf1489a26b2181644628dd9673d6473497d671b1318daad2e0395c1ade0103a7a04df7c9d36fcaf25bdf8b9c171b089f2697dc062a0f25ab3f991231c47bc927532b1536487b6c26cd440ebea580274f0c0a3eca221de83153e4e65fc39ec86528389af7261f6a2713b81edee14193d73a978858e7864049df69a7314b59a775a241b70e5a75b63b84cf9c67a2a92c72f0dc5f7a5955c8e120d46783a7994f26d0e047df8737287832997e094053b06fde8eec29b5d786e6d72d5ff24d377898e424ad968b06359e8ed52b51ae3fa86b17aa419110a404f322fc40551bb65bdb04d05c17f835b1bb95a0b31d21a5166c2fbd3dc388f7db93ef05214a93d98626410b49841b330827e859dea39ab3c8bef21fd4dc13f3d55929eab5ef5734b9d24ef7cdbb3adab4ae262b23e7def764b0c1e2fbc58792fae0c0455c1a27a325d64f38dce964758691842052cdeffda48a31d1b7050515fa135b6edd184d0f56fee08bc02556853be2013c4bd05890c2eda5f0566944a85da5a8637e1f4f9c25a4b560709df6d7cb7a71aa63e95740f8160001dccb5b35e0cb12d9050483ea8f71ab4e8ed22d81ea99a6562d4616c9d0d724f"]}, @typed={0x8, 0x1, 0x0, 0x0, @uid=r0}, @generic="2113659a1411901e76a9dad55895ef5e08fd1ddaac82fa940b3727ab265fe61c71a8ee7d5a1719ea270821807980a4c75466bd0dc4b7ddfcad31e03141e3263aecb841236968a304c38f550ee8433fed5624cf", @typed={0x8, 0xd, 0x0, 0x0, @uid=r1}, @generic="82b5c4c81669aad1c730b1383ec286520684b3115382546b76cbe1f1187aa84bb398b7bea08b0e005c34e8e8ca5f0d4df2f090fcfef29c4d91c0522feb905fb8b1e241c9e2b69f10890bf69beaf67f26788fe9a306644abe9429b8d356266bc9c0b07c46d4e95391334795fa37d75d4d27ee6043b55efea54d35f8d094838b0dc25f711ce7a4792f952447eba92743c207dbc04f6b3029b4ce0df763b213956c8bf27ff8", @generic="db6344bfe27cfb953a15463d64ca7ca135c73b54a03c0a42fc8d21e1f04de17efa1456093d3bb15f18dbe5b47ceda8713d47366299976b8c6dccd2473839798160befa41af2185c85a86682e6a32d77cc67af8e473f452611362cfa46277341ccb3f07afed14e2738502e6a85196adb1", @typed={0x8, 0x3f, 0x0, 0x0, @uid=r2}]}, 0x1278}, 0x1, 0x0, 0x0, 0x24000040}, 0x1) r3 = dup2(0xffffffffffffffff, 0xffffffffffffffff) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000480)={0x58, 0x0, &(0x7f0000000380)=[@dead_binder_done, @reply_sg={0x40486312, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000300)={@fd={0x66642a85, 0x0, r4}, @fda={0x66646185, 0x8, 0x1, 0x39}, @ptr={0x70742a85, 0x0, &(0x7f0000000080)=""/150, 0x96, 0x1, 0x30}}, &(0x7f0000000140)={0x0, 0x18, 0x38}}, 0x440}], 0x4d, 0x0, &(0x7f0000000400)="5dff00d379e8f576bdd974f091a0bd911e5a2524caf0ab2d505d82c43071ff91fa57e098e0d469b3e33ff5c0605f9e070acd3154586a48ccd2d91a00905e6e15da1e6e5af497f88234dde2c954"}) r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r5, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:58:27 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:58:27 executing program 3: clone3(0x0, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x5, @fixed}, 0xe) 01:58:27 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {0x1c}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:58:27 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:58:27 executing program 0: pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r1, r0, 0x9, 0x0) r2 = dup3(r1, 0xffffffffffffffff, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r4, r3, 0x9, 0x0) ioctl$KDSKBMETA(r4, 0x4b63, &(0x7f0000000000)=0x7) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r6, r5, 0x9, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r8, r7, 0x9, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r10, r9, 0x9, 0x0) ioctl$CDROM_SELECT_DISK(r10, 0x5322, 0xfffffffffffffbfb) clone3(&(0x7f00000008c0)={0x1040000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r11 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r11, &(0x7f0000000040)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xe) r12 = ioctl$TIOCGPTPEER(r2, 0x5441, 0x400) ioctl$EXT4_IOC_SWAP_BOOT(r12, 0x6611) 01:58:27 executing program 4: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) getsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080), 0x10) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 1514.063314] Bluetooth: hci1: link tx timeout [ 1514.064770] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa 01:58:27 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:58:27 executing program 4: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x201, @none, 0x1}, 0xe) 01:58:27 executing program 5: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x2, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:58:27 executing program 4: r0 = open(&(0x7f0000000040)='./file0\x00', 0x582440, 0x0) ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, &(0x7f0000000080)) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {0x200033}, 0x0, 0x0, 0x0, 0x0}, 0x58) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:58:27 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:58:27 executing program 4: pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r1, r0, 0x9, 0x0) clone3(&(0x7f00000008c0)={0x1880100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) fsetxattr$security_capability(r2, &(0x7f0000000040), &(0x7f0000000080)=@v1={0x1000000, [{0xeba, 0x1ff}]}, 0xc, 0x2) 01:58:27 executing program 5: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x5, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:58:27 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 1514.447929] Bluetooth: hci1: link tx timeout [ 1514.448992] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa [ 1515.201593] Bluetooth: hci1: command 0x0406 tx timeout 01:58:47 executing program 3: clone3(0x0, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x5, @fixed}, 0xe) 01:58:47 executing program 5: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x9, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:58:47 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:58:47 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:58:47 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'vlan0\x00'}) r1 = dup(r0) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r1, 0x8936, &(0x7f0000000080)={@local, 0x78, r3}) ioctl$sock_inet6_SIOCDIFADDR(r1, 0x8916, &(0x7f0000000000)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, r3}) ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000040)={@empty, 0x5c, r3}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x1000, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x2, 0x1}, 0xe) 01:58:47 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {0x1d}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:58:47 executing program 0: clone3(&(0x7f00000008c0)={0x20d074900, 0x0, 0x0, 0x0, {0xffffffff}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r2, r1, 0x9, 0x0) ioctl$sock_SIOCGSKNS(r1, 0x894c, &(0x7f0000000040)=0x1) 01:58:47 executing program 2: r0 = clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r1}, 0x0) r2 = perf_event_open(0x0, r1, 0x4, 0xffffffffffffffff, 0xa) r3 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r3}, 0x0) perf_event_open(0x0, r3, 0x4, 0xffffffffffffffff, 0xa) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000280)={0x0}, &(0x7f00000002c0)=0xc) r5 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r5}, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000300)={{0x1, 0x1, 0x18, r2, {0x4}}, './file0\x00'}) perf_event_open(0x0, r5, 0x4, r6, 0xa) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000019c0)={0x0, 0x0}) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000001a40)=0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000001ac0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x3}}, './file0\x00'}) clone3(&(0x7f0000001b00)={0x73100, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180), {0x25}, &(0x7f0000000940)=""/4096, 0x1000, &(0x7f00000001c0)=""/139, &(0x7f0000001a80)=[r7, r3, r4, r5, 0x0, r8, r0, r0, r0], 0x9, {r9}}, 0x58) r10 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) getsockopt$bt_l2cap_L2CAP_LM(r11, 0x6, 0x3, &(0x7f0000000080), &(0x7f00000000c0)=0x4) connect$bt_l2cap(r10, &(0x7f0000000000)={0x1f, 0x1}, 0xe) [ 1534.485748] Bluetooth: hci1: link tx timeout [ 1534.486742] Bluetooth: hci1: killing stalled connection 10:aa:aa:aa:aa:aa [ 1534.488245] Bluetooth: hci1: link tx timeout [ 1534.489148] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa 01:58:47 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, 0x0, 0x0) 01:58:48 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {0x1e}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:58:48 executing program 4: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r0}, 0x0) perf_event_open(0x0, r0, 0x4, 0xffffffffffffffff, 0xa) pipe(&(0x7f0000000340)={0xffffffffffffffff}) clone3(&(0x7f0000000380)={0x80800200, &(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0), {0x1b}, &(0x7f0000000100)=""/205, 0xcd, &(0x7f0000000200)=""/222, &(0x7f0000000300)=[r0], 0x1, {r1}}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:58:48 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:58:48 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, 0x0, 0x0) [ 1534.771762] audit: type=1400 audit(1674439128.191:18): avc: denied { checkpoint_restore } for pid=18437 comm="syz-executor.4" capability=40 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 01:58:48 executing program 4: clone3(&(0x7f00000008c0)={0x201040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x69) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:58:48 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, 0x0, 0x0) 01:58:48 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {0x38}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1536.513549] Bluetooth: hci1: command 0x0405 tx timeout [ 1538.562537] Bluetooth: hci1: command 0x0406 tx timeout 01:59:05 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:59:05 executing program 3: clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x5, @fixed}, 0xe) 01:59:05 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:59:05 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {0x3a}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:59:05 executing program 5: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0xc0}}, 0xe) 01:59:05 executing program 2: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000180), 0x6008c0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc0189379, &(0x7f0000000280)=ANY=[@ANYBLOB="0100ec000100000418000010f9c704370733eff1091acb43397e4ddb72b1f234e4223c3d0153b9f972ceb48d970f902f839fd2d7c9a4f91ba64aa3ea9be9856697884ae9bcde22a8f124462c443341891e3898ff9e33b03158a04dd02ceb7f9b1acd384751147b08678df3de46", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file0\x00']) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) ioctl$FAT_IOCTL_GET_VOLUME_ID(r1, 0x80047213, &(0x7f0000000240)) socketpair(0x1, 0x3, 0x4, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r3, 0x0) r4 = getegid() fchownat(r0, &(0x7f0000000200)='./file0\x00', r3, r4, 0x1400) bind$bt_l2cap(r2, &(0x7f0000000140)={0x1f, 0x7fff, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x2, 0x2}, 0xe) getsockopt(r1, 0x7, 0x5d3, &(0x7f0000000040)=""/80, &(0x7f00000000c0)=0x50) 01:59:05 executing program 0: r0 = clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {0x2b}, 0x0, 0x0, 0x0, 0x0, 0x3c}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) openat$cgroup_devices(0xffffffffffffffff, &(0x7f00000003c0)='devices.allow\x00', 0x2, 0x0) r2 = gettid() timer_create(0x6, &(0x7f0000000240)={0x0, 0xb, 0x2, @thr={&(0x7f0000000940)="c09083e1a7980d08e70e80fa38ae5f5272c267cb102d841485a695675dccf3ed9cbc029f4b764d4e4d10287e3bb3bdd3fa519c19992f980ed1dfe745c7ce182d0f242e739971c9ea8293c2dc5c244ff407e9942814a885d85aecd6a2b9c641e10397c1c424fd5aad005a24f281288abdd4c1b125a0b99d20d8541cb86ea4f49c59681f7bac12eeef37a665f8b16d4aafaea1601f668eefe4ea7abbf6202f7f0526a4b308fd4d01ab2b73a011f252d065bba492a56ce29a7c6541b0b1f94e3c257b43851edb2694a807bb18de1ebf52fd2ff6c52f3ceb3e43e05ecf8998669e6bc9ba1de7908e75d91bd8201f6ee9342247ec536dba1da3613fb590cb3deee55bd25bbee4ed5823dfebb35f996c56a4ed356c024994d92dbc4a0b1e62626599d97024b92e00aedfbb802ed558e470cdb923a557d50cab26fb28e7775f2978b543fa78c7c290e09f1ee22c0394282754cb0bb7361bd989b4f87f452c9fefbb99058d16a8b9dda4d284d0bba4827369bcc2bb01de71adee037ce15691ac48a67e625fc664120dd1665e3646d0f7a268bb5d7d0bd38b5603eeda56c307a2f5314a2dc7a7f920143f4e48fa6c0402865eb07760737999c42b2768c477d4c822c4eb59619153c73011d4cae6c1328af55d30ec0971d60beae385b0a30bb6ea335fa8a2886d6e31236c63dee0e8b5b659cb7f23b7e67e8c8f7836431ba512fcc4cb54995d1603fd5583469a27e26056804841995c09eb3b17198448c4b467f8ea3bec8a7da35e3914bcdbae977cff014ecc7857d11182a506a259e95e1102baad207f6c9a07785e75bfa916fc3fab1368a3d62a19ab2c65c41d58321c45af1bc6b4fd145c8f98deb4e7929b07ff3f654d4f0d0cc8f4e1b8e662b9572a6522014f6757597fbda02ae7fb3d518d0ad4cc5f067978b4fcdffe42a6e0383e1e8b97c6bb95ca82ac7f6dfc1fed716e189f64c6452552165bcf0ec99918a934d10fbec8c83fb30f22389d971ed927c2e96955f1ad81bf1a12b6f480ce32ac1e027aa12ee9fa895428ec831dd9d2bc57080367577d0f5743e88dd4bf12504e589bded5e5d9d0a6c76aee7bda912362b7bcb6054f94300f3eefbc6fdfef00abdcd89359a5bc6dbcdce228c662acc18c04dc9286b73c391b8143d29a245200bb0d67069768ec374112eff812337c7c75c17e3171a3e243c759ed75327c1920e8cc8d0be9014efea985d8901abde8fc44e67bde1c726ba232815ed92cb8e1a3dda72561a2cae6287d308122e267c61e398600be06721c207affd693acd50ef76538056afe44154a74f07bbe70dee2c4c36541b2b3bf1a86a181b9c859f7b0186cb79bb88f1f604bb268bf14adb39c1de964d8548328858afbb5ee93e68c9a9bba7e5395b2fc6f0fe1857f25c4c5e72d69f3eefa1c09ea47779428b342860cb4287f5eaaf998a1abd6ff3d09a1140e5a4bbb5d9d6533955131194103b2a601f9e8d98b84d9c93aee92a091b6ec81b3b9e66d0f6289b7d5a8762db3ed13aae85c6497bac6c5e560dfc189f074f6068830e0a4c21d6063e80fef28917c888a6ac0981ad47bf63cf77ba0de5deacbb6c2b448ca2ce38c3142e75bb27113a7334231c0f94e73c8575ef51fd5df97ede9948f3b59a727b06e423efa8fb3262984c1af7c4b89ba6c27f289bb827735096b7e25f4a5e418d2a11b3f64201de1838d3714e108145d7968bc2fe3311a987c408a4c1f6cf60106de2c6d13a64a78fa106cf3484f86daa3ea7fdf0ab856187ae2c9ec29c5521ff5b876e8c4dd657d676aa5206b887e86c0d89fb4c9241495b062747e23411fc2713ebef4c131cf4bd23a2cb78f1dcb1b662e7349615352df9bd18029bbd143e076864bf909a5578537bbb460d8e9e7b09173b15ffd9f1a370bec7da5b46c9a221d43f5b822a916c4340857d7887c83970239348ed75a160c5619aecc7754d0daca8b6d07ba8f9acdcabab66e90205e8689489fffc43ddb377653f4ce359d8cd42b05907a7762a879bc3fea509ca25f3f909ca68451e987c55aa6013671fb7dfa5e4e6abae3a8f7aab1238c66f181b0cd1a21a0c4c53cb1379e6c8a7bfa5ce731cfe40aefb0420a46505de467f445ce98cced07aa9e95c92cdfc02ea67a480d8d4dc00bf9dee04c02ed89d92f242e2f50640a02ead83f9cd65c492f6985ad3a3245db5e403683ec6d8d607ae135befaaee2d189705d81467dfe6e58161c67714e44ecb86eff4fe6386b356d3aa70f67f5dce6962c7f88ca1c4b1fe81e53c6e304ba7bba29f325525dbd17a1a525121794bbbfefcbb760b3b7d94263a392e61ae8cb988b65a8185ec9b3571296a502d9a9a30479ffa84c46864e7e749ddb9f83e83e5ef1152d782beee25fb05866ef6452ba8be4510367d79e804470caf45fbfbfa278ac95ade2651050c46699504576733756ca0a984093c26074d7d5311e653cff5c09fc773650596ae19d4b7448cfb0882eda2ac590daf730e5ed1fc19b6c7e060f2c013951bbf2b1a170aaf103037ab43f49c67c5515566e6baecdd4094702f27f4a670bf6211f64935e10719a0ab39a020a4271501b68ae17ad9a4d2bc0008d0f3e9d17a7f9408d6b62a065a2421438c3cbc2275567611a35229600f92e5cae52ce5a0ae5063287f13f53a6d24da4dc5930844d08bb02c03196c4e744d589d379b4b1fd87ac86f206faf2c05d0280163fe2ecb8faf7f99b3380ce68e9e34f2feefe82a400d17e4103df4c87c350155bf0bdeeb548af36db5f0464c501128295af4307fb192c0ba7d81bf94777f6c2f9d60783f0c3efbb29ff91deee212041fea45e8499320d5e7d17e267f58fa4ee859e5bce39526ec6ad5eb0d2e8011dfab518a8518d6d0a96371a358ac220dafc1bad947debc1171699b2d8e1a66ffe62c81ef92d6f7300c779fbd2a04f85d6612393440fa3bc2dc08cee0f596d58cbda98a5f1ba847b976cc6927fa1df1cc48ced95b9dc32e0d3d801bb11dde972308fd444bda9a3745854eaf46446c52f4a9367b13da79aa6bb627cb65ac500e004927f3b9a67083a7549633a12cb83e2f3b75b5cea11324304abf54a1c165a31ac466dcfade13b9e33632f096e27ddcfdfc035c51b7d0a6f1c1d9d2a2133136bc70a911619b11407a56d4e7d052a77dd95cd41847bfb68aed0054e0b7baedf6160c25b853baf9b4e8da3133c9637e1c7cac34577a406d0e0b95cdcf2b4bd077977e34c76b48847644150265db716c24c53d7869a6aabb9640c8adaa7e52ae982e07d75c742416050d268dbff4c29271de236b89229916d0236613b50d003beb4c2d6be2c8fbb46f31597a1293a83a23c09540872cfb64b5e73c851b3b2403c4c9acb9b1997f32eeed3847a726603e1edece5ce1e0a39ffb9cbc6c099c2384f0d313d13b118499dbbc620f5dbc7cb5f0b949f94897d0cb823a2236111d460f743e280c69af901b82b84911657ea81b99c46e5093892d537a3ff4d98519f6e210c2c8d130420256210a2a30edc7dc705600fa364c19b67b9d00a669fe441ed6e4d676846f53678831434c30b48fe3c0ce1e277013e71f4a9934729d7930afe20c417fab243f94907a25efb5fbc3e3c81588ed3d30a6569d0f79b1db02ac27d17d4cee887caa266c5e670b463f6a02ca2df44da547c4a3205500cfb676cde3a4a475ee1db1717c3c37a61b3781db8c69363a2477419fbc90eb4bac2f652fc2284bf37be6db0c45c2455f4aae3873d75611749b6782f9782b545046c3752530c72e04fb504c84b79ac008044c2933911bd266e55d057c0bb05ca7b520f043434242be52c4485440288508f68b6e0b2b47cbcd0d01580772ce18b04854c2835d4f4e92c1a29c6e2364a8ff8ea42fc98659e6c9f933f50abbacb1e721f5a69a17ea809f28edfff29a3a22e196ea0b2afc5cf6205c2c5300768bb87bf290d285e586db8274f46af20ad92dcf7773246bbe8ce00844dc0cdc104b924c0fb2581ef52a748631fe9ecbb7a717664e99ab5543a5bada1106d02c60a1496ebbec0dea47f8e02a2a05f902be68192f31f38fda4bf02150ba4587f1ee8a37cd73ea52ddbc03f0a46eebe29a2422e5005e020ae68be6fd797bd59d75c7dc131e0cf51c8b127f74294be7dbb71f7d387addf6c847b7b29551608482d59b97ce361bb959296f8c580fc2d81601306af1b621d7b4988d7712e7fee9f143c8f60fb18e11c6921ef0017876ce9ad74a51ab4107ef7b22b16c1e1cffa3933ffe2ef1556b8830434e773cfa9b24457994876923f68fa213401893ca887185d0be1c644527a7f7512a709b1e3cc5cbf32bf933f19d681f8a917f5b49d3187d9845751922a8fc8d2b5ddf4fb8d9751e0f324155cc7ced8a248f4b2b6ecc7e18554754b7cdc03cddba2c388c215e806a37a491e4959f706be1ab0617079a3dfd184d57ac8bccab343fcc484190fbee852c9258a017736fae4695c18cedd19f824937339c96db60ae32b80933ec01f87fc3e216431e643c5f2f553073c1ce93bc8ee7647df83154c4abec5c28836f11f5ff01d34de97dad94e58295b67c871477d2a22bb69de586f786c0d96a8ecec9e637161e555a5fb695ade820649ce009c812f2aeb1e2148d04bbf9ef61197d3c285adace27059184bbd16f20ee2247a0a05139f13f2e44e6d2f56592d6f69ed0d5c5f933156ad085b31298f63d981f84dd3eb134b97c566feb7cc9e0121cfc6f76a0fcee7497c6d8b60375349948ecce8fc9bbe43877b22377a21f1fea545cbc60b28f6a464ea7db57da171268d84da190d0b36d1de73661f6517886989bfc052ff7f16b2713fee106f2bcbc40966d08ba95682494bfd9db8e93710a57beec706b49f05ea9db3086b5f1e862d354e2e214d0653b84ff0a6216a718456a9dc7c7967ae6f093bffbc13f009c0dbce2d8e713d48939a0b1c3d07b40e9834a156879beabf5972c149fe06d836dbe52e6646c4fbe13293c525f7c41a81d5c49b074bbc0d7902b299fe8dcc4cc6e9f30d19df001c3e2a90432befabe2b5dc730b0fa6db1e0bc2ba750f6097f506c787ac5d08014aecc08f4a38ca717c2029a7ea456ba6c27805c85b15bd1929cd8e7fd01c08faf74cffe33d01ff72c048aa23f347d2248245115182f076446c7caa2ea62d5d28d2ecef3bf6df6af3c824aa230959e09a4bcc9f76eab4f55fc97c0c3c06ba479ad657d0a9dd0008c0c54c1fc652a1b7b07fce6bde1119d54000dee9c79143d04c5a29ea81c7a180e40e23a648431d55d29c97259c1147f6643c1ad3f4cf4cbc4efd3c2938c506b3ff10b58ed9ea8c15e13b62d395124216217111276712bb4fab2e5df922e07754e23258ca19a64dee42021d45647908ebe9ba6e8811e1844214aa83c1e235ae4bd78a1289722aff393ff13a7208271e043d040c11443b7c56230540c72b98cd7fd804039d707499fc6c72abd1163445a12450ff277275ebe2edd5ec6324e9a4e609d8c7c49f16a3df8da8a42f6f3d564dbd88b3568c476e51d73821580335d15da69ac6a91a97943ab988661e46e9ff3b9c1c578783a502a6b4855f18363c50b2ac2c687e2e0ccdb2b1a9a53e19254a8c68f81996b3541f89b44c3e11f35a33515061f2dc8f0c5d0adb7451cd4f6c4457fe85804933cd1d3762ded368041078675c7bc5845db4909ebbcd13ef9a78b317222adb7a9740ba18bf37bdac1e93affaff5882b6a355d9c1044b334797d6e8e3b400b986ff68d46f3b4955d595541f2a555b3ec431ee5dfdaac31a8dfce2f1c23ce14bed579fb971768785d47d", &(0x7f0000000380)="b94b9d40b39ac21840e35fb3897597d4570fdfe8cbd6bb5ef74da53f973b2c0abca525c4c3"}}, 0x0) perf_event_open(0x0, r2, 0x2, 0xffffffffffffffff, 0xa) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000400)=0x0) r4 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r4}, 0x0) perf_event_open(0x0, r4, 0x4, 0xffffffffffffffff, 0xa) r5 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r5}, 0x0) perf_event_open(0x0, r5, 0x4, 0xffffffffffffffff, 0xa) r6 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r6}, 0x0) perf_event_open(0x0, r6, 0x4, 0xffffffffffffffff, 0xa) r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000440)='/sys/module/virtio_pci', 0x690001, 0xa5) clone3(&(0x7f0000000300)={0x180210c00, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100), {0x2b}, &(0x7f0000000140)=""/171, 0xab, &(0x7f0000000200)=""/23, &(0x7f0000000280)=[r2, r3, r0, r0, r4, r5, r6], 0x7, {r7}}, 0x58) ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000040)={0x100, 0x81, 0x9, 0xff, 0x7}) 01:59:05 executing program 4: r0 = clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) r2 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r2}, 0x0) perf_event_open(0x0, r2, 0x4, 0xffffffffffffffff, 0xa) r3 = fork() r4 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r4}, 0x0) perf_event_open(0x0, r4, 0x4, 0xffffffffffffffff, 0xa) r5 = getpgrp(r0) r6 = getpgrp(r0) r7 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r7}, 0x0) perf_event_open(0x0, r7, 0x4, 0xffffffffffffffff, 0xa) r8 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r8}, 0x0) perf_event_open(0x0, r8, 0x4, 0xffffffffffffffff, 0xa) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f00000001c0)=0x0) clone3(&(0x7f0000000240)={0x200070000, &(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0), {0x23}, &(0x7f0000000100)=""/169, 0xa9, &(0x7f0000000940)=""/4096, &(0x7f0000000200)=[r2, r3, r4, r5, r0, r6, r7, r8, r9], 0x9}, 0x58) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 1553.793942] Bluetooth: hci1: command 0x0405 tx timeout 01:59:24 executing program 5: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:59:24 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:59:24 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:59:24 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {0x3e}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:59:24 executing program 2: r0 = clone3(&(0x7f0000000040)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) r2 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r2}, 0x0) perf_event_open(0x0, r2, 0x4, 0xffffffffffffffff, 0xa) r3 = fcntl$getown(r1, 0x9) r4 = fork() r5 = getpgrp(r0) r6 = getpid() r7 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r7}, 0x0) perf_event_open(0x0, r7, 0x4, 0xffffffffffffffff, 0xa) fcntl$getownex(r1, 0x10, &(0x7f0000000380)={0x0, 0x0}) clone3(&(0x7f0000000400)={0x80100000, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140), {0x26}, &(0x7f0000000180)=""/203, 0xcb, &(0x7f0000000280)=""/245, &(0x7f00000003c0)=[r2, r3, r4, r5, r6, r0, r7, r8], 0x8}, 0x58) 01:59:24 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) readv(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000000040)=""/231, 0xe7}], 0x1) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) shutdown(r0, 0x1) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r2, r1, 0x9, 0x0) r3 = syz_genetlink_get_family_id$nbd(&(0x7f0000001500), 0xffffffffffffffff) sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000001680)={&(0x7f00000014c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000001540)={&(0x7f0000001600)={0x5c, r3, 0x400, 0x70bd27, 0x25dfdc01, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x37}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x9}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x220}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x14c}]}, 0x5c}}, 0x200000c0) r4 = openat2(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)={0x40200, 0x108, 0x8}, 0x18) sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x60, r3, 0x8, 0x70bd29, 0x25dfdbfc, {}, [@NBD_ATTR_SOCKETS={0x2c, 0x7, 0x0, 0x1, [{0x8, 0x1, r1}, {0x8, 0x1, r4}, {0x8, 0x1, r1}, {0x8, 0x1, r1}, {0x8}]}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x10f}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x2}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x60}, 0x1, 0x0, 0x0, 0xc040}, 0x48004) preadv(r1, &(0x7f00000003c0)=[{&(0x7f0000000940)=""/4096, 0x1000}, {&(0x7f0000000180)=""/233, 0xe9}, {&(0x7f0000000280)=""/115, 0x73}, {&(0x7f0000001940)=""/4096, 0x1000}, {&(0x7f0000000300)=""/162, 0xa2}, {&(0x7f0000002940)=""/4096, 0x1000}], 0x6, 0x4, 0x8000000) 01:59:24 executing program 3: clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x5, @fixed}, 0xe) 01:59:24 executing program 4: pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r1, r0, 0x9, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0x58) vmsplice(r1, &(0x7f00000005c0)=[{&(0x7f0000000040)="04e7049df86d7086e1cad05d99c7e0a3faf42a7b1474a307b72ae159b3a2bf8388381da8a7ecba4444c0bd46b5f9d7ca53f4617dbfce7b3d8ff6c66aff8ebcd7ad395dfeca106c47824f6b89f5bb423c65c5114c01f6c1a800673d2c12d75325ac5e87a96fa53bb67febeeae3d505953e723358381bad39ddda09b147d505c0ca4", 0x81}, {&(0x7f0000000940)="0653f9a8e924dbcfaed03c22a68e59e1125fb41030ef58c45659570fd8701baa74520c915856da0f8fc9c90b22978a1f517a23dcd78157ea441bd047419c745e7c1ef2a80209a5553c8d804ab9af1714959665507f10f73c1270291647bf7af0fee99988f68dd680854badc11bba3eacb3c52ac81ca8428b8cc759e2ae7a852fd47014dad56f0962dc85602d9360811f165d13611009d80c5f7ef20bebe370398d7b451d8648643e10025267116437b52ffda97542c2c4114d47a82ea2766248751e4fa71e14d2abd6d17d03ef3f72dda48aa55df2384bcf7824f98eb5145fc5e8474345a30c27a164075330abaed49a91f9db6bd6418fb78ff26c3ceab4e774a6aaede7ad60a94bac3b2f5076290320c503d8cb3956bdba29b5ddd3fa481297ff2b4891c50fa12537e6f49e54b66f08e4aafb4acc90180aeded7b80a189951369d5fb951cc7ab43d577fa46be39e89c8a67c6673694bd57db0f0f9b51aab70ee9bf7f9bf45efb69028a0a4ee720cce44373a742d707e5bd85b72a6a90ae1deb4cb763e341bd23c180e241190bad73d6007d42d488853ff1dc24c55bc6f6f4f143af64051802b1038b89a13882250a9745c6ee94eaed1a698e149bbe75dc5ac21dad89c102c43e62725d219db3a762367dff0de7c310d9344beb5382ebf3dd6b4b15118727c296e59758c7f382e090733a8b4efa6f8465da44248adb69c8577c874c3e1f2c948745b067bcc0304c31a74221e87cde74caa8d96813dc8ad427cd31314b5b1ba4e0b2756cf142990b94138ec1d349f9023bb3fd8a0ba0fcdc60dfae20617b36ba3f555a474063a4d70d16ce3d72d936b7db289431839ede497deeef840fb08c12646c271831b52aaa8cca6e9dcfaf8b4c2351c35999e3be02cb41374f04ff98b11774874fc24c021ace6f666f933b6498a868dc502982b5800beff5f32545de2ddb7b7e5d6e7e0add0b8a87a800e3160f3fc374b49fe9f7fc150880de4fe522c06d9fb53bd6b779b3890e884875a66a4550ca2acc40d01839d636a791d9e356cd72b6b9ac19e6e26c13f4c85e76219000cef6638a64b3d7f2191eef80a9d542d4c375dd978b9c3fa17e867a30c281e2f0a5d48c59955f379395a7c592c90690b01fa17a576b021cfcb1cc58d78f3d94677458d76ffaa757f8d17d5bd106765520a4a0bb50bbb74fd177f2d8898b38bcc572ce47c7832b188b4bb3c1bb24203adf038764c381fac8e16a43f2c850490749cc8d2104eb2bfe3c428cf5b62f95bf2c725a38b7f7ee9a2e0bb0ec3299d18fb0bc056103d064d6972e37456205af020fdc7ddfd796e8bc9d1c9656bb5b5cda9b84b68a8ef9bf29c2ebf4490744f4411279414e7f028709c4e1587c272027ed077ef357dfa66665969fd5c6eb2cb7638d06d0ad6be54c7d8b10d7b3ea65626895be4fda7f08dfddd75d56a32c648f2442045a8004c3e6d8e1895ee5de1593c35c3e518a785500789a649b3404f1c54621531732adf6490699c912a6d3798c166ae46b8dcdda56f5f967fce1695eb6002a4c0cb19e627c87e86c0c08aacb75fbbbfbe8c4462c2480a74efe3e16a9b7cc440a23350488b37749328ed4a93802940488ddf077a00bceefaf9c753e236ceee7fc42f9124785379250d04dc8ff2898fbe06fe54358f4cbfb0db9d04eaed08bce05174ca267743be3aefc74b83b3b67dd3870ae63767531398c0b1b666be76e3e08accebb43236ab58c5a9219b7cf4064633c9be863c189d50618a78126b9d8047b0642192ca88134060645592790500bf5e321d7ed9acc897a05cad92f449043113dac48fd13bde862e5fea3107a9f6305790e20eebae2edea0a3d34c3375431fcf38d6030cfb401a9ece4aaaa5b0a96ec7de3737d0e83ddd071a380b6d05989219e18a7b4bdc308ed305a588aefb7cf21af9715513a6fa1075c8cb1800d4abe31d8804fe26cc6fe2dc82e01988ca87119967ccb63bf460df1f8219db0c9b3b4a602345c7abc0880bc0773047cb7d36340d3b1f3b99f7e090faca1533f55493c9b9bc0a0faa8c642ede6435c866a95fd9d4ddfcfcd7f0087966fb899d8751a6a659d34305e3e569c7d7ed46caf72313bcb29b1bae74260ac418110c1ae76fcb2bf9cf393d6fdef9585f24b4152b5699509dd09137d023faf6b4b684a0929a02c89d5bab8bfa937e820d1c0263509df15fa9ccba60726d5a9ddacec4297528c19a553f811a7f87fc34566315e5cb13ed32453d334c6966553d76fd810610ee9106799e9c9bffb9993b4835b09e31f6518d8fb1d20869195205e915cbfe8ae31bb29a1b45afc2a1bf9ffec3aa145436a8810bb51d5505a072a9a62cd20c6deadfb894b4472156a59101f98cb9b2ac633971f33d00fb36fb5707c9d70d1bb7ce2206ff17213704188ea1518566dc93a1045255fe1ecc57b4f14402cfded1352aea020d251678345c933166b19f19c6d7aa2485615d43b2c2e0638f2bdf7d89e5a2d7dc53cf9401fd4b07d8e4a10ea4672dc22a5df4c87a2f8fc4f5640f911dd846fac557f7088b9e6eeace003a4857107d99d3739312df1e3c4f43b382c0da448e7c1c9580fc971dc61036fc5a312d8b6f055403c5cd231cd85dcede7571734b5bad9676dffdc48ca6c591cc9ffa1b11adff48870d7638b8514987f5d8b4e7363765585441b34447af7055d346d398712373437c2a215de1706033c21fed89974677c9e1b81a4045cb0177e0d777cd0749a796dbfc28098482981c319826b8450543638da84cc7678a3a0d7f5fbc0724b03d00607c34ddfe28f47a2c9d67b13f9411da5afc3598b797ddd6f2d9579bbc4c7379c9eb527ca52ba2b3808c9ba4f2221a57cb28f9044acea0dabf739aeac019a002eb8f698be28e45c1fe1896634830d78e245daf44ee4e6e292b2c763a7db21bd8c254df088417d5d657adc1aa0dc6d77d267986f848d6143c8a7e79f3ee0131172843f512a1e1de21431741a0e8b768c49d41259c1c75378272e390d81cabf97e37aeb021cf735b7c266d32842dea3b5ae412f819b74a5e558a693942d895d13202b4c4109ed58a3f29fccbfc6a0b88b2d48699b95a25d6c349b7daf176c98bb4fd2e2170a573320ef8e6e8665e1db3363367ebe1a2bfdadddcdfca1d19c2850535861166196d734fd96ddaaf22e74a5846103ee69d8e27c81430f1ae69c09fd6f7bff1e60b613e0aa8ff47327b74d137c0fb32080db7253f7d33390eee74154758c65ff46b429887e7db2b590cc708c7242283721a93efcb38cabc47679a86d5ace0b5544632512df7fc5191247fbf30ff4a892b9bc57e87656164a954224c38ca6a3c49e8ac65300bf8085f96c5dd84d6bc45e25da9cac2c251cbb8ceaad1b6c955bb552be16a9b9213f1791f07715175402a4e80aa416bb67ec44301b7cdbefe06f20645f68e01d85b337dc154a266b2ff5be1d6af0c86996b1a576b7f6f9c7891a9b681b7f4a548cb2b264d146ff284eaf2ae177b14fe9ef2f20a045d564a43a9a09432ec37d0a681b700448f1ad956e8da591599c34696ad065bd2963ac672776e2066fdc1f9d7f1ca88e4d18a819f11f047b11cd91ed220bc4e7c131bbd23e904c68aa5d356c793fb7e0431d792ffa58dc77ea55017d793e2501949c77933690081ab0f0e0c68a08bfbdb8974d1d1e2896cfc240944075f981ded97f9891c41b72e573e790f14011656cb6e8a1761b37e7718898724b396e2d86946d8c91430482870a37bb8db68b503e9a639061478aaa9938a1a85b8085e6f2b2ae033a65448be665680a9098818c209d934e43874ff4aec6a231880524f217f027bdaaaa801fdd3b4d04faddb0c030ec443fcddae3dc62bb93a7788d99337c2469297a1350cb22172f74b6bd1872fe44fa84a6d4bb357de8141c239dfd49f9615b11d9e1b09692e9fc8fd43629970675b491f4d1c20b8563dc10ba1a2e33152708687afb082a5bae31bd205ba971a5c3f594f150fcaa7765573a03691a1153089470d29111ba724e1e52975b233053763a21d99725fae1fc2c7224d5a4ee5bc7b507c81c3c884de2a2eb2334e821392becfba745e49c4e57c7df6324d0ff4cae0b5d2ddc1a7e9b9b1016effdeffff9f720e0cfba7b262cc506eb48397a02cae608bd5f6c9ccf0dbf4b8128219a972eeda6bdf7e2f8fd473e4ddf61a7e216cf45601ff4e64ced7e7519a3f1088b1e5f75c974286f09a5fa79e77a2916983dabde08b0d5298f359b78654dc8b8a42a24f339807d7cb838d6c72eeadba201488d7b1fea6415f52095e6c832a1d7d5da5f4488c640ce9fce0183b1652586dc9f4efc6f7b1a0f6c2b2604ae309d6ccd93055b2730b62926eaa10dfe1bac507c49b67b279acf8b5a3fd83be261a21eda1f5944b629df5f36a2130f8388bd68c1e05ab622a249507a2b6abd1bcaf1407e323b746fcef8e820b8991a748f0e2ff9cfe36be7be3937914c46ab8d3458a3dbb1436a283a5886b89268f09c8e902e23f193966fb41760c295d71ca5cd7550f837ba623425db87036b914d538bf622a37870ad8638821355dd712fce3e1f720d4ecdb7e6d63b2ccebe7616e765dd5f3512b3cc025ab82df290b032347530b467d7d70e6e69f760d3296e3c21c1cd4d9f97ddd2f774e6c2089f9e3fd1bf825c2e22e520c96271b409a4e638175038c6c9edca86013371c0ee7c094f87ab43d5460c8c923c3c55feeccee7baab27be36a049b86e85a14407f54902d081b4d8c5c27b8db1ffce6f8ac1d828ed5705ff9f68d481b556900a90f6c98c109e57bfe6ffc7560e4717730b5bff8e46ced5e52074935a44dce9ca01137c66cbd894ebb7a09f93d900d90f36e209b29de5909e73b52ebad7dbfbcb69402be1874334eab35e7667cdb8494c3c5aa491038ec9a2193f53ff7069fd42180f504e333977c0de43dca45da82e7e66afa335380e3262f07259fdd81513b256aa6959872dd762cd5e2f0ad3acd11433531e55b61d7daeabb632bee0cccdd59430e0e8b9bd49e267e5cd858490ef56debf4fddec1e32666573fe674640be49bda1881900db0859c3e5296394fb2aa37b66e9f6f0c9b1c2dc12f2eb94431266e53487474c0774df6361c43df2ee021efd40cc1031bb5c57da0d50f6ad9b63e364ab56bef01ff9dcd579c718097c965eaa5ef84c3e76c3de9b864ec4c58a6227e03782043c776c42b2b479ee81759313f0ecb58a65e785e56701571abb73cf656976ba4495ff87ae78920f737100ba5b020b543a640f009cab94b92d896f0199c667c462adce800a204c7bc76e3f61e663d0a96bc2c247a6b9ae26478b1ce2660fb3f64ec26d66d53ea1b5c425126d9a6be8125af615bd0586bef1c67a88c331d7c92a3bfb8492cea6e37194f205a754d900c12e3b45b46c86df557b0bbc1202acbb317eab2a3ea573b340b54e1d7bea177c189f0165b9688fd698f565eeb457950b161b2a66fa652ab4ea005afe3b73390ea2c4680ed5c17efa3e973566d4c5269cde0be2f03eb986fcf271bf100d17ed08928ed64157bfa6c3444e193ded574d276847d4eab99925a713e10102e06113af1e3db06335a2e2fc6de77323b99a0939ee860b1abf4aa7e28e081989e25a26419ea89c9aff27164d13c4c9010b4b51cc9864d8bccee79c73ebc775a1e30df4c6f50b3183b3a17eb3a6bfa4580a63f9e037754357adfe475841ff47642b194819669334520bd98b6d5c8c9f20ded6da96c99a9e2aff7164fc25bf7ec3d4ff8c7c5a2ecac426ac0dfae2e2fdf048c064294ef468b30593", 0x1000}, {&(0x7f0000000100)="b324393a79b250f06a8ddd8d2e17cdb019cb61d0d19581d59fccd8c886c6bfe06ca23703e8abb361cd39a814a51c5c72cacc28d4cfa31af65b82b2f03da74c7fc22724bcb3847579ca291557a32c846439b17d59cbb97522926adf9b1ba5d026d84944e069bd361d591085ac96ab1793a7241468c5959af66b4424439804a73a5fd67641", 0x84}, {&(0x7f00000001c0)="4a1f4168719957f7d83ca47d6d47057c008fc79577d4a1de651d416060b6a94919d6da9c9a696eea38b051d8c8c44477ca32839dc56656f8a22834376bfb4faf6a9d5cc83c15009e72fc7317c9958f035dfb93bc00846b9ae0cd8c5a7be1e22fd02da99ec6ab061d2aaf2f805c9b6751de07fd4bcf47f888c250225fd6ab910e9511b7af5abe41d6aa0fcf069f4a2ca89fb3d7f3b3ccd0cc91d62c38fc3bbaa8dccbb58ade4e44b8855bf46668dbb1d6ee5c51cb76bb888ef065d0747dadd0644932a0361e761dfcc88b7f3a27696fb6f424f567ba", 0xd5}, {&(0x7f00000002c0)="3ab2562d687047d21523f823472bf23dc68bc7fe9c7674d35248bf0bebd74a9617eda66087a2d3375e5f791ae6c293433e6fc5ab3b6753b9e02c108021f8964a68984cb1955a4f970bd7d11f551e97e62c7f5a2fb7adde1190edc19435bf1181cb39b23139db7362b47a96b940", 0x6d}, {&(0x7f0000000340)="e0164beed175353e3576b71b13e3f78fa78c865571f0d72eabfa9693e317d17e5eaace98a5ccae7a93a9ea7886621ff1e59f50128d51625d5d108ab0ec4efb9f4766a82cc2d08cc883d86865aea11783d5f274fa20e863923cd305e3cd3e392d5931f60a0fd6d183427af6b5fb434b6a77031ec966f4570c05b821787783b56a70ee551935e1d71e59b1e5a6c9ced9a1afecc4b9b3d9ba602081028396d2980886051426fffdf11c71e2fcc1a90dead2a968c2cbe64729d6a18bf0d3b00733bc61e415", 0xc3}, {&(0x7f0000000440)="bcca93e0116a578d0f12066693825fc0ddcd840a4267234e7cfa831a15a57c4fd0712a75b66d3bfaeebe", 0x2a}, {&(0x7f0000000480)="3b9874e4fb6aa1736e2ae1d6a529f04d1bf7ce766acef99fda52444f9d22b78d8ca5ac4a7f5e76de29b56adbd0cb4b0af39c776cd7bd73900d6885f6379b9f0a2e4e4e16c7516d4584e2f44d57a1377719d6d2c92c8fe0ad501743469ec77c9d1427127ff665dfa1a47aae3f8a8048093d90afebc18ecf90066739d81afae68b72ecf106a2b1eb19bd6001617619a6837b65cd4536140204f0bf700b77ba924d2cc5c6f06c30116140650ba483b07ff36404e0825913f775b550679f2adeb33e1061b9a6", 0xc4}, {&(0x7f0000000580)="6cda0fedc66f2e9ecf2ba6971e1833f256678f3895232231599227008f06fc341730e0748ad7", 0x26}], 0x9, 0x0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:59:24 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:59:24 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) [ 1578.242677] general protection fault, probably for non-canonical address 0xdffffc000000005a: 0000 [#1] SMP KASAN NOPTI [ 1578.243867] KASAN: null-ptr-deref in range [0x00000000000002d0-0x00000000000002d7] [ 1578.244709] CPU: 1 PID: 305 Comm: kworker/1:4 Not tainted 5.10.164 #1 [ 1578.245400] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1578.246306] Workqueue: events l2cap_chan_timeout [ 1578.246821] RIP: 0010:__mutex_lock+0xf7/0x12a0 [ 1578.247309] Code: 08 84 d2 0f 85 3a 0e 00 00 44 8b 0d e3 b9 cf 02 45 85 c9 75 29 48 b8 00 00 00 00 00 fc ff df 49 8d 7d 60 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 27 11 00 00 4d 3b 6d 60 0f 85 bf 0b 00 00 65 ff [ 1578.249269] RSP: 0018:ffff888043b7fb88 EFLAGS: 00010216 [ 1578.249829] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000001 [ 1578.250585] RDX: 000000000000005a RSI: ffffffff84ff8260 RDI: 00000000000002d0 [ 1578.251365] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1578.252109] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 1578.252862] R13: 0000000000000270 R14: ffff88806cf3aac0 R15: ffff88800e835200 [ 1578.253615] FS: 0000000000000000(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 1578.254468] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1578.255075] CR2: 00005633dce72678 CR3: 000000004f0ae000 CR4: 0000000000350ee0 [ 1578.255837] Call Trace: [ 1578.256123] ? l2cap_chan_timeout+0x51/0x3a0 [ 1578.256582] ? mutex_lock_io_nested+0x1110/0x1110 [ 1578.257101] ? lock_acquire+0x1b9/0x490 [ 1578.257520] ? lock_release+0x6b0/0x6b0 [ 1578.257943] ? lock_downgrade+0x6d0/0x6d0 [ 1578.258378] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1578.258958] l2cap_chan_timeout+0x51/0x3a0 [ 1578.262709] process_one_work+0x9a9/0x1590 [ 1578.263158] ? lock_release+0x6b0/0x6b0 [ 1578.263580] ? pwq_dec_nr_in_flight+0x2d0/0x2d0 [ 1578.264068] ? rwlock_bug.part.0+0x90/0x90 [ 1578.264512] worker_thread+0x61d/0x1310 [ 1578.264947] ? process_one_work+0x1590/0x1590 [ 1578.265502] kthread+0x38f/0x470 [ 1578.266014] ? _raw_spin_unlock_irq+0x1f/0x30 [ 1578.266706] ? __kthread_bind_mask+0xc0/0xc0 [ 1578.267371] ret_from_fork+0x22/0x30 [ 1578.267929] Modules linked in: [ 1578.268482] ---[ end trace d018ae51d1603104 ]--- [ 1578.269221] RIP: 0010:__mutex_lock+0xf7/0x12a0 [ 1578.269980] Code: 08 84 d2 0f 85 3a 0e 00 00 44 8b 0d e3 b9 cf 02 45 85 c9 75 29 48 b8 00 00 00 00 00 fc ff df 49 8d 7d 60 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 27 11 00 00 4d 3b 6d 60 0f 85 bf 0b 00 00 65 ff [ 1578.272809] RSP: 0018:ffff888043b7fb88 EFLAGS: 00010216 [ 1578.273531] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000001 [ 1578.274281] RDX: 000000000000005a RSI: ffffffff84ff8260 RDI: 00000000000002d0 [ 1578.275049] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1578.275814] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000 [ 1578.276573] R13: 0000000000000270 R14: ffff88806cf3aac0 R15: ffff88800e835200 [ 1578.277331] FS: 0000000000000000(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 1578.278220] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1578.278846] CR2: 00005633dce72678 CR3: 000000004f0ae000 CR4: 0000000000350ee0 01:59:38 executing program 5: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x2}, 0xe) 01:59:38 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:59:38 executing program 3: clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x5, @fixed}, 0xe) 01:59:38 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {0x48}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:59:38 executing program 0: pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r1, r0, 0x9, 0x0) recvfrom(r1, &(0x7f0000000040)=""/149, 0x95, 0x40000102, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x1}}, 0xe) 01:59:38 executing program 2: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000080)={0x80, 0x967, 0x400, 0x0, 0x11, 0x1f, 0x7}, 0xc) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r2, r1, 0x9, 0x0) connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x2}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x81, @fixed}, 0xe) 01:59:38 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:59:38 executing program 4: r0 = clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) r2 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r2}, 0x0) perf_event_open(0x0, r2, 0x4, 0xffffffffffffffff, 0xa) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f00000001c0)=@abs, 0x6e, &(0x7f0000000740)=[{&(0x7f0000000240)=""/111, 0x6f}, {&(0x7f00000002c0)=""/216, 0xd8}, {&(0x7f00000003c0)=""/222, 0xde}, {&(0x7f00000004c0)=""/217, 0xd9}, {&(0x7f00000005c0)=""/136, 0x88}, {&(0x7f0000000680)=""/60, 0x3c}, {&(0x7f00000006c0)=""/110, 0x6e}], 0x7, &(0x7f00000007c0)=[@cred={{0x1c, 0x1, 0x2, {0x0}}}], 0x20}, 0x20) r4 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x0, @tid=r4}, 0x0) perf_event_open(0x0, r4, 0x4, 0xffffffffffffffff, 0xa) clone3(&(0x7f0000001940)={0x200000, &(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0), {0xf}, &(0x7f0000000100)=""/180, 0xb4, &(0x7f0000000940)=""/4096, &(0x7f0000000840)=[r2, r0, r3, r0, r4, r0], 0x6}, 0x58) timer_create(0x7, &(0x7f0000001ac0)={0x0, 0x8, 0x2, @thr={&(0x7f0000001a00)="fbe65936df7f1a4c51ad443c0e299c64a73bf1a1ae6f00026ac64577ae57504a66339d9b9345e2ea60aa48aedf081176771b000940622611bea6fed775e86dcb08f374d61300fb8ab138da", &(0x7f0000001a80)="29c4447cd9491a873cb9b559477a58a1a097f964e4680d33e09192edd675759eb2a2934ebcff88c98ffdf2cb04490e2fd6bc66967ce01753"}}, &(0x7f0000001b00)) timer_create(0x2, 0x0, &(0x7f0000000240)=0x0) timer_settime(r5, 0x0, &(0x7f0000000280)={{0x77359400}}, 0x0) timer_settime(r5, 0x0, &(0x7f0000000880)={{0x0, 0x989680}, {0x77359400}}, &(0x7f00000019c0)) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:59:38 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:59:38 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {0x4a}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:59:38 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {0x4c}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:59:38 executing program 5: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3}, 0xe) 01:59:38 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:59:38 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {0x5e}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:59:39 executing program 4: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x1}, 0xe) perf_event_open$cgroup(&(0x7f0000000040)={0x0, 0x80, 0x5, 0x0, 0x1, 0x5, 0x0, 0x5, 0x20000, 0x2, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x9, 0x0, @perf_config_ext={0x800, 0x6}, 0x120, 0x4, 0x2, 0x5, 0x4, 0x100, 0x80, 0x0, 0x4, 0x0, 0x5}, 0xffffffffffffffff, 0x6, 0xffffffffffffffff, 0x5) 01:59:39 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {0x60}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:59:39 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) 01:59:39 executing program 5: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x4}, 0xe) 01:59:39 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, 0x0, 0x0) 01:59:39 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {0x62}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:59:39 executing program 0: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {0x19}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:59:39 executing program 5: syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x300}, 0xe) 01:59:39 executing program 3: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x5, @fixed}, 0xe) 01:59:39 executing program 6: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x9, 0x0, 0x4}) dup(0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) 01:59:39 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {0x64}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:59:39 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, 0x0, 0x0) 01:59:39 executing program 2: pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r1, r0, 0x9, 0x0) r2 = openat$incfs(r1, &(0x7f0000000040)='.log\x00', 0x10100, 0x0) clone3(&(0x7f0000000100)={0x1040100, 0x0, 0x0, 0x0, {0x100000}, 0x0, 0x0, 0x0, 0x0, 0x0, {r2}}, 0x58) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x200, @fixed}, 0xe) 01:59:39 executing program 3: clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x5, @fixed}, 0xe) 01:59:39 executing program 1: clone3(&(0x7f00000001c0)={0x50824900, 0x0, 0x0, 0x0, {0x66}, 0x0, 0x0, 0x0, 0x0}, 0x58) 01:59:39 executing program 7: r0 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x8) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) open_tree(r0, &(0x7f0000000140)='./file1\x00', 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0) dup(r1) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r2, 0x0, 0x0) VM DIAGNOSIS: 01:59:31 Registers: info registers vcpu 0 RAX=ffffffff83e32530 RBX=ffffffff84e322c0 RCX=ffffffff83e19e7c RDX=00000000005227c6 RSI=0000000000000004 RDI=ffffffff83e328f3 RBP=fffffbfff09c6458 RSP=ffffffff84e07e40 R8 =0000000000000000 R9 =ffff88806ce3c12b R10=ffffed100d9c7825 R11=0000000000000001 R12=0000000000000000 R13=ffffffff85671c48 R14=0000000000000000 R15=dffffc0000000000 RIP=ffffffff83e3253e RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fdcb0444dc0 CR3=000000004b94a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=0000000000000000413623e000000000 XMM03=0000ff00000000000000000000000000 XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962 XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff822abafc RDI=ffffffff8791e0e0 RBP=ffffffff8791e0a0 RSP=ffff888043b7f490 R8 =0000000000000000 R9 =ffffffff85671c4f R10=000000000000000a R11=0000000000000001 R12=0000000000000020 R13=fffffbfff0f23c68 R14=fffffbfff0f23c1e R15=dffffc0000000000 RIP=ffffffff822abb50 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00005633dce72678 CR3=000000004f0ae000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=001d02fe016c6c6f502e726567616e61 XMM02=000000c0052b5b80000000c0052b5100 XMM03=000000c0006d5300000000c0006d52c0 XMM04=000000c0052b50c0000000c0052b5080 XMM05=000000c0052b5b80000000c0052b5100 XMM06=000000c0006d5300000000c0006d52c0 XMM07=000000c0069e3700000000c0006d5340 XMM08=79efaf5686b74b7034ffb1765d1ad6ad XMM09=711593bec3ed17825973f969a24d9094 XMM10=45f1d0285e6a78d771645f22ef15aa85 XMM11=9e0fa99a7b8686347246bf01e16665b9 XMM12=84f9da67a304150c1650492d61f5d1b4 XMM13=55081698b8fca88051c36eb405a27db8 XMM14=95fa8a2a46c185f2b1f275da234004b5 XMM15=a00665222d6135f52f05423fbe142a49