536] __kernfs_create_file+0x51/0x350 [ 2413.320167] sysfs_add_file_mode_ns+0x221/0x560 [ 2413.320854] sysfs_create_file_ns+0x131/0x1d0 [ 2413.321492] ? sysfs_add_file_mode_ns+0x560/0x560 [ 2413.322194] ? is_acpi_device_node+0x6e/0x90 [ 2413.322841] device_create_file+0xea/0x1d0 [ 2413.323445] device_add+0x547/0x1c50 [ 2413.323980] ? lockdep_init_map_type+0x2c7/0x780 [ 2413.324649] ? devlink_add_symlinks+0x970/0x970 [ 2413.325347] netdev_register_kobject+0x17a/0x3b0 [ 2413.326029] register_netdevice+0xd6e/0x1480 [ 2413.326672] ? netdev_change_features+0xb0/0xb0 [ 2413.327340] ? mac802154_llsec_set_params+0x48c/0x560 [ 2413.328098] ieee802154_if_add+0xc93/0x1040 [ 2413.328707] ? mac802154_wpan_ioctl+0x2b0/0x2b0 [ 2413.329374] ? skb_put+0x135/0x180 [ 2413.329877] ? memset+0x20/0x50 [ 2413.330359] ? __nlmsg_put+0x155/0x1c0 [ 2413.330928] ? genlmsg_put+0x25b/0x2d0 [ 2413.331502] ieee802154_add_iface_deprecated+0x3e/0x60 [ 2413.332251] ieee802154_add_iface+0x44d/0x8f0 [ 2413.332905] ? ieee802154_dump_phy+0x160/0x160 [ 2413.333560] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280 [ 2413.334510] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280 [ 2413.335442] genl_family_rcv_msg_doit+0x22d/0x330 [ 2413.336143] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 2413.337098] ? ns_capable+0xe2/0x110 [ 2413.337634] genl_rcv_msg+0x33c/0x5a0 [ 2413.338178] ? genl_get_cmd+0x480/0x480 [ 2413.338754] ? ieee802154_dump_phy+0x160/0x160 [ 2413.339422] ? lock_release+0x680/0x680 [ 2413.339989] ? __lockdep_reset_lock+0x180/0x180 [ 2413.340670] netlink_rcv_skb+0x14b/0x430 [ 2413.341255] ? genl_get_cmd+0x480/0x480 [ 2413.341821] ? netlink_ack+0xab0/0xab0 [ 2413.342397] ? netlink_deliver_tap+0x1c4/0xcd0 [ 2413.343057] ? is_vmalloc_addr+0x7b/0xb0 [ 2413.343642] genl_rcv+0x24/0x40 [ 2413.344112] netlink_unicast+0x549/0x7f0 [ 2413.344705] ? netlink_attachskb+0x870/0x870 [ 2413.345350] netlink_sendmsg+0x90f/0xdf0 [ 2413.345941] ? netlink_unicast+0x7f0/0x7f0 [ 2413.346560] ? netlink_unicast+0x7f0/0x7f0 [ 2413.347178] __sock_sendmsg+0x154/0x190 [ 2413.347746] ____sys_sendmsg+0x70d/0x870 [ 2413.348341] ? sock_write_iter+0x3d0/0x3d0 [ 2413.348944] ? do_recvmmsg+0x6d0/0x6d0 [ 2413.349506] ? perf_trace_lock+0xac/0x490 [ 2413.350102] ? __lockdep_reset_lock+0x180/0x180 [ 2413.350785] ? perf_trace_lock+0xac/0x490 [ 2413.351376] ? SOFTIRQ_verbose+0x10/0x10 [ 2413.351968] ___sys_sendmsg+0xf3/0x170 [ 2413.352524] ? sendmsg_copy_msghdr+0x160/0x160 [ 2413.353191] ? lock_downgrade+0x6d0/0x6d0 [ 2413.353789] ? find_held_lock+0x2c/0x110 [ 2413.354393] ? __fget_files+0x296/0x4c0 [ 2413.354988] ? __fget_light+0xea/0x290 [ 2413.355558] __sys_sendmsg+0xe5/0x1b0 [ 2413.356101] ? __sys_sendmsg_sock+0x40/0x40 [ 2413.356719] ? rcu_read_lock_any_held+0x75/0xa0 [ 2413.357423] do_syscall_64+0x33/0x40 [ 2413.357956] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2413.358679] RIP: 0033:0x7f18077beb19 [ 2413.359224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2413.361806] RSP: 002b:00007f1804d34188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2413.362910] RAX: ffffffffffffffda RBX: 00007f18078d1f60 RCX: 00007f18077beb19 [ 2413.363916] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2413.364923] RBP: 00007f1804d341d0 R08: 0000000000000000 R09: 0000000000000000 [ 2413.365927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2413.366941] R13: 00007fffb206e7cf R14: 00007f1804d34300 R15: 0000000000022000 05:07:49 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 74) 05:07:49 executing program 2: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r0) sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r1, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:07:49 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470", 0x12}, {0x0, 0x0, 0x1001000a00}], 0x2800018, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000080)='system_u:object_r:syslogd_var_lib_t:s0\x00', 0x27, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x60000, 0x80) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) [ 2413.424810] FAULT_INJECTION: forcing a failure. [ 2413.424810] name failslab, interval 1, probability 0, space 0, times 0 [ 2413.425934] CPU: 0 PID: 14846 Comm: syz-executor.6 Not tainted 5.10.210 #1 [ 2413.426507] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2413.427186] Call Trace: [ 2413.427412] dump_stack+0x107/0x167 [ 2413.427715] should_fail.cold+0x5/0xa [ 2413.428037] ? inotify_handle_inode_event+0x1b4/0x5d0 [ 2413.428464] should_failslab+0x5/0x20 [ 2413.428779] __kmalloc+0x72/0x390 [ 2413.429078] inotify_handle_inode_event+0x1b4/0x5d0 [ 2413.429501] ? idr_callback+0x80/0x80 [ 2413.429818] fsnotify_handle_inode_event.isra.0+0x1bb/0x270 [ 2413.430288] fsnotify+0xcd0/0xf50 [ 2413.430593] ? fsnotify_first_mark+0x240/0x240 [ 2413.430836] FAT-fs (loop5): invalid media value (0x00) [ 2413.430987] ? lock_downgrade+0x6d0/0x6d0 [ 2413.431842] FAT-fs (loop5): Can't find a valid FAT filesystem [ 2413.432126] ? memcpy+0x39/0x60 [ 2413.432152] __fsnotify_parent+0x468/0x9d0 [ 2413.433573] ? fsnotify+0xf50/0xf50 [ 2413.433874] ? fsnotify+0xf50/0xf50 [ 2413.434185] ? _cond_resched+0x12/0x80 [ 2413.434512] ? inode_security+0x107/0x140 [ 2413.434871] ? avc_policy_seqno+0x9/0x70 [ 2413.435218] io_req_io_end+0x26d/0x490 [ 2413.435544] kiocb_done+0x320/0xc90 [ 2413.435853] ? ext4_file_read_iter+0x18c/0x4c0 [ 2413.436231] io_read+0x4cf/0x11e0 [ 2413.436540] ? kiocb_done+0xc90/0xc90 [ 2413.436854] ? perf_event_switch_output+0x7d0/0x7d0 05:07:49 executing program 7: syz_io_uring_setup(0x5037, &(0x7f0000000840)={0x0, 0x102a, 0x0, 0x24}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000008c0), &(0x7f0000000900)) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0) read(r0, &(0x7f0000000000), 0x2000) r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read(r1, &(0x7f0000000000), 0x2000) close(r1) fcntl$setown(r1, 0x8, 0x0) r2 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0xa37) ioctl$KDGKBSENT(r2, 0x4b48, &(0x7f0000000100)={0x3f, "d7e97b47a6d30bbfd42179ccea1810bd66d797c8b696448cd61f82749ac9c59c57ff8d3cf08e0ea6eb65f5f881698083d4c79fa26382a8c67416ad076b00a520d430540fb725b4de8e7d3bfd89e2daa21c69f75baa3c998c4ac1fa57ebb7f354fd6fe1bc9b4abfabcf4025d4b08630f5c841f0ad7ddc4abee5c30445c772b46014fa07ca014c9b45b2ae488a9da7174099965768e48ac5d8a5962c9476fae0b993eb4d6163312eed69bd64fadf81f2a727a9b06de6b121a85beab3a74738b8e64b1f445613d805132a038e1b5ee89e28b84adff2e0b6b89359adf81862637a668b4df87b4a388736814a63cd001e328daf18c8a08e389a593084445374befca055ac61345cf8be47537fd1d5d94ee9049c03d7c0d994283057d1458946a28ad4b3670a76f70ae6557d92cd39a43b48be2dade6945f34c41f294302aecf399c0063badfe7b47fc990d5d3e472173265b6a7f177b4486acd52eb2fac558ca7a365739176c9837480b48fdbeda2c3466df984540f3ad5fb273555f3b55bd66b52c9f3eccb7cf324862a367f5ec4a600d68121225f4863068183a277b4f5e80a1c5346e7fdcbd778aed1cc0ef4beba81c588bceb35e403270c9ce49a52c1b701f749837ada1e74626117dd1aaefcd0af1c2348c7bbec783a2a21eebe79398b555b3ac43c58c01921392a45bde745eb7b56c257325ba2ad7bf14ee5554297470f7644"}) close(r0) r3 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read(r3, &(0x7f0000000000), 0x2000) close(r3) fallocate(r3, 0x1, 0x2a, 0xb49f) syz_io_uring_setup(0x26ec, &(0x7f0000000000)={0x0, 0x9ee1, 0x4, 0x0, 0x5a, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) r4 = openat(0xffffffffffffffff, &(0x7f0000000080)='./file1\x00', 0x105000, 0x0) read(r4, &(0x7f0000000000), 0x2000) close(r4) setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000440), 0xc) signalfd(r4, &(0x7f0000000340)={[0x169]}, 0x8) [ 2413.437261] ? perf_trace_run_bpf_submit+0xf5/0x190 [ 2413.437849] ? __lockdep_reset_lock+0x180/0x180 [ 2413.438241] ? lock_acquire+0x197/0x470 [ 2413.438587] io_issue_sqe+0x2e8a/0x7700 [ 2413.438933] ? perf_trace_lock+0x2bd/0x490 [ 2413.439281] ? SOFTIRQ_verbose+0x10/0x10 [ 2413.439616] ? __lockdep_reset_lock+0x180/0x180 [ 2413.439986] ? perf_trace_lock+0x2bd/0x490 [ 2413.440329] ? io_connect+0x610/0x610 [ 2413.440648] ? lock_acquire+0x197/0x470 [ 2413.440975] ? find_held_lock+0x2c/0x110 [ 2413.441319] ? __fget_files+0x26d/0x4c0 [ 2413.441639] ? lock_downgrade+0x6d0/0x6d0 [ 2413.441993] __io_queue_sqe+0x90/0x9d0 [ 2413.442321] ? io_issue_sqe+0x7700/0x7700 [ 2413.442673] ? io_prep_rw+0x7f5/0x1050 [ 2413.443019] io_submit_sqes+0x4461/0x85c0 [ 2413.443428] ? __do_sys_io_uring_enter+0x6b5/0x1920 [ 2413.443911] __do_sys_io_uring_enter+0x6b5/0x1920 [ 2413.444307] ? lock_downgrade+0x6d0/0x6d0 [ 2413.444638] ? find_held_lock+0x2c/0x110 [ 2413.444981] ? io_submit_sqes+0x85c0/0x85c0 [ 2413.445347] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2413.445751] ? wait_for_completion_io+0x270/0x270 [ 2413.446155] ? rcu_read_lock_any_held+0x75/0xa0 [ 2413.446531] ? vfs_write+0x354/0xa70 [ 2413.446851] ? fput_many+0x2f/0x1a0 [ 2413.447157] ? ksys_write+0x1a9/0x260 [ 2413.447466] ? __ia32_sys_read+0xb0/0xb0 [ 2413.447824] do_syscall_64+0x33/0x40 [ 2413.448126] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2413.448536] RIP: 0033:0x7fc0adb05b19 [ 2413.448833] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2413.450275] RSP: 002b:00007fc0ab07b188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2413.450883] RAX: ffffffffffffffda RBX: 00007fc0adc18f60 RCX: 00007fc0adb05b19 [ 2413.451446] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000006 [ 2413.452007] RBP: 00007fc0ab07b1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2413.452568] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2413.453128] R13: 00007ffd17b2fdcf R14: 00007fc0ab07b300 R15: 0000000000022000 05:07:49 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x8) 05:07:49 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, 0x0, 0x0) 05:07:49 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x700, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:08:08 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) (fail_nth: 38) 05:08:08 executing program 7: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002900000000000029252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011700)="22001e0000000000001e00080000000008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="686964652c696f63686172730700000070373359fcd2d72190de4922a5372c756e686964652c636865636b3d73747269635e2c6e61726f636b2c757466382c008b9ad4bb0e7b9f5f7e8570df7d505c4dd3302cd0889b04aef893c4ef6f9d03cd15e21385652706ec92667ade70690ad2405115ebd1351aed655ae94e4a5ff8031b64fec6ad672c67d9fec80729bb1c52a8d145de205cb439c15ac421332d2ee786c6bba2f501176303eedba5c2b8f82cd225bba734578c859530d52026c2fa4e024bd7adbacd14f416e4"]) 05:08:08 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x900, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:08:08 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470", 0x12}, {0x0, 0x0, 0x1001000a00}], 0x2800018, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000080)='system_u:object_r:syslogd_var_lib_t:s0\x00', 0x27, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x60000, 0x80) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 05:08:08 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0xa) 05:08:08 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 75) 05:08:08 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, 0x0, 0x0) 05:08:08 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x26}}, 0x10) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/stat\x00', 0x0, 0x0) getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000080)={0x0, @local}, &(0x7f00000000c0)=0xc) sendfile(r0, r1, 0x0, 0xffe3) [ 2432.751695] FAULT_INJECTION: forcing a failure. [ 2432.751695] name failslab, interval 1, probability 0, space 0, times 0 [ 2432.752830] CPU: 0 PID: 14909 Comm: syz-executor.6 Not tainted 5.10.210 #1 [ 2432.753435] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2432.754160] Call Trace: [ 2432.754401] dump_stack+0x107/0x167 [ 2432.754719] should_fail.cold+0x5/0xa [ 2432.755083] ? create_object.isra.0+0x3a/0xa20 [ 2432.755480] should_failslab+0x5/0x20 [ 2432.755819] kmem_cache_alloc+0x5b/0x310 [ 2432.756185] create_object.isra.0+0x3a/0xa20 [ 2432.756569] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2432.757026] __kmalloc+0x16e/0x390 [ 2432.757343] inotify_handle_inode_event+0x1b4/0x5d0 [ 2432.757802] ? idr_callback+0x80/0x80 [ 2432.758153] fsnotify_handle_inode_event.isra.0+0x1bb/0x270 [ 2432.758646] fsnotify+0xcd0/0xf50 [ 2432.758992] ? fsnotify_first_mark+0x240/0x240 [ 2432.759397] ? lock_downgrade+0x6d0/0x6d0 [ 2432.759769] ? memcpy+0x39/0x60 [ 2432.760112] __fsnotify_parent+0x468/0x9d0 [ 2432.760474] ? fsnotify+0xf50/0xf50 [ 2432.760801] ? fsnotify+0xf50/0xf50 [ 2432.761130] ? _cond_resched+0x12/0x80 [ 2432.761465] ? inode_security+0x107/0x140 [ 2432.761836] ? avc_policy_seqno+0x9/0x70 [ 2432.762187] io_req_io_end+0x26d/0x490 [ 2432.762529] kiocb_done+0x320/0xc90 [ 2432.762855] ? ext4_file_read_iter+0x18c/0x4c0 [ 2432.763273] io_read+0x4cf/0x11e0 [ 2432.763586] ? kiocb_done+0xc90/0xc90 [ 2432.763927] ? perf_event_switch_output+0x7d0/0x7d0 [ 2432.764348] ? perf_trace_run_bpf_submit+0xf5/0x190 [ 2432.764773] ? mark_lock+0xf5/0x2df0 [ 2432.765122] ? lock_chain_count+0x20/0x20 [ 2432.765464] ? __lockdep_reset_lock+0x180/0x180 [ 2432.765884] ? lock_acquire+0x197/0x470 [ 2432.766242] io_issue_sqe+0x2e8a/0x7700 [ 2432.766587] ? perf_trace_lock+0x2bd/0x490 [ 2432.766980] ? SOFTIRQ_verbose+0x10/0x10 [ 2432.767317] ? asm_sysvec_reschedule_ipi+0x12/0x20 [ 2432.767737] ? __lockdep_reset_lock+0x180/0x180 [ 2432.768145] ? io_connect+0x610/0x610 [ 2432.768474] ? lock_acquire+0x197/0x470 [ 2432.768816] ? find_held_lock+0x2c/0x110 [ 2432.769168] ? __fget_files+0x26d/0x4c0 [ 2432.769499] ? lock_downgrade+0x6d0/0x6d0 [ 2432.769891] __io_queue_sqe+0x90/0x9d0 [ 2432.770234] ? io_issue_sqe+0x7700/0x7700 [ 2432.770593] ? io_prep_rw+0x7f5/0x1050 [ 2432.770944] io_submit_sqes+0x4461/0x85c0 [ 2432.771348] ? __do_sys_io_uring_enter+0x6b5/0x1920 [ 2432.771772] __do_sys_io_uring_enter+0x6b5/0x1920 [ 2432.772207] ? lock_downgrade+0x6d0/0x6d0 [ 2432.772556] ? find_held_lock+0x2c/0x110 [ 2432.772913] ? io_submit_sqes+0x85c0/0x85c0 [ 2432.773289] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2432.773699] ? wait_for_completion_io+0x270/0x270 [ 2432.774124] ? rcu_read_lock_any_held+0x75/0xa0 [ 2432.774503] ? vfs_write+0x354/0xa70 [ 2432.774831] ? fput_many+0x2f/0x1a0 [ 2432.775165] ? ksys_write+0x1a9/0x260 [ 2432.775494] ? __ia32_sys_read+0xb0/0xb0 [ 2432.775873] do_syscall_64+0x33/0x40 [ 2432.776195] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2432.776623] RIP: 0033:0x7fc0adb05b19 [ 2432.776945] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2432.778453] RSP: 002b:00007fc0ab07b188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2432.779115] RAX: ffffffffffffffda RBX: 00007fc0adc18f60 RCX: 00007fc0adb05b19 [ 2432.779710] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000006 [ 2432.780315] RBP: 00007fc0ab07b1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2432.780918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2432.781498] R13: 00007ffd17b2fdcf R14: 00007fc0ab07b300 R15: 0000000000022000 [ 2432.783520] FAT-fs (loop5): invalid media value (0x00) [ 2432.784659] FAT-fs (loop5): Can't find a valid FAT filesystem 05:08:08 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x26}}, 0x10) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/crypto\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0xffe3) 05:08:08 executing program 7: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="1400000000ffff00000000000000000007"], 0x14}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_CLOSE={0x13, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x7) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) r1 = io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x161}) r2 = creat(&(0x7f00000002c0)='./file0\x00', 0x98) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0xdd25546e0875f5e5) syncfs(0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB="68d52aa06897e1085abab287aef36ff8137095600bb200b36725900d9db8e09bb054cdb857", @ANYRES16=0x0, @ANYBLOB="000026bd7000fbdbdf251300000006001401e40000000600ed00740200fb0800a4000b000000060012011f0000001400810005000100000000000500ace0dcad17678630457b9a3a63d3edca764e24a90143cbafd09bb07f5a6ead53c64f16181d0f454cec51fb54eb19ebf0404602545bc7cb9c21ee8a9375e82ddc44f2a7d717f5fbbeb80cc1223d9aedc6d863281c8613d2355cd90663b48f54d00c73e8a9c5ffffffffad72f5c42ef65f4b457047310e7dc43537e084408c3f7b9a8ce64998f559df5aad08e3a4ac001f413896866350321538c1eab62f39239cc0247495232baab5fc5ea78167cb083e98730828850e47b9cc3ad5dee5eb"], 0x48}, 0x1, 0x0, 0x0, 0x48854}, 0x0) ioctl$TUNSETLINK(r0, 0x400454cd, 0x308) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000080)={@remote}, 0x14) r3 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) flock(r3, 0x1) r4 = socket$inet(0x2, 0xa, 0x0) ioctl$BTRFS_IOC_BALANCE_V2(r2, 0xc4009420, &(0x7f0000000740)={0x2, 0x1, {0x3, @struct={0xf7f, 0x2}, 0x0, 0x40000000, 0x9866, 0x1, 0x401, 0xfffffffffffffeff, 0xa2, @usage=0xf6c, 0x1ff, 0x7, [0x9, 0x0, 0x4, 0x200020000, 0xfbe0, 0x1]}, {0x9, @struct={0xfff, 0x2}, 0x0, 0x1, 0x400, 0xa50, 0x80000001, 0x8, 0x8d0, @struct={0x7, 0x1}, 0x3, 0x69e, [0xd9fb, 0x2, 0x9, 0x9, 0xffffffffffffff00, 0x80000001]}, {0x7, @struct={0x3, 0x1}, 0x0, 0xffffffffffff0001, 0x7, 0x3aa9f121, 0x0, 0x1, 0x10, @usage=0x100, 0x4800000, 0x401, [0x4, 0x4a6, 0xe1, 0x388, 0x20, 0x4]}, {0x8, 0x7ff, 0xfff}}) ioctl$BTRFS_IOC_DEV_INFO(r1, 0xd000941e, &(0x7f0000000b40)={r5, "c99015d9a84b15d622c42a4ee474452a"}) r6 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000140), 0x8042, 0x0) perf_event_open(&(0x7f00000000c0)={0x3, 0x80, 0xff, 0x6, 0x8, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x5, 0x4, @perf_bp={&(0x7f0000000040), 0x2}, 0x2, 0x0, 0x8, 0x0, 0xf66, 0x100, 0xfffa, 0x0, 0x9, 0x0, 0x800}, 0xffffffffffffffff, 0x9, r6, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x100000001}, 0x40000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet_SIOCGIFNETMASK(r4, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) [ 2432.929272] device veth0_vlan entered promiscuous mode 05:08:26 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400", 0x15}, {0x0, 0x0, 0x1001000a00}], 0x2800018, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000080)='system_u:object_r:syslogd_var_lib_t:s0\x00', 0x27, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x60000, 0x80) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 05:08:26 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x10) 05:08:26 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:08:26 executing program 7: r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x5, 0x0, 0x0, 0x0, 0xfffffffd, 0x8000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = gettid() process_vm_readv(r1, &(0x7f00000000c0)=[{&(0x7f0000002840)=""/218, 0xda}], 0x3e, &(0x7f00000029c0), 0x2, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000002540)={0x0, 0x0}) r3 = syz_open_procfs(r2, &(0x7f0000000200)='net/udp6\x00') read(r0, 0x0, 0x25) pread64(r3, &(0x7f0000001100)=""/4095, 0xae3, 0x6800) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000500)={0x0, &(0x7f00000004c0)=[{0x6, 0x0, 0x80, 0x7fffffff}]}) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_open_dev$vcsa(&(0x7f0000000300), 0x7, 0x880) vmsplice(r4, &(0x7f00000022c0)=[{&(0x7f0000000080)="bec9f14a725890e9de12022037c65c25469dcc", 0x13}, {&(0x7f0000000240)="048ca33453c2dbad7030582654acf541683c590b59a040739df6d672dee53833200d382cf9c4fbd56b92843948b290d0c484d8b22eb7cd81acd17044432ccc03e1f200e47849432cf16ac59babc42a9cd5cc5c5663ec0d01739fc6a80dac5421f4b30b5d872b17335fc9fe32891225d14e35ba8cf9b611a3dd34cff226b9a021a1b860f75469bd0c77b0d0d2df368872de397d1201ce5a1d0ce7bceb8760026dd233e1224c774b8a3bbe1787c490", 0xae}, {&(0x7f0000000180)="83d7e8aeb5a51726fe7c7b60864f00562fe7ffc40386b16d94964253f54bb5b425777ca9296381e12aa6a9223a98f248be28d68879bbd8", 0x37}, {&(0x7f0000002100)="77e8078e4ba183cd0ee80ff53ac63383a408d7e63cc9eee24696527f7e2814db15c6e9810883fb89396f2583cb1def0ca8b709ea1efcb786f35821631e70e325b8df6fdca5328bf1f3b55130889dd32a8a57a157b4593a1785bb3d4faf3df61b1c0245a4ea9793a8b5696b45b09aace084644a7d9a34fc6a94e06d06b32eca2a0149fe88f4007397372b2da77a525e83b6f324218dd74cf317f0e78fa45b8cd43f5fb08230377b61ab0c2a8b8137c694451809c1393603ec32c557037c3c6f007d313e46988cd936978bc6f725ccf3da6c5244c282d97ff0cc2b56e9786b225e2af184810e8387badbf884a0f121", 0xee}, {&(0x7f0000002200)="798b66e354f0f6df52d3cacc19c3330163d4c247e5b8b73c461ed9c68b6ab0569d78142b04821e7d63b6c84d43b61da243928b39b72de43959ee66e0016a07cfa50fd1d915d66eb6ac537407caaa4ac43884374f5d5b44b535b0e38ee6e9348eee9c36bf633902db9198e5839b5b9d1cd4c9fae79e374c1aa6f303acd48393e8c790f3a8763bc7fc774419b5e1f2d23431598be5d68e07c33521e0a4aa043d09e68132a80139a090fb2602120cd798cb6883f4e611afff22ce", 0xb9}, {&(0x7f00000001c0)="76ccd0176c2bb36423375fdaf550577debfc62400942a696059259501ed258771c03170d2a85603b4c9737bdc3a3fa57efcb25637f771510b7940bea", 0x3c}], 0x6, 0x6) r5 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet(r5, &(0x7f0000007d00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0) setresuid(0xffffffffffffffff, 0x0, 0x0) fsetxattr$security_capability(r5, &(0x7f0000000100), &(0x7f0000000140)=@v3={0x3000000, [{0x4, 0x2}, {0x7fff, 0xa0d}]}, 0x18, 0x2) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{}]}) fallocate(0xffffffffffffffff, 0x5, 0x4, 0x0) r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000002340)='./file0\x00', 0x101000, 0x35) fallocate(r6, 0x3, 0x1, 0x1) pread64(0xffffffffffffffff, &(0x7f0000000340)=""/4096, 0x1000, 0x0) 05:08:26 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 76) 05:08:26 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, 0x0, 0x0) 05:08:26 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:08:26 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x27}}, 0x10) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0xffe4) [ 2451.088706] FAT-fs (loop5): invalid media value (0x00) [ 2451.089273] FAT-fs (loop5): Can't find a valid FAT filesystem [ 2451.121781] FAULT_INJECTION: forcing a failure. [ 2451.121781] name failslab, interval 1, probability 0, space 0, times 0 [ 2451.122920] CPU: 0 PID: 14960 Comm: syz-executor.6 Not tainted 5.10.210 #1 [ 2451.123538] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2451.124230] Call Trace: [ 2451.124462] dump_stack+0x107/0x167 [ 2451.124778] should_fail.cold+0x5/0xa [ 2451.125115] should_failslab+0x5/0x20 [ 2451.125442] kmem_cache_alloc_bulk+0x4b/0x320 [ 2451.125831] io_submit_sqes+0x6f76/0x85c0 [ 2451.126219] ? __do_sys_io_uring_enter+0x6b5/0x1920 [ 2451.126642] __do_sys_io_uring_enter+0x6b5/0x1920 [ 2451.127055] ? lock_downgrade+0x6d0/0x6d0 [ 2451.127423] ? find_held_lock+0x2c/0x110 [ 2451.127774] ? io_submit_sqes+0x85c0/0x85c0 [ 2451.128162] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2451.128570] ? wait_for_completion_io+0x270/0x270 [ 2451.128976] ? rcu_read_lock_any_held+0x75/0xa0 [ 2451.129377] ? vfs_write+0x354/0xa70 [ 2451.129692] ? fput_many+0x2f/0x1a0 [ 2451.130011] ? ksys_write+0x1a9/0x260 [ 2451.130345] ? __ia32_sys_read+0xb0/0xb0 [ 2451.130711] do_syscall_64+0x33/0x40 [ 2451.131041] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2451.131481] RIP: 0033:0x7fc0adb05b19 [ 2451.131802] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2451.133372] RSP: 002b:00007fc0ab07b188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2451.134025] RAX: ffffffffffffffda RBX: 00007fc0adc18f60 RCX: 00007fc0adb05b19 [ 2451.134629] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000006 [ 2451.135249] RBP: 00007fc0ab07b1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2451.135840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2451.136436] R13: 00007ffd17b2fdcf R14: 00007fc0ab07b300 R15: 0000000000022000 05:08:27 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x48) 05:08:27 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:08:27 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:08:27 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$NL80211_CMD_SET_WDS_PEER(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x0, 0x202, 0x70bd25, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @random="9b8a3d1b7888"}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x5) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)={0x24, 0x26, 0x1, 0x0, 0x0, {}, [@generic="6fe3244409f996f569215293fa"]}, 0x24}}, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) 05:08:27 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x4c) 05:08:27 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 77) 05:08:27 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:08:27 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x26}}, 0x10) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) pread64(r0, &(0x7f0000000080)=""/134, 0x86, 0x1ff) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000340)={0x0}, &(0x7f0000000380)=0xc) sendmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r3}}}], 0x20}, 0x800) syz_open_procfs(r3, &(0x7f0000000040)='fdinfo/3\x00') r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffc, 0x0, 0x0, @buffer={0x0, 0x1000, &(0x7f0000001e00)=""/4096}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000240)={'wlan1\x00'}) sendmsg$unix(r1, &(0x7f00000009c0)={&(0x7f00000004c0)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f0000000900)=[{&(0x7f0000000280)="41c9b5a3997ef4f9c875ae61e4351229a733b0ee0917c801e0d2ea7282a0822e54abc00d802af6a4c60fe365794d9fc44e507c646fba", 0x36}, {&(0x7f0000000440)="30c4a4ce46d73de771a368c667354ade4ade194364e4fc88a47b5ffaab6d097e84d90351786987badd05915275c1e763ac3f2083d7e549375dfd3bd52eeb", 0x3e}, {&(0x7f0000000540)="97fa3df8425b09ebc76f2efbb7c4d293a0d3bf46b459c484c1208afeae4450e849d80a820f96e9e5542e43f4e5bbdbed14e2afe2fadd42c8e98516e69851fd104c47f98257e86f99e77941765071a35714c5fc933dddfcde9c5ea116af3456a37e837c6375a311e1a1e65773573433b6360c98ebf292a3dafba4d7aaf7930d550226e577ba1fa81b0f6809bd653e6e5575f456716da5556d5cde50df988dcf405dcb75fe30558cf3c97ca9ec961899d44008445a2c2083b9fa5ff4c45699", 0xbe}, {&(0x7f0000003600)="5139f8a16267811fa55096b37bfc0fdeb91770d349a3fe12440d0a0b038353979477a7497b9e6c105cad0d8efab4894de06b7481c6e2e98484c56a5ea3ef40dba1847769bbf49612d979a7558395e6bc18feefcd0e0965089d2e223bb9c3af1cabd5145d667e7235af68972ba037cf9dfa257689f29d560d43612b03214dc50abc417c1997aaba4dd8ea85f4f4987f174b25c00b55c32d251d4b726663f70697e62918807cdd150485367e92633a8423fbaa2a14fe38f3f2d02d4f331238fd30c8ee0c5b461176514e5b80feaeb988d1abdf37c1a69083fab4c6aba3d4a33cd85968513a29dccbe4eed997b0d859bc37075e9f9d46e64b083c8ccb8114871dadd7b46e406f1cd21ce225f57e632f5786023952fb96bbe340feca1d13290d4889739c55a6141258a2abc20103d37931b47cc98ad0f1ae4f5a1a74750f6fcc9ffbcf81eda2d571a2f605aebc0f25b2d2a555ee243cb80b71fb8293cdf693b3598b8b5ed62cb47fadcecf04636d1904a2c9600fb910e50bfad1305ad6a1a92410d3ef728efd44d0a2e860b8221367ce8de68e9426c651f5a7f62207d65b2db22f795443681c14418a9c5418023738f798d9562ddd7245009f368f84e5c3e24b835d2d7dbac1fde48c2135c4120a0e004de0e0abe8ea9d0ffafb6734f4d1fcbf05d0ca2e361f304078fd3c2a171c472bb702d4eda62e36077829850588cc067bd840b36ad343af27883260b0e3ffb4cabd2a45c3a600e3491876f48c1d888bb8327d6c79f472a4b2cb4b49bc2f5c817f833cdfe409fafc826f37f28b5b8ed314d6fc297afadf5ce577cb03060b8ea8430da73f29ad0e258f6c02ebca055668794924df4d8f86a4392b174b194748f2a39212a2fb321fd0b392f1dbda0f67f06d9c3640075934af511c577f3ee9d0563272f03e63f455e02d5426adcb17c602a7aa2e6b05fde1bbe708806fca5c5af0146f4877431176267a4a27cb7753bcfae81443ae6a8a44f0b7364e9f26af85fab2e97e82a406ac5f54f2d08261c83458d40b09215cc57f94585cd3e6ed29e86a7bd750f58b398ce25e659548ae917b144dc29e2bed6d220c4c0bfd600498eb068b9ed3eade7fd27ca21a585fafe3f638b2fb8618521eec125a9a66d1748bcb42148ade5da33a9a0327ad7f12f56003ffbe57dca5311e33d6c7665e108a3b33e88f4bde5ac91841c5a8eeb358cf882015c5f1e45cad691c2af7ab4f27e0486886bf004b5d32492641877a2ae1682d71563b2c05aff7a2463128563db4dcdde2e021211900cad74ae3ffac36cbf54d589df52d41712b05c9c6832359d56adb3d78d54c001c8f41b6ed2ce38b143cc1ef0d4aa0faa74d70c6f6d3481a2c2fe46dc19cb27452687b6f4feb8967a975c858aa0a85d9f111a24a7c013c5288a5752f03e5bb999d482316753c4e7fdabd48579a9af52b945da84dce6dfab9ad4be5c973ac2719cb095fb223ac839b8245c77a378ae9cc51a5a07cb608c44f1d72baf2f68592db31003dbbfb0d55029bc646878b48e4550c93c36bdb7b25e9aa2a11a72eb7c02cca4b60553a4ff1ec64985742aec1cffe492e0dc8694dda4e643bce3cead3ef36a702ae4d66426ea0dc4469d421b83d6dc451a4eed80dd3c4e610c4aff0da770ceab9f29ec8a15f49c80f6bb1f7b71e4b93fba9342f5bcab03dd683f59caa9d6c6b1e392b5833850e23dac043b6c2f92c4dab15e5ef19442ea55b85b393a05d42f6d96d407a89c523f43c96d5da5ed3f27cab9d2bc16b4208a593451e8a1dfac33ce5668277d128ea1da06c77d7ad14269e9b2adefe7dbdbe4a3717396c09e36d6fa6d4cec81895c6300108e0b287efd684564d50695afb22c131cbc12c20086c715751ffd1a8d847b1e5a612c6018fb438f780d11358e03cefc5aeb1036299dae04520a6c940106d973ba626f5f155ec1a376e6da2464d51f0fc835ecd4d94baddc801896b83a63afd473107eee6590889c6efc0a701a940146710ace8ab969a10ffeca815858ce6b94614c46e48b61d3d09ecc9652eff70d40343544142957915ac3c6fdd1e0f237fc5f698bb8d8ff91ad53b64220483adef6b424703b70d575e97d1576c69432597d2ccdbeebfa60c3a98209e69d0c67900d21e77f6fc78d4bd54f6812a6da20dfdf3ece213b85e6bef42ae2d059b2afe55f8dde54d24ad30b6e051180be108d1fb0b2725840c048abbe06ccba11032c1f6156fca7d64fc423e00c59d3bf2c1a4978a8976cbb1faf97e13a2ce000efb61ed2615aaf8829b2dfc5c0df60e62d7bbfa381c494bf88e2d388993ee13c4fabeb97d0519d31c0a20f579e9921925e1cf97b776bae9b71ae5607d44b8922fd3c3acb839288d81c28b09c681eacdfd0444065bef9bf4cd00a32ed46bc7233a6e3710cbed427b2e7580699d5e2718561a63092c45f2151041dea82374a6bdb86c735e4e02e16babc437fcc922a2a691a45ff1594063ff4024d2a80385aa64402d29355c82bdb566cc90c52c36e840c91a8f896c83162e15480bcf678926dcf51de0e480e8888db025ca8a286d06618ba94ed8153c94a74650fbdccbc541314f10ae2d80bebac6e14efa642820e654673427fd8cea4929505678eddc2b87087efa6738dda81493c67536dfe59619a029f81802599eec570ca939c8273a0c73cb2021f3127288532f66fed40d575b07a88b2bbfc25eb7a0c2f28e7642c953ec1448a3006378a3dbf1248b3db27c16616a7785a853cb002a1c35fa828a989542ae39f309b40cf2fe8da8e1e84f7a340834a80672b7f1e234d01a8fb8d70a016d66a80a5f8c8a1340a9cb1ea6a9acdf2963f26aba9055f1c7c5b34dfdeb89caa450d1b9c70205290f96db35d195ac9b2ff126e76f4920f0066c830999b1f59c173f39ee93ccc0c458c38e5eb80cd66644eb189da5db19a4161caa40a0c68d900ae43899ba1b5c3f4cb59eaf93ae2332aa7475a881fa5cad7a6ced899284c78ab71be034f91c03e146a12414cde45d56f4ab8cf85a24c0bbcdf23264798d139bb5ca274d11e03eec10053d5f1a1a3f46ed7c9d1c2d1a37f69457ba21de41d9f96b3a6a81402e8cdb1b9c05318e3ce00545aeb9df2d8ad94455d5eba29fdf807d245ccc65acbdfdc383c54932569080a6f71a6a342c26fe58eb8dbbe06a7c3e8df903f2628377d0c4ff3ef10f08a16a24274f363fc2d64774cb5a8f2b9beb623e0ffc269e23f4b9e2728950bc137ed557c7a895d714b69ef9f70f3909093c5dcfd69d2837b25d8c9c1f7bededa7f8d90ef332a2421ad9bfd5d599a136812cb2931eb15e77eba8bc854fda53a609c2693421af442af3fa7f5c80718747b319588773d89daa0403b8111446fcb3b5c96d0753d1aa69a07d3232f68fadf47b560a3a4b128b707943ad4d6cf2bdbd8de69474275f1800634d75e6326000192be05b7096fe2aca9cebd5fed8e3511e49ff272d60a061680e2b78b52c7215f30ebac4e9834015f1bcd69f6d0bca0ccb8835f920a61d75cfbe4aaa55d02cff1259919cf371183c5d469eae5187518b8feec1d74536852eb224e12f7087f1cd6852d2f556386ff336a33b792366efe6ccdd1701c3a98782cff2eef5e3ffa884d346ac141806009b9f8c21a99c879ff12258837166047fa39aeea440c06c3a0ba5c5b2fa46759c3d02cfa5ecff7fa1b748e02d0cdbf6101b19074199844a02285091928c0d84f3680b2cf8238ef35ca658dc5fb5877899bf0df425f4be7e98509665ab6684468cc03e3661418bf585ee650051bd4e2563b0314c92e7c36916325d831a779f595ff8d21bc08dc19bd01093c84e1206e50ba6abc5f9994f6ac56ce4a31089df4940d45a84120cbf575086e3d76b10b9940f396f167c926c5f3d2f85589bd1aeebce6b86affd37ba5a0d8c1a2d99d78a700e3569787e9543a8427269d0c7bb437fa0066fe1b1bd4b0d8c235ba533d83a05f24f21c17d80cef9519185ac5e94262075ec2e8df0b278a949dadb63c7520b337035c7c58a799429427f5b9e97116b69f7e22712be683fff5e4a14472fd62196abdcffd81719b85a0ecd5233436c1cd81daf3e0ec0240c0e9bbf3ccf67ea54b519cb7dc2caf21b9d2d65b0953a2f8c25a0d0726b81c1133a6b85f78e3eba59b7e9cfda17f636172497bc6f91b2e5dbff84da9bd90918369dbdbc3b20ec4e984e9e89ebcd9a1d0e322217c3ad21d586de83b6abaf7d0aae95677922ae1118dcb1f4aa75d7b744034f0445013ae1a55bcb2080b2b3c3cafe5f1cfabd6ced10f80d04cecfd424e3691b5b27b7fa890a6e889bd9d2554d7c6d26fa61bc68f8f51be3e009149a5967e9bd23803116691c5b7b1ae40bf761ea8b99051c19baa57f3a439544ab79374582a4a95c346cffbac4246fce7b6674db01e5b5d26d1d76dc48f098a90709412ff031ccc69ce73c860f918ae27f3a523a7fa740dbaa6a350715a35aeca22c03a423b5936f06e8e380f05451b8579e6b677aba8f4fbe3407a0330bc93bbe16ab412e4d46114aaa88852ff5f4ec9e8003f5b5b8dce09d9d9e8edbec1b9ee2dc738d6339c50d4dceadfad38cb6aab6e4f129116ad97bf42362a94e1f9e90aad0a43b8946e6fedecd14965f697132e1d719433a893d694553f730cbbf7b51cc459a863315917a7ed8e48c695806d7ea9061e67f3a2ceef0060d8fef792f469ecbee9ce63393de04cdf1d83e5cb83b8e27a719be3a4406579d2622b06bb48afb888acd4ac9c88b75b58c546b08ae1cf4a8b0f29f9031c389ce448a2bd259d847f9fbb78443571ea235d8b95ce9f7078ab8c68c3d7d54286bd0bf778b01e0aba3fcbb2033d139c68809fe5c278b8f897992df7b4e6c906ed2cd3aefb3618a187ee218ff91bc3aebee5545730a2aeef04d7d7eeb418c985a587980aa1bdbd2f4c4b699bc50c4852f14e009ba67f89c5aaca300809cfef901dcb5b901afec57346c81d70cc63ed08a112f52eeceeef010fc2c92b876f4cbde8c1c886e4d49384c49d80d3167d145acfbf738d3304f9a172bd55dd024f0d2cd9a6b267ddb08e2f2a485ad6f19a152f09c11dc936e722fdaf61bd69c324eacb58c16e5ce8932072e13466bab68c27f4641394382eed0eb673dbe52892c67c386f862c5846270d77ef0198c1a0efbb8e9be12d8b213c6ac2b2e947569de7ea414879b2af49d3df20ba2e420af4a60fd853ed5ec1af3a6e6eca305e746ba39ee53812e89399fbdd03a02b0d76120f7c9c4dbd288fe132330057ff2be1ae5468ea80864328d63a2d3f5f98fac6f1c0d53344195ff903ba6bd512e16f0196390a030994ae81f5ec1e43e87af4724352f6e00e9bf35a95600a5afd2d8e851c6568d8ebe19cf85fa972aae26a76ec106bc05168815a1b8644235d7cc4dcdc3e944b2e349998614bf4ced7cf49f63c009e9fe1f9c4765fa0992b298d796aebedaf31d4713feba2ab20c03daab9a575fe3194c8a83a1ac4437fb65e9052d89a534a52cc499386a0e416922b8acd845869ebee1425edcef2fdd6947c10e52ff0c553aeaa8efcba2c72b420d4af71d315c9c715da9e1787368505678803349fddfea8e67552365f79c86a731e1742ed2310f83c563080d82f4424edac4e3b2a277f252bb52931f5db3d16dfc77ff7baa425d3d6531dde11e8e775aaa5eaebf1beaec7136bf04000c8b921c52614eea3724ea9c57283a97a610aaee4a5ed1662b9591c59e40ce24aee80ae0192491ebd77a0e00417ce4048cdab0e888772ca593af4d9e175e9009c0bd933636fa8d66091e876f73c6c3", 0x1000}, {&(0x7f0000000600)="0d5ca69a1ff51f00bf03ebdbd4554814e760c61e1aaea275fdaa7d2e7665ec8819a31dff063e52ce53aff7d9a70b0ffa8e7047aec1125ef077795227bcd20b9b5edb814d8e09a86977708c7bad855aca37bf5bec47bbc119ada72a86b9cc5f103a5b1d0366cdb964ab4826eac0c647fd9b58848cc69ef466a269d5a88e66e7e56d710e6fa0c6b7ff98d309bec6cd92e56419cccadd70ccb072aa3b7a656bd2707a7e992a0c75e489c10251eccc07d6bbcb69664c43ce6f654aeaf77494f11bff317808f6663530f25ed8f0d856c3d146ce7a294d0ea9c84c8d5a8a79135723c20c3ae598165005bdc19ca949e0", 0xed}, {&(0x7f0000004600)="7d84dd8106d915afbca1d359f38f99fc63508765117e7f6cae28a00c10ac72b3aff19b2e4a671955302d03d59b0afe9e158c0f98f6020069cb8b383b4846ebe620445243a674ff588b59c57fef48c4733cc34814fc8fd64735295c9cc142e6cbe74c5875ecf2cab253759028c3137f635ce9583282f57a9b0ccbef3d8474f7111c3d35c99ebe2c9d7df8d3a98b6d0b7ef8004189b94f44290cce2d6ee1f974284f902abb47e54d56bd7a15679bb6fd6f4eacdbdb1cdd7c21eb5c522b450733fdb387c990473dd180fa1eac32644070271244e9999541ae59f4b23f1ad98b8da1a7625a7c2438664075233cf8e6d9b81395a83f0dffb120ba9e49ad1e99700af53008b2e413c19363fa26ce862bffa5094a27e28b4122c30121f260d759001a2b18b6b1d54f49a369090650daa4b6bc1da1fa506c9475fdaa1bce6ed2fa4af3097e2eb0a183ce7d0e6a0c071d3fd4219ccfa9bb7ee93a234df6a2b85588b00657a972bdd67a05ad5eb7a8f020ef162ff3278ee6786a0cf289b53e51657d0b2766c3220872e1256a784689fa66a371fd11b43a3c3b07f08d804c74d17ab59a6799ef40af029c1740bca35ef6ea40ec94d304d0deb8c4ef4ec4c64af5c3edf581342faa982396def62ac915e20cf7a4176d59d08a305d01a27dc821086cf8ac3e0c7f96d0b0388aa750c3c95bce80c171fb13b6d1fa43db38ff137fe203c678bf1d2d62731d7dcb629364d9c312896be08473c932be59f74a54664b129b8d01ba7172b073265ab1880eec1867f4c975004ca320ac180a7f3b0242f9dea79e76fc8a98ca475e155dc18b05a64781291d0cff4464c7c7f1888b3eab1356e834d2c39e20ac2ac257feeae0eec9fbace521ac6aa830d8ce54f9725b8657b500cd62c9dfe5c2bd30df836122b6b913ec6f7ca93df3d3bbff75e18f36037fc542ac8f581d55067ee3b0064918da12f4c1c27a0ea45d3755ab91735f75e5fffab72d26b77c1f5d46cbaa8fa2a13a5772b8d66c58dd1e87dd1b18117a03f5b8536780eeb634aa8e9928ee899e20759ccb94da042b370dc02089007cb3b31ef1383cc7f5e9c18c3d7118df9031f67929e67dbac3e80dca093d8ffbfaed4df0b704091abc69930b3d597afc2b784473127d77dcfe28ccb55c4a0967080b7cc02b3341805717a8aefe9dd05071c0b0267ef2c48156899233d7d7460f36175fd5b2c4e0f233133c07f749da8884ec8564799982e7d9db0ec503386ce41a000bd34ea155ac004cc5205a062717f8637c61d73159b7897f6ad9352f51a6dd2e7cf0258b0d366286286ca4743fcef2f0f9420a9c0516cd2b27c61185671dd35340ba92677d71c9d1b7171a0dcfb13ed1161ed620e9cd5c1ade0b06d6b1d79c1858e08bbdf0c4fed31c0027fabe418389c08df01ff6d87dff6b6ee6c9a1197c0aeb954716812e419e1a78bcc2bda14038561115db78295cc8ee926af636082e55f8406fecd3723bf817b7632dd36ef224b662d3c4fbae3229c264966db67b9ea841667b7f76231a0aa863860c82940e58ce461cf9b302f2522a5e80f8e1ac8970d42f0882b83c4074b7f4a6f5551271c97b3998c44d4bd3b887063ab5a2d2d3d952d176142784a24a4dbf3929921e6c29ec243b436acaad4cf0e6cc7211a753faa576407fcfd0b4141735209344af6768332238a7b42b4362cb8c336c66c859319b0c99f2d0d7da6c4bd3f1d3dc6607b4420ab63e4d9f1d337ae8efe962c9249a576dd3d6ee4c973cffa1c836b63539bfcf11f3782d6c6e3bc6efbc266fa0d0b98d3f5332cc85309b5572edca79a76294e4fd8908d9fb3de6fb51cd68533000b61e560ccc089fe1d8e74cd835a0c5aacf9050b227c340ca19179f947e45e5e8f51a6fb53a44ea6566d450febf5c401abe1edd3110597a4e51176883100cff48c277bf7e59c0a9ecb3de68d099d872de7fe9fd16853c7c254e3fc13135f04fffbfba333da2df09b567c4c45fb4b1ce4b174c644fedf026ac6f00aa0942909b29e9e918577cc4c1e155fbee839dc38267032024680400265a4647ef0d67a37ac6c73de6e61999e83f8069c2d50ef5ebb4df9515a61bdaaab3e8314e0b5eb7f767128891ab0beb4debe354d4ee16015a2da0fc2e9f2d8d77cc011534d01add9363b5b0f49d01af8ff396a76b64fbf46191c9fc97dc58499ab0586266f754e84dfba34f77640679a2ccf4fd165f9c19920116d4f577f69a65bac0e3ee22890d3dde02b01b0da2ecc113e71a3e9953bfc96fa9820a8eac13c2ead0d5bb1a9fd8d84b055365f3b23f9b1968c9d42b40b14d389fd48d9af7821c71db45495e07a106c7d6bf58eaeaf777753c06a2ee05a4e273b5218df73951113377cb5b31163050778c7ec8e4c5110b3055d286b68cd79ef4f82f06110b7eb6140cb47ce765494cf23b3329a72141419b113aede4627915444201d6aa34656ca1c686a37778e1c8c406b10b2ace9f7cf501a86a779e7d24205437c3d416d6999adcc9214600bd5455d2163cae6ffd418be33736c815c944fc97d8e89b522df2f1be23dbd7cac34e922cd6958aad302306fc2b5439d4bbef023dad05b6b2a597d646ddedffc1663d2c5984a8cb654231a1b961ab24d8be46fdad14a4943a0f5afddad6d66508f48f83fce8d63d5a32445e3f43c28594473b6c3002dd6dccad7c8214ba963c7f71b10357f6e059a39764f559271e7effcd4cd657277280ad2bc2908cdb9a2034ea8dd78e24d7c83c24b67707c7c91a8d574a0e9569afd83e405f5d48bd5696c38c1f616bb7ae60d2b46b6af3748515bfd727cbdb394aaee39e668fdad36b23d4b179d4ff753f79893e1ad3668ae65829472ce0116b00f91af44cebf5abb2ad0839a60d0a6c8e3f99d8b8ef95cb4dbe0a82255876f77f41ae955787d3d3449d6c908f0c397dbf01353b6c735b81f9e9ccb5782e28427db16557e30c374b37b3f1cc23028acf5911a1ff917a2a1bcc04011c93de298824d559dd0e33b7ee32c5016c22fcada2b2a543ca03f1a5463bd2596a85597f94c52e86f4e39cc1a63b176de242debca767e4e66e7a707f2a1933561172c8d84c6dd6f4095124d8474aa88c3dab4f867334156c6f3fa9abcb75eee0fe5a365a99b383dbff0e874dc2e268f366a34f62fa5d6217d959c8261ce8974710c4be35f852a6e3ef2646af3cd38db6c69efe8b342334a65b13a3957cc270c7b7252ff68c6d79ca9a72919fc1bcfd8879beb85ed94fc60a2624a1bd7b613e85a62d9f3d117e99be50edc4a311b3b2085674608c9f9ea183f03169c2c0b8a61782d5d10e1028f366a2dc32fafff972ca947a7edf346c4b50e14ce4b5a2c2d63015ed77394da470e73b996e434c62ccc1567266f5653693d29a69f26aedb7478f4668bad5953e04d336bcc215801d0596a8fdb230151f725faafadfc815df0fd35de4808cc15d198a7e45c14e6d2adb9a943ecb4d8017d31826aa0b85846c2267d23a59642a086f24c76c198081307de27081561f30d70db5205e4eca104876b02fd2d3513f682910945b6d83bd586708f9141cb51552f63d47e4806ecebbd25a039df625fdb4d15f68eca07f309df65b548eb453cd55a99d8012795969dc4a54d28854220db28d066a836c5e131124caa5089956eb71504e2abae1392927738930225099d64e813fea7f0b3c2ee48c589157d4474d89b232817643bde05722b9f7758be9e02e873f9dcc41906750ca0fd723f7e4c88d3d49a02a2f3a910b6c4ee6afe85d75a7e5292a223cc5af8b24d71e53a137949773403faa17430f6aeabb0ed725f4adc684ca43b7322affc8d1dcf6606e4fe5d3ff191cf870dc1a712cf82d726753715671b1275962f9b74a6e8f89cfe7fb16d04b3928b91160bb538ae868ca01ebe45f5d0299bc1ff40527b558f20d8e7ab8244f988a04db989df1af797ac2ed6822eb47ff8f6bbdc8b87647100652236a5a1221419e12976cf41e7df4b68be94d075131a9ac07603c3bd2cfb0f721ea4f7f70ca676032aa8847aa59358f633d92a992544074706a1e0db6dd39282fad84bd0af4dd538d1588fe9eac437dc04d61b4c6544da412160479dddf9b77b0d36539a638ad643e8abdf1a6d5713d76600962614c8d3665ce41ed4313c2c2473b88fc162ad55a93e5fd7d55a3a6acf062b26088fd161d72a4163c81357f358db75a60f8176516286cd5edd6f8e6c96e9abcf355ba3ab38b3cbc3fe633826a9468cc8a04290c1a19c44fb1ffd9b5f743a47c3a1ba482f5eace927dc1ea33e51afa160b57bf08fd788534d415fb133d739950d8d2aecddd4c5248c2788b43b7460f6e80f6046da99af04234dbdd1a4a5fb64e72c937e9aeb892189c7201ee760daa1a2415075107fad27084b282fe82cb732ab7a9805ec2ceb567e1afb35249ab1952e59fcf9b25f4df38d9e010e1d61e54ab398f6a5dc9f40d4525f5fa01d232141bb65e63d55f1e6c7fe1c332b223cbd2e118c6aca230d19d9ecf16717a79d7cd4c7ab3b07647189ff76861cd44e513e111d67e56145466d013e10aae34fe8137af3b12bb7e8d6030856e5e3a2cf4c1769788e738b43258b8d325b8e6cf0ac1536249319e5b65e2c5cdc7ab341a3152f2dd736f2d532f57df73dbd6d7f809987b3913ae5be42c0d2dddfc687cf80a0b0ea7dd8f2102bf30a384fda5f1f173acc37f23d8ebcac64d296dbaee70b9b61e9a80c4f1a72cc70b94a88da36a67e9315bcc1fbe025fa2c0184e6c275a69b877f88f798217a00e26efd7983a0b750c11462c4e06410b639e66525990282d1436143b3e2d9e5e06e3bc97af21f01633fa88afbe5ad0096f60600164a3eab08cbc7f1b6ce80810dcc05aa751b0732ad30e1a5251e22e0dd5db5ae549284b00deb76a76decff424e6b236acad469af57393979f1cca5ba9a269eecfb28e4e2cf54be2ec768f5f5f91a364aa624efab2dcc826b03dc1949df3bc16aa7afb2a23466bcab5c495bed5c03324b311db6ef7616cdbeef49e4488e714545dc97f7d83e86b4adcc111c47856d0246a5e31e8b285c1656fa0f5f5372b2c05905bf58cba600d68b7d4de129e5503096853ed71da4e1eeb2485eefdc1458c5b45a8665961ab8dae95e8c340f84a7052960f575a3f84b28e03e6388b1519935bc3ec934e48e8a6621efefcd41f57b6e729cbe5d3df7424a49432439b48f8f725f1738c3b3a76ea49fb78f6437ec20279fd73659160bd36d6a43073390f0aaf30df5ad3aff6f54738d2fbd141f0db8a433b94fc7b95acf70a4f16ae6a1919c5ea108cbe277114c73fd12e8728249eafaf14c4ad8f215e0967994bda64bf7dfd22466d95001e7eafa93e77ea63c56e905ae5c0eb75a4fb13b84569740b06ed5f2a8c14de1f530a427eb16c4ab298eeb727366877b47b04201b86ee7c9051d8875692c9995edc73fc59ed56d8a92790e3002b4941c5967cb36fb1e8733977811bd0d1138707a22d40fc5f93b3422c182500371b7f5f63fa27c6c24344a76d05784e4eff8c4f654b92596b93073b4a45bc185868de85c1f5ac2686f6eac79b6d8123a1173b9f8afd0ea56986d96f62548ca0b295ddf4256cd1b768b97b56e63edb50e625cecf49d7b6c64f2748134836f987c91a6648bc083c7386d93ddda48f41dd9cccbc2a90ccc033497cb40c71fdd65d99317cd55b6c9d77fd2bff909785ffb113b8af5e1bddde25d38153ea417fd7a573f7e1c0d42c9901fa21a5f739a0c876a30e0ceb545b658a97145e98f2b8240bd8d3afd492e7a2e29a7cc7f35502dd86dac4", 0x1000}, {&(0x7f0000000700)="c7e70d91164edc22f43d31b8e0c34c3aa49aac96aeeb769de4a68e7a2673650b0246693347a749faaba5cee2ac827f680f092ef0fdd73b29416d82cab6980348ce450388d408bcfe3e2ae2ad80e73ed527b001fa60883f66774b4d734ef599e5cf5d63fb6409881d9e77e9768e8816eda8e8332a57849bb5efafd24919ee3f9fb31a679f2cf973a0569172603d800d53fc65baac88b25e2cdb92bd745c68ae31636b5a7283ae5c345a", 0xa9}, {&(0x7f00000007c0)="82a09b9eb57155658c17fd056923c7d0266db74c45b598eff36f7d5399fefc25794a0f1c52b3825646bb63f4f1b0b70047a6d8b61b646cfdcc6296d3c4e3040aa08aa2984c65b4a0457e78b2b8a3349896fb21e85a26731022a4ec9204b1f24b8754d801b22e80586c7b0d591f16849f4ee0e2cbe94ed9238112b1e42e3f8c4f659c17601fba8bd3a852ae3759d532e3c0ccd589ab8ebb9a3ab07029e168a4ea426a140868eacbf1", 0xa8}, {&(0x7f0000000880)="958594bdab47dec4b2d1809e58d30ab0cf4a777696b5148b15993f0f4c6e9e8109386f48fdfe952b442da548c7de99b0b4dbf0e6eec8785139c67addabe3d4667918a5e071ec8de558e655d14db3c4fda3e9f4ea2652e22aa4", 0x59}], 0x9, 0x0, 0x0, 0x4040805}, 0x8080) r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000300), r4) sendmsg$BATADV_CMD_TP_METER(r4, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x3c, r5, 0x400, 0x70bd2b, 0x25dfdbfd, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x590}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x8}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x80000001}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0xde3}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20040001}, 0x440c0) sendmsg$BATADV_CMD_SET_HARDIF(r1, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x34, r5, 0x100, 0x70bd2c, 0x25dfdbfe, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x5fc2813f}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x1f}, @BATADV_ATTR_VLANID={0x6}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000011}, 0x40000) sendfile(r0, r1, 0x0, 0xffe3) [ 2451.421643] FAULT_INJECTION: forcing a failure. [ 2451.421643] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2451.422824] CPU: 0 PID: 14988 Comm: syz-executor.6 Not tainted 5.10.210 #1 [ 2451.423432] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2451.424129] Call Trace: [ 2451.424357] dump_stack+0x107/0x167 [ 2451.424680] should_fail.cold+0x5/0xa [ 2451.425021] __alloc_pages_nodemask+0x182/0x600 [ 2451.425441] ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130 [ 2451.426003] alloc_pages_current+0x187/0x280 [ 2451.426396] allocate_slab+0x26f/0x380 [ 2451.426744] ___slab_alloc+0x470/0x700 [ 2451.427085] ? io_submit_sqes+0x6f76/0x85c0 [ 2451.427502] ? kmem_cache_alloc_bulk+0x1ec/0x320 [ 2451.427907] kmem_cache_alloc_bulk+0x1ec/0x320 [ 2451.428323] io_submit_sqes+0x6f76/0x85c0 [ 2451.428722] ? __do_sys_io_uring_enter+0x6b5/0x1920 [ 2451.429145] __do_sys_io_uring_enter+0x6b5/0x1920 [ 2451.429576] ? lock_downgrade+0x6d0/0x6d0 [ 2451.429934] ? find_held_lock+0x2c/0x110 [ 2451.430290] ? io_submit_sqes+0x85c0/0x85c0 [ 2451.430668] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2451.431083] ? wait_for_completion_io+0x270/0x270 [ 2451.431524] ? rcu_read_lock_any_held+0x75/0xa0 [ 2451.431948] ? vfs_write+0x354/0xa70 [ 2451.432294] ? fput_many+0x2f/0x1a0 [ 2451.432611] ? ksys_write+0x1a9/0x260 [ 2451.432936] ? __ia32_sys_read+0xb0/0xb0 [ 2451.433293] do_syscall_64+0x33/0x40 [ 2451.433611] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2451.434052] RIP: 0033:0x7fc0adb05b19 [ 2451.434386] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2451.435932] RSP: 002b:00007fc0ab07b188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2451.436579] RAX: ffffffffffffffda RBX: 00007fc0adc18f60 RCX: 00007fc0adb05b19 [ 2451.437180] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000006 [ 2451.437788] RBP: 00007fc0ab07b1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2451.438399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2451.439003] R13: 00007ffd17b2fdcf R14: 00007fc0ab07b300 R15: 0000000000022000 05:08:27 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400", 0x15}, {0x0, 0x0, 0x1001000a00}], 0x2800018, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000080)='system_u:object_r:syslogd_var_lib_t:s0\x00', 0x27, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x60000, 0x80) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 05:08:27 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:08:27 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:08:27 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x65) 05:08:27 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0) read(r2, &(0x7f0000000000), 0x2000) close(r2) openat$cgroup_ro(r2, &(0x7f0000000080)='blkio.bfq.io_serviced\x00', 0x0, 0x0) connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @rand_addr=0x64010102}, 0x10) openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x82240, 0x0) sendfile(r0, r1, 0x0, 0xffe3) [ 2451.526114] FAT-fs (loop5): invalid media value (0x00) [ 2451.526597] FAT-fs (loop5): Can't find a valid FAT filesystem 05:08:45 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400", 0x15}, {0x0, 0x0, 0x1001000a00}], 0x2800018, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000080)='system_u:object_r:syslogd_var_lib_t:s0\x00', 0x27, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x60000, 0x80) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 05:08:45 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x2, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:08:45 executing program 4: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:08:45 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 78) 05:08:45 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x2000, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:08:45 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:08:45 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x68) 05:08:45 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) [ 2469.472468] FAT-fs (loop5): invalid media value (0x00) [ 2469.473541] FAT-fs (loop5): Can't find a valid FAT filesystem [ 2469.565321] FAULT_INJECTION: forcing a failure. [ 2469.565321] name failslab, interval 1, probability 0, space 0, times 0 [ 2469.566270] CPU: 1 PID: 15064 Comm: syz-executor.6 Not tainted 5.10.210 #1 [ 2469.566834] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2469.567487] Call Trace: [ 2469.567712] dump_stack+0x107/0x167 [ 2469.568011] should_fail.cold+0x5/0xa [ 2469.568325] ? create_object.isra.0+0x3a/0xa20 [ 2469.568701] should_failslab+0x5/0x20 [ 2469.569004] kmem_cache_alloc+0x5b/0x310 [ 2469.569332] create_object.isra.0+0x3a/0xa20 [ 2469.569680] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2469.570083] __kmalloc+0x16e/0x390 [ 2469.570373] inotify_handle_inode_event+0x1b4/0x5d0 [ 2469.570777] ? idr_callback+0x80/0x80 [ 2469.571085] fsnotify_handle_inode_event.isra.0+0x1bb/0x270 [ 2469.571553] fsnotify+0xcd0/0xf50 [ 2469.571842] ? fsnotify_first_mark+0x240/0x240 [ 2469.572211] ? lock_downgrade+0x6d0/0x6d0 [ 2469.572553] ? memcpy+0x39/0x60 [ 2469.572831] __fsnotify_parent+0x468/0x9d0 [ 2469.573179] ? fsnotify+0xf50/0xf50 [ 2469.573471] ? fsnotify+0xf50/0xf50 [ 2469.573770] ? _cond_resched+0x12/0x80 [ 2469.574089] ? inode_security+0x107/0x140 [ 2469.574422] ? avc_policy_seqno+0x9/0x70 [ 2469.574752] io_req_io_end+0x26d/0x490 [ 2469.575067] kiocb_done+0x320/0xc90 [ 2469.575361] ? ext4_file_read_iter+0x18c/0x4c0 [ 2469.575796] io_read+0x4cf/0x11e0 [ 2469.576133] ? kiocb_done+0xc90/0xc90 [ 2469.576482] ? perf_event_switch_output+0x7d0/0x7d0 [ 2469.576875] ? perf_trace_run_bpf_submit+0xf5/0x190 [ 2469.577284] ? __lockdep_reset_lock+0x180/0x180 [ 2469.577660] ? lock_acquire+0x197/0x470 [ 2469.578029] ? __lock_acquire+0xbb1/0x5b00 [ 2469.578397] io_issue_sqe+0x2e8a/0x7700 [ 2469.578718] ? perf_trace_lock+0xac/0x490 [ 2469.579048] ? SOFTIRQ_verbose+0x10/0x10 [ 2469.579370] ? __lockdep_reset_lock+0x180/0x180 [ 2469.579802] ? perf_trace_lock+0x2bd/0x490 [ 2469.580133] ? io_connect+0x610/0x610 [ 2469.580444] ? lock_acquire+0x197/0x470 [ 2469.580759] ? find_held_lock+0x2c/0x110 [ 2469.581084] ? __fget_files+0x26d/0x4c0 [ 2469.581398] ? lock_downgrade+0x6d0/0x6d0 [ 2469.581739] __io_queue_sqe+0x90/0x9d0 [ 2469.582055] ? io_issue_sqe+0x7700/0x7700 [ 2469.582404] ? io_prep_rw+0x7f5/0x1050 [ 2469.582725] io_submit_sqes+0x4461/0x85c0 [ 2469.583080] ? __do_sys_io_uring_enter+0x6b5/0x1920 [ 2469.583484] __do_sys_io_uring_enter+0x6b5/0x1920 [ 2469.583872] ? lock_downgrade+0x6d0/0x6d0 [ 2469.584199] ? find_held_lock+0x2c/0x110 [ 2469.584583] ? io_submit_sqes+0x85c0/0x85c0 [ 2469.585002] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2469.585393] ? wait_for_completion_io+0x270/0x270 [ 2469.585779] ? rcu_read_lock_any_held+0x75/0xa0 [ 2469.586154] ? vfs_write+0x354/0xa70 [ 2469.586448] ? fput_many+0x2f/0x1a0 [ 2469.586738] ? ksys_write+0x1a9/0x260 [ 2469.587038] ? __ia32_sys_read+0xb0/0xb0 [ 2469.587377] do_syscall_64+0x33/0x40 [ 2469.587691] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2469.588096] RIP: 0033:0x7fc0adb05b19 [ 2469.588396] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2469.589968] RSP: 002b:00007fc0ab07b188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2469.590608] RAX: ffffffffffffffda RBX: 00007fc0adc18f60 RCX: 00007fc0adb05b19 [ 2469.591232] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000006 [ 2469.591792] RBP: 00007fc0ab07b1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2469.592348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2469.592956] R13: 00007ffd17b2fdcf R14: 00007fc0ab07b300 R15: 0000000000022000 05:09:03 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x2403, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:09:03 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f8", 0x16}, {0x0, 0x0, 0x1001000a00}], 0x2800018, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000080)='system_u:object_r:syslogd_var_lib_t:s0\x00', 0x27, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x60000, 0x80) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 05:09:03 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:09:03 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 79) 05:09:03 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x3, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:09:03 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:09:03 executing program 4: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:09:03 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x6c) [ 2487.802700] FAT-fs (loop5): bogus number of FAT sectors [ 2487.803375] FAT-fs (loop5): Can't find a valid FAT filesystem 05:09:03 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x74) [ 2487.840578] FAULT_INJECTION: forcing a failure. [ 2487.840578] name failslab, interval 1, probability 0, space 0, times 0 [ 2487.841894] CPU: 1 PID: 15112 Comm: syz-executor.6 Not tainted 5.10.210 #1 [ 2487.842608] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2487.843452] Call Trace: [ 2487.843744] dump_stack+0x107/0x167 [ 2487.844118] should_fail.cold+0x5/0xa [ 2487.844510] ? create_object.isra.0+0x3a/0xa20 [ 2487.844989] should_failslab+0x5/0x20 [ 2487.845389] kmem_cache_alloc+0x5b/0x310 [ 2487.845807] ? mark_held_locks+0x9e/0xe0 [ 2487.846223] create_object.isra.0+0x3a/0xa20 [ 2487.846684] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2487.847209] kmem_cache_alloc_bulk+0x168/0x320 [ 2487.847699] io_submit_sqes+0x6f76/0x85c0 [ 2487.848158] ? __do_sys_io_uring_enter+0x6b5/0x1920 [ 2487.848679] __do_sys_io_uring_enter+0x6b5/0x1920 [ 2487.849179] ? lock_downgrade+0x6d0/0x6d0 [ 2487.849607] ? find_held_lock+0x2c/0x110 [ 2487.850031] ? io_submit_sqes+0x85c0/0x85c0 [ 2487.850482] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2487.850988] ? wait_for_completion_io+0x270/0x270 [ 2487.851493] ? rcu_read_lock_any_held+0x75/0xa0 [ 2487.851987] ? vfs_write+0x354/0xa70 [ 2487.852385] ? fput_many+0x2f/0x1a0 [ 2487.852760] ? ksys_write+0x1a9/0x260 [ 2487.853151] ? __ia32_sys_read+0xb0/0xb0 [ 2487.853587] do_syscall_64+0x33/0x40 [ 2487.853965] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2487.854491] RIP: 0033:0x7fc0adb05b19 [ 2487.854875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2487.856729] RSP: 002b:00007fc0ab07b188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2487.857506] RAX: ffffffffffffffda RBX: 00007fc0adc18f60 RCX: 00007fc0adb05b19 [ 2487.858230] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000006 [ 2487.858960] RBP: 00007fc0ab07b1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2487.859694] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2487.860417] R13: 00007ffd17b2fdcf R14: 00007fc0ab07b300 R15: 0000000000022000 05:09:03 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:09:03 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x4, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:09:03 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:09:03 executing program 4: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:09:03 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x3f00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:09:03 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f8", 0x16}, {0x0, 0x0, 0x1001000a00}], 0x2800018, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000080)='system_u:object_r:syslogd_var_lib_t:s0\x00', 0x27, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x60000, 0x80) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) [ 2488.024133] FAT-fs (loop5): bogus number of FAT sectors [ 2488.024645] FAT-fs (loop5): Can't find a valid FAT filesystem 05:09:03 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x7a) 05:09:04 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:09:04 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:09:04 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x300) 05:09:04 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 80) 05:09:04 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x5, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:09:04 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, 0x0, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:09:04 executing program 4: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:09:04 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x500) [ 2488.273240] FAULT_INJECTION: forcing a failure. [ 2488.273240] name failslab, interval 1, probability 0, space 0, times 0 [ 2488.274350] CPU: 0 PID: 15151 Comm: syz-executor.6 Not tainted 5.10.210 #1 [ 2488.274958] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2488.275697] Call Trace: [ 2488.275933] dump_stack+0x107/0x167 [ 2488.276257] should_fail.cold+0x5/0xa [ 2488.276579] ? inotify_handle_inode_event+0x1b4/0x5d0 [ 2488.277041] should_failslab+0x5/0x20 [ 2488.277354] __kmalloc+0x72/0x390 [ 2488.277688] inotify_handle_inode_event+0x1b4/0x5d0 [ 2488.278240] ? idr_callback+0x80/0x80 [ 2488.278612] fsnotify_handle_inode_event.isra.0+0x1bb/0x270 [ 2488.279090] fsnotify+0xcd0/0xf50 [ 2488.279406] ? fsnotify_first_mark+0x240/0x240 [ 2488.279825] ? lock_downgrade+0x6d0/0x6d0 [ 2488.280195] ? memcpy+0x39/0x60 [ 2488.280488] __fsnotify_parent+0x468/0x9d0 [ 2488.280842] ? fsnotify+0xf50/0xf50 [ 2488.281141] ? fsnotify+0xf50/0xf50 [ 2488.281457] ? _cond_resched+0x12/0x80 [ 2488.281782] ? inode_security+0x107/0x140 [ 2488.282148] ? avc_policy_seqno+0x9/0x70 [ 2488.282490] io_req_io_end+0x26d/0x490 [ 2488.282826] kiocb_done+0x320/0xc90 [ 2488.283127] ? ext4_file_read_iter+0x18c/0x4c0 [ 2488.283541] io_read+0x4cf/0x11e0 [ 2488.283862] ? kiocb_done+0xc90/0xc90 [ 2488.284204] ? perf_event_switch_output+0x7d0/0x7d0 [ 2488.284612] ? perf_trace_run_bpf_submit+0xf5/0x190 [ 2488.285082] ? __lockdep_reset_lock+0x180/0x180 [ 2488.285475] ? lock_acquire+0x197/0x470 [ 2488.285846] io_issue_sqe+0x2e8a/0x7700 [ 2488.286190] ? perf_trace_lock+0x2bd/0x490 [ 2488.286558] ? SOFTIRQ_verbose+0x10/0x10 [ 2488.286900] ? __lockdep_reset_lock+0x180/0x180 [ 2488.287334] ? perf_trace_lock+0x2bd/0x490 [ 2488.287753] ? io_connect+0x610/0x610 [ 2488.288094] ? lock_acquire+0x197/0x470 [ 2488.288434] ? find_held_lock+0x2c/0x110 [ 2488.288778] ? __fget_files+0x26d/0x4c0 [ 2488.289129] ? lock_downgrade+0x6d0/0x6d0 [ 2488.289479] __io_queue_sqe+0x90/0x9d0 [ 2488.289865] ? io_issue_sqe+0x7700/0x7700 [ 2488.290332] ? io_prep_rw+0x7f5/0x1050 [ 2488.290753] io_submit_sqes+0x4461/0x85c0 [ 2488.291267] ? __do_sys_io_uring_enter+0x6b5/0x1920 [ 2488.291725] __do_sys_io_uring_enter+0x6b5/0x1920 [ 2488.292138] ? lock_downgrade+0x6d0/0x6d0 [ 2488.292493] ? find_held_lock+0x2c/0x110 [ 2488.292858] ? io_submit_sqes+0x85c0/0x85c0 [ 2488.293249] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2488.293673] ? wait_for_completion_io+0x270/0x270 [ 2488.294092] ? rcu_read_lock_any_held+0x75/0xa0 [ 2488.294489] ? vfs_write+0x354/0xa70 [ 2488.294814] ? fput_many+0x2f/0x1a0 [ 2488.295118] ? ksys_write+0x1a9/0x260 [ 2488.295450] ? __ia32_sys_read+0xb0/0xb0 [ 2488.295830] do_syscall_64+0x33/0x40 [ 2488.296145] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2488.296579] RIP: 0033:0x7fc0adb05b19 [ 2488.296901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2488.298446] RSP: 002b:00007fc0ab07b188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2488.299109] RAX: ffffffffffffffda RBX: 00007fc0adc18f60 RCX: 00007fc0adb05b19 [ 2488.299717] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000006 [ 2488.300329] RBP: 00007fc0ab07b1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2488.301015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2488.301709] R13: 00007ffd17b2fdcf R14: 00007fc0ab07b300 R15: 0000000000022000 05:09:04 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, 0x0, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:09:04 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, 0x0, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:09:22 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 81) 05:09:22 executing program 4: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:09:22 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, 0x0, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:09:22 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f8", 0x16}, {0x0, 0x0, 0x1001000a00}], 0x2800018, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000080)='system_u:object_r:syslogd_var_lib_t:s0\x00', 0x27, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x60000, 0x80) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 05:09:22 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x600) 05:09:22 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, 0x0, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:09:22 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x6, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:09:22 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x4000, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) [ 2506.737293] FAT-fs (loop5): bogus number of FAT sectors [ 2506.737955] FAT-fs (loop5): Can't find a valid FAT filesystem [ 2506.745687] FAULT_INJECTION: forcing a failure. [ 2506.745687] name failslab, interval 1, probability 0, space 0, times 0 [ 2506.746995] CPU: 1 PID: 15241 Comm: syz-executor.6 Not tainted 5.10.210 #1 [ 2506.747739] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2506.748631] Call Trace: [ 2506.748922] dump_stack+0x107/0x167 [ 2506.749322] should_fail.cold+0x5/0xa [ 2506.749739] ? create_object.isra.0+0x3a/0xa20 [ 2506.750236] should_failslab+0x5/0x20 [ 2506.750644] kmem_cache_alloc+0x5b/0x310 [ 2506.751097] ? mark_held_locks+0x9e/0xe0 [ 2506.751556] create_object.isra.0+0x3a/0xa20 [ 2506.752056] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2506.752617] kmem_cache_alloc_bulk+0x168/0x320 [ 2506.753122] io_submit_sqes+0x6f76/0x85c0 [ 2506.753611] ? __do_sys_io_uring_enter+0x6b5/0x1920 [ 2506.754158] __do_sys_io_uring_enter+0x6b5/0x1920 [ 2506.754695] ? lock_downgrade+0x6d0/0x6d0 [ 2506.755148] ? find_held_lock+0x2c/0x110 [ 2506.755593] ? io_submit_sqes+0x85c0/0x85c0 [ 2506.756085] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2506.756614] ? wait_for_completion_io+0x270/0x270 [ 2506.757134] ? rcu_read_lock_any_held+0x75/0xa0 [ 2506.757629] ? vfs_write+0x354/0xa70 [ 2506.758029] ? fput_many+0x2f/0x1a0 [ 2506.758419] ? ksys_write+0x1a9/0x260 [ 2506.758832] ? __ia32_sys_read+0xb0/0xb0 [ 2506.759299] do_syscall_64+0x33/0x40 [ 2506.759705] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2506.760269] RIP: 0033:0x7fc0adb05b19 [ 2506.760671] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2506.762614] RSP: 002b:00007fc0ab07b188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2506.763441] RAX: ffffffffffffffda RBX: 00007fc0adc18f60 RCX: 00007fc0adb05b19 [ 2506.764209] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000006 [ 2506.764974] RBP: 00007fc0ab07b1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2506.765737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2506.766491] R13: 00007ffd17b2fdcf R14: 00007fc0ab07b300 R15: 0000000000022000 05:09:22 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), 0xffffffffffffffff) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r1, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:09:22 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x700) 05:09:22 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, 0x0, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:09:22 executing program 4: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, 0x0, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:09:22 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x4084, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:09:22 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 82) 05:09:22 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:09:22 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x0, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:09:22 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), 0xffffffffffffffff) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r1, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:09:22 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0xa00) 05:09:22 executing program 4: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, 0x0, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) [ 2507.057631] FAULT_INJECTION: forcing a failure. [ 2507.057631] name failslab, interval 1, probability 0, space 0, times 0 [ 2507.059156] CPU: 0 PID: 15271 Comm: syz-executor.6 Not tainted 5.10.210 #1 [ 2507.059741] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2507.060448] Call Trace: [ 2507.060681] dump_stack+0x107/0x167 [ 2507.060996] should_fail.cold+0x5/0xa [ 2507.061395] ? create_object.isra.0+0x3a/0xa20 [ 2507.061864] should_failslab+0x5/0x20 [ 2507.062187] kmem_cache_alloc+0x5b/0x310 [ 2507.062541] ? mark_held_locks+0x9e/0xe0 [ 2507.062916] create_object.isra.0+0x3a/0xa20 [ 2507.063288] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2507.063740] kmem_cache_alloc_bulk+0x168/0x320 [ 2507.064133] io_submit_sqes+0x6f76/0x85c0 [ 2507.064527] ? __do_sys_io_uring_enter+0x6b5/0x1920 [ 2507.064962] __do_sys_io_uring_enter+0x6b5/0x1920 [ 2507.065398] ? lock_downgrade+0x6d0/0x6d0 [ 2507.065715] ? find_held_lock+0x2c/0x110 [ 2507.066064] ? io_submit_sqes+0x85c0/0x85c0 [ 2507.066412] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2507.066815] ? wait_for_completion_io+0x270/0x270 [ 2507.067201] ? rcu_read_lock_any_held+0x75/0xa0 [ 2507.067594] ? vfs_write+0x354/0xa70 [ 2507.067914] ? fput_many+0x2f/0x1a0 [ 2507.068225] ? ksys_write+0x1a9/0x260 [ 2507.068530] ? __ia32_sys_read+0xb0/0xb0 [ 2507.068893] do_syscall_64+0x33/0x40 [ 2507.069191] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2507.069618] RIP: 0033:0x7fc0adb05b19 [ 2507.069916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2507.071460] RSP: 002b:00007fc0ab07b188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2507.072109] RAX: ffffffffffffffda RBX: 00007fc0adc18f60 RCX: 00007fc0adb05b19 [ 2507.072707] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000006 [ 2507.073296] RBP: 00007fc0ab07b1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2507.073888] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2507.074487] R13: 00007ffd17b2fdcf R14: 00007fc0ab07b300 R15: 0000000000022000 05:09:41 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 83) 05:09:41 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000080)='system_u:object_r:syslogd_var_lib_t:s0\x00', 0x27, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x60000, 0x80) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 05:09:41 executing program 4: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, 0x0, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:09:41 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x0, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:09:41 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x4800, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:09:41 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x8, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:09:41 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x4800) 05:09:41 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), 0xffffffffffffffff) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r1, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) [ 2525.690239] FAULT_INJECTION: forcing a failure. [ 2525.690239] name failslab, interval 1, probability 0, space 0, times 0 [ 2525.691336] CPU: 1 PID: 15339 Comm: syz-executor.6 Not tainted 5.10.210 #1 [ 2525.691901] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2525.692591] Call Trace: [ 2525.692817] dump_stack+0x107/0x167 [ 2525.693124] should_fail.cold+0x5/0xa [ 2525.693441] ? create_object.isra.0+0x3a/0xa20 [ 2525.693821] should_failslab+0x5/0x20 [ 2525.694135] kmem_cache_alloc+0x5b/0x310 [ 2525.694480] ? mark_held_locks+0x9e/0xe0 [ 2525.694817] create_object.isra.0+0x3a/0xa20 [ 2525.695176] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2525.695596] kmem_cache_alloc_bulk+0x168/0x320 [ 2525.695971] io_submit_sqes+0x6f76/0x85c0 [ 2525.696347] ? __do_sys_io_uring_enter+0x6b5/0x1920 [ 2525.696756] __do_sys_io_uring_enter+0x6b5/0x1920 [ 2525.697162] ? lock_downgrade+0x6d0/0x6d0 [ 2525.697503] ? find_held_lock+0x2c/0x110 [ 2525.697841] ? io_submit_sqes+0x85c0/0x85c0 [ 2525.698208] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2525.698606] ? wait_for_completion_io+0x270/0x270 [ 2525.699007] ? rcu_read_lock_any_held+0x75/0xa0 [ 2525.699378] ? vfs_write+0x354/0xa70 [ 2525.699686] ? fput_many+0x2f/0x1a0 [ 2525.699993] ? ksys_write+0x1a9/0x260 [ 2525.700332] ? __ia32_sys_read+0xb0/0xb0 [ 2525.700685] do_syscall_64+0x33/0x40 [ 2525.700992] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2525.701417] RIP: 0033:0x7fc0adb05b19 [ 2525.701733] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2525.703219] RSP: 002b:00007fc0ab07b188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2525.703847] RAX: ffffffffffffffda RBX: 00007fc0adc18f60 RCX: 00007fc0adb05b19 [ 2525.704444] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000006 [ 2525.705034] RBP: 00007fc0ab07b1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2525.705617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2525.706199] R13: 00007ffd17b2fdcf R14: 00007fc0ab07b300 R15: 0000000000022000 05:09:41 executing program 4: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), 0xffffffffffffffff) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r1, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:09:41 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x4c00) 05:09:41 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000080)='system_u:object_r:syslogd_var_lib_t:s0\x00', 0x27, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x60000, 0x80) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 05:09:41 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x0, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:09:41 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r0) sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r1, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:09:41 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x4c00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:09:41 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x6500) 05:10:00 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r0) sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r1, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:10:00 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 84) 05:10:00 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x9, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:10:00 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x6800) 05:10:00 executing program 4: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), 0xffffffffffffffff) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r1, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:10:00 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:10:00 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, 0x0) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000080)='system_u:object_r:syslogd_var_lib_t:s0\x00', 0x27, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x60000, 0x80) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 05:10:00 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x6000, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:10:00 executing program 4: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), 0xffffffffffffffff) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r1, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) [ 2544.635726] FAULT_INJECTION: forcing a failure. [ 2544.635726] name failslab, interval 1, probability 0, space 0, times 0 [ 2544.636811] CPU: 0 PID: 15422 Comm: syz-executor.6 Not tainted 5.10.210 #1 [ 2544.637426] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2544.638160] Call Trace: [ 2544.638406] dump_stack+0x107/0x167 [ 2544.638736] should_fail.cold+0x5/0xa [ 2544.639086] ? create_object.isra.0+0x3a/0xa20 [ 2544.639500] should_failslab+0x5/0x20 [ 2544.639844] kmem_cache_alloc+0x5b/0x310 [ 2544.640215] ? mark_held_locks+0x9e/0xe0 [ 2544.640586] create_object.isra.0+0x3a/0xa20 [ 2544.640982] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2544.641441] kmem_cache_alloc_bulk+0x168/0x320 [ 2544.641861] io_submit_sqes+0x6f76/0x85c0 [ 2544.642276] ? __do_sys_io_uring_enter+0x6b5/0x1920 [ 2544.642720] __do_sys_io_uring_enter+0x6b5/0x1920 [ 2544.643156] ? lock_downgrade+0x6d0/0x6d0 [ 2544.643525] ? find_held_lock+0x2c/0x110 [ 2544.643889] ? io_submit_sqes+0x85c0/0x85c0 [ 2544.644298] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2544.644733] ? wait_for_completion_io+0x270/0x270 [ 2544.645172] ? rcu_read_lock_any_held+0x75/0xa0 [ 2544.645584] ? vfs_write+0x354/0xa70 [ 2544.645938] ? fput_many+0x2f/0x1a0 [ 2544.646278] ? ksys_write+0x1a9/0x260 [ 2544.646618] ? __ia32_sys_read+0xb0/0xb0 [ 2544.647020] do_syscall_64+0x33/0x40 [ 2544.647361] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2544.647813] RIP: 0033:0x7fc0adb05b19 [ 2544.648165] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2544.649761] RSP: 002b:00007fc0ab07b188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2544.650430] RAX: ffffffffffffffda RBX: 00007fc0adc18f60 RCX: 00007fc0adb05b19 [ 2544.651046] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000006 [ 2544.651663] RBP: 00007fc0ab07b1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2544.652295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2544.652911] R13: 00007ffd17b2fdcf R14: 00007fc0ab07b300 R15: 0000000000022000 05:10:00 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x6c00) 05:10:00 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r0) sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r1, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:10:00 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:10:00 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, 0x0) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000080)='system_u:object_r:syslogd_var_lib_t:s0\x00', 0x27, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x60000, 0x80) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 05:10:00 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:10:00 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x6800, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:10:00 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x7400) 05:10:00 executing program 4: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r0) sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r1, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:10:30 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 85) 05:10:30 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:10:30 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, 0x0) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000080)='system_u:object_r:syslogd_var_lib_t:s0\x00', 0x27, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x60000, 0x80) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 05:10:30 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x7a00) 05:10:30 executing program 4: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r0) sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r1, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:10:30 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x20, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:10:30 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x10, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:10:30 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x6c00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:10:30 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x80000) 05:10:30 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x48, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) [ 2574.343955] FAULT_INJECTION: forcing a failure. 05:10:30 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(0x0, r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) [ 2574.343955] name failslab, interval 1, probability 0, space 0, times 0 [ 2574.345195] CPU: 0 PID: 15519 Comm: syz-executor.6 Not tainted 5.10.210 #1 [ 2574.345772] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2574.346462] Call Trace: [ 2574.346689] dump_stack+0x107/0x167 [ 2574.347009] should_fail.cold+0x5/0xa [ 2574.347337] ? create_object.isra.0+0x3a/0xa20 [ 2574.347712] should_failslab+0x5/0x20 [ 2574.348041] kmem_cache_alloc+0x5b/0x310 [ 2574.348378] ? mark_held_locks+0x9e/0xe0 [ 2574.348741] create_object.isra.0+0x3a/0xa20 [ 2574.349121] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2574.349551] kmem_cache_alloc_bulk+0x168/0x320 [ 2574.349951] io_submit_sqes+0x6f76/0x85c0 [ 2574.350331] ? __do_sys_io_uring_enter+0x6b5/0x1920 [ 2574.350747] __do_sys_io_uring_enter+0x6b5/0x1920 [ 2574.351154] ? lock_downgrade+0x6d0/0x6d0 [ 2574.351501] ? find_held_lock+0x2c/0x110 [ 2574.351855] ? io_submit_sqes+0x85c0/0x85c0 [ 2574.352225] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2574.352661] ? wait_for_completion_io+0x270/0x270 [ 2574.353079] ? rcu_read_lock_any_held+0x75/0xa0 [ 2574.353462] ? vfs_write+0x354/0xa70 [ 2574.353794] ? fput_many+0x2f/0x1a0 [ 2574.354101] ? ksys_write+0x1a9/0x260 [ 2574.354418] ? __ia32_sys_read+0xb0/0xb0 [ 2574.354782] do_syscall_64+0x33/0x40 [ 2574.355097] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2574.355520] RIP: 0033:0x7fc0adb05b19 [ 2574.355844] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2574.357367] RSP: 002b:00007fc0ab07b188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2574.358002] RAX: ffffffffffffffda RBX: 00007fc0adc18f60 RCX: 00007fc0adb05b19 [ 2574.358635] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000006 [ 2574.359236] RBP: 00007fc0ab07b1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2574.359827] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2574.360415] R13: 00007ffd17b2fdcf R14: 00007fc0ab07b300 R15: 0000000000022000 05:10:53 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 86) 05:10:53 executing program 4: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r0) sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r1, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:10:53 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x4c, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:10:53 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(0x0, r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:10:53 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x20, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:10:53 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x100000) 05:10:53 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7400, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:10:53 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(0x0) fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000080)='system_u:object_r:syslogd_var_lib_t:s0\x00', 0x27, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x60000, 0x80) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) [ 2597.762931] FAULT_INJECTION: forcing a failure. [ 2597.762931] name failslab, interval 1, probability 0, space 0, times 0 [ 2597.764066] CPU: 1 PID: 15581 Comm: syz-executor.6 Not tainted 5.10.210 #1 [ 2597.764626] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2597.765311] Call Trace: [ 2597.765536] dump_stack+0x107/0x167 [ 2597.765837] should_fail.cold+0x5/0xa [ 2597.766154] ? create_object.isra.0+0x3a/0xa20 [ 2597.766530] should_failslab+0x5/0x20 [ 2597.766846] kmem_cache_alloc+0x5b/0x310 [ 2597.767188] create_object.isra.0+0x3a/0xa20 [ 2597.767547] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2597.767977] __kmalloc+0x16e/0x390 [ 2597.768279] inotify_handle_inode_event+0x1b4/0x5d0 [ 2597.768696] ? idr_callback+0x80/0x80 [ 2597.769021] fsnotify_handle_inode_event.isra.0+0x1bb/0x270 [ 2597.769486] fsnotify+0xcd0/0xf50 [ 2597.769780] ? fsnotify_first_mark+0x240/0x240 [ 2597.770158] ? lock_downgrade+0x6d0/0x6d0 [ 2597.770516] ? memcpy+0x39/0x60 [ 2597.770797] __fsnotify_parent+0x468/0x9d0 [ 2597.771154] ? fsnotify+0xf50/0xf50 [ 2597.771452] ? fsnotify+0xf50/0xf50 [ 2597.771758] ? _cond_resched+0x12/0x80 [ 2597.772082] ? inode_security+0x107/0x140 [ 2597.772427] ? avc_policy_seqno+0x9/0x70 [ 2597.772756] io_req_io_end+0x26d/0x490 [ 2597.773084] kiocb_done+0x320/0xc90 [ 2597.773390] ? ext4_file_read_iter+0x18c/0x4c0 [ 2597.773766] io_read+0x4cf/0x11e0 [ 2597.774065] ? kiocb_done+0xc90/0xc90 [ 2597.774453] ? __lockdep_reset_lock+0x180/0x180 [ 2597.774929] ? lock_acquire+0x197/0x470 [ 2597.775258] ? __lock_acquire+0xbb1/0x5b00 [ 2597.775607] io_issue_sqe+0x2e8a/0x7700 [ 2597.775942] ? perf_trace_lock+0xac/0x490 [ 2597.776279] ? SOFTIRQ_verbose+0x10/0x10 [ 2597.776616] ? __lockdep_reset_lock+0x180/0x180 [ 2597.777006] ? io_connect+0x610/0x610 [ 2597.777323] ? lock_acquire+0x197/0x470 [ 2597.777652] ? find_held_lock+0x2c/0x110 [ 2597.777989] ? __fget_files+0x26d/0x4c0 [ 2597.778318] ? lock_downgrade+0x6d0/0x6d0 [ 2597.778665] __io_queue_sqe+0x90/0x9d0 [ 2597.778994] ? io_issue_sqe+0x7700/0x7700 [ 2597.779491] ? io_prep_rw+0x7f5/0x1050 [ 2597.779818] io_submit_sqes+0x4461/0x85c0 [ 2597.780196] ? __do_sys_io_uring_enter+0x6b5/0x1920 [ 2597.780745] __do_sys_io_uring_enter+0x6b5/0x1920 [ 2597.781267] ? lock_downgrade+0x6d0/0x6d0 [ 2597.781646] ? find_held_lock+0x2c/0x110 [ 2597.781979] ? io_submit_sqes+0x85c0/0x85c0 [ 2597.782346] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2597.782754] ? wait_for_completion_io+0x270/0x270 [ 2597.783276] ? rcu_read_lock_any_held+0x75/0xa0 [ 2597.783664] ? vfs_write+0x354/0xa70 [ 2597.784045] ? fput_many+0x2f/0x1a0 [ 2597.784418] ? ksys_write+0x1a9/0x260 [ 2597.784794] ? __ia32_sys_read+0xb0/0xb0 [ 2597.785251] do_syscall_64+0x33/0x40 [ 2597.785692] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2597.786106] RIP: 0033:0x7fc0adb05b19 [ 2597.786413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2597.787895] RSP: 002b:00007fc0ab07b188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2597.788630] RAX: ffffffffffffffda RBX: 00007fc0adc18f60 RCX: 00007fc0adb05b19 [ 2597.789221] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000006 [ 2597.789817] RBP: 00007fc0ab07b1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2597.790488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2597.791147] R13: 00007ffd17b2fdcf R14: 00007fc0ab07b300 R15: 0000000000022000 05:11:12 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x1000000) 05:11:12 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x68, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:11:12 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(0x0) fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000080)='system_u:object_r:syslogd_var_lib_t:s0\x00', 0x27, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x60000, 0x80) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 05:11:12 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x20, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:11:12 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(0x0, r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:11:12 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7a00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:11:12 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:11:12 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 87) 05:11:12 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), 0xffffffffffffffff) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r1, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:11:12 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x6c, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:11:12 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(0x0, r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) [ 2616.952862] FAULT_INJECTION: forcing a failure. [ 2616.952862] name failslab, interval 1, probability 0, space 0, times 0 [ 2616.953948] CPU: 1 PID: 15622 Comm: syz-executor.6 Not tainted 5.10.210 #1 [ 2616.954535] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2616.955233] Call Trace: [ 2616.955464] dump_stack+0x107/0x167 [ 2616.955778] should_fail.cold+0x5/0xa [ 2616.956103] ? inotify_handle_inode_event+0x1b4/0x5d0 [ 2616.956536] should_failslab+0x5/0x20 [ 2616.956853] __kmalloc+0x72/0x390 [ 2616.957165] inotify_handle_inode_event+0x1b4/0x5d0 [ 2616.957597] ? idr_callback+0x80/0x80 [ 2616.957923] fsnotify_handle_inode_event.isra.0+0x1bb/0x270 [ 2616.958412] fsnotify+0xcd0/0xf50 [ 2616.958706] ? fsnotify_first_mark+0x240/0x240 [ 2616.959116] ? lock_downgrade+0x6d0/0x6d0 [ 2616.959459] ? memcpy+0x39/0x60 [ 2616.959748] __fsnotify_parent+0x468/0x9d0 [ 2616.960112] ? fsnotify+0xf50/0xf50 [ 2616.960416] ? fsnotify+0xf50/0xf50 [ 2616.960723] ? _cond_resched+0x12/0x80 [ 2616.961222] ? inode_security+0x107/0x140 [ 2616.961632] ? avc_policy_seqno+0x9/0x70 [ 2616.961967] io_req_io_end+0x26d/0x490 [ 2616.962294] kiocb_done+0x320/0xc90 [ 2616.962593] ? ext4_file_read_iter+0x18c/0x4c0 [ 2616.962966] io_read+0x4cf/0x11e0 [ 2616.963256] ? kiocb_done+0xc90/0xc90 [ 2616.963584] ? __lockdep_reset_lock+0x180/0x180 [ 2616.963965] ? lock_acquire+0x197/0x470 [ 2616.964296] ? __lock_acquire+0xbb1/0x5b00 [ 2616.964638] io_issue_sqe+0x2e8a/0x7700 [ 2616.964964] ? perf_trace_lock+0xac/0x490 [ 2616.965314] ? SOFTIRQ_verbose+0x10/0x10 [ 2616.965652] ? __lockdep_reset_lock+0x180/0x180 [ 2616.966051] ? io_connect+0x610/0x610 [ 2616.966366] ? lock_acquire+0x197/0x470 [ 2616.966698] ? find_held_lock+0x2c/0x110 [ 2616.967032] ? __fget_files+0x26d/0x4c0 [ 2616.967352] ? lock_downgrade+0x6d0/0x6d0 [ 2616.967689] __io_queue_sqe+0x90/0x9d0 [ 2616.968022] ? io_issue_sqe+0x7700/0x7700 [ 2616.968359] ? io_prep_rw+0x7f5/0x1050 [ 2616.968685] io_submit_sqes+0x4461/0x85c0 [ 2616.969046] ? __do_sys_io_uring_enter+0x6b5/0x1920 [ 2616.969481] __do_sys_io_uring_enter+0x6b5/0x1920 [ 2616.969878] ? lock_downgrade+0x6d0/0x6d0 [ 2616.970222] ? find_held_lock+0x2c/0x110 [ 2616.970565] ? io_submit_sqes+0x85c0/0x85c0 [ 2616.970920] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2616.971321] ? wait_for_completion_io+0x270/0x270 [ 2616.971716] ? rcu_read_lock_any_held+0x75/0xa0 [ 2616.972097] ? vfs_write+0x354/0xa70 [ 2616.972403] ? fput_many+0x2f/0x1a0 [ 2616.972701] ? ksys_write+0x1a9/0x260 [ 2616.973018] ? __ia32_sys_read+0xb0/0xb0 [ 2616.973368] do_syscall_64+0x33/0x40 [ 2616.973668] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2616.974085] RIP: 0033:0x7fc0adb05b19 [ 2616.974388] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2616.975876] RSP: 002b:00007fc0ab07b188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2616.976506] RAX: ffffffffffffffda RBX: 00007fc0adc18f60 RCX: 00007fc0adb05b19 [ 2616.977092] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000006 [ 2616.977684] RBP: 00007fc0ab07b1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2616.978268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2616.978838] R13: 00007ffd17b2fdcf R14: 00007fc0ab07b300 R15: 0000000000022000 05:11:12 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x2000000) 05:11:12 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 88) 05:11:12 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf000, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:11:12 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:11:13 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), 0xffffffffffffffff) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r1, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:11:13 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(0x0, r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:11:13 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x5}, 0x0) [ 2617.205754] FAULT_INJECTION: forcing a failure. [ 2617.205754] name failslab, interval 1, probability 0, space 0, times 0 [ 2617.206842] CPU: 0 PID: 15641 Comm: syz-executor.6 Not tainted 5.10.210 #1 [ 2617.207438] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2617.208124] Call Trace: [ 2617.208359] dump_stack+0x107/0x167 [ 2617.208676] should_fail.cold+0x5/0xa [ 2617.209005] ? create_object.isra.0+0x3a/0xa20 [ 2617.209416] should_failslab+0x5/0x20 [ 2617.209738] kmem_cache_alloc+0x5b/0x310 [ 2617.210101] create_object.isra.0+0x3a/0xa20 [ 2617.210478] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2617.210907] __kmalloc+0x16e/0x390 [ 2617.211238] inotify_handle_inode_event+0x1b4/0x5d0 [ 2617.211666] ? idr_callback+0x80/0x80 [ 2617.211984] fsnotify_handle_inode_event.isra.0+0x1bb/0x270 [ 2617.212472] fsnotify+0xcd0/0xf50 [ 2617.212783] ? fsnotify_first_mark+0x240/0x240 [ 2617.213187] ? lock_downgrade+0x6d0/0x6d0 [ 2617.213551] ? memcpy+0x39/0x60 [ 2617.213841] __fsnotify_parent+0x468/0x9d0 [ 2617.214234] ? fsnotify+0xf50/0xf50 [ 2617.214545] ? fsnotify+0xf50/0xf50 [ 2617.214869] ? _cond_resched+0x12/0x80 [ 2617.215209] ? inode_security+0x107/0x140 [ 2617.215563] ? avc_policy_seqno+0x9/0x70 [ 2617.215913] io_req_io_end+0x26d/0x490 [ 2617.216259] kiocb_done+0x320/0xc90 [ 2617.216613] ? ext4_file_read_iter+0x18c/0x4c0 [ 2617.217002] io_read+0x4cf/0x11e0 [ 2617.217335] ? kiocb_done+0xc90/0xc90 [ 2617.217654] ? perf_event_switch_output+0x7d0/0x7d0 [ 2617.218070] ? perf_trace_run_bpf_submit+0xf5/0x190 [ 2617.218532] ? __lockdep_reset_lock+0x180/0x180 [ 2617.218927] ? lock_acquire+0x197/0x470 [ 2617.219303] io_issue_sqe+0x2e8a/0x7700 [ 2617.219653] ? perf_trace_lock+0x2bd/0x490 [ 2617.220012] ? SOFTIRQ_verbose+0x10/0x10 [ 2617.220367] ? __lockdep_reset_lock+0x180/0x180 [ 2617.220762] ? perf_trace_lock+0x2bd/0x490 [ 2617.221138] ? io_connect+0x610/0x610 [ 2617.221471] ? lock_acquire+0x197/0x470 [ 2617.221804] ? find_held_lock+0x2c/0x110 [ 2617.222177] ? __fget_files+0x26d/0x4c0 [ 2617.222514] ? lock_downgrade+0x6d0/0x6d0 [ 2617.222877] __io_queue_sqe+0x90/0x9d0 [ 2617.223235] ? io_issue_sqe+0x7700/0x7700 [ 2617.223610] ? io_prep_rw+0x7f5/0x1050 [ 2617.223952] io_submit_sqes+0x4461/0x85c0 [ 2617.224353] ? __do_sys_io_uring_enter+0x6b5/0x1920 [ 2617.224780] __do_sys_io_uring_enter+0x6b5/0x1920 [ 2617.225213] ? lock_downgrade+0x6d0/0x6d0 [ 2617.225559] ? find_held_lock+0x2c/0x110 [ 2617.225914] ? io_submit_sqes+0x85c0/0x85c0 [ 2617.226304] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2617.226718] ? wait_for_completion_io+0x270/0x270 [ 2617.227133] ? rcu_read_lock_any_held+0x75/0xa0 [ 2617.227540] ? vfs_write+0x354/0xa70 [ 2617.227853] ? fput_many+0x2f/0x1a0 [ 2617.228176] ? ksys_write+0x1a9/0x260 [ 2617.228498] ? __ia32_sys_read+0xb0/0xb0 [ 2617.228863] do_syscall_64+0x33/0x40 [ 2617.229191] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2617.229627] RIP: 0033:0x7fc0adb05b19 [ 2617.229944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2617.231470] RSP: 002b:00007fc0ab07b188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2617.232104] RAX: ffffffffffffffda RBX: 00007fc0adc18f60 RCX: 00007fc0adb05b19 [ 2617.232712] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000006 [ 2617.233335] RBP: 00007fc0ab07b1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2617.233920] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2617.234523] R13: 00007ffd17b2fdcf R14: 00007fc0ab07b300 R15: 0000000000022000 05:11:13 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x74, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:11:13 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(0x0) fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000080)='system_u:object_r:syslogd_var_lib_t:s0\x00', 0x27, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x60000, 0x80) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 05:11:13 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:11:13 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(0x0, r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:11:13 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x3000000) 05:11:13 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), 0xffffffffffffffff) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r1, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:11:13 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), 0xffffffffffffffff) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r1, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:11:13 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:11:31 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x4000000) 05:11:31 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xfeff, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:11:31 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, &(0x7f0000000080)='system_u:object_r:syslogd_var_lib_t:s0\x00', 0x27, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x60000, 0x80) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 05:11:31 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 89) 05:11:31 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7a, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:11:31 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), 0xffffffffffffffff) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r1, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:11:31 executing program 7: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r0) sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r1, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:11:31 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x68, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) [ 2635.563554] FAULT_INJECTION: forcing a failure. [ 2635.563554] name failslab, interval 1, probability 0, space 0, times 0 [ 2635.564586] CPU: 0 PID: 15741 Comm: syz-executor.6 Not tainted 5.10.210 #1 [ 2635.565126] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2635.565792] Call Trace: [ 2635.566010] dump_stack+0x107/0x167 [ 2635.566303] should_fail.cold+0x5/0xa [ 2635.566616] ? inotify_handle_inode_event+0x1b4/0x5d0 [ 2635.567031] should_failslab+0x5/0x20 [ 2635.567342] __kmalloc+0x72/0x390 [ 2635.567640] inotify_handle_inode_event+0x1b4/0x5d0 [ 2635.568056] ? idr_callback+0x80/0x80 [ 2635.568369] fsnotify_handle_inode_event.isra.0+0x1bb/0x270 [ 2635.568835] fsnotify+0xcd0/0xf50 [ 2635.569136] ? fsnotify_first_mark+0x240/0x240 [ 2635.569514] ? lock_downgrade+0x6d0/0x6d0 [ 2635.569866] ? memcpy+0x39/0x60 [ 2635.570148] __fsnotify_parent+0x468/0x9d0 [ 2635.570502] ? fsnotify+0xf50/0xf50 [ 2635.570798] ? fsnotify+0xf50/0xf50 [ 2635.571105] ? _cond_resched+0x12/0x80 [ 2635.571420] ? inode_security+0x107/0x140 [ 2635.571754] ? avc_policy_seqno+0x9/0x70 [ 2635.572082] io_req_io_end+0x26d/0x490 [ 2635.572396] kiocb_done+0x320/0xc90 [ 2635.572689] ? ext4_file_read_iter+0x18c/0x4c0 [ 2635.573055] io_read+0x4cf/0x11e0 [ 2635.573359] ? kiocb_done+0xc90/0xc90 [ 2635.573665] ? perf_event_switch_output+0x7d0/0x7d0 [ 2635.574053] ? perf_trace_run_bpf_submit+0xf5/0x190 [ 2635.574479] ? __lockdep_reset_lock+0x180/0x180 [ 2635.574859] ? lock_acquire+0x197/0x470 [ 2635.575201] io_issue_sqe+0x2e8a/0x7700 [ 2635.575522] ? perf_trace_lock+0x2bd/0x490 [ 2635.575858] ? SOFTIRQ_verbose+0x10/0x10 [ 2635.576186] ? __lockdep_reset_lock+0x180/0x180 [ 2635.576549] ? perf_trace_lock+0x2bd/0x490 [ 2635.576884] ? io_connect+0x610/0x610 [ 2635.577191] ? lock_acquire+0x197/0x470 [ 2635.577511] ? find_held_lock+0x2c/0x110 [ 2635.577842] ? __fget_files+0x26d/0x4c0 [ 2635.578157] ? lock_downgrade+0x6d0/0x6d0 [ 2635.578492] __io_queue_sqe+0x90/0x9d0 [ 2635.578807] ? io_issue_sqe+0x7700/0x7700 [ 2635.579145] ? io_prep_rw+0x7f5/0x1050 [ 2635.579463] io_submit_sqes+0x4461/0x85c0 [ 2635.579829] ? __do_sys_io_uring_enter+0x6b5/0x1920 [ 2635.580216] __do_sys_io_uring_enter+0x6b5/0x1920 [ 2635.580603] ? lock_downgrade+0x6d0/0x6d0 [ 2635.580932] ? find_held_lock+0x2c/0x110 [ 2635.581259] ? io_submit_sqes+0x85c0/0x85c0 [ 2635.581622] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2635.582004] ? wait_for_completion_io+0x270/0x270 [ 2635.582384] ? rcu_read_lock_any_held+0x75/0xa0 [ 2635.582748] ? vfs_write+0x354/0xa70 [ 2635.583048] ? fput_many+0x2f/0x1a0 [ 2635.583336] ? ksys_write+0x1a9/0x260 [ 2635.583639] ? __ia32_sys_read+0xb0/0xb0 [ 2635.583984] do_syscall_64+0x33/0x40 [ 2635.584281] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2635.584682] RIP: 0033:0x7fc0adb05b19 [ 2635.584979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2635.586407] RSP: 002b:00007fc0ab07b188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2635.587002] RAX: ffffffffffffffda RBX: 00007fc0adc18f60 RCX: 00007fc0adb05b19 [ 2635.587558] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000006 [ 2635.588107] RBP: 00007fc0ab07b1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2635.588660] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2635.589210] R13: 00007ffd17b2fdcf R14: 00007fc0ab07b300 R15: 0000000000022000 05:11:31 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x5000000) 05:11:31 executing program 7: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r0) sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r1, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:11:31 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), 0xffffffffffffffff) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r1, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:11:31 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf0, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:11:31 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x6000000) 05:11:31 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x4800, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:11:31 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xff7f, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:11:31 executing program 7: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r0) sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r1, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:11:31 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, &(0x7f0000000080)='system_u:object_r:syslogd_var_lib_t:s0\x00', 0x27, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x60000, 0x80) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 05:11:31 executing program 4: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r0) sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r1, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:11:31 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x7000000) 05:11:50 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 90) 05:11:50 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, 0x0, 0x0) 05:11:50 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x60000, 0x80) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 05:11:50 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0xa000000) 05:11:50 executing program 4: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r0) sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r1, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:11:50 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xfffe, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:11:50 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x300, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:11:50 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xfeff, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:11:50 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x324, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:11:50 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, 0x0, 0x0) [ 2654.730226] FAULT_INJECTION: forcing a failure. [ 2654.730226] name failslab, interval 1, probability 0, space 0, times 0 [ 2654.731913] CPU: 0 PID: 15846 Comm: syz-executor.6 Not tainted 5.10.210 #1 [ 2654.732731] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2654.733751] Call Trace: [ 2654.734201] dump_stack+0x107/0x167 [ 2654.734645] should_fail.cold+0x5/0xa [ 2654.735118] ? create_object.isra.0+0x3a/0xa20 [ 2654.735680] should_failslab+0x5/0x20 [ 2654.736152] kmem_cache_alloc+0x5b/0x310 [ 2654.736659] create_object.isra.0+0x3a/0xa20 [ 2654.737203] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2654.737839] __kmalloc+0x16e/0x390 [ 2654.738298] inotify_handle_inode_event+0x1b4/0x5d0 [ 2654.738925] ? idr_callback+0x80/0x80 [ 2654.739396] fsnotify_handle_inode_event.isra.0+0x1bb/0x270 [ 2654.740104] fsnotify+0xcd0/0xf50 [ 2654.740547] ? fsnotify_first_mark+0x240/0x240 [ 2654.741112] ? lock_downgrade+0x6d0/0x6d0 [ 2654.741635] ? memcpy+0x39/0x60 [ 2654.742057] __fsnotify_parent+0x468/0x9d0 [ 2654.742591] ? fsnotify+0xf50/0xf50 [ 2654.743046] ? fsnotify+0xf50/0xf50 [ 2654.743495] ? _cond_resched+0x12/0x80 [ 2654.743976] ? inode_security+0x107/0x140 [ 2654.744476] ? avc_policy_seqno+0x9/0x70 [ 2654.744985] io_req_io_end+0x26d/0x490 [ 2654.745462] kiocb_done+0x320/0xc90 [ 2654.745925] ? ext4_file_read_iter+0x18c/0x4c0 [ 2654.746496] io_read+0x4cf/0x11e0 [ 2654.746940] ? kiocb_done+0xc90/0xc90 [ 2654.747406] ? perf_event_switch_output+0x7d0/0x7d0 [ 2654.748013] ? perf_trace_run_bpf_submit+0xf5/0x190 [ 2654.748651] ? __lockdep_reset_lock+0x180/0x180 [ 2654.749230] ? lock_acquire+0x197/0x470 [ 2654.749745] io_issue_sqe+0x2e8a/0x7700 [ 2654.750238] ? perf_trace_lock+0x2bd/0x490 [ 2654.750743] ? SOFTIRQ_verbose+0x10/0x10 [ 2654.751247] ? __lockdep_reset_lock+0x180/0x180 [ 2654.751798] ? perf_trace_lock+0x2bd/0x490 [ 2654.752315] ? io_connect+0x610/0x610 [ 2654.752780] ? lock_acquire+0x197/0x470 [ 2654.753266] ? find_held_lock+0x2c/0x110 [ 2654.753771] ? __fget_files+0x26d/0x4c0 [ 2654.754258] ? lock_downgrade+0x6d0/0x6d0 [ 2654.754762] __io_queue_sqe+0x90/0x9d0 [ 2654.755252] ? io_issue_sqe+0x7700/0x7700 [ 2654.755760] ? io_prep_rw+0x7f5/0x1050 [ 2654.756249] io_submit_sqes+0x4461/0x85c0 [ 2654.756810] ? __do_sys_io_uring_enter+0x6b5/0x1920 [ 2654.757403] __do_sys_io_uring_enter+0x6b5/0x1920 [ 2654.758000] ? lock_downgrade+0x6d0/0x6d0 [ 2654.758493] ? find_held_lock+0x2c/0x110 [ 2654.759001] ? io_submit_sqes+0x85c0/0x85c0 [ 2654.759533] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2654.760130] ? wait_for_completion_io+0x270/0x270 [ 2654.760725] ? rcu_read_lock_any_held+0x75/0xa0 [ 2654.761283] ? vfs_write+0x354/0xa70 [ 2654.761740] ? fput_many+0x2f/0x1a0 [ 2654.762181] ? ksys_write+0x1a9/0x260 [ 2654.762646] ? __ia32_sys_read+0xb0/0xb0 [ 2654.763174] do_syscall_64+0x33/0x40 [ 2654.763629] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2654.764254] RIP: 0033:0x7fc0adb05b19 [ 2654.764710] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2654.766916] RSP: 002b:00007fc0ab07b188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2654.767837] RAX: ffffffffffffffda RBX: 00007fc0adc18f60 RCX: 00007fc0adb05b19 [ 2654.768698] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000006 [ 2654.769567] RBP: 00007fc0ab07b1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2654.770427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2654.771290] R13: 00007ffd17b2fdcf R14: 00007fc0ab07b300 R15: 0000000000022000 05:12:07 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x500, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:12:07 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xfeff, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:12:07 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x60000, 0x80) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 05:12:07 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 91) 05:12:07 executing program 4: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r0) sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r1, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:12:07 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13b9f, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:12:07 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, 0x0, 0x0) 05:12:07 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x48000000) [ 2672.076953] FAULT_INJECTION: forcing a failure. [ 2672.076953] name failslab, interval 1, probability 0, space 0, times 0 [ 2672.078079] CPU: 1 PID: 15901 Comm: syz-executor.6 Not tainted 5.10.210 #1 [ 2672.078663] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2672.079347] Call Trace: [ 2672.079574] dump_stack+0x107/0x167 [ 2672.079885] should_fail.cold+0x5/0xa [ 2672.080201] ? inotify_handle_inode_event+0x1b4/0x5d0 [ 2672.080633] should_failslab+0x5/0x20 [ 2672.080960] __kmalloc+0x72/0x390 [ 2672.081252] inotify_handle_inode_event+0x1b4/0x5d0 [ 2672.081696] ? idr_callback+0x80/0x80 [ 2672.082015] fsnotify_handle_inode_event.isra.0+0x1bb/0x270 [ 2672.082489] fsnotify+0xcd0/0xf50 [ 2672.082792] ? fsnotify_first_mark+0x240/0x240 [ 2672.083167] ? lock_downgrade+0x6d0/0x6d0 [ 2672.083508] ? memcpy+0x39/0x60 [ 2672.083798] __fsnotify_parent+0x468/0x9d0 [ 2672.084148] ? fsnotify+0xf50/0xf50 [ 2672.084456] ? fsnotify+0xf50/0xf50 [ 2672.084763] ? _cond_resched+0x12/0x80 [ 2672.085084] ? inode_security+0x107/0x140 [ 2672.085423] ? avc_policy_seqno+0x9/0x70 [ 2672.085779] io_req_io_end+0x26d/0x490 [ 2672.086110] kiocb_done+0x320/0xc90 [ 2672.086411] ? ext4_file_read_iter+0x18c/0x4c0 [ 2672.086802] io_read+0x4cf/0x11e0 [ 2672.087104] ? kiocb_done+0xc90/0xc90 [ 2672.087444] ? __lockdep_reset_lock+0x180/0x180 [ 2672.087848] ? lock_acquire+0x197/0x470 [ 2672.088174] ? __lock_acquire+0xbb1/0x5b00 [ 2672.088530] io_issue_sqe+0x2e8a/0x7700 [ 2672.088874] ? perf_trace_lock+0xac/0x490 [ 2672.089217] ? SOFTIRQ_verbose+0x10/0x10 [ 2672.089550] ? __lockdep_reset_lock+0x180/0x180 [ 2672.089951] ? io_connect+0x610/0x610 [ 2672.090267] ? lock_acquire+0x197/0x470 [ 2672.090598] ? find_held_lock+0x2c/0x110 [ 2672.090954] ? __fget_files+0x26d/0x4c0 [ 2672.091288] ? lock_downgrade+0x6d0/0x6d0 [ 2672.091635] __io_queue_sqe+0x90/0x9d0 [ 2672.091963] ? io_issue_sqe+0x7700/0x7700 [ 2672.092310] ? io_prep_rw+0x7f5/0x1050 [ 2672.092640] io_submit_sqes+0x4461/0x85c0 [ 2672.093018] ? __do_sys_io_uring_enter+0x6b5/0x1920 [ 2672.093432] __do_sys_io_uring_enter+0x6b5/0x1920 [ 2672.093850] ? lock_downgrade+0x6d0/0x6d0 [ 2672.094189] ? find_held_lock+0x2c/0x110 [ 2672.094529] ? io_submit_sqes+0x85c0/0x85c0 [ 2672.094901] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2672.095302] ? wait_for_completion_io+0x270/0x270 [ 2672.095724] ? rcu_read_lock_any_held+0x75/0xa0 [ 2672.096117] ? vfs_write+0x354/0xa70 [ 2672.096421] ? fput_many+0x2f/0x1a0 [ 2672.096737] ? ksys_write+0x1a9/0x260 [ 2672.097055] ? __ia32_sys_read+0xb0/0xb0 [ 2672.097401] do_syscall_64+0x33/0x40 [ 2672.097724] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2672.098158] RIP: 0033:0x7fc0adb05b19 [ 2672.098464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2672.099974] RSP: 002b:00007fc0ab07b188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2672.100599] RAX: ffffffffffffffda RBX: 00007fc0adc18f60 RCX: 00007fc0adb05b19 [ 2672.101188] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000006 [ 2672.101792] RBP: 00007fc0ab07b1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2672.102367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2672.102952] R13: 00007ffd17b2fdcf R14: 00007fc0ab07b300 R15: 0000000000022000 05:12:25 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:12:25 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x4c000000) 05:12:25 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x60000, 0x80) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 05:12:25 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x600, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:12:25 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, 0x0, 0x0) 05:12:25 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13ba0, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:12:25 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x3f00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:12:25 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 92) [ 2690.146483] FAULT_INJECTION: forcing a failure. [ 2690.146483] name failslab, interval 1, probability 0, space 0, times 0 [ 2690.147774] CPU: 0 PID: 15954 Comm: syz-executor.6 Not tainted 5.10.210 #1 [ 2690.148490] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2690.149337] Call Trace: [ 2690.149631] dump_stack+0x107/0x167 [ 2690.150032] should_fail.cold+0x5/0xa [ 2690.150442] ? create_object.isra.0+0x3a/0xa20 [ 2690.150931] should_failslab+0x5/0x20 [ 2690.151330] kmem_cache_alloc+0x5b/0x310 [ 2690.151775] create_object.isra.0+0x3a/0xa20 [ 2690.152232] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2690.152771] __kmalloc+0x16e/0x390 [ 2690.153165] inotify_handle_inode_event+0x1b4/0x5d0 [ 2690.153701] ? idr_callback+0x80/0x80 [ 2690.154104] fsnotify_handle_inode_event.isra.0+0x1bb/0x270 [ 2690.154701] fsnotify+0xcd0/0xf50 [ 2690.155096] ? fsnotify_first_mark+0x240/0x240 [ 2690.155578] ? lock_downgrade+0x6d0/0x6d0 [ 2690.156041] ? memcpy+0x39/0x60 [ 2690.156408] __fsnotify_parent+0x468/0x9d0 [ 2690.156869] ? fsnotify+0xf50/0xf50 [ 2690.157257] ? fsnotify+0xf50/0xf50 [ 2690.157651] ? _cond_resched+0x12/0x80 [ 2690.158053] ? inode_security+0x107/0x140 [ 2690.158487] ? avc_policy_seqno+0x9/0x70 [ 2690.158925] io_req_io_end+0x26d/0x490 [ 2690.159344] kiocb_done+0x320/0xc90 [ 2690.159731] ? ext4_file_read_iter+0x18c/0x4c0 [ 2690.160214] io_read+0x4cf/0x11e0 [ 2690.160613] ? kiocb_done+0xc90/0xc90 [ 2690.161012] ? perf_event_switch_output+0x7d0/0x7d0 [ 2690.161598] ? perf_trace_run_bpf_submit+0xf5/0x190 [ 2690.162164] io_issue_sqe+0x2e8a/0x7700 [ 2690.162590] ? perf_trace_lock+0x2bd/0x490 [ 2690.163042] ? SOFTIRQ_verbose+0x10/0x10 [ 2690.163472] ? __lockdep_reset_lock+0x180/0x180 [ 2690.163963] ? perf_trace_lock+0x2bd/0x490 [ 2690.164401] ? io_connect+0x610/0x610 [ 2690.164813] ? lock_acquire+0x197/0x470 [ 2690.165232] ? find_held_lock+0x2c/0x110 [ 2690.165673] ? __fget_files+0x26d/0x4c0 [ 2690.166106] ? lock_downgrade+0x6d0/0x6d0 [ 2690.166556] __io_queue_sqe+0x90/0x9d0 [ 2690.166985] ? io_issue_sqe+0x7700/0x7700 [ 2690.167438] ? io_prep_rw+0x7f5/0x1050 [ 2690.167857] io_submit_sqes+0x4461/0x85c0 [ 2690.168358] ? __do_sys_io_uring_enter+0x6b5/0x1920 [ 2690.168871] __do_sys_io_uring_enter+0x6b5/0x1920 [ 2690.169378] ? lock_downgrade+0x6d0/0x6d0 [ 2690.169808] ? find_held_lock+0x2c/0x110 [ 2690.170246] ? io_submit_sqes+0x85c0/0x85c0 [ 2690.170707] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2690.171215] ? wait_for_completion_io+0x270/0x270 [ 2690.171726] ? rcu_read_lock_any_held+0x75/0xa0 [ 2690.172203] ? vfs_write+0x354/0xa70 [ 2690.172595] ? fput_many+0x2f/0x1a0 [ 2690.172977] ? ksys_write+0x1a9/0x260 [ 2690.173374] ? __ia32_sys_read+0xb0/0xb0 [ 2690.173841] do_syscall_64+0x33/0x40 [ 2690.174246] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2690.174774] RIP: 0033:0x7fc0adb05b19 [ 2690.175167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2690.177015] RSP: 002b:00007fc0ab07b188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2690.177797] RAX: ffffffffffffffda RBX: 00007fc0adc18f60 RCX: 00007fc0adb05b19 [ 2690.178529] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000006 [ 2690.179250] RBP: 00007fc0ab07b1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2690.179972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2690.180706] R13: 00007ffd17b2fdcf R14: 00007fc0ab07b300 R15: 0000000000022000 05:12:26 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, 0x0, 0x0) 05:12:26 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:12:26 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13ba1, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:12:26 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 93) 05:12:26 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x65000000) 05:12:26 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, 0x0, 0x0) 05:12:26 executing program 2: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:12:26 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x700, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:12:26 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x5}, 0x0) [ 2690.450266] FAULT_INJECTION: forcing a failure. [ 2690.450266] name failslab, interval 1, probability 0, space 0, times 0 [ 2690.451329] CPU: 1 PID: 15972 Comm: syz-executor.6 Not tainted 5.10.210 #1 [ 2690.451885] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2690.452653] Call Trace: [ 2690.452891] dump_stack+0x107/0x167 [ 2690.453204] should_fail.cold+0x5/0xa [ 2690.453519] ? inotify_handle_inode_event+0x1b4/0x5d0 [ 2690.453939] should_failslab+0x5/0x20 [ 2690.454268] __kmalloc+0x72/0x390 [ 2690.454557] inotify_handle_inode_event+0x1b4/0x5d0 [ 2690.454962] ? idr_callback+0x80/0x80 [ 2690.455320] fsnotify_handle_inode_event.isra.0+0x1bb/0x270 [ 2690.455774] fsnotify+0xcd0/0xf50 [ 2690.456053] ? fsnotify_first_mark+0x240/0x240 [ 2690.456451] ? lock_downgrade+0x6d0/0x6d0 [ 2690.456779] ? memcpy+0x39/0x60 [ 2690.457054] __fsnotify_parent+0x468/0x9d0 [ 2690.457434] ? fsnotify+0xf50/0xf50 [ 2690.457723] ? fsnotify+0xf50/0xf50 [ 2690.458027] ? _cond_resched+0x12/0x80 [ 2690.458359] ? inode_security+0x107/0x140 [ 2690.458681] ? avc_policy_seqno+0x9/0x70 [ 2690.459008] io_req_io_end+0x26d/0x490 [ 2690.459362] kiocb_done+0x320/0xc90 [ 2690.459646] ? ext4_file_read_iter+0x18c/0x4c0 [ 2690.460001] io_read+0x4cf/0x11e0 [ 2690.460283] ? kiocb_done+0xc90/0xc90 [ 2690.460600] ? __lockdep_reset_lock+0x180/0x180 [ 2690.460968] ? lock_acquire+0x197/0x470 [ 2690.461287] ? __lock_acquire+0xbb1/0x5b00 [ 2690.461619] io_issue_sqe+0x2e8a/0x7700 [ 2690.461936] ? perf_trace_lock+0xac/0x490 [ 2690.462292] ? SOFTIRQ_verbose+0x10/0x10 [ 2690.462602] ? __lockdep_reset_lock+0x180/0x180 [ 2690.462953] ? io_connect+0x610/0x610 [ 2690.463285] ? lock_acquire+0x197/0x470 [ 2690.463590] ? find_held_lock+0x2c/0x110 [ 2690.463907] ? __fget_files+0x26d/0x4c0 [ 2690.464213] ? lock_downgrade+0x6d0/0x6d0 [ 2690.464537] __io_queue_sqe+0x90/0x9d0 [ 2690.464843] ? io_issue_sqe+0x7700/0x7700 [ 2690.465173] ? io_prep_rw+0x7f5/0x1050 [ 2690.465589] io_submit_sqes+0x4461/0x85c0 [ 2690.465932] ? __do_sys_io_uring_enter+0x6b5/0x1920 [ 2690.466340] __do_sys_io_uring_enter+0x6b5/0x1920 [ 2690.466707] ? lock_downgrade+0x6d0/0x6d0 [ 2690.467017] ? find_held_lock+0x2c/0x110 [ 2690.467361] ? io_submit_sqes+0x85c0/0x85c0 [ 2690.467697] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2690.468065] ? wait_for_completion_io+0x270/0x270 [ 2690.468433] ? rcu_read_lock_any_held+0x75/0xa0 [ 2690.468784] ? vfs_write+0x354/0xa70 [ 2690.469067] ? fput_many+0x2f/0x1a0 [ 2690.469346] ? ksys_write+0x1a9/0x260 [ 2690.469637] ? __ia32_sys_read+0xb0/0xb0 [ 2690.469960] do_syscall_64+0x33/0x40 [ 2690.470283] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2690.470668] RIP: 0033:0x7fc0adb05b19 [ 2690.470956] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2690.472351] RSP: 002b:00007fc0ab07b188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2690.472935] RAX: ffffffffffffffda RBX: 00007fc0adc18f60 RCX: 00007fc0adb05b19 [ 2690.473466] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000006 [ 2690.474010] RBP: 00007fc0ab07b1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2690.474561] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2690.475097] R13: 00007ffd17b2fdcf R14: 00007fc0ab07b300 R15: 0000000000022000 05:12:26 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x68000000) 05:12:46 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:12:46 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x60000, 0x80) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 05:12:46 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 94) 05:12:46 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x6c000000) 05:12:46 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13ba2, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:12:46 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x900, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:12:46 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:12:46 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 1) [ 2710.476816] FAULT_INJECTION: forcing a failure. [ 2710.476816] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2710.478194] CPU: 0 PID: 16042 Comm: syz-executor.2 Not tainted 5.10.210 #1 [ 2710.478949] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2710.479825] Call Trace: [ 2710.480129] dump_stack+0x107/0x167 [ 2710.480541] should_fail.cold+0x5/0xa [ 2710.480948] _copy_from_user+0x2e/0x1b0 [ 2710.481356] __copy_msghdr_from_user+0x91/0x4b0 [ 2710.481835] ? __ia32_sys_shutdown+0x80/0x80 [ 2710.482339] ? perf_trace_run_bpf_submit+0xf5/0x190 [ 2710.482879] sendmsg_copy_msghdr+0xa1/0x160 [ 2710.483335] ? do_recvmmsg+0x6d0/0x6d0 [ 2710.483745] ? perf_trace_lock+0x2bd/0x490 [ 2710.484191] ? SOFTIRQ_verbose+0x10/0x10 [ 2710.484625] ? __lockdep_reset_lock+0x180/0x180 [ 2710.485138] ___sys_sendmsg+0xc6/0x170 [ 2710.485545] ? sendmsg_copy_msghdr+0x160/0x160 [ 2710.486033] ? __fget_files+0x26d/0x4c0 [ 2710.486465] ? lock_downgrade+0x6d0/0x6d0 [ 2710.486905] ? find_held_lock+0x2c/0x110 [ 2710.487351] ? __fget_files+0x296/0x4c0 [ 2710.487791] ? __fget_light+0xea/0x290 [ 2710.488226] __sys_sendmsg+0xe5/0x1b0 [ 2710.488628] ? __sys_sendmsg_sock+0x40/0x40 [ 2710.489075] ? rcu_read_lock_any_held+0x75/0xa0 [ 2710.489557] ? fput_many+0x2f/0x1a0 [ 2710.489924] ? ksys_write+0x1a9/0x260 [ 2710.490315] ? __ia32_sys_read+0xb0/0xb0 [ 2710.490766] do_syscall_64+0x33/0x40 [ 2710.491158] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2710.491687] RIP: 0033:0x7f72473f4b19 [ 2710.492077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2710.493893] RSP: 002b:00007f724496a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2710.494690] RAX: ffffffffffffffda RBX: 00007f7247507f60 RCX: 00007f72473f4b19 [ 2710.495412] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2710.496141] RBP: 00007f724496a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2710.496867] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2710.497585] R13: 00007fff0764456f R14: 00007f724496a300 R15: 0000000000022000 [ 2710.620621] FAULT_INJECTION: forcing a failure. [ 2710.620621] name failslab, interval 1, probability 0, space 0, times 0 [ 2710.622796] CPU: 0 PID: 16038 Comm: syz-executor.6 Not tainted 5.10.210 #1 [ 2710.623883] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2710.625274] Call Trace: [ 2710.625719] dump_stack+0x107/0x167 [ 2710.626347] should_fail.cold+0x5/0xa [ 2710.626996] ? create_object.isra.0+0x3a/0xa20 [ 2710.627753] should_failslab+0x5/0x20 [ 2710.628382] kmem_cache_alloc+0x5b/0x310 [ 2710.629073] create_object.isra.0+0x3a/0xa20 [ 2710.629823] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2710.630683] __kmalloc+0x16e/0x390 [ 2710.631292] inotify_handle_inode_event+0x1b4/0x5d0 [ 2710.632132] ? idr_callback+0x80/0x80 [ 2710.632761] fsnotify_handle_inode_event.isra.0+0x1bb/0x270 [ 2710.633781] fsnotify+0xcd0/0xf50 [ 2710.634415] ? fsnotify_first_mark+0x240/0x240 [ 2710.635196] ? lock_downgrade+0x6d0/0x6d0 [ 2710.635903] ? memcpy+0x39/0x60 [ 2710.636474] __fsnotify_parent+0x468/0x9d0 [ 2710.637217] ? fsnotify+0xf50/0xf50 [ 2710.637829] ? fsnotify+0xf50/0xf50 [ 2710.638465] ? _cond_resched+0x12/0x80 [ 2710.639111] ? inode_security+0x107/0x140 [ 2710.639795] ? avc_policy_seqno+0x9/0x70 [ 2710.640477] io_req_io_end+0x26d/0x490 [ 2710.641131] kiocb_done+0x320/0xc90 [ 2710.641761] ? ext4_file_read_iter+0x18c/0x4c0 [ 2710.642537] io_read+0x4cf/0x11e0 [ 2710.643152] ? kiocb_done+0xc90/0xc90 [ 2710.643798] ? perf_event_switch_output+0x7d0/0x7d0 [ 2710.644610] ? perf_trace_run_bpf_submit+0xf5/0x190 [ 2710.645484] ? __lockdep_reset_lock+0x180/0x180 [ 2710.646279] ? lock_acquire+0x197/0x470 [ 2710.646984] io_issue_sqe+0x2e8a/0x7700 [ 2710.647732] ? perf_trace_lock+0x2bd/0x490 [ 2710.648562] ? SOFTIRQ_verbose+0x10/0x10 [ 2710.649414] ? __lockdep_reset_lock+0x180/0x180 [ 2710.650369] ? perf_trace_lock+0x2bd/0x490 [ 2710.651234] ? io_connect+0x610/0x610 [ 2710.652035] ? lock_acquire+0x197/0x470 [ 2710.652847] ? find_held_lock+0x2c/0x110 [ 2710.653710] ? __fget_files+0x26d/0x4c0 [ 2710.654545] ? lock_downgrade+0x6d0/0x6d0 [ 2710.655421] __io_queue_sqe+0x90/0x9d0 [ 2710.656252] ? io_issue_sqe+0x7700/0x7700 [ 2710.657137] ? io_prep_rw+0x7f5/0x1050 [ 2710.657975] io_submit_sqes+0x4461/0x85c0 [ 2710.658970] ? __do_sys_io_uring_enter+0x6b5/0x1920 [ 2710.659992] __do_sys_io_uring_enter+0x6b5/0x1920 [ 2710.661004] ? lock_downgrade+0x6d0/0x6d0 [ 2710.661857] ? find_held_lock+0x2c/0x110 [ 2710.662743] ? io_submit_sqes+0x85c0/0x85c0 [ 2710.663672] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2710.664683] ? wait_for_completion_io+0x270/0x270 [ 2710.665685] ? rcu_read_lock_any_held+0x75/0xa0 [ 2710.666647] ? vfs_write+0x354/0xa70 [ 2710.667431] ? fput_many+0x2f/0x1a0 [ 2710.668187] ? ksys_write+0x1a9/0x260 [ 2710.668978] ? __ia32_sys_read+0xb0/0xb0 [ 2710.669846] do_syscall_64+0x33/0x40 [ 2710.670623] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2710.671656] RIP: 0033:0x7fc0adb05b19 [ 2710.672427] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2710.676069] RSP: 002b:00007fc0ab07b188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2710.677610] RAX: ffffffffffffffda RBX: 00007fc0adc18f60 RCX: 00007fc0adb05b19 [ 2710.679051] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000006 [ 2710.680496] RBP: 00007fc0ab07b1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2710.681942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2710.683395] R13: 00007ffd17b2fdcf R14: 00007fc0ab07b300 R15: 0000000000022000 05:12:46 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 2) 05:12:46 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:12:46 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x74000000) 05:12:46 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:12:46 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:12:46 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:12:46 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x60000, 0x80) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) [ 2710.834185] FAULT_INJECTION: forcing a failure. [ 2710.834185] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2710.835481] CPU: 0 PID: 16056 Comm: syz-executor.2 Not tainted 5.10.210 #1 [ 2710.836195] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2710.837052] Call Trace: [ 2710.837346] dump_stack+0x107/0x167 [ 2710.837740] should_fail.cold+0x5/0xa [ 2710.838157] _copy_from_user+0x2e/0x1b0 [ 2710.838593] iovec_from_user+0x141/0x400 [ 2710.839036] __import_iovec+0x67/0x590 [ 2710.839438] ? __ia32_sys_shutdown+0x80/0x80 [ 2710.839918] import_iovec+0x83/0xb0 [ 2710.840323] sendmsg_copy_msghdr+0x131/0x160 [ 2710.840785] ? do_recvmmsg+0x6d0/0x6d0 [ 2710.841206] ? perf_trace_lock+0x2bd/0x490 [ 2710.841679] ? __lockdep_reset_lock+0x180/0x180 [ 2710.842178] ___sys_sendmsg+0xc6/0x170 [ 2710.842605] ? sendmsg_copy_msghdr+0x160/0x160 [ 2710.843099] ? __fget_files+0x26d/0x4c0 [ 2710.843512] ? lock_downgrade+0x6d0/0x6d0 [ 2710.843952] ? find_held_lock+0x2c/0x110 [ 2710.844403] ? __fget_files+0x296/0x4c0 [ 2710.844842] ? __fget_light+0xea/0x290 [ 2710.845266] __sys_sendmsg+0xe5/0x1b0 [ 2710.845668] ? __sys_sendmsg_sock+0x40/0x40 [ 2710.846059] ? rcu_read_lock_any_held+0x75/0xa0 [ 2710.846550] ? fput_many+0x2f/0x1a0 [ 2710.846938] ? ksys_write+0x1a9/0x260 [ 2710.847371] do_syscall_64+0x33/0x40 [ 2710.847760] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2710.848293] RIP: 0033:0x7f72473f4b19 [ 2710.848680] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2710.850461] RSP: 002b:00007f724496a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2710.851210] RAX: ffffffffffffffda RBX: 00007f7247507f60 RCX: 00007f72473f4b19 [ 2710.851929] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2710.852651] RBP: 00007f724496a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2710.853384] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2710.854113] R13: 00007fff0764456f R14: 00007f724496a300 R15: 0000000000022000 05:12:46 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x7a000000) 05:12:46 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13ba3, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:13:03 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x2000, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:13:03 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13ba4, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:13:03 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 95) 05:13:03 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:13:03 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0xf5ffffff) 05:13:03 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:13:03 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 3) 05:13:03 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x80) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) [ 2727.619437] FAULT_INJECTION: forcing a failure. [ 2727.619437] name failslab, interval 1, probability 0, space 0, times 0 [ 2727.620500] CPU: 1 PID: 16113 Comm: syz-executor.2 Not tainted 5.10.210 #1 [ 2727.621085] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2727.621771] Call Trace: [ 2727.622003] dump_stack+0x107/0x167 [ 2727.622302] should_fail.cold+0x5/0xa [ 2727.622647] ? __alloc_skb+0x6d/0x5b0 [ 2727.622958] ? __alloc_skb+0x6d/0x5b0 [ 2727.623278] should_failslab+0x5/0x20 [ 2727.623599] kmem_cache_alloc_node+0x55/0x330 [ 2727.623969] __alloc_skb+0x6d/0x5b0 [ 2727.624279] netlink_sendmsg+0x998/0xdf0 [ 2727.624622] ? netlink_unicast+0x7f0/0x7f0 [ 2727.624986] ? netlink_unicast+0x7f0/0x7f0 [ 2727.625344] __sock_sendmsg+0x154/0x190 [ 2727.625671] ____sys_sendmsg+0x70d/0x870 [ 2727.626006] ? sock_write_iter+0x3d0/0x3d0 [ 2727.626349] ? do_recvmmsg+0x6d0/0x6d0 [ 2727.626685] ? perf_trace_lock+0xac/0x490 [ 2727.627032] ? __lockdep_reset_lock+0x180/0x180 [ 2727.627417] ? perf_trace_lock+0xac/0x490 [ 2727.627761] ? SOFTIRQ_verbose+0x10/0x10 [ 2727.628103] ___sys_sendmsg+0xf3/0x170 [ 2727.628423] ? sendmsg_copy_msghdr+0x160/0x160 [ 2727.628804] ? lock_downgrade+0x6d0/0x6d0 [ 2727.629152] ? find_held_lock+0x2c/0x110 [ 2727.629503] ? __fget_files+0x296/0x4c0 [ 2727.629848] ? __fget_light+0xea/0x290 [ 2727.630175] __sys_sendmsg+0xe5/0x1b0 [ 2727.630499] ? __sys_sendmsg_sock+0x40/0x40 [ 2727.630876] ? rcu_read_lock_any_held+0x75/0xa0 [ 2727.631293] do_syscall_64+0x33/0x40 [ 2727.631610] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2727.632032] RIP: 0033:0x7f72473f4b19 [ 2727.632338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2727.633823] RSP: 002b:00007f724496a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2727.634456] RAX: ffffffffffffffda RBX: 00007f7247507f60 RCX: 00007f72473f4b19 [ 2727.635054] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2727.635643] RBP: 00007f724496a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2727.636240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2727.636830] R13: 00007fff0764456f R14: 00007f724496a300 R15: 0000000000022000 05:13:03 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0xfeffffff) 05:13:03 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 4) [ 2727.761675] FAULT_INJECTION: forcing a failure. [ 2727.761675] name failslab, interval 1, probability 0, space 0, times 0 [ 2727.762704] CPU: 1 PID: 16129 Comm: syz-executor.2 Not tainted 5.10.210 #1 [ 2727.763294] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2727.763971] Call Trace: [ 2727.764199] dump_stack+0x107/0x167 [ 2727.764506] should_fail.cold+0x5/0xa [ 2727.764825] ? create_object.isra.0+0x3a/0xa20 [ 2727.765213] should_failslab+0x5/0x20 [ 2727.765532] kmem_cache_alloc+0x5b/0x310 [ 2727.765869] create_object.isra.0+0x3a/0xa20 [ 2727.766234] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2727.766662] kmem_cache_alloc_node+0x169/0x330 [ 2727.767042] __alloc_skb+0x6d/0x5b0 [ 2727.767349] netlink_sendmsg+0x998/0xdf0 [ 2727.767686] ? netlink_unicast+0x7f0/0x7f0 [ 2727.768043] ? netlink_unicast+0x7f0/0x7f0 [ 2727.768396] __sock_sendmsg+0x154/0x190 [ 2727.768722] ____sys_sendmsg+0x70d/0x870 [ 2727.769069] ? sock_write_iter+0x3d0/0x3d0 [ 2727.769423] ? do_recvmmsg+0x6d0/0x6d0 [ 2727.769747] ? perf_trace_lock+0xac/0x490 [ 2727.770100] ? __lockdep_reset_lock+0x180/0x180 [ 2727.770513] ? perf_trace_lock+0xac/0x490 [ 2727.770854] ? SOFTIRQ_verbose+0x10/0x10 [ 2727.771190] ___sys_sendmsg+0xf3/0x170 [ 2727.771519] ? sendmsg_copy_msghdr+0x160/0x160 [ 2727.771903] ? lock_downgrade+0x6d0/0x6d0 [ 2727.772250] ? find_held_lock+0x2c/0x110 [ 2727.772594] ? __fget_files+0x296/0x4c0 [ 2727.772934] ? __fget_light+0xea/0x290 [ 2727.773272] __sys_sendmsg+0xe5/0x1b0 [ 2727.773588] ? __sys_sendmsg_sock+0x40/0x40 [ 2727.773953] ? rcu_read_lock_any_held+0x75/0xa0 [ 2727.774356] do_syscall_64+0x33/0x40 [ 2727.774680] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2727.775105] RIP: 0033:0x7f72473f4b19 [ 2727.775413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2727.776905] RSP: 002b:00007f724496a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2727.777543] RAX: ffffffffffffffda RBX: 00007f7247507f60 RCX: 00007f72473f4b19 [ 2727.778137] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2727.778752] RBP: 00007f724496a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2727.779344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2727.779940] R13: 00007fff0764456f R14: 00007f724496a300 R15: 0000000000022000 05:13:03 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x5}, 0x0) [ 2727.803431] FAULT_INJECTION: forcing a failure. [ 2727.803431] name failslab, interval 1, probability 0, space 0, times 0 [ 2727.804455] CPU: 1 PID: 16124 Comm: syz-executor.6 Not tainted 5.10.210 #1 [ 2727.804999] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2727.805753] Call Trace: [ 2727.806026] dump_stack+0x107/0x167 [ 2727.806368] should_fail.cold+0x5/0xa [ 2727.806739] ? inotify_handle_inode_event+0x1b4/0x5d0 [ 2727.807186] should_failslab+0x5/0x20 [ 2727.807487] __kmalloc+0x72/0x390 [ 2727.807762] inotify_handle_inode_event+0x1b4/0x5d0 [ 2727.808154] ? idr_callback+0x80/0x80 [ 2727.808450] fsnotify_handle_inode_event.isra.0+0x1bb/0x270 [ 2727.808897] fsnotify+0xcd0/0xf50 [ 2727.809174] ? fsnotify_first_mark+0x240/0x240 [ 2727.809534] ? lock_downgrade+0x6d0/0x6d0 [ 2727.809866] ? memcpy+0x39/0x60 [ 2727.810132] __fsnotify_parent+0x468/0x9d0 [ 2727.810471] ? fsnotify+0xf50/0xf50 [ 2727.810760] ? fsnotify+0xf50/0xf50 [ 2727.811050] ? _cond_resched+0x12/0x80 [ 2727.811346] ? inode_security+0x107/0x140 [ 2727.811675] ? avc_policy_seqno+0x9/0x70 [ 2727.812001] io_req_io_end+0x26d/0x490 [ 2727.812298] kiocb_done+0x320/0xc90 [ 2727.812584] ? ext4_file_read_iter+0x18c/0x4c0 [ 2727.812944] io_read+0x4cf/0x11e0 [ 2727.813223] ? kiocb_done+0xc90/0xc90 [ 2727.813538] ? __lockdep_reset_lock+0x180/0x180 [ 2727.813905] ? lock_acquire+0x197/0x470 [ 2727.814219] ? __lock_acquire+0xbb1/0x5b00 [ 2727.814565] io_issue_sqe+0x2e8a/0x7700 [ 2727.814876] ? perf_trace_lock+0xac/0x490 [ 2727.815195] ? SOFTIRQ_verbose+0x10/0x10 [ 2727.815511] ? __lockdep_reset_lock+0x180/0x180 [ 2727.815873] ? io_connect+0x610/0x610 [ 2727.816169] ? lock_acquire+0x197/0x470 [ 2727.816468] ? find_held_lock+0x2c/0x110 [ 2727.816790] ? __fget_files+0x26d/0x4c0 [ 2727.817097] ? lock_downgrade+0x6d0/0x6d0 [ 2727.817426] __io_queue_sqe+0x90/0x9d0 [ 2727.817734] ? io_issue_sqe+0x7700/0x7700 [ 2727.818070] ? io_prep_rw+0x7f5/0x1050 [ 2727.818379] io_submit_sqes+0x4461/0x85c0 [ 2727.818733] ? __do_sys_io_uring_enter+0x6b5/0x1920 [ 2727.819110] __do_sys_io_uring_enter+0x6b5/0x1920 [ 2727.819473] ? lock_downgrade+0x6d0/0x6d0 [ 2727.819794] ? find_held_lock+0x2c/0x110 [ 2727.820114] ? io_submit_sqes+0x85c0/0x85c0 [ 2727.820455] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2727.820833] ? wait_for_completion_io+0x270/0x270 [ 2727.821211] ? rcu_read_lock_any_held+0x75/0xa0 [ 2727.821570] ? vfs_write+0x354/0xa70 [ 2727.821896] ? fput_many+0x2f/0x1a0 [ 2727.822257] ? ksys_write+0x1a9/0x260 [ 2727.822639] ? __ia32_sys_read+0xb0/0xb0 [ 2727.823054] do_syscall_64+0x33/0x40 [ 2727.823416] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2727.823815] RIP: 0033:0x7fc0adb05b19 [ 2727.824114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2727.825531] RSP: 002b:00007fc0ab07b188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2727.826121] RAX: ffffffffffffffda RBX: 00007fc0adc18f60 RCX: 00007fc0adb05b19 [ 2727.826678] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000006 [ 2727.827228] RBP: 00007fc0ab07b1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2727.827809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2727.828489] R13: 00007ffd17b2fdcf R14: 00007fc0ab07b300 R15: 0000000000022000 05:13:03 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 96) 05:13:03 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0xfffffff5) 05:13:03 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, 0x0, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) [ 2727.949320] FAULT_INJECTION: forcing a failure. [ 2727.949320] name failslab, interval 1, probability 0, space 0, times 0 [ 2727.950473] CPU: 1 PID: 16137 Comm: syz-executor.6 Not tainted 5.10.210 #1 [ 2727.951075] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2727.951837] Call Trace: [ 2727.952102] dump_stack+0x107/0x167 [ 2727.952471] should_fail.cold+0x5/0xa [ 2727.952862] ? create_object.isra.0+0x3a/0xa20 [ 2727.953333] should_failslab+0x5/0x20 [ 2727.953715] kmem_cache_alloc+0x5b/0x310 [ 2727.954110] create_object.isra.0+0x3a/0xa20 [ 2727.954558] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2727.955086] __kmalloc+0x16e/0x390 [ 2727.955467] inotify_handle_inode_event+0x1b4/0x5d0 [ 2727.955993] ? idr_callback+0x80/0x80 [ 2727.956389] fsnotify_handle_inode_event.isra.0+0x1bb/0x270 [ 2727.956972] fsnotify+0xcd0/0xf50 [ 2727.957329] ? fsnotify_first_mark+0x240/0x240 [ 2727.957802] ? lock_downgrade+0x6d0/0x6d0 [ 2727.958240] ? memcpy+0x39/0x60 [ 2727.958607] __fsnotify_parent+0x468/0x9d0 [ 2727.959054] ? fsnotify+0xf50/0xf50 [ 2727.959436] ? fsnotify+0xf50/0xf50 [ 2727.959816] ? _cond_resched+0x12/0x80 [ 2727.960226] ? inode_security+0x107/0x140 [ 2727.960655] ? avc_policy_seqno+0x9/0x70 [ 2727.961086] io_req_io_end+0x26d/0x490 [ 2727.961504] kiocb_done+0x320/0xc90 [ 2727.961878] ? ext4_file_read_iter+0x18c/0x4c0 [ 2727.962352] io_read+0x4cf/0x11e0 [ 2727.962742] ? kiocb_done+0xc90/0xc90 [ 2727.963156] ? __lockdep_reset_lock+0x180/0x180 [ 2727.963629] ? lock_acquire+0x197/0x470 [ 2727.964053] ? __lock_acquire+0xbb1/0x5b00 [ 2727.964497] io_issue_sqe+0x2e8a/0x7700 [ 2727.964910] ? perf_trace_lock+0xac/0x490 [ 2727.965338] ? SOFTIRQ_verbose+0x10/0x10 [ 2727.965765] ? __lockdep_reset_lock+0x180/0x180 [ 2727.966242] ? io_connect+0x610/0x610 [ 2727.966642] ? lock_acquire+0x197/0x470 [ 2727.967031] ? find_held_lock+0x2c/0x110 [ 2727.967444] ? __fget_files+0x26d/0x4c0 [ 2727.967848] ? lock_downgrade+0x6d0/0x6d0 [ 2727.968291] __io_queue_sqe+0x90/0x9d0 [ 2727.968686] ? io_issue_sqe+0x7700/0x7700 [ 2727.969120] ? io_prep_rw+0x7f5/0x1050 [ 2727.969530] io_submit_sqes+0x4461/0x85c0 [ 2727.970001] ? __do_sys_io_uring_enter+0x6b5/0x1920 [ 2727.970511] __do_sys_io_uring_enter+0x6b5/0x1920 [ 2727.970991] ? lock_downgrade+0x6d0/0x6d0 [ 2727.971412] ? find_held_lock+0x2c/0x110 [ 2727.971841] ? io_submit_sqes+0x85c0/0x85c0 [ 2727.972292] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2727.972768] ? wait_for_completion_io+0x270/0x270 [ 2727.973255] ? rcu_read_lock_any_held+0x75/0xa0 [ 2727.973733] ? vfs_write+0x354/0xa70 [ 2727.974115] ? fput_many+0x2f/0x1a0 [ 2727.974493] ? ksys_write+0x1a9/0x260 [ 2727.974862] ? __ia32_sys_read+0xb0/0xb0 [ 2727.975223] do_syscall_64+0x33/0x40 [ 2727.975545] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2727.976062] RIP: 0033:0x7fc0adb05b19 [ 2727.976445] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2727.978247] RSP: 002b:00007fc0ab07b188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2727.978883] RAX: ffffffffffffffda RBX: 00007fc0adc18f60 RCX: 00007fc0adb05b19 [ 2727.979461] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000006 [ 2727.980036] RBP: 00007fc0ab07b1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2727.980604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2727.981183] R13: 00007ffd17b2fdcf R14: 00007fc0ab07b300 R15: 0000000000022000 05:13:03 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 5) [ 2728.100396] FAULT_INJECTION: forcing a failure. [ 2728.100396] name failslab, interval 1, probability 0, space 0, times 0 [ 2728.102170] CPU: 0 PID: 16144 Comm: syz-executor.2 Not tainted 5.10.210 #1 [ 2728.103179] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2728.104365] Call Trace: [ 2728.104764] dump_stack+0x107/0x167 [ 2728.105305] should_fail.cold+0x5/0xa [ 2728.105882] should_failslab+0x5/0x20 [ 2728.106453] __kmalloc_node_track_caller+0x74/0x3b0 [ 2728.107357] ? netlink_sendmsg+0x998/0xdf0 [ 2728.108161] __alloc_skb+0xb1/0x5b0 [ 2728.108818] netlink_sendmsg+0x998/0xdf0 [ 2728.109551] ? netlink_unicast+0x7f0/0x7f0 [ 2728.110347] ? netlink_unicast+0x7f0/0x7f0 [ 2728.111169] __sock_sendmsg+0x154/0x190 [ 2728.111908] ____sys_sendmsg+0x70d/0x870 [ 2728.112657] ? sock_write_iter+0x3d0/0x3d0 [ 2728.113448] ? do_recvmmsg+0x6d0/0x6d0 [ 2728.114103] ? perf_trace_lock+0x2bd/0x490 [ 2728.114756] ? __lockdep_reset_lock+0x180/0x180 [ 2728.115455] ___sys_sendmsg+0xf3/0x170 [ 2728.116034] ? sendmsg_copy_msghdr+0x160/0x160 [ 2728.116726] ? lock_downgrade+0x6d0/0x6d0 [ 2728.117345] ? find_held_lock+0x2c/0x110 [ 2728.117965] ? __fget_files+0x296/0x4c0 [ 2728.118583] ? __fget_light+0xea/0x290 [ 2728.119176] __sys_sendmsg+0xe5/0x1b0 [ 2728.119738] ? __sys_sendmsg_sock+0x40/0x40 [ 2728.120373] ? rcu_read_lock_any_held+0x75/0xa0 [ 2728.121118] do_syscall_64+0x33/0x40 [ 2728.121666] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2728.122409] RIP: 0033:0x7f72473f4b19 [ 2728.122969] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2728.125605] RSP: 002b:00007f724496a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2728.126713] RAX: ffffffffffffffda RBX: 00007f7247507f60 RCX: 00007f72473f4b19 [ 2728.127742] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2728.128770] RBP: 00007f724496a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2728.130006] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2728.131052] R13: 00007fff0764456f R14: 00007f724496a300 R15: 0000000000022000 05:13:23 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 6) 05:13:23 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 97) 05:13:23 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x80) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 05:13:23 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x2403, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) [ 2747.130282] FAULT_INJECTION: forcing a failure. [ 2747.130282] name failslab, interval 1, probability 0, space 0, times 0 [ 2747.131486] CPU: 0 PID: 16180 Comm: syz-executor.2 Not tainted 5.10.210 #1 [ 2747.132193] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2747.133015] Call Trace: [ 2747.133298] dump_stack+0x107/0x167 [ 2747.133679] should_fail.cold+0x5/0xa [ 2747.134093] should_failslab+0x5/0x20 [ 2747.134492] __kmalloc_node_track_caller+0x74/0x3b0 [ 2747.135013] ? netlink_sendmsg+0x998/0xdf0 [ 2747.135462] __alloc_skb+0xb1/0x5b0 [ 2747.135848] netlink_sendmsg+0x998/0xdf0 [ 2747.136283] ? netlink_unicast+0x7f0/0x7f0 [ 2747.136751] ? netlink_unicast+0x7f0/0x7f0 [ 2747.137202] __sock_sendmsg+0x154/0x190 [ 2747.137613] ____sys_sendmsg+0x70d/0x870 [ 2747.138056] ? sock_write_iter+0x3d0/0x3d0 [ 2747.138477] ? do_recvmmsg+0x6d0/0x6d0 [ 2747.138898] ? perf_trace_lock+0x2bd/0x490 [ 2747.139349] ? __lockdep_reset_lock+0x180/0x180 [ 2747.139856] ___sys_sendmsg+0xf3/0x170 [ 2747.140254] ? sendmsg_copy_msghdr+0x160/0x160 [ 2747.140744] ? lock_downgrade+0x6d0/0x6d0 [ 2747.141173] ? find_held_lock+0x2c/0x110 [ 2747.141618] ? __fget_files+0x296/0x4c0 [ 2747.142052] ? __fget_light+0xea/0x290 [ 2747.142479] __sys_sendmsg+0xe5/0x1b0 [ 2747.142874] ? __sys_sendmsg_sock+0x40/0x40 05:13:23 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:13:23 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, 0x0, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:13:23 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0xfffffffe) 05:13:23 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13ba5, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) [ 2747.143282] ? rcu_read_lock_any_held+0x75/0xa0 [ 2747.143923] do_syscall_64+0x33/0x40 [ 2747.144317] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2747.144826] RIP: 0033:0x7f72473f4b19 [ 2747.145207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2747.147033] RSP: 002b:00007f724496a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2747.147791] RAX: ffffffffffffffda RBX: 00007f7247507f60 RCX: 00007f72473f4b19 [ 2747.148502] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2747.149217] RBP: 00007f724496a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2747.149942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2747.150659] R13: 00007fff0764456f R14: 00007f724496a300 R15: 0000000000022000 05:13:23 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, 0x0, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) [ 2747.194281] FAULT_INJECTION: forcing a failure. [ 2747.194281] name failslab, interval 1, probability 0, space 0, times 0 [ 2747.195394] CPU: 1 PID: 16186 Comm: syz-executor.6 Not tainted 5.10.210 #1 [ 2747.195970] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2747.196656] Call Trace: [ 2747.196882] dump_stack+0x107/0x167 [ 2747.197198] should_fail.cold+0x5/0xa [ 2747.197513] ? inotify_handle_inode_event+0x1b4/0x5d0 [ 2747.197952] should_failslab+0x5/0x20 [ 2747.198276] __kmalloc+0x72/0x390 [ 2747.198572] inotify_handle_inode_event+0x1b4/0x5d0 [ 2747.199005] ? idr_callback+0x80/0x80 [ 2747.199322] fsnotify_handle_inode_event.isra.0+0x1bb/0x270 [ 2747.199791] fsnotify+0xcd0/0xf50 [ 2747.200092] ? fsnotify_first_mark+0x240/0x240 [ 2747.200464] ? lock_downgrade+0x6d0/0x6d0 [ 2747.200815] ? memcpy+0x39/0x60 [ 2747.201101] __fsnotify_parent+0x468/0x9d0 [ 2747.201457] ? fsnotify+0xf50/0xf50 [ 2747.201753] ? fsnotify+0xf50/0xf50 [ 2747.202052] ? _cond_resched+0x5d/0x80 [ 2747.202381] ? inode_security+0x107/0x140 [ 2747.202729] ? avc_policy_seqno+0x9/0x70 [ 2747.203072] io_req_io_end+0x26d/0x490 [ 2747.203401] kiocb_done+0x320/0xc90 [ 2747.203703] ? ext4_file_read_iter+0x18c/0x4c0 [ 2747.204078] io_read+0x4cf/0x11e0 [ 2747.204377] ? kiocb_done+0xc90/0xc90 [ 2747.204703] ? mark_lock+0xf5/0x2df0 [ 2747.205027] ? lock_chain_count+0x20/0x20 [ 2747.205362] ? __lockdep_reset_lock+0x180/0x180 [ 2747.205756] ? lock_acquire+0x197/0x470 [ 2747.206092] ? __lock_acquire+0xbb1/0x5b00 [ 2747.206448] io_issue_sqe+0x2e8a/0x7700 [ 2747.206794] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2747.207232] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2747.207666] ? trace_hardirqs_on+0x5b/0x180 [ 2747.208029] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2747.208461] ? io_connect+0x610/0x610 [ 2747.208784] ? lock_release+0x3b4/0x680 [ 2747.209110] ? __fget_files+0x26d/0x4c0 [ 2747.209438] ? lock_downgrade+0x6d0/0x6d0 [ 2747.209794] __io_queue_sqe+0x90/0x9d0 [ 2747.210135] ? io_issue_sqe+0x7700/0x7700 [ 2747.210486] ? io_prep_rw+0x7f5/0x1050 [ 2747.210829] io_submit_sqes+0x4461/0x85c0 [ 2747.211212] ? __do_sys_io_uring_enter+0x6b5/0x1920 [ 2747.211626] __do_sys_io_uring_enter+0x6b5/0x1920 [ 2747.212030] ? lock_downgrade+0x6d0/0x6d0 [ 2747.212365] ? find_held_lock+0x2c/0x110 [ 2747.212708] ? io_submit_sqes+0x85c0/0x85c0 [ 2747.213084] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2747.213489] ? wait_for_completion_io+0x270/0x270 [ 2747.213886] ? rcu_read_lock_any_held+0x75/0xa0 [ 2747.214267] ? vfs_write+0x354/0xa70 [ 2747.214572] ? fput_many+0x2f/0x1a0 [ 2747.214874] ? ksys_write+0x1a9/0x260 [ 2747.215196] ? __ia32_sys_read+0xb0/0xb0 [ 2747.215556] do_syscall_64+0x33/0x40 [ 2747.215874] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2747.216297] RIP: 0033:0x7fc0adb05b19 [ 2747.216600] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2747.218089] RSP: 002b:00007fc0ab07b188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2747.218713] RAX: ffffffffffffffda RBX: 00007fc0adc18f60 RCX: 00007fc0adb05b19 [ 2747.219300] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000006 [ 2747.219883] RBP: 00007fc0ab07b1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2747.220453] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2747.221025] R13: 00007ffd17b2fdcf R14: 00007fc0ab07b300 R15: 0000000000022000 05:13:23 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 7) 05:13:23 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 98) 05:13:23 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0) read(r0, &(0x7f0000000000), 0x2000) close(r0) setsockopt$inet6_udp_int(r0, 0x11, 0x0, &(0x7f0000000000)=0x81, 0x4) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r1, &(0x7f0000000280), 0x0, 0x1, 0x0) 05:13:23 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x0, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:13:23 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, 0x0, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) [ 2747.446776] FAULT_INJECTION: forcing a failure. [ 2747.446776] name failslab, interval 1, probability 0, space 0, times 0 05:13:23 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0) r1 = openat$urandom(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) read(r1, &(0x7f0000000000), 0x2000) close(r1) r2 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read(r2, &(0x7f0000000000), 0x2000) close(r2) r3 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read(r3, &(0x7f0000000000), 0x2000) close(r3) sendfile(r3, r1, &(0x7f0000000200)=0x100000001, 0x100) read(r0, &(0x7f0000000000), 0x2000) close(r0) close(0xffffffffffffffff) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r0, {0xfff}}, './file0\x00'}) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_ADD_TX_TS(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x48, r4, 0x8, 0x70bd2a, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x3f, 0x55}}}}, [@NL80211_ATTR_TSID={0x5, 0xd2, 0x7}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_USER_PRIO={0x5}, @NL80211_ATTR_MAC={0xa}]}, 0x48}, 0x1, 0x0, 0x0, 0x2040000}, 0x4010) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r5, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) fsync(r5) [ 2747.448538] CPU: 0 PID: 16201 Comm: syz-executor.6 Not tainted 5.10.210 #1 [ 2747.449260] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2747.450099] Call Trace: [ 2747.450385] dump_stack+0x107/0x167 [ 2747.450792] should_fail.cold+0x5/0xa [ 2747.451192] ? create_object.isra.0+0x3a/0xa20 [ 2747.451670] should_failslab+0x5/0x20 [ 2747.452067] kmem_cache_alloc+0x5b/0x310 [ 2747.452493] create_object.isra.0+0x3a/0xa20 [ 2747.452952] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2747.453479] __kmalloc+0x16e/0x390 [ 2747.453879] inotify_handle_inode_event+0x1b4/0x5d0 [ 2747.454407] ? idr_callback+0x80/0x80 [ 2747.454819] fsnotify_handle_inode_event.isra.0+0x1bb/0x270 [ 2747.455407] fsnotify+0xcd0/0xf50 [ 2747.455801] ? fsnotify_first_mark+0x240/0x240 [ 2747.456278] ? lock_downgrade+0x6d0/0x6d0 [ 2747.456724] ? memcpy+0x39/0x60 [ 2747.457092] __fsnotify_parent+0x468/0x9d0 [ 2747.457550] ? fsnotify+0xf50/0xf50 [ 2747.457917] ? fsnotify+0xf50/0xf50 [ 2747.458301] ? _cond_resched+0x12/0x80 [ 2747.458680] ? inode_security+0x107/0x140 [ 2747.459124] ? avc_policy_seqno+0x9/0x70 [ 2747.459556] io_req_io_end+0x26d/0x490 [ 2747.459982] kiocb_done+0x320/0xc90 [ 2747.460378] ? ext4_file_read_iter+0x18c/0x4c0 [ 2747.460859] io_read+0x4cf/0x11e0 [ 2747.461264] ? kiocb_done+0xc90/0xc90 [ 2747.461672] ? perf_event_switch_output+0x7d0/0x7d0 [ 2747.462188] ? perf_trace_run_bpf_submit+0xf5/0x190 [ 2747.462779] ? __lockdep_reset_lock+0x180/0x180 [ 2747.463283] ? lock_acquire+0x197/0x470 [ 2747.463733] io_issue_sqe+0x2e8a/0x7700 [ 2747.464159] ? perf_trace_lock+0x2bd/0x490 [ 2747.464617] ? SOFTIRQ_verbose+0x10/0x10 [ 2747.465055] ? __lockdep_reset_lock+0x180/0x180 [ 2747.465544] ? perf_trace_lock+0x2bd/0x490 [ 2747.465988] ? io_connect+0x610/0x610 [ 2747.466400] ? lock_acquire+0x197/0x470 [ 2747.466824] ? find_held_lock+0x2c/0x110 [ 2747.467267] ? __fget_files+0x26d/0x4c0 [ 2747.467687] ? lock_downgrade+0x6d0/0x6d0 [ 2747.468147] __io_queue_sqe+0x90/0x9d0 [ 2747.468574] ? io_issue_sqe+0x7700/0x7700 [ 2747.469027] ? io_prep_rw+0x7f5/0x1050 [ 2747.469468] io_submit_sqes+0x4461/0x85c0 [ 2747.469960] ? __do_sys_io_uring_enter+0x6b5/0x1920 [ 2747.470486] __do_sys_io_uring_enter+0x6b5/0x1920 [ 2747.471022] ? lock_downgrade+0x6d0/0x6d0 [ 2747.471459] ? find_held_lock+0x2c/0x110 [ 2747.471890] ? io_submit_sqes+0x85c0/0x85c0 [ 2747.472370] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2747.472885] ? wait_for_completion_io+0x270/0x270 [ 2747.473400] ? rcu_read_lock_any_held+0x75/0xa0 [ 2747.473889] ? vfs_write+0x354/0xa70 [ 2747.474285] ? fput_many+0x2f/0x1a0 [ 2747.474683] ? ksys_write+0x1a9/0x260 [ 2747.475088] ? __ia32_sys_read+0xb0/0xb0 [ 2747.475543] do_syscall_64+0x33/0x40 [ 2747.475932] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2747.476467] RIP: 0033:0x7fc0adb05b19 [ 2747.476855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2747.478703] RSP: 002b:00007fc0ab07b188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2747.479336] RAX: ffffffffffffffda RBX: 00007fc0adc18f60 RCX: 00007fc0adb05b19 [ 2747.479908] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000006 [ 2747.480495] RBP: 00007fc0ab07b1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2747.481069] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2747.481636] R13: 00007ffd17b2fdcf R14: 00007fc0ab07b300 R15: 0000000000022000 [ 2747.497581] FAULT_INJECTION: forcing a failure. [ 2747.497581] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2747.498905] CPU: 1 PID: 16209 Comm: syz-executor.2 Not tainted 5.10.210 #1 [ 2747.499628] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2747.500475] Call Trace: [ 2747.500761] dump_stack+0x107/0x167 [ 2747.501163] should_fail.cold+0x5/0xa [ 2747.501590] _copy_from_iter_full+0x201/0xa60 [ 2747.502078] ? __virt_addr_valid+0x170/0x5c0 [ 2747.502556] ? __check_object_size+0x319/0x440 [ 2747.503076] netlink_sendmsg+0x879/0xdf0 [ 2747.503516] ? netlink_unicast+0x7f0/0x7f0 [ 2747.503996] ? netlink_unicast+0x7f0/0x7f0 [ 2747.504453] __sock_sendmsg+0x154/0x190 [ 2747.504890] ____sys_sendmsg+0x70d/0x870 [ 2747.505330] ? sock_write_iter+0x3d0/0x3d0 [ 2747.505780] ? do_recvmmsg+0x6d0/0x6d0 [ 2747.506193] ? perf_trace_lock+0xac/0x490 [ 2747.506623] ? __lockdep_reset_lock+0x180/0x180 [ 2747.507126] ? perf_trace_lock+0xac/0x490 [ 2747.507572] ? SOFTIRQ_verbose+0x10/0x10 [ 2747.507997] ___sys_sendmsg+0xf3/0x170 [ 2747.508428] ? sendmsg_copy_msghdr+0x160/0x160 [ 2747.508930] ? lock_downgrade+0x6d0/0x6d0 [ 2747.509387] ? find_held_lock+0x2c/0x110 [ 2747.509836] ? __fget_files+0x296/0x4c0 [ 2747.510281] ? __fget_light+0xea/0x290 [ 2747.510727] __sys_sendmsg+0xe5/0x1b0 [ 2747.511147] ? __sys_sendmsg_sock+0x40/0x40 [ 2747.511607] ? rcu_read_lock_any_held+0x75/0xa0 [ 2747.512148] do_syscall_64+0x33/0x40 [ 2747.512549] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2747.513095] RIP: 0033:0x7f72473f4b19 [ 2747.513489] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2747.515428] RSP: 002b:00007f724496a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2747.516240] RAX: ffffffffffffffda RBX: 00007f7247507f60 RCX: 00007f72473f4b19 [ 2747.517005] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2747.517750] RBP: 00007f724496a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2747.518481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2747.519138] R13: 00007fff0764456f R14: 00007f724496a300 R15: 0000000000022000 05:13:23 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x3f00, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:13:23 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13ba6, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:13:23 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, 0x0, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:13:23 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 05:13:40 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x4000, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:13:40 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x0, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:13:40 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 05:13:40 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 99) 05:13:40 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, 0x0, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:13:40 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13ba7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:13:40 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 8) 05:13:40 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read(r1, &(0x7f0000000000), 0x2000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0) move_mount(r2, &(0x7f0000000100)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', 0x0) read(r2, &(0x7f0000000000), 0x2000) close(r2) ioctl$RNDGETENTCNT(r2, 0x80045200, &(0x7f00000000c0)) close(r1) ioctl$FS_IOC_GETVERSION(r1, 0x80087601, &(0x7f0000000000)) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) r3 = epoll_create(0x3) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r0, 0xc0189378, &(0x7f0000000180)={{0x1, 0x1, 0x18, r3, {r1}}, './file0\x00'}) [ 2764.419585] FAULT_INJECTION: forcing a failure. [ 2764.419585] name failslab, interval 1, probability 0, space 0, times 0 [ 2764.420710] CPU: 1 PID: 16277 Comm: syz-executor.6 Not tainted 5.10.210 #1 [ 2764.421293] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2764.421992] Call Trace: [ 2764.422221] dump_stack+0x107/0x167 [ 2764.422526] should_fail.cold+0x5/0xa [ 2764.422875] ? inotify_handle_inode_event+0x1b4/0x5d0 [ 2764.423311] should_failslab+0x5/0x20 [ 2764.423647] __kmalloc+0x72/0x390 [ 2764.423963] inotify_handle_inode_event+0x1b4/0x5d0 [ 2764.424387] ? idr_callback+0x80/0x80 [ 2764.424703] fsnotify_handle_inode_event.isra.0+0x1bb/0x270 [ 2764.425174] fsnotify+0xcd0/0xf50 [ 2764.425470] ? fsnotify_first_mark+0x240/0x240 [ 2764.425850] ? lock_downgrade+0x6d0/0x6d0 [ 2764.426196] ? memcpy+0x39/0x60 [ 2764.426476] __fsnotify_parent+0x468/0x9d0 [ 2764.426832] ? fsnotify+0xf50/0xf50 [ 2764.427143] ? fsnotify+0xf50/0xf50 [ 2764.427456] ? _cond_resched+0x12/0x80 [ 2764.427781] ? inode_security+0x107/0x140 [ 2764.428125] ? avc_policy_seqno+0x9/0x70 [ 2764.428474] io_req_io_end+0x26d/0x490 [ 2764.428796] kiocb_done+0x320/0xc90 [ 2764.429104] ? ext4_file_read_iter+0x18c/0x4c0 [ 2764.429482] io_read+0x4cf/0x11e0 [ 2764.429780] ? kiocb_done+0xc90/0xc90 [ 2764.430114] ? __lockdep_reset_lock+0x180/0x180 [ 2764.430502] ? lock_acquire+0x197/0x470 [ 2764.430833] ? __lock_acquire+0xbb1/0x5b00 [ 2764.431202] io_issue_sqe+0x2e8a/0x7700 [ 2764.431538] ? perf_trace_lock+0xac/0x490 [ 2764.431882] ? SOFTIRQ_verbose+0x10/0x10 [ 2764.432221] ? __lockdep_reset_lock+0x180/0x180 [ 2764.432608] ? io_connect+0x610/0x610 [ 2764.432929] ? lock_acquire+0x197/0x470 [ 2764.433255] ? find_held_lock+0x2c/0x110 [ 2764.433594] ? __fget_files+0x26d/0x4c0 [ 2764.433923] ? lock_downgrade+0x6d0/0x6d0 [ 2764.434271] __io_queue_sqe+0x90/0x9d0 [ 2764.434602] ? io_issue_sqe+0x7700/0x7700 [ 2764.434961] ? io_prep_rw+0x7f5/0x1050 [ 2764.435291] io_submit_sqes+0x4461/0x85c0 [ 2764.435663] ? __do_sys_io_uring_enter+0x6b5/0x1920 [ 2764.436078] __do_sys_io_uring_enter+0x6b5/0x1920 [ 2764.436491] ? lock_downgrade+0x6d0/0x6d0 [ 2764.436834] ? find_held_lock+0x2c/0x110 [ 2764.437177] ? io_submit_sqes+0x85c0/0x85c0 [ 2764.437542] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2764.437948] ? wait_for_completion_io+0x270/0x270 [ 2764.438347] ? rcu_read_lock_any_held+0x75/0xa0 [ 2764.438740] ? vfs_write+0x354/0xa70 [ 2764.439062] ? fput_many+0x2f/0x1a0 [ 2764.439366] ? ksys_write+0x1a9/0x260 [ 2764.439685] ? __ia32_sys_read+0xb0/0xb0 [ 2764.440037] do_syscall_64+0x33/0x40 [ 2764.440346] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2764.440768] RIP: 0033:0x7fc0adb05b19 [ 2764.441078] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2764.442588] RSP: 002b:00007fc0ab07b188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2764.443227] RAX: ffffffffffffffda RBX: 00007fc0adc18f60 RCX: 00007fc0adb05b19 [ 2764.443808] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000006 [ 2764.444389] RBP: 00007fc0ab07b1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2764.444970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2764.445545] R13: 00007ffd17b2fdcf R14: 00007fc0ab07b300 R15: 0000000000022000 05:13:40 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f00000000c0)=""/139, 0x8b}], 0x1, 0x1, 0xebd) [ 2764.449394] FAULT_INJECTION: forcing a failure. [ 2764.449394] name failslab, interval 1, probability 0, space 0, times 0 [ 2764.450631] CPU: 0 PID: 16287 Comm: syz-executor.2 Not tainted 5.10.210 #1 [ 2764.451299] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2764.452058] Call Trace: [ 2764.452335] dump_stack+0x107/0x167 [ 2764.452681] should_fail.cold+0x5/0xa [ 2764.453038] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x280 [ 2764.453616] should_failslab+0x5/0x20 [ 2764.453968] __kmalloc+0x72/0x390 [ 2764.454291] genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x280 [ 2764.454877] genl_family_rcv_msg_doit+0xda/0x330 [ 2764.455317] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 2764.455914] ? cap_capable+0x1cd/0x230 [ 2764.456282] ? security_capable+0x95/0xc0 [ 2764.456667] ? ns_capable+0xe2/0x110 [ 2764.457018] genl_rcv_msg+0x33c/0x5a0 [ 2764.457371] ? genl_get_cmd+0x480/0x480 [ 2764.457720] ? ieee802154_dump_phy+0x160/0x160 [ 2764.458142] ? lock_release+0x680/0x680 [ 2764.458500] ? __lockdep_reset_lock+0x180/0x180 [ 2764.458936] netlink_rcv_skb+0x14b/0x430 [ 2764.459307] ? genl_get_cmd+0x480/0x480 [ 2764.459673] ? netlink_ack+0xab0/0xab0 [ 2764.460032] ? netlink_deliver_tap+0x1c4/0xcd0 [ 2764.460438] ? is_vmalloc_addr+0x7b/0xb0 [ 2764.460820] genl_rcv+0x24/0x40 [ 2764.461123] netlink_unicast+0x549/0x7f0 [ 2764.461496] ? netlink_attachskb+0x870/0x870 [ 2764.461923] netlink_sendmsg+0x90f/0xdf0 [ 2764.462310] ? netlink_unicast+0x7f0/0x7f0 [ 2764.462685] ? netlink_unicast+0x7f0/0x7f0 [ 2764.463085] __sock_sendmsg+0x154/0x190 [ 2764.463448] ____sys_sendmsg+0x70d/0x870 [ 2764.463825] ? sock_write_iter+0x3d0/0x3d0 [ 2764.464212] ? do_recvmmsg+0x6d0/0x6d0 [ 2764.464562] ? perf_trace_lock+0x2bd/0x490 [ 2764.464965] ? __lockdep_reset_lock+0x180/0x180 [ 2764.465395] ___sys_sendmsg+0xf3/0x170 [ 2764.465754] ? sendmsg_copy_msghdr+0x160/0x160 [ 2764.466180] ? lock_downgrade+0x6d0/0x6d0 [ 2764.466542] ? find_held_lock+0x2c/0x110 [ 2764.466929] ? __fget_files+0x296/0x4c0 [ 2764.467311] ? __fget_light+0xea/0x290 [ 2764.467677] __sys_sendmsg+0xe5/0x1b0 [ 2764.468004] ? __sys_sendmsg_sock+0x40/0x40 [ 2764.468393] ? rcu_read_lock_any_held+0x75/0xa0 [ 2764.468861] do_syscall_64+0x33/0x40 [ 2764.469202] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2764.469638] RIP: 0033:0x7f72473f4b19 [ 2764.469980] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2764.471493] RSP: 002b:00007f724496a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2764.472136] RAX: ffffffffffffffda RBX: 00007f7247507f60 RCX: 00007f72473f4b19 [ 2764.472738] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2764.473339] RBP: 00007f724496a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2764.473942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2764.474545] R13: 00007fff0764456f R14: 00007f724496a300 R15: 0000000000022000 05:13:40 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x0, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:13:40 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 100) 05:13:40 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x0, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) [ 2764.549784] FAULT_INJECTION: forcing a failure. [ 2764.549784] name failslab, interval 1, probability 0, space 0, times 0 [ 2764.551026] CPU: 1 PID: 16300 Comm: syz-executor.6 Not tainted 5.10.210 #1 [ 2764.551601] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2764.552282] Call Trace: [ 2764.552513] dump_stack+0x107/0x167 [ 2764.552822] should_fail.cold+0x5/0xa [ 2764.553146] ? create_object.isra.0+0x3a/0xa20 [ 2764.553534] should_failslab+0x5/0x20 [ 2764.553853] kmem_cache_alloc+0x5b/0x310 [ 2764.554200] create_object.isra.0+0x3a/0xa20 [ 2764.554560] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2764.554991] __kmalloc+0x16e/0x390 [ 2764.555293] inotify_handle_inode_event+0x1b4/0x5d0 [ 2764.555706] ? idr_callback+0x80/0x80 [ 2764.556027] fsnotify_handle_inode_event.isra.0+0x1bb/0x270 [ 2764.556494] fsnotify+0xcd0/0xf50 [ 2764.556794] ? fsnotify_first_mark+0x240/0x240 [ 2764.557170] ? lock_downgrade+0x6d0/0x6d0 [ 2764.557527] ? memcpy+0x39/0x60 [ 2764.557805] __fsnotify_parent+0x468/0x9d0 [ 2764.558162] ? fsnotify+0xf50/0xf50 [ 2764.558458] ? fsnotify+0xf50/0xf50 [ 2764.558772] ? _cond_resched+0x12/0x80 [ 2764.559106] ? inode_security+0x107/0x140 [ 2764.559446] ? avc_policy_seqno+0x9/0x70 [ 2764.559782] io_req_io_end+0x26d/0x490 [ 2764.560110] kiocb_done+0x320/0xc90 [ 2764.560411] ? ext4_file_read_iter+0x18c/0x4c0 [ 2764.560791] io_read+0x4cf/0x11e0 [ 2764.561088] ? kiocb_done+0xc90/0xc90 [ 2764.561429] ? __lockdep_reset_lock+0x180/0x180 [ 2764.561819] ? lock_acquire+0x197/0x470 [ 2764.562153] ? __lock_acquire+0xbb1/0x5b00 [ 2764.562500] io_issue_sqe+0x2e8a/0x7700 [ 2764.562838] ? perf_trace_lock+0xac/0x490 [ 2764.563192] ? SOFTIRQ_verbose+0x10/0x10 [ 2764.563534] ? __lockdep_reset_lock+0x180/0x180 [ 2764.563922] ? io_connect+0x610/0x610 [ 2764.564240] ? lock_acquire+0x197/0x470 [ 2764.564571] ? find_held_lock+0x2c/0x110 [ 2764.564909] ? __fget_files+0x26d/0x4c0 [ 2764.565240] ? lock_downgrade+0x6d0/0x6d0 [ 2764.565590] __io_queue_sqe+0x90/0x9d0 [ 2764.565914] ? io_issue_sqe+0x7700/0x7700 [ 2764.566264] ? io_prep_rw+0x7f5/0x1050 [ 2764.566594] io_submit_sqes+0x4461/0x85c0 [ 2764.566971] ? __do_sys_io_uring_enter+0x6b5/0x1920 [ 2764.567374] __do_sys_io_uring_enter+0x6b5/0x1920 [ 2764.567780] ? lock_downgrade+0x6d0/0x6d0 [ 2764.568125] ? find_held_lock+0x2c/0x110 [ 2764.568469] ? io_submit_sqes+0x85c0/0x85c0 [ 2764.568826] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2764.569230] ? wait_for_completion_io+0x270/0x270 [ 2764.569625] ? rcu_read_lock_any_held+0x75/0xa0 [ 2764.570012] ? vfs_write+0x354/0xa70 [ 2764.570317] ? fput_many+0x2f/0x1a0 [ 2764.570619] ? ksys_write+0x1a9/0x260 [ 2764.570947] ? __ia32_sys_read+0xb0/0xb0 [ 2764.571298] do_syscall_64+0x33/0x40 [ 2764.571604] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2764.572032] RIP: 0033:0x7fc0adb05b19 [ 2764.572338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2764.573831] RSP: 002b:00007fc0ab07b188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2764.574446] RAX: ffffffffffffffda RBX: 00007fc0adc18f60 RCX: 00007fc0adb05b19 [ 2764.575027] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000006 [ 2764.575598] RBP: 00007fc0ab07b1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2764.576171] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 2764.576751] R13: 00007ffd17b2fdcf R14: 00007fc0ab07b300 R15: 0000000000022000 05:13:59 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x4084, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:13:59 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x0, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:13:59 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 05:13:59 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) 05:13:59 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13ba8, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:13:59 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 9) 05:13:59 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x8c02, 0x2) connect$802154_dgram(r0, &(0x7f00000000c0), 0x14) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000100)={{0x1, 0x1, 0x18, r0, {r0}}, './file1\x00'}) openat(r1, &(0x7f0000000140)='./file0\x00', 0x440, 0x110) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) dup2(r2, r0) preadv(r2, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00', 0x0}) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001dc0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES64, @ANYBLOB="010000000000000000000600000008000300", @ANYRESHEX=r2, @ANYRESOCT=r4], 0x24}}, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = dup(r6) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000080)={'wlan1\x00', 0x0}) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x24, r9, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_4ADDR={0x5}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(0xffffffffffffffff, &(0x7f0000001c40)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000001c00)={&(0x7f0000001e40)={0x140c, r5, 0x2, 0x70bd2d, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r8}, @val={0xc, 0x99, {0x5, 0x19}}}}, [@NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x9100}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0xdada}, @NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x883e}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x86dd}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x6558}, @NL80211_ATTR_FRAME={0x13b8, 0x33, @data_frame={@no_qos=@type10={{0x0, 0x2, 0x4, 0x1, 0x0, 0x1}, {0x94b}, @initial, @device_b, @device_a, {0x9, 0x3f}}, @a_msdu=[{@device_b, @broadcast, 0x1000, "75291ad763d8aadbf71f8027cd854ab9769d8f5afcb6812743611c999427945eec28a9031f96f35fd9a544917982585404cb3fd584a4527c5e93c371539a4a19c955c160b9daa67593795de85241a121fed85bce8296157b2d2fd3e2117683d01c66e39ea066bc394921009d1decbf30e14b86aff9c48264d4d511f679710bdf2b4a023e8341fc80ed13655b0c93eba18c895e78c765126c09b86f9682183272887d0eb058c8305747171e5aa793a715360896e4a47ab4f6c801abefd07784051b6d7e18e0a893c0e8827670f1f9dbd0d8dd1bc8b01902224355a806cd87313d5a0a1857dd9bc255beab659bd72d8ba78cb5f5983cd6397478170c36670cb6d139ca499a3cdae5b2b8e7d35033c16ad7f42efcf908776a786580624b72dc92b8c40c902a8a49658368da37d9f4516faad6b51b09bfb6ff8750705c632b140e38a6282054779ce9224785514f1bb0ba3554b887a60786900c3fe8dcc783e2033c742199704f97a6a76399072f3fb7c17ff96f23dd5e32a376ab6884befee3504fb898d163ff9bad9107be5d3ef1cee43ef5cfb85624e59e18f41868d5d4745a11b25bd55880f30fe8b98be0cb55c3b53f2bfa94f88747e6eca73e1b28b70f3181a11d5a9f76d05d017bb8ac3757beb088fb186022805da2137d1d44d365b1415a61e18a7003ff8252099f5bc6286f4bc4171ae8a3505329a391f9162b2b6d315699bbd9210d9449b8c766279251b110d8becc36aa0755dbb32b28ab2a0a8a0fddb532897326ca27acd3810f71805aa6ec88daefd6ed60bba12a8f80dd499fd792b48da5393c7b580e264762505c08c6ab23101996e93572b64d4c67512bb07f2f5e6e8feb7fb261872bbf0faa4ccd9b79d9047b9627d0bfea0980339c57d416ada7a373437452917c1ceffafe415738551af76e550751180b25ca2fb0d83be7ad93b7307231cb5b31915201bb17769659ea0e2958ef956f3d188c6ef242d894d2a60f98355e4481300da7db3914764012cc27cd5364f93532d78dae26a8639ddcd2fd57e4647ddd9026e37950675052cee4bf5951d5156c8c0a7836dede5ae1d34225ca416c80aa71bab053bebed283685f2f9f7d9cc18a11ba7256f70ad6b62b453de417529a15c436a1999c24e65ae7bad0fb398d29ec6b027b87dcf8b19800f6a132cc72afb57a4c902b580bd5476347a925e20f76efd025337dc95d12da00766daa5670cee82a9e219c9a139687735e5b679862e92bc7088e0a8287df855f866a2e05df8c5428c5405927edc67fed63c3ac32fa74d9e2ec785325124f90de7d3a4be6f2f1746090761a4b6193713b661b5d38f8c1d79a1a6e19849d1ab30a7a837e79f0953cd2d71fbcada903588d41caedf76801ba2c989266da1c65c6f8ab9d8bccef118b3cf034cba0f48ca193ab8b547bca0295d1a88fb94ec5c1620429b917da45e5fe2617eb448ba2949a0dced71e5288526d52afd6d80aceef532486b9cf164ef9c306c966a9adb6ba5eb144a6606574f5ad93e27a75fe4d6641bbc94541ff39107bf50b5e42b04b4476af1adf4582209c52477363bb57c53d2be01e20cb3276592fb7364dc5cf7b6eea98cdad17b1ab4c811353494ca62522733da6e7cf8e628a96fe4917ff8adc2dcb0e3a75411c659a2e7fb7451ea3c7c458337b09fce9ae5382ff294fc9af2ed9fbb3ee97d1351b64a8c2acf7c845fbe1c2cfa9f506ddeb5a48035a2919665239948d0ef619a54aaf7f45520abb1381c0b1ff31b40e6249fa7ed61b9391a73254bae1f019f3931e071cb00620e5a4dcdc39354adcfd854625342723a94ad0c55b1b4c135312066fb42216b385dd86643666411d660d7d9609837bfa8b0fed810e01204c530d3310832c9a93788d5111539731af9c8bc4e25185d4765ccbdc4fa034257b23961615a69c856e413c210b2d17b9d5e520b203cb0d0df7c622792a48a58b10be9e67f4016ae9298c45d0a6319930d6b2c56a4cc111b7b5ede6708d7f0a2e0ea2215cb74ff6997ad0f4f83c742ec2b06c41b3cb1b147a0fe29e29780e28a0dda0eb0c5f9e24a832a71926c108da722099ed4103048f46e44892dbdb8355202b118d69c71621519165aba145d8981af83dfcf8329fd84486ac32a9da01ad15c3dee709d622dc6a4f6fb8a3f7c233381c3cffe6849367ad27216b47374d179f50a714f6461ec04e963d2ee8eb796596cf91cd039cac86f9366f33878abcc4a70c0b5e757e50351b0d60662c534807acbed720fc449bc01ccf5e1881ddb2e642bc031756c778232e6330ab909eb1a55edf92fddbfb13ccb371b3cddeb5a63be690f337a804701dbde3d0d1f0697e6d2c44dfd5ed61b7073450d33afb8b05e3ded636173960fa54f3322aeb33d7cf3bd3734fa15b6c334501f7bd813f3cb32448a1f6ee61501d6287decb3a6367a4ef46c1a8d362658e555bf5f8779494aca1a720384a998e8417e39030efb7fd4fc0fb08fa9ff0f45e146b6891ef88ce11e7d28f39596292601f8f8aa44ffa6d3334281ec0c7955c582105b9181ee77cf27621cfed711b4b2c5513a4ef676728f91dc195568500508f221a78b0a381217f06748ce93718b31bf1d904f283b5473cbcf55c1b6da76ffc2751af9e0898800e29f8c6b26a3f04614bc73db403f55d17e8301fba885e7cfca047d8ad0170ecb9fdb8b2f2996d8f1e297f394e3a31151be7594d9d70cdb288eb1748f3bd53ff6b9eb9805112e5708d519baddd254c4e2236937a62fbfa8be6cecb50fd063bd40bf4b6f60966b60108b9b34333de8c6d546cf92dc1a8f22d5d2b594e004464ac0d2f0005600fc764d0787fe83ac91dc62edc7759e5a2965a9f3ccdd076a17c37077dcf9e2957573feaf78f3c5d892cfcfdd3973fd1ed257da7db2f7228cec70995d411c90acc2733810154add33fe0ef576596bbbd2f751fda72395c37ca43ea7e1a48d323c04d1672e0b4802451e95aba9afeb288e26ab78b607885369b5eb6f5517fd3432444c94c6776c06742005bb4464534c598eed26c0e72e8a8fc3a4275b738d834b0cf7d3c4a36840696edea524fcd4980f53519161760ef6cd5c4edd9c3f464ab13ef1ee8a4f978af1f119b07175d91a04e578030aa20fac65f03fe3465f39692b8c373ae1431fcfb8ea4ec796ad449f4e461cacdbc2a6711129333a83afded656aad624a1a0f2920f1aee21a3973dfda4d707e6c05c95322365422a90db2ae711e0390af926ef7bcaa784b73dbf01e4084c38a84ecee4cbd9cc6e02145748e2e333d43df2eb9faac8c356bf9dc96b99d6c32b689dcf64d2467d48c90fe85cf0556bdfa37be026a4befc792ab7a22427313b4ab2bdd49456fac20fa418d2a380beb75cbd61aea1cd5310991ea1e6f3f9bd9819deb52218fdf4ebff2d1d51633a6e1e31b2880b3624f0f24345f374c8f5e34005e9f57c3e62888b76df0c7dcb78198a8510bf01c5273211d00a9cf200fd25283ec463953978048a01fc5ffde0ffbdf53b9ccf7e7d5fdbbbd1be76584ad1ff134bf13f5ecdffd6c7b5eea311cc7e361747ff44df578a14227af1b01879b5d331d354e616302e773f01981d3b9c5f2bfbefed007b2a7786f8476583c8815aa6caae95f7be26cfef77e84402ad2f984f685cc433830222a4a0a1a4c1a73363620609a6e397db93f1039429af9e1f6c965d0032e08c43117412d036808586a729cb15c36048f790bc827cf0f7a184b9aca529fa3ba19a6cf9ca91dcdd9ccfb2530681ca6058d13ea9d3a9f65fce8790bc20d029e40fff4cec03e16586890d3621b01be8d61dcea2c92f9a34fa70a6f4fab4a723f54d7e73712e27207ef796599ec5034b1837653eed1d8125128a26334161ccf53bcfabada80a354660b33a4a7eab2bfc73fe08fd238fd32d21f3db85dee6e71094a7af375ea56cdadb87b9dbc197a8b97543d624e653000730f6632ae4d5105d947d91221f90ff731de645a134a40eea8f10178067b6eb9db4bd31acd6ddf58fd9177defba3e4f7ee1574c6dee6c153886e9f4134be7db2554a07d8a0e382abb57d639dabedf3537c0ed9bc443ae43c08f85ce7676b63d7101bb6c989752d60efa4fc4b2384149aaaff9958d05d55d78c9206d643957cca634267fa2f6374474a5f0039a02008337bfbb686e63e7896df948e235ba34dcf14dd3796291f15387d90cc28daf424a51d71ea7d830456755089994794580c24ff312785500eb7274f9c9f4b84f762c231c1683e3db6b30721754cda099973752a7c3ed9858b05da407ba12f9ff66c5c6a1faf9bec5e4d0ec8cd31a37b2d5746948a6ffd35656a857bb3a7b0836b66dacf931f38853139983f2cdf5a5bc218d5f60fed603a66030ce68fc7ff33c497551f60f9f30c012cf34eea70744a7601ce280bdc57285266b5a07ee641845b6e98b4dde5650cbe18d00c197f4a119b06742735d3cc7b0238b544bb9fd456ece2bc1398306136335e8cdbd211fa43a10854c47cf81d4f552a990fbcb431214db0c9e5d6789e1a90fee280c8193f4ada63a32c5df27febb741a79fa3c6a56589a6b6d76d48aa32db7c4b3d0c09d8f001c4341f35bd8448d5a3fa30692f69e43d75dafecc2d4db6b82a5d2cdcb08ae8be96c8bf193b74004ab8514820691b9b48afccddbb50a0f48649923c1c66cec29999bb04748fff4737d18c62a0b469b55ea05f360eef09e985991c09f10795815b7eb80372f7534fa1018d5539e7b9dbfe167fe02ab3954aec26cb4cc61f993731f669745d1856e27b72363dc9dde65fa043af87a4a89970a2ddfe09dde035a7b45ce1a81b1093b35ec3f118e62ba143219337538c90e616bcf1e0a64634a650c4a6be08e7b3fece168c5c1d53b00c9d2799f76a3943d70410a9b307affee9f09e000613edaf19819d3bb35fe365c42c3e2ddfb2061936bad0f44a9ffb8a2d11c860b7d18e36d11f603b6bf039582c5c049c6e33b88d8de29eac2f8c364073ff6108d81c66c75cb02a0075bd2d1651aaf1f212c3759f22b279e198e6d644c5bee817c4a9155179c009bfc623084540c2e73eb72deff212039eac2115fce848c1c2829f905e933f17a0ace8b9a83c8b8de41eaf796bb0340a03a92203a114f1524f7340fc1f0438214fc66646eef6be90a48e618924f905b430893b036f6c5914b7e7d839f6a1deffdb2858b2b08e64a00d8e2c74c75395c5edf6021ef74187635cf68a4641ecca4d1ac9d8706e46686ae719c51e01dbbffffb09da468ec7fa829ff6c20246906b296bc54a31edf082455e37b5e3f853bbd79a6e47ccdf2e766033b2551585d29539f38538063fd0e11af485745002ef6d057eec173d01339bce645961eb2cd6dde30d37bcec416862c1b02aedaf9504e1ecae0c813dd76c612b0e951e6fb6f58bd9f421813bac7ba94e659eee31f2bf84543c55fcd32de03541861b5decea743be8a798dc8b4566cc86369d806cbdab49f842fed9c56a33254a24acddc9b5dfb17fc354f1436cbcaf39021b51fb4cbff8bf6be20383acbcb8582a6092d51923403c86bcecdbb7d822b7b4161ee629008a6498f7324ab94510bf1fc5919f6b1ba337c67a4b3c05b11d857adcd6b4fad636b674e5159f8f077d9961518e223758bd3a723147a32375279bc64f7d66abe0000e0769ce2712239737a140dfd0f48c06199a8c862ef8817297f46b06e1a56ce9512bd32c7f3ae521a5c1b28d5c0400be8391da0a6aed0ed1c3675cc39a2f03dbed8cc03e6bea2a5900c2b63eda5fae857f27626c65a39c999f59ee472589ed"}, {@device_a, @broadcast, 0xc1, "7dc6da8d72af1d707d68c4dfe490a745362b593d3adef54e167a7856d995d72413cbb9652d8e0fbae733195c73f8b8bb07dbbbde163c36705369d7912a615b3bc787327b9851c6c5664dc680027f31060cc8ec7f9f96e18d82c82b27dee9a7d2e9c40099e43a54a77c7a68172a1181b0da8744d3f4dece3ffd50a025a6e0e97dec51f6036cf9bbd8f5b933f8867ddb2c03954e982227c2dab21b3d0dedc4ae34b6107c8adf839f88740789dfdb375f1b7fb676c3a5c5ceb4a7248952f3109daa7e"}, {@broadcast, @device_b, 0x8e, "7eb247cd6fba031a04449ac5a34f08bf86d18f37c400b98c6b209832e89071b9295e0a2a9a2d46b2d6f22c5c6d70b738779a362e1a851fed6f2f4c9319fccd52ae03ccf71e26a2e10645004da7f581f7236d736cd5c95dd1a8e54769c728a2933fe17aec575c641052c3657c2d7a15587cbe4feb15060a807af692733ce7ecab5ba62648f5b1864be296e7433081"}, {}, {@device_a, @broadcast, 0x157, "587c0533ecfe2e06baf4cd78f60414ce76c632184f9087d082bbc06427c3615a28ea471b0eac8ef7a1bc98f5dc011fe8fbd12ceaa9003006874ab624b5b2f26368805fd8c04ea6c282ba98f3d65c7993aab18aec8e32343ef6a185b27491ee78d369aad5c5c636e26b576d20c2c7c1186e5bdaaf2f8d055faa6533ac1e04262ee92fa3d4a2433cb0594da909e7f5ff73ead40f440e5a8357c036900aeb2ba934af81fe054ff4a411f718478ec3343420ab749e28ce06b1f038588fa9ca7f4d93e3895a2ee97586acfe35ea84a1afa54ef8667e17f8b99e3990d11f1a871674c30d40300ab904e0ca61aa47541571e48f6ad4e5715881dac2169b121978df8fe30cc560ea69c1e52d0e8e5910d0d5d832d8aa5889bf037944d4a906e5a838a6b7ee2b68d0574e4c67fb382a3f1506714bba02ad396208f7eec10e6a02f6b7474e68bee73d51d349f350be4641c986717e89702e778e843e"}, {@device_b, @device_a, 0x52, "760e8680e56f4db634858071732a585a38db13d2553b8a90fe57d9107ec744e8244fbdae90d52e3ccb96571dfd70942e6deddf992f0ddc40daf2802f14f7517fc50c5f5cc2d0a230fea8bc607b05b7ab649e"}, {@broadcast, @device_a, 0x38, "0cfb090b47f14dddaaa69bdafed1b4bd15df3ca2f37e83375913e4f122d6ecc3cb2e110f01cd6e2c80433798b41d249981cc4cb104ea36b4"}]}}]}, 0x140c}, 0x1, 0x0, 0x0, 0x10000080}, 0x8000) read(r3, &(0x7f0000000000), 0x2000) close(r3) sendmmsg$sock(r3, &(0x7f00000007c0)=[{{&(0x7f0000000180)=@generic={0x15, "3e2e200b855db432fed0bfbbb6196380869e672459a337c775462771897130a82b6c1c8d511b105aa820acdf289d9b5563750582219bd4edb22ee9583e7bb220ce2350e14c1df804fe1c82966ac89a46fe8a6650a8241ffb7b54d66ffed9edded91d4cdde20564061f5df0e5a287985530456bc9b10406020dfb2fc35dd9"}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000200)="7b69b09a1b9773a98fcdcf0182e9217d9460b6a08a", 0x15}, {&(0x7f0000000340)="dd3b89e7795bcb6e86b13ec85220cb1ec36007edb23e7ae7cdcb4ced65aec13a9e897da5d149da47dc7fcd1d08e33e2102a5fe0290434e39b4c77ef6f00254c7c449155baf53f0eead785d17c40ad7221a3e382558afa910101b5a5af63d306659a04fc687c108788d847928d0cee6423258aa48a8af65b0084c23d3f224f4f169363af5b38af9e6f45abb360988100f9f46a00ec8d4a42f3e2ff075bc2a6df876b99b52b73f2f94852808350d79ef7951857afdd9465dd9420114ffec2116501b5d0a51741681e077", 0xc9}, {&(0x7f0000000440)="2fc16347229afc2160958b563158542841ae721e5e3caa4aabd8db948b180ebc9395034960b7c4beb4ca3e8d24c4e4c8d592819129baa64c7a12c809853d68654b3cbf9a257310efee846b1c1e569d17980f1a24cca431b17e4b262fcb83b9d1faa0d1f4012a7d16e17fde65ee64f87ed3785156b4", 0x75}], 0x3, &(0x7f00000002c0)=[@mark={{0x14, 0x1, 0x24, 0x6}}], 0x18}}, {{&(0x7f00000004c0)=@xdp={0x2c, 0x1, 0x0, 0x1e}, 0x80, &(0x7f00000006c0)=[{&(0x7f0000000540)="0bc86364e739f99634430dec7ebfa6041ec0eca5103e0ceca7751ac13e3905e534abc47b66427118929bf877477613c9e005a19c27fe37ec08b97db1f34ee3f83548b062e099d32e0dc03c0766695e9fb546febde1d10634c08bd8137ea6391a8d21", 0x62}, {&(0x7f00000005c0)="d4d093caa54dccb119a84c69afd0625a5146fbd800ae20de5eb527ecfb6fc17e5b88dc6ae48dd71a20da41bce8c6f21518fcf155ed4a057919b1a95d63e0a0122f98ff61eec90bd049fe24baa437f500ffc7533d86e1c4b7efe0d089bbdff6cf9551dbc466a54a945ace9efe14154721e12484363bc33c6dd856830c2468e9c1b396d54758f615f61f2daf5fb904ef1ec32451bc23fa0d82794bbcad3d419bec6bf1a3518c02aea4b9cf978013aca285eadff898c5875b25328624fa0ec3416dd488224856c90bb0ebb162fdf8b69c9e8080aa3eeb4aa28758926e23d743d202809e86b38f7b862980", 0xe9}], 0x2, &(0x7f0000000700)=[@txtime={{0x18}}, @mark={{0x14, 0x1, 0x24, 0x19}}, @mark={{0x14, 0x1, 0x24, 0x1}}, @timestamping={{0x14, 0x1, 0x25, 0x3}}, @mark={{0x14, 0x1, 0x24, 0x1}}, @mark={{0x14, 0x1, 0x24, 0x1}}, @timestamping={{0x14, 0x1, 0x25, 0x5}}, @timestamping={{0x14, 0x1, 0x25, 0xffff48af}}], 0xc0}}], 0x2, 0x20040000) 05:13:59 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) [ 2783.994885] FAULT_INJECTION: forcing a failure. [ 2783.994885] name failslab, interval 1, probability 0, space 0, times 0 [ 2783.996427] CPU: 1 PID: 16329 Comm: syz-executor.2 Not tainted 5.10.210 #1 [ 2783.997333] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2783.998381] Call Trace: [ 2783.998730] dump_stack+0x107/0x167 [ 2783.999216] should_fail.cold+0x5/0xa [ 2783.999727] ? create_object.isra.0+0x3a/0xa20 [ 2784.000330] should_failslab+0x5/0x20 [ 2784.000827] kmem_cache_alloc+0x5b/0x310 [ 2784.001362] ? lock_release+0x680/0x680 [ 2784.001885] create_object.isra.0+0x3a/0xa20 [ 2784.002451] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2784.003119] __kmalloc+0x16e/0x390 [ 2784.003598] genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x280 [ 2784.004422] genl_family_rcv_msg_doit+0xda/0x330 [ 2784.005034] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 2784.005888] ? cap_capable+0x1cd/0x230 [ 2784.006415] ? security_capable+0x95/0xc0 [ 2784.006977] ? ns_capable+0xe2/0x110 [ 2784.007484] genl_rcv_msg+0x33c/0x5a0 [ 2784.007990] ? genl_get_cmd+0x480/0x480 [ 2784.008507] ? ieee802154_dump_phy+0x160/0x160 [ 2784.009106] ? lock_release+0x680/0x680 [ 2784.009632] ? __lockdep_reset_lock+0x180/0x180 [ 2784.010259] netlink_rcv_skb+0x14b/0x430 [ 2784.010804] ? genl_get_cmd+0x480/0x480 [ 2784.011302] ? netlink_ack+0xab0/0xab0 [ 2784.011718] ? netlink_deliver_tap+0x1c4/0xcd0 [ 2784.012201] ? is_vmalloc_addr+0x7b/0xb0 [ 2784.012627] genl_rcv+0x24/0x40 [ 2784.012974] netlink_unicast+0x549/0x7f0 [ 2784.013407] ? netlink_attachskb+0x870/0x870 [ 2784.013873] netlink_sendmsg+0x90f/0xdf0 [ 2784.014310] ? netlink_unicast+0x7f0/0x7f0 [ 2784.014758] ? netlink_unicast+0x7f0/0x7f0 [ 2784.015207] __sock_sendmsg+0x154/0x190 [ 2784.015622] ____sys_sendmsg+0x70d/0x870 [ 2784.016041] ? sock_write_iter+0x3d0/0x3d0 [ 2784.016483] ? do_recvmmsg+0x6d0/0x6d0 [ 2784.016880] ? perf_trace_lock+0xac/0x490 [ 2784.017323] ? __lockdep_reset_lock+0x180/0x180 [ 2784.017800] ? perf_trace_lock+0xac/0x490 [ 2784.018231] ? SOFTIRQ_verbose+0x10/0x10 [ 2784.018653] ___sys_sendmsg+0xf3/0x170 [ 2784.019063] ? sendmsg_copy_msghdr+0x160/0x160 [ 2784.019552] ? lock_downgrade+0x6d0/0x6d0 [ 2784.019998] ? find_held_lock+0x2c/0x110 [ 2784.020434] ? __fget_files+0x296/0x4c0 [ 2784.020862] ? __fget_light+0xea/0x290 [ 2784.021283] __sys_sendmsg+0xe5/0x1b0 [ 2784.021685] ? __sys_sendmsg_sock+0x40/0x40 [ 2784.022141] ? rcu_read_lock_any_held+0x75/0xa0 [ 2784.022658] do_syscall_64+0x33/0x40 [ 2784.023043] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2784.023576] RIP: 0033:0x7f72473f4b19 [ 2784.023968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2784.025852] RSP: 002b:00007f724496a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2784.026639] RAX: ffffffffffffffda RBX: 00007f7247507f60 RCX: 00007f72473f4b19 [ 2784.027374] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2784.028107] RBP: 00007f724496a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2784.028837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2784.029575] R13: 00007fff0764456f R14: 00007f724496a300 R15: 0000000000022000 05:13:59 executing program 3: ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xee00, 0xee01}}, './file0\x00'}) fchownat(r0, &(0x7f00000000c0)='./file0\x00', 0x0, r1, 0x800) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) pread64(r2, &(0x7f0000000000), 0x0, 0xfff) preadv(r2, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) r3 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) preadv(r3, &(0x7f00000002c0)=[{&(0x7f0000000180)=""/39, 0x27}, {&(0x7f0000000340)=""/238, 0xee}, {&(0x7f00000001c0)=""/136, 0x88}], 0x3, 0x1ff, 0x1) 05:14:00 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 10) 05:14:00 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) 05:14:00 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 05:14:00 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x0, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:14:00 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) [ 2784.172577] FAULT_INJECTION: forcing a failure. [ 2784.172577] name failslab, interval 1, probability 0, space 0, times 0 [ 2784.173837] CPU: 0 PID: 16361 Comm: syz-executor.2 Not tainted 5.10.210 #1 [ 2784.174554] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2784.175403] Call Trace: [ 2784.175682] dump_stack+0x107/0x167 [ 2784.176062] should_fail.cold+0x5/0xa [ 2784.176457] ? __alloc_skb+0x6d/0x5b0 [ 2784.176851] should_failslab+0x5/0x20 [ 2784.177240] kmem_cache_alloc_node+0x55/0x330 [ 2784.177709] __alloc_skb+0x6d/0x5b0 [ 2784.178087] ? mark_held_locks+0x9e/0xe0 [ 2784.178514] ieee802154_nl_new_reply+0x2f/0x100 [ 2784.178999] ieee802154_add_iface+0x22f/0x8f0 [ 2784.179423] ? __nla_parse+0x3e/0x50 [ 2784.179813] ? ieee802154_dump_phy+0x160/0x160 [ 2784.180210] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280 [ 2784.180878] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280 [ 2784.181549] genl_family_rcv_msg_doit+0x22d/0x330 [ 2784.182050] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 2784.182739] ? ns_capable+0xe2/0x110 [ 2784.183139] genl_rcv_msg+0x33c/0x5a0 [ 2784.183541] ? genl_get_cmd+0x480/0x480 [ 2784.183959] ? ieee802154_dump_phy+0x160/0x160 [ 2784.184436] ? lock_release+0x680/0x680 [ 2784.184846] ? __lockdep_reset_lock+0x180/0x180 [ 2784.185332] netlink_rcv_skb+0x14b/0x430 [ 2784.185751] ? genl_get_cmd+0x480/0x480 [ 2784.186165] ? netlink_ack+0xab0/0xab0 [ 2784.186579] ? netlink_deliver_tap+0x1c4/0xcd0 [ 2784.187047] ? is_vmalloc_addr+0x7b/0xb0 [ 2784.187442] genl_rcv+0x24/0x40 [ 2784.187781] netlink_unicast+0x549/0x7f0 [ 2784.188145] ? netlink_attachskb+0x870/0x870 [ 2784.188617] netlink_sendmsg+0x90f/0xdf0 [ 2784.189008] ? netlink_unicast+0x7f0/0x7f0 [ 2784.189482] ? netlink_unicast+0x7f0/0x7f0 [ 2784.189890] __sock_sendmsg+0x154/0x190 [ 2784.190313] ____sys_sendmsg+0x70d/0x870 [ 2784.190681] ? sock_write_iter+0x3d0/0x3d0 [ 2784.191126] ? do_recvmmsg+0x6d0/0x6d0 [ 2784.191459] ? perf_trace_lock+0x2bd/0x490 [ 2784.191911] ? __lockdep_reset_lock+0x180/0x180 [ 2784.192361] ___sys_sendmsg+0xf3/0x170 [ 2784.192765] ? sendmsg_copy_msghdr+0x160/0x160 [ 2784.193164] ? lock_downgrade+0x6d0/0x6d0 [ 2784.193593] ? find_held_lock+0x2c/0x110 [ 2784.193996] ? __fget_files+0x296/0x4c0 [ 2784.194428] ? __fget_light+0xea/0x290 [ 2784.194807] __sys_sendmsg+0xe5/0x1b0 [ 2784.195209] ? __sys_sendmsg_sock+0x40/0x40 [ 2784.195656] ? rcu_read_lock_any_held+0x75/0xa0 [ 2784.196180] do_syscall_64+0x33/0x40 [ 2784.196528] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2784.197054] RIP: 0033:0x7f72473f4b19 [ 2784.197404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2784.199245] RSP: 002b:00007f724496a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2784.200016] RAX: ffffffffffffffda RBX: 00007f7247507f60 RCX: 00007f72473f4b19 [ 2784.200748] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2784.201471] RBP: 00007f724496a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2784.202190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2784.202902] R13: 00007fff0764456f R14: 00007f724496a300 R15: 0000000000022000 05:14:00 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13ba9, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:14:00 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0) read(r1, &(0x7f0000000000), 0x2000) close(r1) ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r1, 0xc0305302, &(0x7f0000000000)={0x6, 0xb861, 0x401, 0x81, 0x1000, 0x2}) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) r2 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read(r2, &(0x7f0000000000), 0x2000) close(r2) r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0) read(r3, &(0x7f0000000000), 0x2000) close(r3) ioctl$FICLONE(r2, 0x40049409, r3) 05:14:00 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x4800, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:14:00 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:14:00 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 05:14:19 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13baa, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:14:19 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x20, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:14:19 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x4c00, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:14:19 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 11) 05:14:19 executing program 3: r0 = gettid() r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0) read(r1, &(0x7f0000000000), 0x2000) close(r1) clone3(&(0x7f0000000440)={0x20000000, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140), {0x3b}, &(0x7f0000000180)=""/168, 0xa8, &(0x7f0000000340)=""/193, &(0x7f0000000240)=[0xffffffffffffffff, r0], 0x2, {r1}}, 0x58) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r2, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) ioctl$SG_GET_NUM_WAITING(r2, 0x227d, &(0x7f0000000000)) 05:14:19 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 05:14:19 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:14:19 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0xf5, 0x0, 0x0, 0x0) [ 2803.532565] FAULT_INJECTION: forcing a failure. [ 2803.532565] name failslab, interval 1, probability 0, space 0, times 0 [ 2803.533546] CPU: 0 PID: 16454 Comm: syz-executor.2 Not tainted 5.10.210 #1 [ 2803.534134] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2803.534827] Call Trace: [ 2803.535067] dump_stack+0x107/0x167 [ 2803.535379] should_fail.cold+0x5/0xa [ 2803.535701] ? create_object.isra.0+0x3a/0xa20 [ 2803.536085] should_failslab+0x5/0x20 [ 2803.536400] kmem_cache_alloc+0x5b/0x310 [ 2803.536745] create_object.isra.0+0x3a/0xa20 [ 2803.537104] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2803.537529] kmem_cache_alloc_node+0x169/0x330 [ 2803.537920] __alloc_skb+0x6d/0x5b0 [ 2803.538221] ? mark_held_locks+0x9e/0xe0 [ 2803.538566] ieee802154_nl_new_reply+0x2f/0x100 [ 2803.538957] ieee802154_add_iface+0x22f/0x8f0 [ 2803.539325] ? __nla_parse+0x3e/0x50 [ 2803.539633] ? ieee802154_dump_phy+0x160/0x160 [ 2803.540021] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280 [ 2803.540547] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280 [ 2803.541087] genl_family_rcv_msg_doit+0x22d/0x330 [ 2803.541481] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 2803.542047] ? ns_capable+0xe2/0x110 [ 2803.542363] genl_rcv_msg+0x33c/0x5a0 [ 2803.542685] ? genl_get_cmd+0x480/0x480 [ 2803.543018] ? ieee802154_dump_phy+0x160/0x160 [ 2803.543412] ? lock_release+0x680/0x680 [ 2803.543739] ? __lockdep_reset_lock+0x180/0x180 [ 2803.544135] netlink_rcv_skb+0x14b/0x430 [ 2803.544464] ? genl_get_cmd+0x480/0x480 [ 2803.544795] ? netlink_ack+0xab0/0xab0 [ 2803.545135] ? netlink_deliver_tap+0x1c4/0xcd0 [ 2803.545504] ? is_vmalloc_addr+0x7b/0xb0 [ 2803.545846] genl_rcv+0x24/0x40 [ 2803.546117] netlink_unicast+0x549/0x7f0 [ 2803.546453] ? netlink_attachskb+0x870/0x870 [ 2803.546834] netlink_sendmsg+0x90f/0xdf0 [ 2803.547182] ? netlink_unicast+0x7f0/0x7f0 [ 2803.547548] ? netlink_unicast+0x7f0/0x7f0 [ 2803.547900] __sock_sendmsg+0x154/0x190 [ 2803.548230] ____sys_sendmsg+0x70d/0x870 [ 2803.548564] ? sock_write_iter+0x3d0/0x3d0 [ 2803.548910] ? do_recvmmsg+0x6d0/0x6d0 [ 2803.549229] ? perf_trace_lock+0x2bd/0x490 [ 2803.549582] ? __lockdep_reset_lock+0x180/0x180 [ 2803.549976] ___sys_sendmsg+0xf3/0x170 [ 2803.550298] ? sendmsg_copy_msghdr+0x160/0x160 [ 2803.550682] ? lock_downgrade+0x6d0/0x6d0 [ 2803.551027] ? find_held_lock+0x2c/0x110 [ 2803.551388] ? __fget_files+0x296/0x4c0 [ 2803.551731] ? __fget_light+0xea/0x290 [ 2803.552070] __sys_sendmsg+0xe5/0x1b0 [ 2803.552386] ? __sys_sendmsg_sock+0x40/0x40 [ 2803.552740] ? rcu_read_lock_any_held+0x75/0xa0 [ 2803.553161] do_syscall_64+0x33/0x40 [ 2803.553470] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2803.553891] RIP: 0033:0x7f72473f4b19 [ 2803.554195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2803.555686] RSP: 002b:00007f724496a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2803.556307] RAX: ffffffffffffffda RBX: 00007f7247507f60 RCX: 00007f72473f4b19 [ 2803.556884] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2803.557458] RBP: 00007f724496a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2803.558037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2803.558614] R13: 00007fff0764456f R14: 00007f724496a300 R15: 0000000000022000 05:14:19 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 05:14:19 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x20, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:14:19 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x20, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:14:19 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 05:14:19 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000440)=[{&(0x7f0000000000)="bcb958f19d00affaa0e3097c4f32c08faa1e24013838af0e3d266edb7b5618cc5c7baaab8260cce9da86", 0x2a}, {&(0x7f00000000c0)="8d0b8b111f7b60c4c658278f54fc71289635ce7fda43d6ec8578952504b4a477db6dde774cc62f98be45d9df73ec8199a68c7b7ec2c5424b9f60dfe1cafa8ed877f9ba0d275ea205c074ca3a21989b138f77b1f3b9452febff33bb9f6177850ac6d803a501d2d4b6bd2b3d3e1fc1de422e0ffd8a2a1e752c0fa3ca81db8e309c3933043cc41e5dc31ae5e080a4bf937632f51f1e852225356e8587f6d4f50ba35c4a71eebecf7a1a5adc53d6a82424ce108fd2e984d946d3ba2a99fdb40d94b5b25a", 0xc2}, {&(0x7f0000000340)="dd904ed7d04fe49ef29c17297d41b386fb3ce1fb9f3016eb4cd6a2160a6c3655f2f6eb99c720ae770e8bdaa9e37695d9a6b4341175369ebe556a80742896e141e55853924e6b87b6b7cbfa0fe29b87f2d76522a7e992a0f58e7e2eca80a18291d4316c92a7b248123b10df487ab8b33f55bba115286de509774245622c77acf7a0f7c6b5e6d3ecada6fc3455a1d87691525677c1037b65b388e155c9a843edab124ea8c4c53ed64b6e2e34c147baf0ff402d412e196972a64efa2b767044c1ae18ced4f96bea74", 0xc7}, {&(0x7f00000001c0)="8328413649b3268df3065a2ec075a63f0a405881eb8cc00eb738f0c756e0ac4aa75efb83220e7c0830ee27286b78e07f1e207c7b867576aac4d3b5ac8ac1", 0x3e}, {&(0x7f0000000200)="12d2f3f86199bf2c6c8387dbf6dfc55e3c6410155465c42b2789026b40af3b31eb0d488df733ff40a97e6effe2be5c4a43023f421b01f0e13635c96835aa3f2a8a79045bed9fd971abf088b6eadf952c3bcc727755b802f66e46d16b3d8a75bcd5f43c5ada8271311c8d48", 0x6b}], 0x5) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x68) 05:14:19 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 05:14:19 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 12) [ 2803.783880] FAULT_INJECTION: forcing a failure. [ 2803.783880] name failslab, interval 1, probability 0, space 0, times 0 05:14:19 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sysvipc/sem\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000340)={0x0}, &(0x7f0000000380)=0xc) sendmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r2}}}], 0x20}, 0x0) fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r2}) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) [ 2803.785235] CPU: 1 PID: 16475 Comm: syz-executor.2 Not tainted 5.10.210 #1 [ 2803.786137] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2803.787046] Call Trace: [ 2803.787374] dump_stack+0x107/0x167 [ 2803.787779] should_fail.cold+0x5/0xa [ 2803.788212] should_failslab+0x5/0x20 [ 2803.788645] __kmalloc_node_track_caller+0x74/0x3b0 [ 2803.789190] ? ieee802154_nl_new_reply+0x2f/0x100 [ 2803.789725] __alloc_skb+0xb1/0x5b0 [ 2803.790137] ieee802154_nl_new_reply+0x2f/0x100 [ 2803.790647] ieee802154_add_iface+0x22f/0x8f0 [ 2803.791138] ? __nla_parse+0x3e/0x50 [ 2803.791555] ? ieee802154_dump_phy+0x160/0x160 [ 2803.792097] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280 [ 2803.792811] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280 [ 2803.793522] genl_family_rcv_msg_doit+0x22d/0x330 [ 2803.794047] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 2803.794779] ? ns_capable+0xe2/0x110 [ 2803.795191] genl_rcv_msg+0x33c/0x5a0 [ 2803.795621] ? genl_get_cmd+0x480/0x480 [ 2803.796058] ? ieee802154_dump_phy+0x160/0x160 [ 2803.796567] ? lock_release+0x680/0x680 [ 2803.797015] ? __lockdep_reset_lock+0x180/0x180 [ 2803.797524] netlink_rcv_skb+0x14b/0x430 [ 2803.797968] ? genl_get_cmd+0x480/0x480 [ 2803.798403] ? netlink_ack+0xab0/0xab0 [ 2803.798841] ? netlink_deliver_tap+0x1c4/0xcd0 [ 2803.799380] ? is_vmalloc_addr+0x7b/0xb0 [ 2803.799832] genl_rcv+0x24/0x40 [ 2803.800195] netlink_unicast+0x549/0x7f0 [ 2803.800644] ? netlink_attachskb+0x870/0x870 [ 2803.801137] netlink_sendmsg+0x90f/0xdf0 [ 2803.801586] ? netlink_unicast+0x7f0/0x7f0 [ 2803.802059] ? netlink_unicast+0x7f0/0x7f0 [ 2803.802520] __sock_sendmsg+0x154/0x190 [ 2803.802955] ____sys_sendmsg+0x70d/0x870 [ 2803.803448] ? sock_write_iter+0x3d0/0x3d0 [ 2803.803915] ? do_recvmmsg+0x6d0/0x6d0 [ 2803.804377] ? perf_trace_lock+0xac/0x490 [ 2803.804856] ? __lockdep_reset_lock+0x180/0x180 [ 2803.805395] ? perf_trace_lock+0xac/0x490 [ 2803.805862] ? SOFTIRQ_verbose+0x10/0x10 [ 2803.806345] ___sys_sendmsg+0xf3/0x170 [ 2803.806779] ? sendmsg_copy_msghdr+0x160/0x160 [ 2803.807320] ? lock_downgrade+0x6d0/0x6d0 [ 2803.807785] ? find_held_lock+0x2c/0x110 [ 2803.808276] ? __fget_files+0x296/0x4c0 [ 2803.808731] ? __fget_light+0xea/0x290 [ 2803.809202] __sys_sendmsg+0xe5/0x1b0 [ 2803.809623] ? __sys_sendmsg_sock+0x40/0x40 [ 2803.810123] ? rcu_read_lock_any_held+0x75/0xa0 [ 2803.810670] do_syscall_64+0x33/0x40 [ 2803.811107] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2803.811672] RIP: 0033:0x7f72473f4b19 [ 2803.812114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2803.814081] RSP: 002b:00007f724496a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2803.814963] RAX: ffffffffffffffda RBX: 00007f7247507f60 RCX: 00007f72473f4b19 [ 2803.815781] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2803.816600] RBP: 00007f724496a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2803.817420] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2803.818247] R13: 00007fff0764456f R14: 00007f724496a300 R15: 0000000000022000 05:14:41 executing program 3: openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/bus/input/devices\x00', 0x0, 0x0) 05:14:41 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x20, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:14:41 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x6800, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:14:41 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x20, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:14:41 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bab, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:14:41 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x2000, 0x0, 0x0, 0x0) 05:14:41 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 05:14:41 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 13) 05:14:42 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x20, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:14:42 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) 05:14:42 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000000)={0x9, 0x1, 0x7, 0x9, 0x8}) ioctl$AUTOFS_DEV_IOCTL_FAIL(r0, 0xc0189377, &(0x7f00000000c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="07000000010100002e2f66696c6530e0ad40bc6577a7a0957de3a97c1ef7c740ff1b99c8029015b672df405647600f025e6c55c1891eb9be65fe7181156570711d25cc52dbaf36e1ffc4828591a2c8a2b4f675439422fa9b4c0991bf16410a44870000"]) ioctl$EVIOCRMFF(r1, 0x40044581, &(0x7f00000002c0)=0x4) [ 2826.215519] FAULT_INJECTION: forcing a failure. [ 2826.215519] name failslab, interval 1, probability 0, space 0, times 0 [ 2826.217037] CPU: 1 PID: 16519 Comm: syz-executor.2 Not tainted 5.10.210 #1 [ 2826.217905] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2826.218947] Call Trace: [ 2826.219296] dump_stack+0x107/0x167 [ 2826.219776] should_fail.cold+0x5/0xa [ 2826.220273] ? create_object.isra.0+0x3a/0xa20 [ 2826.220863] should_failslab+0x5/0x20 [ 2826.221355] kmem_cache_alloc+0x5b/0x310 [ 2826.221891] create_object.isra.0+0x3a/0xa20 [ 2826.222464] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2826.223125] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 2826.223800] ? ieee802154_nl_new_reply+0x2f/0x100 [ 2826.224423] __alloc_skb+0xb1/0x5b0 [ 2826.224907] ieee802154_nl_new_reply+0x2f/0x100 [ 2826.225526] ieee802154_add_iface+0x22f/0x8f0 [ 2826.226102] ? __nla_parse+0x3e/0x50 [ 2826.226581] ? ieee802154_dump_phy+0x160/0x160 [ 2826.227165] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280 [ 2826.228188] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280 [ 2826.229267] genl_family_rcv_msg_doit+0x22d/0x330 [ 2826.230040] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 2826.231116] ? ns_capable+0xe2/0x110 [ 2826.231750] genl_rcv_msg+0x33c/0x5a0 [ 2826.232369] ? genl_get_cmd+0x480/0x480 [ 2826.233020] ? ieee802154_dump_phy+0x160/0x160 [ 2826.233787] ? lock_release+0x680/0x680 [ 2826.234434] ? __lockdep_reset_lock+0x180/0x180 [ 2826.235202] netlink_rcv_skb+0x14b/0x430 [ 2826.235879] ? genl_get_cmd+0x480/0x480 [ 2826.236527] ? netlink_ack+0xab0/0xab0 [ 2826.237173] ? netlink_deliver_tap+0x1c4/0xcd0 [ 2826.237931] ? is_vmalloc_addr+0x7b/0xb0 [ 2826.238721] genl_rcv+0x24/0x40 [ 2826.239337] netlink_unicast+0x549/0x7f0 [ 2826.240027] ? netlink_attachskb+0x870/0x870 [ 2826.240772] netlink_sendmsg+0x90f/0xdf0 [ 2826.241456] ? netlink_unicast+0x7f0/0x7f0 [ 2826.242177] ? netlink_unicast+0x7f0/0x7f0 [ 2826.242874] __sock_sendmsg+0x154/0x190 [ 2826.243541] ____sys_sendmsg+0x70d/0x870 [ 2826.244266] ? sock_write_iter+0x3d0/0x3d0 [ 2826.244948] ? do_recvmmsg+0x6d0/0x6d0 [ 2826.245594] ? perf_trace_lock+0xac/0x490 [ 2826.246288] ? __lockdep_reset_lock+0x180/0x180 [ 2826.247036] ? perf_trace_lock+0xac/0x490 [ 2826.247733] ? SOFTIRQ_verbose+0x10/0x10 [ 2826.248413] ___sys_sendmsg+0xf3/0x170 [ 2826.249046] ? sendmsg_copy_msghdr+0x160/0x160 [ 2826.249821] ? lock_downgrade+0x6d0/0x6d0 [ 2826.250549] ? find_held_lock+0x2c/0x110 [ 2826.251260] ? __fget_files+0x296/0x4c0 [ 2826.251935] ? __fget_light+0xea/0x290 [ 2826.252598] __sys_sendmsg+0xe5/0x1b0 [ 2826.253229] ? __sys_sendmsg_sock+0x40/0x40 [ 2826.253930] ? rcu_read_lock_any_held+0x75/0xa0 [ 2826.254751] do_syscall_64+0x33/0x40 [ 2826.255404] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2826.256256] RIP: 0033:0x7f72473f4b19 [ 2826.256860] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2826.259792] RSP: 002b:00007f724496a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2826.261037] RAX: ffffffffffffffda RBX: 00007f7247507f60 RCX: 00007f72473f4b19 [ 2826.262063] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2826.263065] RBP: 00007f724496a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2826.264092] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2826.265158] R13: 00007fff0764456f R14: 00007f724496a300 R15: 0000000000022000 05:14:42 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x4000, 0x0, 0x0, 0x0) 05:14:42 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:14:42 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r0, 0x0, 0x100000001) 05:14:42 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x6c00, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:14:42 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:14:42 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bac, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:15:03 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7400, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:15:03 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000000)=[{&(0x7f0000000140)=""/185, 0xb9}], 0x1, 0x1, 0x7) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0) read(r1, &(0x7f0000001640)=""/102400, 0x19000) close(r1) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r1, 0xc04c5349, &(0x7f00000000c0)={0x5, 0x1, 0x81}) r2 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read(r2, &(0x7f0000000000), 0x2000) r3 = openat$pidfd(0xffffffffffffff9c, &(0x7f000001a640), 0x400, 0x0) ioctl$F2FS_IOC_GET_PIN_FILE(r3, 0x8004f50e, &(0x7f000001a680)) close(r2) sendmsg$nl_generic(r1, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000240)={&(0x7f0000000340)=ANY=[@ANYBLOB="e81200001a0001002dbd7000fcdbdf251700000004003f0078cae8cfcd73715af2a90eeb40950bb292beac3a130ceb5fb3101b802ea5591166869ce5470f6a72ceacc7f3413c33104266c6e769fbee91f1debc513cb3026cc8e668a9a50c64aa4d4a603b5984685824165b1e4c32693149fe2af4384de14400e754c88551baaa4d8b3041a01b892ad80897fdb2ee6f22f1287ada11219eba2f3eafc56e9d0f025c97278b70c883a6c3ef66f7c209faec9e2b2c9df6fef22df4c4cf6d599815e9be29d691334f7cc6eadb67e764ebc9820398020bb10254c9b7d1df1d55fb08251ef605a07c739cf9d36612ddda2e87e096b78b031a8a9c77da98ec006ad8f9c5a0a1e44b37a2bd21d054a2f77557d01eea778229ebd8bd4433b516cebccc4f7083b2d4c3c3884be3df3f47a5240de898a266b0e70f75693fb96cc5fca6aeff597baf0513e0acefa54b8515fb5b2dde12ef14656fc4f10a2238991084119fabc71312a5b77a9a81e45cffa3d8fb6aad055457f55f72134cd3f8a6f3081e7e1a2c971c165f9b01e210d2ce5569bddd59c813f1e0445aa7e0aef1e8a92439e5a73ef58f18e7ff6eaa28a2db12f736c0ce99b7b8588c54d0f8c33d09a142d62d74b7e425164bb78d0a01614f3faa954efb5cffbd85f99951740e5d7ff772d26a0e7ee7f5eeef316f76bbd1be42795a0fd140ba124463babf0ac8f41aa343cf4775500fba214ba54a29e71737f269abcd783a2617077db95a4d04e3fd336582c8161222a359e6cb935a8748cc36cded8799a8f4936a283db65c03f0310a060da3e8fad70005e4e87764291544778273ee8af2cb8e8694a4cc3a2595bd43ed96b9323ea76a6c2e075031398213c2a6a80372c340defb7584ed0bdbd7050d8e1990755f98130330737ffeace275a76949b7c1bde0e43d4505f41349966fb39c78274f2775dae521808eb82314b7d013202777981cb2e0559b02db730f0b85b7039b6b1be317f4b210bd281cd99927ed75405ebeb60e194e9899d10be8b617c4fc4ff948e72ffe2514227c4d16f47da961418cffa662d00010cf29a6f98084b01669122ed7e19eb42c3d66ceb75a12654dc933137b3c57174998771dabe7a54b02c1b63663fda93acc352138df4be598504b4b1aaa25af0ae9205c115828e98bc9f6acb79ef934e79cd9b03069030ee53495847eb263031f6e84ef3ec10244e25a6db32a94afd9be3762ed0a7938b5b84466d81db52a945707c59565ef99e27e72f874f67615a1bffdcfd1ea1b1faa319c022818c649fb12a5ddbeb818a8714d1848113d6ce5f81ef1f49a5ecfac6a0fca563a3f3cda4aa9138ab1f0bc253ce1b2cbef8aabc26a5bef1ce73772b3e38022b1a1c072d97767c55c9020c3cda1456c8f6cf5dacc6eb5507ba9a4d93d1fd5a256180d3ac87359cdf5d06d35bf19b68f087f828fbe49d06fbbf8cc820b78ba70e503c9e6306df2842400a3d7599de892c181173891870fa55499d86ceb923a99fd1eb5f4e9f7428c40437eb7d7beb7025ec932109914e07a60db2ed09ba1439a9b3667cae35deea6a6a2a54a0d46de2ca9e59438d3aea869976b0776b46cf0afd3a7da419b2d92188566d108ad9d37815b79fbc00f1160ea614cdd312567cf050ba06989e13dde765ad3c11c2625b7d584fc0018cc2de3890906d4fc902ae53ba23bddcbf3799dea2c1a2f1c129a01c8fc95e1aaa80951fa45c433047ecbe5e4258e3068a637ee48fbf8be3c7f42fd11971139d37609eae6c40872966a36ebfd2e4c4cda181173a963c540138dda97fdf27d8ee81feaf4e78619e52405d239de06a19c347013e5d24a2e07d807c37c56dc01e7e1dae27eafac41da3dfe461229f17f372652e020a8765f818f83b08e8a924606e4f20f0c65088d5a7334811ff88f5e7095e19925b0a406d5ae544bb8adadc90d4968988a2c0c755a005c7294a760bc60d090ebf740e1b517ee1bff6fb265090bd8ebd6f9c839bd451ded46ee82cd762320701afa804773a4051bb031c5b2c33f62bdc8dab8268a3cc42b0b5a4d5a03ae631beb9c687948c8d640728452efcccf8da5b1b0ffd8369367d1cbdf68a11a4b0c3eff10168fabb3cde6fd3edd591b0545096635be19e614dde7b1deff39afd882ce88aec8a47c211a08b74f340e6bb932d337036844c294ed7e9ca4ee3732ba6832c9fe7e9877d50a61e68504ce914d5e9fcb0301b981a1babb88e52ef79c74c05841a8da3fcd04a7de44b3a295e75a049407309c511b38bfae5852e4a2a081cf584cdc013575c31a8ceb10287811ee2fdeb108e1a87188e0270fbc9db077b03db75a1cae2db04cb39d4505552977f5f2589f904bdaba21038055996cd01afdf4cf2e623a0cb8751ddba5494d4c0087bc3451945a5c754340a75f4bccfc1a8d23c0ab6f805acbd54a0b09370332ef3c8211c35534d480be7c43312157fac90e6bba38ca3565a93f4105084c3be19cdb5a1d9eea72636ddcd835b603497ec2a4e783e8dc8f91db033a039f8762fb39c8a4b0b212b8ce7878b144edf3f170eb37acab70212f8273dea6877f65a18418dc627183c44443cc7b54d646cbaa93fef9f3968d14fffa78be21fdb9997c3f306feaca43276ce3b2636fdeca41e1efe2c2721508b19461922fc69a465545623088a0b94c33631b1b9ac8ecc6c917c914465e43c4845210af4990a3a465989e98588b20350ac9f007ed4bf9b06ef6d5609e47d2794807ab5b49a4b30fdf2cb3d6fff003dc936ac7662caa9efa9ed8acbc9568565a0139613124988b5f0cf8960a63f6bb4ad87cf6b4cc31bc9fb198c092c0cc6d090437e9eb6fd97bb2e3866105a2f941b30004f3abc62d87f38b19b104bc4b74181f31e50872f889667cb60dbe2562af5da0031ace9f2e455dece265aa9de3904d1a8b01974fb923c940e2be4078dc5e5c70f96616dbb07266e707bccf241b61829a53eff79a6252142425c69944035acb4c2ee60e56a6d2dbb8d32c17b33e72790bcce805cd6c262dfe504ca91495a91970f556f57fad623e348c771c99ba6ab8cbccdaf125fbaf72cb98a91773e52a46c63ed4b16a051988d25c351258b1ccc8104a97f5aecc90ac5304de2f64324f02159922e31bf7fd06f482cc34a5573de0dec9e08b80b896af2316e99aec741a5e3ba9aaea124ba748fcbd7046481b51d8f9052c43676977c2f5da0fb684186bfe55dff20beeef2f151fb3a15ffa7228a3ed0dbd69c9a1d2d040d71a38c1f19c09737ba729481957d43378d09ae1e60d1edefbceef18aa377d611ed1a12cafa7e681ee0cbf1392ea45203aaccdab32142892d6a3a557e1b8bfa1c9a3972942b94cf4fdc0cccfcf18555ea2e76b80c7ec365bde09e94859455a3eb30df4bb63f08431da4461b61259191f6f3c8355c006cb48f369359c062dc8e0b8a5547f0b3d2efc0f995546fc427a1c5f96a30b09733f46c0b693d267beb305118ca4fd22f4f434f4fdfb648d97d18e43e6a0a27a3a0097762c51a9b53d534b57b354d55fa47143f9e47a536d7f60c7ec2b2ff92f389eb14c59f47ab5f00ce19b56c8d168515ba1ea0c1a8f611ae6b9ca3baefe5791b305003b3bafa2fe0f41d38aa050fd4ebb0eb574e914679c70a9ec94afa1174b9e43d4accbc1d37964cdc98334919c30e69ad4b09a21d54ae91521b1916e99b8ac1d6bda7b998f45cdcb82404fc7ece6152d868169d2dfd444d953cd5fe29e5bd97eda0533c45936950b6b600dcd30248d3976aca9178db6313da35daad84bb00a103271931adadb9afcdeafb45fb41c76c5af0945e50f6d15cf9c88ca6fe18dd881ec0633b89810679fe3f8daa765d5bf6d2ccf0d39a5437686322940e36f9bffc01df9ca678aba9621daecfa354c94abf6ed6cabff0cf472dfc2744c0e3f176f3d1dea0a7602df4af870039f142475fedd85fdc4f9943ec26916aeae799e3161a639dfbbe71f0e6eea97f9a0e04d5aa74d28e45633ada8f2910d082ff88ddd2c84ef40f5a1aa17bf8792878023bb768747eebfbe17681c76223d0fcb4fe2742aebc718180499973fc325d836aada970e8b0f76c86ac9a465806ce13ac1ef90d322eaef4b0ba5b0151bf38c8f517fa8ce5425034d4d1c2d690ddc0642f3db4e03890866c5544f0b18500e4589597f3132f91cf28426041ffcd5a9ab5ae774ddaf4c695461269dce0fde7233b10d292d82d542b8d603d0ed6e09874e79a2939b309d771518667e00812a9427e4a3d3f4cdd9057eb0dcc1a4da055e5e42ba3c18dd9e602209b22dd5d42b8516f3574c6e147ed6733006b97dfca98e130ea88863bcbf9418d02bb74744d3f6bbabd16e936556a33443487ef09cb1d1379c1b1b4ef11d797a8e0b7100f3494461de8f9cfe212669699462210adeacb3c280b05b5a27d4a1e23a740775fd117806e133a03e1614f7e2a77a1f7f5109ffd3d68d3c8e9d0fc64b266a69d8e5380a0d313810aa9f8897d303b2a8165a01b0a22da79c1deba300f1c421c681fb32901097df24c1e9d839a3889a9e38203a02a0b323122c4f9ed3988c146cd1eb7e15f87247ce8a0a36ced22741fae2a763acd216506802ab5cda767d2f3965f9d96a941ca9c720d5a64a202da61db03d25873fff3054de04004b98988bb85ba1b8b512bef6d7b2dd8ca7a507182042a471b35086d4e524f000850a2cc816201cdfa269ba747d47d1e88ea152766f2ece77fd369e1b6d6e5383506d9cce031512779dcb6de8afc644de8a257a9a00e3e0b6bd91701ea70c3c3f1074e097426b024eb052d7a5265a37acd165dbceb3c9de13c027807f6402e450f4b3cac6898d6ae8039fb323e7e3dbc5f31d7ed3135b6af3403a05bf163d2f8ec98c75aec9679dec8831c5e81d2465da62bf082c3d3ca338425c607a544eacb1f052a82132defc4512384b8dbb20b75f159c0355b9d152576050b961d8a1adf42519decdf10ffe9aef3c2396f83756d15f28c39a5ca373d5e0ad88f7f7caaadd0c10757cb136014c6a11987f6287d721f3d0bf9dabb4304a6410fa32d387ff46e108cba5e62f2117a5655db00168fa32b95b0dfcb6852aa42e1b0b4e0faee548fda708d076f058639ee1da71103b485901004a5d73dd1a70d5df86a9008c64a40193d7a76fd50f65cdb0e9bd8cbb8a13b3417a99143f159162bffb5f08e219cbc5a2919316f79dd4ce6cf9ee12ca58888438fb49b7263e3b209fbbce72d801553f8129f0d406a5af551ecaa1be386398f85def96b8a81451af09e1214344f807bc9c3410a23a4e1c3f238f01b86a63a49497ccc8a184e7fc18e8c5881c592f7eaa3b076c2e9f095d659189ca0c772a44c829cc86e34b11ae3c1ce3c0b3e4da57c22349891b58d504e6778cacb9e1a2e38194aa13b5d17003ec1e35ababb125aaba7fe42b6f96334642d657c9bcdebdce19094ac6888d92cdeabcb6c5b2adc4d4a8368a4662af5f95384ac4d26ee55430692a4d2681b415dfa29e122e4f143b93f19a8c02b81596cf8393d65e5cde190b4a09acf7ea1446c2b55384cfe17cbc101ddf0a91ba311eb8fb1c3378a7d9caa86d171900c1e56f9a0b6c87665c664da9f52007ff5eca9ddc078d886b95b6b78b7bba1c29d4b4bd6241c53c71adfa77740cd8f43102bbf7c4a386ae077b7af1ca6c986be7d9804d0e44bfa2f4049dbb57575e5e56550b6ceb9ccc0cad6bf71e239b290f1ac899924a986a519f073b06f3d03dd796ee81389ae0020501e519be3d17cb5086c6bf91186046f2e0fb659392362ab6ddf2b116823b38acf0cc63103b47bdd59dfdc2ee9397fc38306a6ad3e3e7f7d63cd68628820a0e52affc097e24fd6cd0e7ead6853f42c041bc9d18c361fe5c820080f13b1d74b526362f63b13737b7e95ffae07ec6aae65b25fa1415af93270b2cec2813038637dbae756b2bdcc017e4d54dd3076a43268d22c84f75e88ff119480d7ce5de98a1a4bf4fa9407e7add793a73bc8e3789f7f95bb91f52618cfee31a8a132a83c92d380e2bb587720870174d59849ee6b7e99446b76dfe2c81df77551c7a3dadb5bf5d253f8f53a7157c94478d8b579b7e856d4d5ea4c419e3216d49e7696305003000000000000008008b00", @ANYRES32=r2, @ANYBLOB="4088f622b17ae611eb7f2ae85abb1fcfb2fc51b36c24f5a1402ffe64c91475371b81cab83788251e52737481d45ce6033213aca93279a853a3d16a2631f87a3906eea4f7455ff3973dab0f1acfff808e274d122e3f8a4bdc31d9d94a7426b4de9c95ffe99124c62ab5d268c86ed6a16c96e70136e26680c6a42dc8b5a49b3e05a680973eb224ac9e2949be9d5fd15dfc1f4d2dfe49a3b8c0b52ea1460199c1fd1709eca08f92a18c87e3477bbcd4a17835086156a357ca8ef47a5b8a38506baad7b48a2ca2f7441aebf7898c09902aee4498476b7eb32f44160c6bf805a386447daf1c1cced664aa985c3aa7ac8f8f22460f6b4241279df376d81d25e8bc8d021d7b370ba0ccca1c021e97ee6c7625a34d568d850594c9c01be750ccea4711d7ef5573736098e6c589429a9fac2ef2cf9b858d55da86430865880e52a5d2a57f7f3d83a2c321136e52fc1147f785c761ed37ffff698202fc9848fc9239321f5602d7600b4ab57d7f6a5f3658163bed78a0aa27d7492dcb5481b4456418d78f827bbefab2128c044649216fd4bdfc3809da093d3ee27f7d0b0c69b1f5fe6a136ce06c90ec2781a06e66098430c4ee802aeadacf8aaf98a9b22eb77de9d4b5b4042a124544203755b5d0f888f140ca970a836015b73a13ac9889863610f2bfcb06c19007982f0f8b6ebe587a39b28539a437e506d1bf44000000000000"], 0x12e8}, 0x1, 0x0, 0x0, 0x40010}, 0x48040) 05:15:03 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bad, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:15:03 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:15:03 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 14) 05:15:03 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:15:03 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0xeffd, 0x0, 0x0, 0x0) 05:15:03 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r0, 0x0, 0x100000001) 05:15:03 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:15:03 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x5}, 0x0) [ 2847.909022] FAULT_INJECTION: forcing a failure. [ 2847.909022] name failslab, interval 1, probability 0, space 0, times 0 [ 2847.911003] CPU: 0 PID: 16618 Comm: syz-executor.2 Not tainted 5.10.210 #1 [ 2847.912141] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2847.913474] Call Trace: [ 2847.913921] dump_stack+0x107/0x167 [ 2847.914524] should_fail.cold+0x5/0xa [ 2847.915156] ? kvmalloc_node+0xc0/0x170 [ 2847.915805] should_failslab+0x5/0x20 [ 2847.916459] __kmalloc_node+0x76/0x420 [ 2847.917109] kvmalloc_node+0xc0/0x170 [ 2847.917731] alloc_netdev_mqs+0x97/0xe80 [ 2847.918384] ? mac802154_unlock_table+0x80/0x80 [ 2847.919149] ieee802154_if_add+0xc3/0x1040 [ 2847.919840] ? mutex_lock_io_nested+0xf30/0xf30 [ 2847.920591] ? mac802154_wpan_ioctl+0x2b0/0x2b0 [ 2847.921337] ? skb_put+0x134/0x180 [ 2847.921911] ? memset+0x20/0x50 [ 2847.922454] ? __nlmsg_put+0x155/0x1c0 [ 2847.923090] ? genlmsg_put+0x25b/0x2d0 [ 2847.923746] ieee802154_add_iface_deprecated+0x3e/0x60 [ 2847.924598] ieee802154_add_iface+0x44d/0x8f0 [ 2847.925331] ? ieee802154_dump_phy+0x160/0x160 [ 2847.926073] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280 [ 2847.927114] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280 [ 2847.928165] genl_family_rcv_msg_doit+0x22d/0x330 [ 2847.928939] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 2847.930028] ? ns_capable+0xe2/0x110 [ 2847.930638] genl_rcv_msg+0x33c/0x5a0 [ 2847.931264] ? genl_get_cmd+0x480/0x480 [ 2847.931913] ? ieee802154_dump_phy+0x160/0x160 [ 2847.932661] ? lock_release+0x680/0x680 [ 2847.933298] ? __lockdep_reset_lock+0x180/0x180 [ 2847.934054] netlink_rcv_skb+0x14b/0x430 [ 2847.934706] ? genl_get_cmd+0x480/0x480 [ 2847.935344] ? netlink_ack+0xab0/0xab0 [ 2847.936009] ? netlink_deliver_tap+0x1c4/0xcd0 [ 2847.936730] ? is_vmalloc_addr+0x7b/0xb0 [ 2847.937393] genl_rcv+0x24/0x40 [ 2847.937921] netlink_unicast+0x549/0x7f0 [ 2847.938587] ? netlink_attachskb+0x870/0x870 [ 2847.939322] netlink_sendmsg+0x90f/0xdf0 [ 2847.940006] ? netlink_unicast+0x7f0/0x7f0 [ 2847.940722] ? netlink_unicast+0x7f0/0x7f0 [ 2847.941402] __sock_sendmsg+0x154/0x190 [ 2847.942051] ____sys_sendmsg+0x70d/0x870 [ 2847.942730] ? sock_write_iter+0x3d0/0x3d0 [ 2847.943409] ? do_recvmmsg+0x6d0/0x6d0 [ 2847.944035] ? perf_trace_lock+0x2bd/0x490 [ 2847.944734] ? __lockdep_reset_lock+0x180/0x180 [ 2847.945498] ___sys_sendmsg+0xf3/0x170 [ 2847.946133] ? sendmsg_copy_msghdr+0x160/0x160 [ 2847.946881] ? lock_downgrade+0x6d0/0x6d0 [ 2847.947558] ? find_held_lock+0x2c/0x110 [ 2847.948265] ? __fget_files+0x296/0x4c0 [ 2847.948954] ? __fget_light+0xea/0x290 [ 2847.949605] __sys_sendmsg+0xe5/0x1b0 [ 2847.950226] ? __sys_sendmsg_sock+0x40/0x40 [ 2847.950913] ? rcu_read_lock_any_held+0x75/0xa0 [ 2847.951736] do_syscall_64+0x33/0x40 [ 2847.952342] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2847.953151] RIP: 0033:0x7f72473f4b19 [ 2847.953746] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2847.956628] RSP: 002b:00007f724496a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2847.957841] RAX: ffffffffffffffda RBX: 00007f7247507f60 RCX: 00007f72473f4b19 [ 2847.958967] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2847.960108] RBP: 00007f724496a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2847.961241] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2847.962369] R13: 00007fff0764456f R14: 00007f724496a300 R15: 0000000000022000 05:15:03 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r0, 0x0, 0x100000001) 05:15:04 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, 0xffffffffffffffff, 0x0, 0x100000001) 05:15:04 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 15) 05:15:04 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0xf5ff, 0x0, 0x0, 0x0) 05:15:04 executing program 3: prctl$PR_SET_IO_FLUSHER(0x39, 0x1) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x100400, 0x0) preadv(r1, &(0x7f0000000280), 0x0, 0x8, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r0, r2, &(0x7f00000000c0)=0xad, 0x0) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r2, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x68, 0x0, 0x100, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x20}}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_GW_SEL_CLASS={0x8}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x2}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x80000000}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x743}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0xf58c0000}]}, 0x68}, 0x1, 0x0, 0x0, 0x20000045}, 0x4000080) [ 2848.211183] FAULT_INJECTION: forcing a failure. [ 2848.211183] name failslab, interval 1, probability 0, space 0, times 0 [ 2848.212718] CPU: 1 PID: 16641 Comm: syz-executor.2 Not tainted 5.10.210 #1 [ 2848.213585] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2848.214618] Call Trace: [ 2848.214966] dump_stack+0x107/0x167 [ 2848.215432] should_fail.cold+0x5/0xa [ 2848.215928] ? create_object.isra.0+0x3a/0xa20 [ 2848.216510] should_failslab+0x5/0x20 [ 2848.216999] kmem_cache_alloc+0x5b/0x310 [ 2848.217513] ? lock_acquire+0x197/0x470 [ 2848.218025] create_object.isra.0+0x3a/0xa20 [ 2848.218582] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2848.219232] __kmalloc_node+0x1ae/0x420 [ 2848.219751] kvmalloc_node+0xc0/0x170 [ 2848.220254] alloc_netdev_mqs+0x97/0xe80 [ 2848.220770] ? mac802154_unlock_table+0x80/0x80 [ 2848.221368] ieee802154_if_add+0xc3/0x1040 [ 2848.221910] ? mutex_lock_io_nested+0xf30/0xf30 [ 2848.222498] ? mac802154_wpan_ioctl+0x2b0/0x2b0 [ 2848.223084] ? skb_put+0x134/0x180 [ 2848.223537] ? memset+0x20/0x50 [ 2848.223975] ? __nlmsg_put+0x155/0x1c0 [ 2848.224475] ? genlmsg_put+0x25b/0x2d0 [ 2848.224987] ieee802154_add_iface_deprecated+0x3e/0x60 [ 2848.225659] ieee802154_add_iface+0x44d/0x8f0 [ 2848.226235] ? ieee802154_dump_phy+0x160/0x160 [ 2848.226821] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280 [ 2848.227650] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280 [ 2848.228485] genl_family_rcv_msg_doit+0x22d/0x330 [ 2848.229098] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 2848.229949] ? ns_capable+0xe2/0x110 [ 2848.230429] genl_rcv_msg+0x33c/0x5a0 [ 2848.230920] ? genl_get_cmd+0x480/0x480 [ 2848.231429] ? ieee802154_dump_phy+0x160/0x160 [ 2848.232024] ? lock_release+0x680/0x680 [ 2848.232529] ? __lockdep_reset_lock+0x180/0x180 [ 2848.233126] netlink_rcv_skb+0x14b/0x430 [ 2848.233646] ? genl_get_cmd+0x480/0x480 [ 2848.234154] ? netlink_ack+0xab0/0xab0 [ 2848.234664] ? netlink_deliver_tap+0x1c4/0xcd0 [ 2848.235241] ? is_vmalloc_addr+0x7b/0xb0 [ 2848.235760] genl_rcv+0x24/0x40 [ 2848.236190] netlink_unicast+0x549/0x7f0 [ 2848.236714] ? netlink_attachskb+0x870/0x870 [ 2848.237288] netlink_sendmsg+0x90f/0xdf0 [ 2848.237817] ? netlink_unicast+0x7f0/0x7f0 [ 2848.238371] ? netlink_unicast+0x7f0/0x7f0 [ 2848.238910] __sock_sendmsg+0x154/0x190 [ 2848.239415] ____sys_sendmsg+0x70d/0x870 [ 2848.239946] ? sock_write_iter+0x3d0/0x3d0 [ 2848.240482] ? do_recvmmsg+0x6d0/0x6d0 [ 2848.240985] ? perf_trace_lock+0xac/0x490 [ 2848.241520] ? __lockdep_reset_lock+0x180/0x180 [ 2848.242107] ? perf_trace_lock+0xac/0x490 [ 2848.242632] ? SOFTIRQ_verbose+0x10/0x10 [ 2848.243153] ___sys_sendmsg+0xf3/0x170 [ 2848.243658] ? sendmsg_copy_msghdr+0x160/0x160 [ 2848.244254] ? lock_downgrade+0x6d0/0x6d0 [ 2848.244793] ? find_held_lock+0x2c/0x110 [ 2848.245321] ? __fget_files+0x296/0x4c0 [ 2848.245843] ? __fget_light+0xea/0x290 [ 2848.246358] __sys_sendmsg+0xe5/0x1b0 [ 2848.246845] ? __sys_sendmsg_sock+0x40/0x40 [ 2848.247397] ? rcu_read_lock_any_held+0x75/0xa0 [ 2848.248041] do_syscall_64+0x33/0x40 [ 2848.248517] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2848.249164] RIP: 0033:0x7f72473f4b19 [ 2848.249637] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2848.251933] RSP: 002b:00007f724496a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2848.252893] RAX: ffffffffffffffda RBX: 00007f7247507f60 RCX: 00007f72473f4b19 [ 2848.253792] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2848.254685] RBP: 00007f724496a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2848.255577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2848.256484] R13: 00007fff0764456f R14: 00007f724496a300 R15: 0000000000022000 05:15:04 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:15:24 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0xfdef, 0x0, 0x0, 0x0) 05:15:24 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:15:24 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7400, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:15:24 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, 0xffffffffffffffff, 0x0, 0x100000001) 05:15:24 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7a00, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:15:24 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bae, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:15:24 executing program 3: openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) 05:15:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 16) [ 2868.453397] FAULT_INJECTION: forcing a failure. [ 2868.453397] name failslab, interval 1, probability 0, space 0, times 0 [ 2868.454395] CPU: 0 PID: 16689 Comm: syz-executor.2 Not tainted 5.10.210 #1 [ 2868.454972] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2868.455657] Call Trace: [ 2868.455886] dump_stack+0x107/0x167 [ 2868.456211] should_fail.cold+0x5/0xa [ 2868.456544] ? create_object.isra.0+0x3a/0xa20 [ 2868.456933] should_failslab+0x5/0x20 [ 2868.457258] kmem_cache_alloc+0x5b/0x310 [ 2868.457614] create_object.isra.0+0x3a/0xa20 [ 2868.458011] kmemleak_alloc_percpu+0xa0/0x100 [ 2868.458398] pcpu_alloc+0x4e2/0x1240 [ 2868.458745] alloc_netdev_mqs+0x104/0xe80 [ 2868.459097] ? mac802154_unlock_table+0x80/0x80 [ 2868.459495] ieee802154_if_add+0xc3/0x1040 [ 2868.459854] ? mutex_lock_io_nested+0xf30/0xf30 [ 2868.460260] ? mac802154_wpan_ioctl+0x2b0/0x2b0 [ 2868.460652] ? skb_put+0x134/0x180 [ 2868.460951] ? memset+0x20/0x50 [ 2868.461236] ? __nlmsg_put+0x155/0x1c0 [ 2868.461566] ? genlmsg_put+0x25b/0x2d0 [ 2868.461908] ieee802154_add_iface_deprecated+0x3e/0x60 [ 2868.462357] ieee802154_add_iface+0x44d/0x8f0 [ 2868.462755] ? ieee802154_dump_phy+0x160/0x160 [ 2868.463142] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280 [ 2868.463685] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280 [ 2868.464260] genl_family_rcv_msg_doit+0x22d/0x330 [ 2868.464671] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 2868.465253] ? ns_capable+0xe2/0x110 [ 2868.465577] genl_rcv_msg+0x33c/0x5a0 [ 2868.465910] ? genl_get_cmd+0x480/0x480 [ 2868.466246] ? ieee802154_dump_phy+0x160/0x160 [ 2868.466643] ? lock_release+0x680/0x680 [ 2868.466976] ? __lockdep_reset_lock+0x180/0x180 [ 2868.467378] netlink_rcv_skb+0x14b/0x430 [ 2868.467724] ? genl_get_cmd+0x480/0x480 [ 2868.468079] ? netlink_ack+0xab0/0xab0 [ 2868.468424] ? netlink_deliver_tap+0x1c4/0xcd0 [ 2868.468806] ? is_vmalloc_addr+0x7b/0xb0 [ 2868.469153] genl_rcv+0x24/0x40 [ 2868.469439] netlink_unicast+0x549/0x7f0 [ 2868.469786] ? netlink_attachskb+0x870/0x870 [ 2868.470175] netlink_sendmsg+0x90f/0xdf0 [ 2868.470532] ? netlink_unicast+0x7f0/0x7f0 [ 2868.470911] ? netlink_unicast+0x7f0/0x7f0 [ 2868.471258] __sock_sendmsg+0x154/0x190 [ 2868.471600] ____sys_sendmsg+0x70d/0x870 [ 2868.471934] ? sock_write_iter+0x3d0/0x3d0 [ 2868.472294] ? do_recvmmsg+0x6d0/0x6d0 [ 2868.472616] ? perf_trace_lock+0x2bd/0x490 [ 2868.472984] ? __lockdep_reset_lock+0x180/0x180 [ 2868.473384] ___sys_sendmsg+0xf3/0x170 [ 2868.473724] ? sendmsg_copy_msghdr+0x160/0x160 [ 2868.474116] ? lock_downgrade+0x6d0/0x6d0 [ 2868.474469] ? find_held_lock+0x2c/0x110 [ 2868.474830] ? __fget_files+0x296/0x4c0 [ 2868.475173] ? __fget_light+0xea/0x290 [ 2868.475521] __sys_sendmsg+0xe5/0x1b0 [ 2868.475834] ? __sys_sendmsg_sock+0x40/0x40 [ 2868.476210] ? rcu_read_lock_any_held+0x75/0xa0 [ 2868.476639] do_syscall_64+0x33/0x40 [ 2868.476956] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2868.477390] RIP: 0033:0x7f72473f4b19 [ 2868.477711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2868.479226] RSP: 002b:00007f724496a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2868.479859] RAX: ffffffffffffffda RBX: 00007f7247507f60 RCX: 00007f72473f4b19 [ 2868.480463] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2868.481063] RBP: 00007f724496a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2868.481642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2868.482233] R13: 00007fff0764456f R14: 00007f724496a300 R15: 0000000000022000 05:15:24 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, 0xffffffffffffffff, 0x0, 0x100000001) 05:15:24 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r0, 0x8010661b, &(0x7f0000000000)) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) 05:15:24 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:15:24 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x6c00, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:15:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 17) [ 2868.693556] FAULT_INJECTION: forcing a failure. [ 2868.693556] name failslab, interval 1, probability 0, space 0, times 0 [ 2868.694575] CPU: 0 PID: 16724 Comm: syz-executor.2 Not tainted 5.10.210 #1 [ 2868.695151] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2868.695842] Call Trace: [ 2868.696088] dump_stack+0x107/0x167 [ 2868.696409] should_fail.cold+0x5/0xa [ 2868.696743] ? create_object.isra.0+0x3a/0xa20 [ 2868.697130] should_failslab+0x5/0x20 [ 2868.697441] kmem_cache_alloc+0x5b/0x310 [ 2868.697787] ? mark_held_locks+0x9e/0xe0 [ 2868.698129] create_object.isra.0+0x3a/0xa20 [ 2868.698512] kmemleak_alloc_percpu+0xa0/0x100 [ 2868.698887] pcpu_alloc+0x4e2/0x1240 [ 2868.699239] alloc_netdev_mqs+0x104/0xe80 [ 2868.699593] ? mac802154_unlock_table+0x80/0x80 [ 2868.700001] ieee802154_if_add+0xc3/0x1040 [ 2868.700365] ? mutex_lock_io_nested+0xf30/0xf30 [ 2868.700761] ? mac802154_wpan_ioctl+0x2b0/0x2b0 [ 2868.701154] ? skb_put+0x134/0x180 [ 2868.701459] ? memset+0x20/0x50 [ 2868.701756] ? __nlmsg_put+0x155/0x1c0 [ 2868.702086] ? genlmsg_put+0x25b/0x2d0 [ 2868.702424] ieee802154_add_iface_deprecated+0x3e/0x60 [ 2868.702868] ieee802154_add_iface+0x44d/0x8f0 [ 2868.703261] ? ieee802154_dump_phy+0x160/0x160 [ 2868.703647] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280 [ 2868.704205] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280 [ 2868.704744] genl_family_rcv_msg_doit+0x22d/0x330 [ 2868.705156] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 2868.705716] ? ns_capable+0xe2/0x110 [ 2868.706036] genl_rcv_msg+0x33c/0x5a0 [ 2868.706373] ? genl_get_cmd+0x480/0x480 [ 2868.706712] ? ieee802154_dump_phy+0x160/0x160 [ 2868.707115] ? lock_release+0x680/0x680 [ 2868.707449] ? __lockdep_reset_lock+0x180/0x180 [ 2868.707842] netlink_rcv_skb+0x14b/0x430 [ 2868.708203] ? genl_get_cmd+0x480/0x480 [ 2868.708556] ? netlink_ack+0xab0/0xab0 [ 2868.708899] ? netlink_deliver_tap+0x1c4/0xcd0 [ 2868.709269] ? is_vmalloc_addr+0x7b/0xb0 [ 2868.709625] genl_rcv+0x24/0x40 [ 2868.709905] netlink_unicast+0x549/0x7f0 [ 2868.710254] ? netlink_attachskb+0x870/0x870 [ 2868.710635] netlink_sendmsg+0x90f/0xdf0 [ 2868.710988] ? netlink_unicast+0x7f0/0x7f0 [ 2868.711350] ? netlink_unicast+0x7f0/0x7f0 [ 2868.711714] __sock_sendmsg+0x154/0x190 [ 2868.712040] ____sys_sendmsg+0x70d/0x870 [ 2868.712398] ? sock_write_iter+0x3d0/0x3d0 [ 2868.712755] ? do_recvmmsg+0x6d0/0x6d0 [ 2868.713086] ? perf_trace_lock+0x2bd/0x490 [ 2868.713454] ? __lockdep_reset_lock+0x180/0x180 [ 2868.713864] ___sys_sendmsg+0xf3/0x170 [ 2868.714205] ? sendmsg_copy_msghdr+0x160/0x160 [ 2868.714592] ? lock_downgrade+0x6d0/0x6d0 [ 2868.714956] ? find_held_lock+0x2c/0x110 [ 2868.715306] ? __fget_files+0x296/0x4c0 [ 2868.715664] ? __fget_light+0xea/0x290 [ 2868.716011] __sys_sendmsg+0xe5/0x1b0 [ 2868.716346] ? __sys_sendmsg_sock+0x40/0x40 [ 2868.716705] ? rcu_read_lock_any_held+0x75/0xa0 [ 2868.717141] do_syscall_64+0x33/0x40 [ 2868.717452] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2868.717894] RIP: 0033:0x7f72473f4b19 [ 2868.718216] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2868.719696] RSP: 002b:00007f724496a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2868.720350] RAX: ffffffffffffffda RBX: 00007f7247507f60 RCX: 00007f72473f4b19 [ 2868.720955] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2868.721552] RBP: 00007f724496a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2868.722144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2868.722752] R13: 00007fff0764456f R14: 00007f724496a300 R15: 0000000000022000 05:15:44 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7a00, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:15:44 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0xfff5, 0x0, 0x0, 0x0) 05:15:44 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 18) 05:15:44 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13baf, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:15:44 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x0) 05:15:44 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf000, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:15:44 executing program 4: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sysvipc/sem\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000340)={0x0}, &(0x7f0000000380)=0xc) sendmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r2}}}], 0x20}, 0x0) fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r2}) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) [ 2888.678343] FAULT_INJECTION: forcing a failure. [ 2888.678343] name failslab, interval 1, probability 0, space 0, times 0 [ 2888.680148] CPU: 1 PID: 16769 Comm: syz-executor.2 Not tainted 5.10.210 #1 [ 2888.681315] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2888.682572] Call Trace: [ 2888.682991] dump_stack+0x107/0x167 [ 2888.683558] should_fail.cold+0x5/0xa [ 2888.684145] ? __hw_addr_create_ex+0x5b/0x2c0 [ 2888.684847] should_failslab+0x5/0x20 [ 2888.685438] kmem_cache_alloc_trace+0x55/0x320 [ 2888.686152] __hw_addr_create_ex+0x5b/0x2c0 [ 2888.686826] __hw_addr_add_ex+0x1ed/0x2b0 [ 2888.687475] dev_addr_init+0x10b/0x1f0 [ 2888.688086] ? __hw_addr_ref_sync_dev+0x3b0/0x3b0 [ 2888.688852] alloc_netdev_mqs+0x13c/0xe80 [ 2888.689493] ? mac802154_unlock_table+0x80/0x80 [ 2888.690224] ieee802154_if_add+0xc3/0x1040 [ 2888.691064] ? mutex_lock_io_nested+0xf30/0xf30 [ 2888.691775] ? mac802154_wpan_ioctl+0x2b0/0x2b0 [ 2888.692700] ? skb_put+0x134/0x180 [ 2888.693252] ? memset+0x20/0x50 [ 2888.693912] ? __nlmsg_put+0x155/0x1c0 [ 2888.694526] ? genlmsg_put+0x25b/0x2d0 [ 2888.695312] ieee802154_add_iface_deprecated+0x3e/0x60 [ 2888.696346] ieee802154_add_iface+0x44d/0x8f0 [ 2888.697260] ? ieee802154_dump_phy+0x160/0x160 05:15:44 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4842, 0x0) io_setup(0x5, &(0x7f0000000080)=0x0) io_submit(r2, 0x2, &(0x7f0000000180)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffff36}]) r3 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read(r3, &(0x7f0000000000), 0x2000) close(r3) ioctl$AUTOFS_DEV_IOCTL_FAIL(r0, 0xc0189377, &(0x7f0000000240)={{0x1, 0x1, 0x18, r0, {0x6, 0x8}}, './file0\x00'}) r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0) read(r5, &(0x7f0000000000), 0x2000) close(r5) r6 = fcntl$dupfd(r0, 0x0, r0) recvmmsg$unix(r0, &(0x7f0000004500)=[{{&(0x7f0000000500)=@abs, 0x6e, &(0x7f0000000a40)=[{&(0x7f0000000580)=""/68, 0x44}, {&(0x7f0000000600)=""/138, 0x8a}, {&(0x7f00000006c0)=""/209, 0xd1}, {&(0x7f00000007c0)=""/230, 0xe6}, {&(0x7f00000008c0)=""/255, 0xff}, {&(0x7f00000009c0)=""/119, 0x77}], 0x6, &(0x7f0000000ac0)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xa8}}, {{&(0x7f0000000b80), 0x6e, &(0x7f0000001c40)=[{&(0x7f0000000c00)=""/4096, 0x1000}, {&(0x7f0000001c00)=""/54, 0x36}], 0x2, &(0x7f0000001c80)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x60}}, {{0x0, 0x0, &(0x7f0000004080)=[{&(0x7f0000001d00)=""/71, 0x47}, {&(0x7f0000001d80)=""/200, 0xc8}, {&(0x7f0000001e80)=""/4096, 0x1000}, {&(0x7f0000002e80)=""/4096, 0x1000}, {&(0x7f0000003e80)=""/121, 0x79}, {&(0x7f0000003f00)=""/252, 0xfc}, {&(0x7f0000004000)=""/69, 0x45}], 0x7, &(0x7f0000004100)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x40}}, {{&(0x7f0000004140)=@abs, 0x6e, &(0x7f00000043c0)=[{&(0x7f00000041c0)=""/90, 0x5a}, {&(0x7f0000004240)=""/38, 0x26}, {&(0x7f0000004280)=""/53, 0x35}, {&(0x7f00000042c0)=""/224, 0xe0}], 0x4, &(0x7f0000004400)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xd0}}], 0x4, 0x2020, &(0x7f0000004600)={0x0, 0x989680}) r8 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0) read(r8, &(0x7f0000000000), 0x2000) close(r8) r9 = openat(r0, &(0x7f0000004700)='./file0\x00', 0x20402, 0x5a) io_submit(r2, 0x6, &(0x7f0000004800)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x8, 0xfffe, r0, &(0x7f00000000c0)="ca241b83ec94cea8332b1a3de066fde071b5f890aa04fb52a915645703e0d0e3bff36e070ab9f1c4007efdc81d67fbddd20259a8f702959ec8e379f28a65a6db4cdefb075fd2cbfeb03c640dbb34fd6baa425db09163e83fd2a6f15509d8be6ca39107e4d4604024a1a85b4e125662bbc75c2735552f8ad110fe5f9bd64f36c8b29569a14bc800b8f8a86c892aba8c46270f75eb24b6a49ca67e66ef07e6c529ecae029ccc793137fde45e09a9ace4f4557bf78122746060ee8b52e8c3526ba5", 0xc0, 0x4, 0x0, 0x1, r0}, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x4, r3, &(0x7f0000000180)="0c66f274cf7e79b93b939ab795758205f8c58bb93f2a233f825754bed011477da41b730bbee317e27b65c1b44f708a698902549a112778e8726aad29eb33d8b0ffe67a6c096783d15c667928bc0b6b74851561819531c6d1bca84427711ab06533530696b46966f88150978cf7ce2c982deee41f1de1d75ada047f4456d1f2681640f4231598db28b6f3517ad86c1b30b83753ec7cf895923dd3f8246a9934c543a6a9f9de", 0xa5, 0x6, 0x0, 0x2, r4}, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x5, 0xca8, r0, &(0x7f0000000340)="ff6272cb46e56d5e6c68fff908a85bcd50f61bff777c47734c9085e66fbbda47eb21e7063e44619c4e3e7f1dde94eaf544e5e98a58fbca07e562da32df025a317664497a98f32a0ff524a21008693499a0322aa17215e15115694fa451ca18626d32476ebdc26bc1b0f93296a69a867245eadb4a6e82a57b3488931e73dc59fa997fea0a05805697db9761ad5e9efcbfa2", 0x91, 0x0, 0x0, 0x1, r5}, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x5, 0xff7f, r0, &(0x7f0000000440)="271f8f22d286ad644a050f720ca75f7afc1e28fdaea369748d15f55bb93a168139c71ad662cb1fd704f4fb5f336f388ed16869ede49f449dda89f54759a180352f350a9bb707930c4b70c64cb39794b5acb7a61849b2011d2e9905d7d423bbf178f46abf40f993", 0x67, 0x5, 0x0, 0x0, r6}, &(0x7f00000046c0)={0x0, 0x0, 0x0, 0x8, 0x8, r7, &(0x7f0000004640)="90b331babecf5d38d758f80a4be40f84fb1a43dbe665e2b81cb7a981fd1dbe681eefceeb351dfff67df6619d5b48924e71b8c3961ded277cde65e6573a416bdfcce0772e09026a646f8f16ab0a10f5b999cdca78c69b075f2b9d6ebe427fa72bec3a3ef75e4cce1d6b3bd25dc814af4472f05d29b7", 0x75, 0x1180000, 0x0, 0x1, r8}, &(0x7f00000047c0)={0x0, 0x0, 0x0, 0x0, 0x5, r9, &(0x7f0000004740)="5418d10092eaa08f1713916c8c22ffa82b65694d45363401be049cf97ad5bc8b10e1ffdb3445a9dca04712786cdd3e0dfeaff1fc41eb4ece302a3ff9b18cb409c763", 0x42, 0x4, 0x0, 0x4}]) [ 2888.698056] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280 [ 2888.699409] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280 [ 2888.700412] genl_family_rcv_msg_doit+0x22d/0x330 [ 2888.701152] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 2888.702181] ? ns_capable+0xe2/0x110 [ 2888.702763] genl_rcv_msg+0x33c/0x5a0 [ 2888.703363] ? genl_get_cmd+0x480/0x480 [ 2888.703971] ? ieee802154_dump_phy+0x160/0x160 [ 2888.704695] ? lock_release+0x680/0x680 [ 2888.705475] ? __lockdep_reset_lock+0x180/0x180 [ 2888.706195] netlink_rcv_skb+0x14b/0x430 [ 2888.706821] ? genl_get_cmd+0x480/0x480 [ 2888.707431] ? netlink_ack+0xab0/0xab0 [ 2888.708041] ? netlink_deliver_tap+0x1c4/0xcd0 [ 2888.708939] ? is_vmalloc_addr+0x7b/0xb0 [ 2888.709567] genl_rcv+0x24/0x40 [ 2888.710212] netlink_unicast+0x549/0x7f0 [ 2888.710847] ? netlink_attachskb+0x870/0x870 [ 2888.711717] netlink_sendmsg+0x90f/0xdf0 [ 2888.712359] ? netlink_unicast+0x7f0/0x7f0 [ 2888.713222] ? netlink_unicast+0x7f0/0x7f0 [ 2888.713866] __sock_sendmsg+0x154/0x190 [ 2888.714653] ____sys_sendmsg+0x70d/0x870 [ 2888.715288] ? sock_write_iter+0x3d0/0x3d0 [ 2888.715931] ? do_recvmmsg+0x6d0/0x6d0 [ 2888.716707] ? perf_trace_lock+0xac/0x490 [ 2888.717359] ? __lockdep_reset_lock+0x180/0x180 [ 2888.718062] ? perf_trace_lock+0xac/0x490 [ 2888.718870] ? SOFTIRQ_verbose+0x10/0x10 [ 2888.719506] ___sys_sendmsg+0xf3/0x170 [ 2888.720277] ? sendmsg_copy_msghdr+0x160/0x160 [ 2888.721010] ? lock_downgrade+0x6d0/0x6d0 [ 2888.721847] ? find_held_lock+0x2c/0x110 [ 2888.722494] ? __fget_files+0x296/0x4c0 [ 2888.723121] ? __fget_light+0xea/0x290 [ 2888.723898] __sys_sendmsg+0xe5/0x1b0 [ 2888.724502] ? __sys_sendmsg_sock+0x40/0x40 [ 2888.725161] ? rcu_read_lock_any_held+0x75/0xa0 [ 2888.726118] do_syscall_64+0x33/0x40 [ 2888.726691] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2888.727477] RIP: 0033:0x7f72473f4b19 [ 2888.728208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2888.730961] RSP: 002b:00007f724496a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2888.732479] RAX: ffffffffffffffda RBX: 00007f7247507f60 RCX: 00007f72473f4b19 [ 2888.733871] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2888.735289] RBP: 00007f724496a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2888.736701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2888.738093] R13: 00007fff0764456f R14: 00007f724496a300 R15: 0000000000022000 05:15:44 executing program 4: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13ba7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:15:44 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x0) 05:15:44 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(r0, 0xc0286687, &(0x7f00000000c0)={0x3, 0x2, 0x19000, &(0x7f0000000340)=""/102400}) 05:15:44 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7a00, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:15:44 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xfeff, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:15:44 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bb0, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:15:44 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 19) 05:15:44 executing program 4: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13ba1, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:15:44 executing program 3: openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0) read(r0, &(0x7f0000000000), 0x2000) close(r0) preadv(r0, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/111, 0x6f}], 0x1, 0xf912, 0x1000) 05:15:45 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x400000, 0x0, 0x0, 0x0) 05:15:45 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f00000000c0)=""/111, 0x6f}], 0x1, 0xd, 0x0) [ 2889.322215] FAULT_INJECTION: forcing a failure. [ 2889.322215] name failslab, interval 1, probability 0, space 0, times 0 [ 2889.325150] CPU: 1 PID: 16815 Comm: syz-executor.2 Not tainted 5.10.210 #1 [ 2889.326309] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2889.327586] Call Trace: [ 2889.327999] dump_stack+0x107/0x167 [ 2889.328602] should_fail.cold+0x5/0xa [ 2889.329197] ? ___slab_alloc+0x155/0x700 [ 2889.329859] ? create_object.isra.0+0x3a/0xa20 [ 2889.330575] should_failslab+0x5/0x20 [ 2889.331156] kmem_cache_alloc+0x5b/0x310 [ 2889.331848] create_object.isra.0+0x3a/0xa20 [ 2889.332616] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2889.333477] kmem_cache_alloc_trace+0x151/0x320 [ 2889.334268] __hw_addr_create_ex+0x5b/0x2c0 [ 2889.334982] __hw_addr_add_ex+0x1ed/0x2b0 [ 2889.335692] dev_addr_init+0x10b/0x1f0 [ 2889.336377] ? __hw_addr_ref_sync_dev+0x3b0/0x3b0 [ 2889.337199] alloc_netdev_mqs+0x13c/0xe80 [ 2889.337893] ? mac802154_unlock_table+0x80/0x80 [ 2889.338679] ieee802154_if_add+0xc3/0x1040 [ 2889.339390] ? mutex_lock_io_nested+0xf30/0xf30 [ 2889.340160] ? mac802154_wpan_ioctl+0x2b0/0x2b0 [ 2889.340970] ? skb_put+0x134/0x180 [ 2889.341572] ? memset+0x20/0x50 [ 2889.342122] ? __nlmsg_put+0x155/0x1c0 [ 2889.342781] ? genlmsg_put+0x25b/0x2d0 [ 2889.343454] ieee802154_add_iface_deprecated+0x3e/0x60 [ 2889.344359] ieee802154_add_iface+0x44d/0x8f0 [ 2889.345104] ? ieee802154_dump_phy+0x160/0x160 [ 2889.345875] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280 [ 2889.346986] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280 [ 2889.348094] genl_family_rcv_msg_doit+0x22d/0x330 [ 2889.348929] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 2889.350047] ? ns_capable+0xe2/0x110 [ 2889.350680] genl_rcv_msg+0x33c/0x5a0 [ 2889.351344] ? genl_get_cmd+0x480/0x480 [ 2889.351998] ? ieee802154_dump_phy+0x160/0x160 [ 2889.352786] ? lock_release+0x680/0x680 [ 2889.353456] ? __lockdep_reset_lock+0x180/0x180 [ 2889.354241] netlink_rcv_skb+0x14b/0x430 [ 2889.354914] ? genl_get_cmd+0x480/0x480 [ 2889.355600] ? netlink_ack+0xab0/0xab0 [ 2889.356271] ? netlink_deliver_tap+0x1c4/0xcd0 [ 2889.357034] ? is_vmalloc_addr+0x7b/0xb0 [ 2889.357720] genl_rcv+0x24/0x40 [ 2889.358277] netlink_unicast+0x549/0x7f0 [ 2889.358954] ? netlink_attachskb+0x870/0x870 [ 2889.359715] netlink_sendmsg+0x90f/0xdf0 [ 2889.360422] ? netlink_unicast+0x7f0/0x7f0 [ 2889.361131] ? netlink_unicast+0x7f0/0x7f0 [ 2889.361842] __sock_sendmsg+0x154/0x190 [ 2889.362515] ____sys_sendmsg+0x70d/0x870 [ 2889.363189] ? sock_write_iter+0x3d0/0x3d0 [ 2889.363909] ? do_recvmmsg+0x6d0/0x6d0 [ 2889.364575] ? perf_trace_lock+0xac/0x490 [ 2889.365228] ? __lockdep_reset_lock+0x180/0x180 [ 2889.365972] ? perf_trace_lock+0xac/0x490 [ 2889.366619] ? SOFTIRQ_verbose+0x10/0x10 [ 2889.367270] ___sys_sendmsg+0xf3/0x170 [ 2889.367883] ? sendmsg_copy_msghdr+0x160/0x160 [ 2889.368618] ? lock_downgrade+0x6d0/0x6d0 [ 2889.369270] ? find_held_lock+0x2c/0x110 [ 2889.369910] ? __fget_files+0x296/0x4c0 [ 2889.370549] ? __fget_light+0xea/0x290 [ 2889.371162] __sys_sendmsg+0xe5/0x1b0 [ 2889.371773] ? __sys_sendmsg_sock+0x40/0x40 [ 2889.372462] ? rcu_read_lock_any_held+0x75/0xa0 [ 2889.373215] do_syscall_64+0x33/0x40 [ 2889.373795] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2889.374580] RIP: 0033:0x7f72473f4b19 [ 2889.375147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2889.377952] RSP: 002b:00007f724496a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2889.379113] RAX: ffffffffffffffda RBX: 00007f7247507f60 RCX: 00007f72473f4b19 [ 2889.380216] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2889.381335] RBP: 00007f724496a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2889.382422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2889.383521] R13: 00007fff0764456f R14: 00007f724496a300 R15: 0000000000022000 05:15:45 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x0) 05:15:45 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 1) 05:15:45 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bb1, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) [ 2889.545822] FAULT_INJECTION: forcing a failure. [ 2889.545822] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2889.547788] CPU: 1 PID: 16827 Comm: syz-executor.7 Not tainted 5.10.210 #1 [ 2889.548924] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2889.550380] Call Trace: [ 2889.550940] dump_stack+0x107/0x167 [ 2889.551716] should_fail.cold+0x5/0xa [ 2889.552534] _copy_from_user+0x2e/0x1b0 [ 2889.553265] __copy_msghdr_from_user+0x91/0x4b0 [ 2889.554027] ? __ia32_sys_shutdown+0x80/0x80 [ 2889.554736] ? perf_trace_lock+0xac/0x490 [ 2889.555395] ? __lock_acquire+0xbb1/0x5b00 [ 2889.556084] sendmsg_copy_msghdr+0xa1/0x160 [ 2889.556798] ? do_recvmmsg+0x6d0/0x6d0 [ 2889.557384] ? perf_trace_lock+0xac/0x490 [ 2889.558058] ? SOFTIRQ_verbose+0x10/0x10 [ 2889.558719] ? __lockdep_reset_lock+0x180/0x180 [ 2889.559446] ? perf_trace_lock+0xac/0x490 [ 2889.560131] ? SOFTIRQ_verbose+0x10/0x10 [ 2889.560811] ___sys_sendmsg+0xc6/0x170 [ 2889.561430] ? sendmsg_copy_msghdr+0x160/0x160 [ 2889.562173] ? __fget_files+0x26d/0x4c0 [ 2889.562816] ? lock_downgrade+0x6d0/0x6d0 [ 2889.563470] ? find_held_lock+0x2c/0x110 [ 2889.564126] ? __fget_files+0x296/0x4c0 [ 2889.564797] ? __fget_light+0xea/0x290 [ 2889.565396] __sys_sendmsg+0xe5/0x1b0 [ 2889.566027] ? __sys_sendmsg_sock+0x40/0x40 [ 2889.566720] ? rcu_read_lock_any_held+0x75/0xa0 [ 2889.567449] ? fput_many+0x2f/0x1a0 [ 2889.568056] ? ksys_write+0x1a9/0x260 [ 2889.568689] ? __ia32_sys_read+0xb0/0xb0 [ 2889.569344] do_syscall_64+0x33/0x40 [ 2889.569953] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2889.570790] RIP: 0033:0x7f9dea275b19 [ 2889.571379] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2889.574168] RSP: 002b:00007f9de77eb188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2889.575374] RAX: ffffffffffffffda RBX: 00007f9dea388f60 RCX: 00007f9dea275b19 [ 2889.576476] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2889.577553] RBP: 00007f9de77eb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2889.578637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2889.579729] R13: 00007ffce689820f R14: 00007f9de77eb300 R15: 0000000000022000 05:16:07 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) stat(&(0x7f0000001fc0)='./file0\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, 0x0, 0x0) stat(&(0x7f0000001cc0)='./file1\x00', &(0x7f0000002000)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r3, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x200000, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@loose}, {@uname={'uname', 0x3d, '/proc/key-users\x00'}}, {@access_client}, {@fscache}, {@version_L}, {@cache_mmap}, {@version_9p2000}, {@afid={'afid', 0x3d, 0x4b6}}, {@access_client}], [{@uid_eq={'uid', 0x3d, r2}}, {@smackfsdef={'smackfsdef', 0x3d, '/proc/key-users\x00'}}, {@uid_eq={'uid', 0x3d, r3}}]}}) r4 = socket$nl_sock_diag(0x10, 0x3, 0x4) fsetxattr$security_capability(r4, &(0x7f00000002c0), &(0x7f0000000340)=@v2={0x2000000, [{0x4, 0x8}, {0x1, 0x6}]}, 0x14, 0x0) read(r1, &(0x7f0000000000), 0x2000) close(r1) r5 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) sendmsg(r4, &(0x7f0000001c80)={&(0x7f0000001400)=@can, 0x80, &(0x7f0000001d00)=[{&(0x7f0000001480)="334383a8cf5153c007f7b8936a3f674987a68b7adc4a081259874d548424248a9143de3154ee531a04adcc89e405fe23210887ecb1bb0778ff46ea728aa5dbce8674d7487212717b", 0x48}, {&(0x7f0000001500)="2c208e94769ca74b4aa7471f0e6014986346ef436ab9162f1171c60aff9aa37065969281ce8394842d1ecac3c6bf7b7d9c8cc30a3c87a306cdad573d1a8c461c1b85e0afcc3e65194bc1a4ea8c67d6f12f6cfba42f62184c5fd02d565a69921b0334011892dfdd65c008f25761885632404f9745dd4e11744b991d86324ce13746e5785b4313c4122329dc9ece158610395c197246b67912b7377e", 0x9b}, {&(0x7f00000015c0)="c52808ecb0cd3c259419655de9e16f11b00b43ccaf52cd4d83d74d2271263349bf8ebeacf07be1ac657cb51694ad5b75038cd6a058ab0b3c639a16396a40a10301946700880be673a9452fa74e58aaecf92661788ea52fa8dffa6ae6838a1020ac90947a2c9140a597a60cb50dd49876f4d41d8f3e30ef7fef05a26a083b95523e5fe16120f27c94ab601aa05ab817dfb7cb263a3fa887381c58d03455ca4f9de293fa078cd4f55bf7a349f77a36a82fe8beaeb06dd9f8b4ca4aa68a6221ef17a1c24efd11283db303399248e35c57cff1a2f812b62b618cf8dc4e257c1fcedfe057a7cc3ba62c73c53d47911ca1fb7f04c1", 0xf2}, {&(0x7f00000016c0)="7e9e31222921c3958d1f65d0ecb2c6a00898ca2d4018b722d254bc4bb158b6243af9935125d0fa906e9729aebde6e80306cf26023cf9517cb6020355f8533c946f8fe81a1c60492a07e89219242c1ffcf52776587b5f2c709706ce749fb4cc50ba26c24375daf4d5334b7aa3dc7644eee9806b53764d3f2188aad676e74b079b75c4842840755d08cedb902e883f5df687b7960a6ae2ed731a941c9f93e30685ab83c072ddb509f474bdc4ac40b02c3862c98fbf090a", 0xb6}, {&(0x7f0000001780)="c99688541da0e35b5a693340165b69f653aaca15de3c44e3759f0015f2eeaa718203b005083e417ce253e214aa5953e3f6fa4057398b9484aff51126fa18e843df495c7ce36bd6772dcf7a92eb9ecf372e429b1f461ae283bc034b6debc5ae22f5f657ff58ae6bcf6bb0178d10450e7c3ce6d84fe559ceb71ad6f9122dc351f2f7ed5bef0c7e2de055e19a4dd616d8ae03e33b9cddcb97d78353fa3d463de8f81c6fa35381459242aba1880fb2dd47ba89cbf67d8c649a8de0badba9d3c3d54545fb86e7a92696bb360342a199be", 0xce}, {&(0x7f0000001880)="696534933c837c222a01de560a0b6443df1d0429970901c41b3120a44c2d141e95b106936b116c1e2d05a18504629f61b6eb0db83ed1680ba98929ef8d174bee75261ccf4a312400f2103ff62430026c487fe8a41d6d336365a5a37ffa293fc3c06291662930bd118db4fdb504126bc3aec6669178331bbccb4ee15a50e238e1c2dd5784703fccd32572c38965d57766170049cfb4f3db38874ef2f84de69d3a96b8a5fd6ad7a8826eeaaad6f4a1654c2d89d0619c84304413b34737aae320d1d74403bc472559541a1ee2dff3b8d42e07a5", 0xd2}, {&(0x7f0000001980)="4a3509a57d1c01dccb075eed5c5519214e2b0dd9e2a0c7d5b09b76d57d4f33b09f932032e0aba363326c6ef4b86dcfac2d66e1383f3bf2157568582762b87127ac12643c4662278111f3f65d034924258d30781c97904d14e434e3933565d3e426382f62a2df955a38ad1904936251a72751d35f1fd7681016c122655d72246ac0f6a92932859dfef20b929ad0be459aa525ca6d", 0x94}, {&(0x7f0000001a40)="f215bd5c62534698ecd4b47e836b6a06aa79cf2f6fee7693c9dbfdaa7cd5596e961eabce6917fbf768cb9a360666881ff25b2921312cdf861398697a389c40e0a3be68a1ea9cc1e43ee6b9fc658394032ad8985f8c85c25bf52134265539ad5f1feec26a2e53286e93bf5229cfac0a81ae2ae716ca26eb90b1170639541368e2affec0feb5ecb40485f0b9db2567f2e6", 0x90}, {&(0x7f0000001b00)="824f2463a80268b96a19440e6ff5552a59c9e4c5ecfd8d82477c861652cac4784b93c43f8408ff2f665f7a8d9f0f7a2e6399b0858fb76838d2002b496e94ce6dffda10c1ca6e7107f20a0b75a36b9f7da8a0ec3c89e8625d551500b896ce65e92b8899f0aea7e6e220aa07888fa86235ebaf9ef9564e9c6940fb8e74d4be0733530d69e7b1a959f3e18325f06f6849da861b7da7b46531e7a734a6c5e785e20d21f485e646288ccc8c46465cac4ff4c871a11ad0fdf347fcce20dc1c3b09e28129047b02ea15fcf747b162399916959c4626f3163b8f11dd00753694fe4257cf854785d799ae6092789b9235", 0xec}], 0x9, &(0x7f0000001dc0)=ANY=[@ANYBLOB="580000000000000015010000ffffff7f0cb6c94d3856b65aea1fdb2d7328c5cf3de7883a9f1a0c1f86ff2d33accd1d617bb9521527019ecda10c1157e29c665f66090b9ff37ff00993d4ce3e09d5e47b7b696a17d81bbf000801000000000000020100000900000017673430c55a9a2e1c92319ad49b1f1e3045437d29447269019239d3b6afd9d5d70d72610dbce9b64e44969451f3ce0b36bd118d400a185ab94b1f670c2f1ee37f1485d78cdc89b9f2ebc788733cccd8e188558363bb4aa71663df1a7dcf4edcb70547c60c0fd6fd4704727e66a951061f36f6becce35b9e5b87624160606ba21812699ea86d0f50c73fe47d4a13efbec97a7bb21b68e312e5c50c359c87e0178dbb5ad5cea52a1cee26399c437d3f64489699de24b128cb8047c32af79a0939ed078829c827af7432ee23f2783f28069429d8ab5ad368c0209a2ba0ce7a7c20615a0106cbc19ba715805555c73b34cb6480b14970e0143300000000000070000000000000000701000038e8c6042b782a158d0874f34f9797be9b79a787c8710bb39468e0d246da236cac773995c11daaa4be92838250d5cdc513188a20aa99f4ac3f84cffff2437489c5871c5115b168fe715727f2c6d74a3daa3d"], 0x1d0}, 0x20000000) listxattr(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)=""/4096, 0x1000) read(r5, &(0x7f0000000000), 0x2000) close(r5) sendfile(r1, r5, &(0x7f0000000000)=0xfffffffffffffffb, 0x8) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r0, 0xc018937a, &(0x7f0000002100)=ANY=[@ANYBLOB="010000000100000004e20000d5dcdf3bd1011d94f2e9ddfbf48e5135bc286546043191f65bf39ff5625524fddbdb3be5f3eafd5c67c01fb60a0a8dfe62cf389bc903f3779ac7db2d60ea945edc1c447ee0383ac5f1cdd19b7d1e5f04d23b62ffa5f5032679a181cce8f293cf7d0abf836bb78f0f031126bfb4eedfff7a87f08a0df99a78bb5601d0a4f7330b1159d6fb2083b4af", @ANYRES32=r1, @ANYBLOB="001f0049e890cc865d582a2d01174608"]) dup2(0xffffffffffffffff, r1) 05:16:07 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xff7f, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:16:07 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bb2, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:16:07 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 2) 05:16:07 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 1) 05:16:07 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x800000, 0x0, 0x0, 0x0) 05:16:07 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 20) 05:16:07 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bb1, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) [ 2911.757716] FAULT_INJECTION: forcing a failure. [ 2911.757716] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2911.758733] CPU: 1 PID: 16905 Comm: syz-executor.4 Not tainted 5.10.210 #1 [ 2911.759295] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2911.759961] Call Trace: [ 2911.760183] dump_stack+0x107/0x167 [ 2911.760481] should_fail.cold+0x5/0xa [ 2911.760839] _copy_from_user+0x2e/0x1b0 [ 2911.761192] __copy_msghdr_from_user+0x91/0x4b0 [ 2911.761596] ? __ia32_sys_shutdown+0x80/0x80 [ 2911.761983] ? perf_trace_lock+0xac/0x490 [ 2911.762345] ? __lock_acquire+0xbb1/0x5b00 [ 2911.762720] sendmsg_copy_msghdr+0xa1/0x160 [ 2911.763096] ? do_recvmmsg+0x6d0/0x6d0 [ 2911.763430] ? perf_trace_lock+0xac/0x490 [ 2911.763775] ? SOFTIRQ_verbose+0x10/0x10 [ 2911.764114] ? __lockdep_reset_lock+0x180/0x180 [ 2911.764504] ? perf_trace_lock+0xac/0x490 [ 2911.764855] ? SOFTIRQ_verbose+0x10/0x10 [ 2911.765193] ___sys_sendmsg+0xc6/0x170 [ 2911.765531] ? sendmsg_copy_msghdr+0x160/0x160 [ 2911.765917] ? __fget_files+0x26d/0x4c0 [ 2911.766247] ? lock_downgrade+0x6d0/0x6d0 [ 2911.766594] ? find_held_lock+0x2c/0x110 [ 2911.766934] ? __fget_files+0x296/0x4c0 [ 2911.767268] ? __fget_light+0xea/0x290 [ 2911.767603] __sys_sendmsg+0xe5/0x1b0 [ 2911.767918] ? __sys_sendmsg_sock+0x40/0x40 [ 2911.768278] ? rcu_read_lock_any_held+0x75/0xa0 [ 2911.768671] ? fput_many+0x2f/0x1a0 [ 2911.768973] ? ksys_write+0x1a9/0x260 [ 2911.769287] ? __ia32_sys_read+0xb0/0xb0 [ 2911.769637] do_syscall_64+0x33/0x40 [ 2911.769943] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2911.770368] RIP: 0033:0x7f044fd89b19 [ 2911.770673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2911.772152] RSP: 002b:00007f044d2ff188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2911.772782] RAX: ffffffffffffffda RBX: 00007f044fe9cf60 RCX: 00007f044fd89b19 [ 2911.773361] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2911.773945] RBP: 00007f044d2ff1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2911.774523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2911.775107] R13: 00007ffd87edac3f R14: 00007f044d2ff300 R15: 0000000000022000 [ 2911.778676] FAULT_INJECTION: forcing a failure. [ 2911.778676] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2911.779725] CPU: 1 PID: 16907 Comm: syz-executor.7 Not tainted 5.10.210 #1 [ 2911.780279] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2911.780975] Call Trace: [ 2911.781196] dump_stack+0x107/0x167 [ 2911.781501] should_fail.cold+0x5/0xa [ 2911.781817] _copy_from_user+0x2e/0x1b0 [ 2911.782147] iovec_from_user+0x141/0x400 [ 2911.782484] __import_iovec+0x67/0x590 [ 2911.782806] ? __ia32_sys_shutdown+0x80/0x80 [ 2911.783169] ? perf_trace_lock+0xac/0x490 [ 2911.783524] import_iovec+0x83/0xb0 [ 2911.783829] sendmsg_copy_msghdr+0x131/0x160 [ 2911.784195] ? do_recvmmsg+0x6d0/0x6d0 [ 2911.784516] ? perf_trace_lock+0xac/0x490 [ 2911.784876] ? __lockdep_reset_lock+0x180/0x180 [ 2911.785255] ? perf_trace_lock+0xac/0x490 [ 2911.785599] ? SOFTIRQ_verbose+0x10/0x10 [ 2911.785939] ___sys_sendmsg+0xc6/0x170 [ 2911.786261] ? sendmsg_copy_msghdr+0x160/0x160 [ 2911.786637] ? __fget_files+0x26d/0x4c0 [ 2911.786970] ? lock_downgrade+0x6d0/0x6d0 [ 2911.787309] ? find_held_lock+0x2c/0x110 [ 2911.787659] ? __fget_files+0x296/0x4c0 [ 2911.787996] ? __fget_light+0xea/0x290 [ 2911.788323] __sys_sendmsg+0xe5/0x1b0 [ 2911.788648] ? __sys_sendmsg_sock+0x40/0x40 [ 2911.789002] ? rcu_read_lock_any_held+0x75/0xa0 [ 2911.789388] ? fput_many+0x2f/0x1a0 [ 2911.789684] ? ksys_write+0x1a9/0x260 [ 2911.790015] do_syscall_64+0x33/0x40 [ 2911.790320] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2911.790731] RIP: 0033:0x7f9dea275b19 [ 2911.791039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2911.792532] RSP: 002b:00007f9de77eb188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2911.793158] RAX: ffffffffffffffda RBX: 00007f9dea388f60 RCX: 00007f9dea275b19 [ 2911.793741] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2911.794316] RBP: 00007f9de77eb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2911.794892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2911.795471] R13: 00007ffce689820f R14: 00007f9de77eb300 R15: 0000000000022000 [ 2911.814285] FAULT_INJECTION: forcing a failure. [ 2911.814285] name failslab, interval 1, probability 0, space 0, times 0 [ 2911.815254] CPU: 1 PID: 16913 Comm: syz-executor.2 Not tainted 5.10.210 #1 [ 2911.815820] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2911.816490] Call Trace: [ 2911.816720] dump_stack+0x107/0x167 [ 2911.817027] should_fail.cold+0x5/0xa [ 2911.817348] ? kvmalloc_node+0x119/0x170 [ 2911.817682] should_failslab+0x5/0x20 [ 2911.818000] __kmalloc_node+0x76/0x420 [ 2911.818333] kvmalloc_node+0x119/0x170 [ 2911.818668] alloc_netdev_mqs+0x774/0xe80 [ 2911.819020] ieee802154_if_add+0xc3/0x1040 [ 2911.819370] ? mutex_lock_io_nested+0xf30/0xf30 [ 2911.819761] ? mac802154_wpan_ioctl+0x2b0/0x2b0 [ 2911.820142] ? skb_put+0x134/0x180 [ 2911.820436] ? memset+0x20/0x50 [ 2911.820734] ? __nlmsg_put+0x155/0x1c0 [ 2911.821060] ? genlmsg_put+0x25b/0x2d0 [ 2911.821390] ieee802154_add_iface_deprecated+0x3e/0x60 [ 2911.821828] ieee802154_add_iface+0x44d/0x8f0 [ 2911.822200] ? ieee802154_dump_phy+0x160/0x160 [ 2911.822579] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280 [ 2911.823123] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280 [ 2911.823654] genl_family_rcv_msg_doit+0x22d/0x330 [ 2911.824055] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 2911.824621] ? ns_capable+0xe2/0x110 [ 2911.824935] genl_rcv_msg+0x33c/0x5a0 [ 2911.825252] ? genl_get_cmd+0x480/0x480 [ 2911.825581] ? ieee802154_dump_phy+0x160/0x160 [ 2911.825964] ? lock_release+0x680/0x680 [ 2911.826288] ? __lockdep_reset_lock+0x180/0x180 [ 2911.826674] netlink_rcv_skb+0x14b/0x430 [ 2911.827011] ? genl_get_cmd+0x480/0x480 [ 2911.827337] ? netlink_ack+0xab0/0xab0 [ 2911.827676] ? netlink_deliver_tap+0x1c4/0xcd0 [ 2911.828055] ? is_vmalloc_addr+0x7b/0xb0 [ 2911.828390] genl_rcv+0x24/0x40 [ 2911.828679] netlink_unicast+0x549/0x7f0 [ 2911.829020] ? netlink_attachskb+0x870/0x870 [ 2911.829392] netlink_sendmsg+0x90f/0xdf0 [ 2911.829731] ? netlink_unicast+0x7f0/0x7f0 [ 2911.830089] ? netlink_unicast+0x7f0/0x7f0 [ 2911.830447] __sock_sendmsg+0x154/0x190 [ 2911.830775] ____sys_sendmsg+0x70d/0x870 [ 2911.831112] ? sock_write_iter+0x3d0/0x3d0 [ 2911.831458] ? do_recvmmsg+0x6d0/0x6d0 [ 2911.831779] ? perf_trace_lock+0xac/0x490 [ 2911.832129] ? __lockdep_reset_lock+0x180/0x180 [ 2911.832516] ? perf_trace_lock+0xac/0x490 [ 2911.832866] ? SOFTIRQ_verbose+0x10/0x10 [ 2911.833207] ___sys_sendmsg+0xf3/0x170 [ 2911.833536] ? sendmsg_copy_msghdr+0x160/0x160 [ 2911.833919] ? lock_downgrade+0x6d0/0x6d0 [ 2911.834263] ? find_held_lock+0x2c/0x110 [ 2911.834614] ? __fget_files+0x296/0x4c0 [ 2911.834953] ? __fget_light+0xea/0x290 [ 2911.835287] __sys_sendmsg+0xe5/0x1b0 [ 2911.835606] ? __sys_sendmsg_sock+0x40/0x40 [ 2911.835964] ? rcu_read_lock_any_held+0x75/0xa0 [ 2911.836374] do_syscall_64+0x33/0x40 [ 2911.836686] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2911.837106] RIP: 0033:0x7f72473f4b19 [ 2911.837417] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2911.838915] RSP: 002b:00007f724496a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2911.839537] RAX: ffffffffffffffda RBX: 00007f7247507f60 RCX: 00007f72473f4b19 [ 2911.840118] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2911.840709] RBP: 00007f724496a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2911.841291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2911.841870] R13: 00007fff0764456f R14: 00007f724496a300 R15: 0000000000022000 05:16:07 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bb3, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:16:07 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/zoneinfo\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) 05:16:07 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bb1, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:16:07 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 2) 05:16:07 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 3) [ 2911.983401] FAULT_INJECTION: forcing a failure. [ 2911.983401] name failslab, interval 1, probability 0, space 0, times 0 [ 2911.984565] CPU: 0 PID: 16934 Comm: syz-executor.7 Not tainted 5.10.210 #1 [ 2911.985201] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2911.985940] Call Trace: [ 2911.986203] dump_stack+0x107/0x167 [ 2911.986558] should_fail.cold+0x5/0xa [ 2911.986895] ? __alloc_skb+0x6d/0x5b0 [ 2911.987228] should_failslab+0x5/0x20 [ 2911.987593] kmem_cache_alloc_node+0x55/0x330 [ 2911.988111] __alloc_skb+0x6d/0x5b0 [ 2911.988531] netlink_sendmsg+0x998/0xdf0 [ 2911.989009] ? netlink_unicast+0x7f0/0x7f0 [ 2911.989502] ? netlink_unicast+0x7f0/0x7f0 [ 2911.989972] __sock_sendmsg+0x154/0x190 [ 2911.990413] ____sys_sendmsg+0x70d/0x870 [ 2911.990867] ? sock_write_iter+0x3d0/0x3d0 [ 2911.991326] ? do_recvmmsg+0x6d0/0x6d0 [ 2911.991752] ? perf_trace_lock+0x2bd/0x490 [ 2911.992210] ? __lockdep_reset_lock+0x180/0x180 [ 2911.992634] ___sys_sendmsg+0xf3/0x170 [ 2911.992973] ? sendmsg_copy_msghdr+0x160/0x160 [ 2911.993390] ? lock_downgrade+0x6d0/0x6d0 [ 2911.993756] ? find_held_lock+0x2c/0x110 [ 2911.994131] ? __fget_files+0x296/0x4c0 [ 2911.994496] ? __fget_light+0xea/0x290 [ 2911.994851] __sys_sendmsg+0xe5/0x1b0 [ 2911.995215] ? __sys_sendmsg_sock+0x40/0x40 [ 2911.995585] ? rcu_read_lock_any_held+0x75/0xa0 [ 2911.996041] do_syscall_64+0x33/0x40 [ 2911.996369] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2911.996830] RIP: 0033:0x7f9dea275b19 [ 2911.997208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2911.998781] RSP: 002b:00007f9de77eb188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2911.999434] RAX: ffffffffffffffda RBX: 00007f9dea388f60 RCX: 00007f9dea275b19 [ 2912.000039] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2912.000648] RBP: 00007f9de77eb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2912.001257] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2912.001861] R13: 00007ffce689820f R14: 00007f9de77eb300 R15: 0000000000022000 [ 2912.005651] FAULT_INJECTION: forcing a failure. [ 2912.005651] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2912.006711] CPU: 0 PID: 16936 Comm: syz-executor.4 Not tainted 5.10.210 #1 [ 2912.007336] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2912.008068] Call Trace: [ 2912.008323] dump_stack+0x107/0x167 [ 2912.008679] should_fail.cold+0x5/0xa [ 2912.009021] _copy_from_user+0x2e/0x1b0 [ 2912.009368] iovec_from_user+0x141/0x400 [ 2912.009727] __import_iovec+0x67/0x590 [ 2912.010083] ? __ia32_sys_shutdown+0x80/0x80 [ 2912.010486] import_iovec+0x83/0xb0 [ 2912.010812] sendmsg_copy_msghdr+0x131/0x160 [ 2912.011203] ? do_recvmmsg+0x6d0/0x6d0 [ 2912.011541] ? perf_trace_lock+0x2bd/0x490 [ 2912.011920] ? __lockdep_reset_lock+0x180/0x180 [ 2912.012343] ___sys_sendmsg+0xc6/0x170 [ 2912.012692] ? sendmsg_copy_msghdr+0x160/0x160 [ 2912.013102] ? __fget_files+0x26d/0x4c0 [ 2912.013457] ? lock_downgrade+0x6d0/0x6d0 [ 2912.013820] ? find_held_lock+0x2c/0x110 [ 2912.014239] ? __fget_files+0x296/0x4c0 [ 2912.014610] ? __fget_light+0xea/0x290 [ 2912.014960] __sys_sendmsg+0xe5/0x1b0 [ 2912.015302] ? __sys_sendmsg_sock+0x40/0x40 [ 2912.015677] ? rcu_read_lock_any_held+0x75/0xa0 [ 2912.016096] ? fput_many+0x2f/0x1a0 [ 2912.016414] ? ksys_write+0x1a9/0x260 [ 2912.016773] do_syscall_64+0x33/0x40 [ 2912.017110] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2912.017546] RIP: 0033:0x7f044fd89b19 [ 2912.017867] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2912.019435] RSP: 002b:00007f044d2ff188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2912.020086] RAX: ffffffffffffffda RBX: 00007f044fe9cf60 RCX: 00007f044fd89b19 [ 2912.020695] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2912.021286] RBP: 00007f044d2ff1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2912.021893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2912.022497] R13: 00007ffd87edac3f R14: 00007f044d2ff300 R15: 0000000000022000 05:16:25 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 21) 05:16:25 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x20000000, 0x0, 0x0, 0x0) 05:16:25 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 3) 05:16:25 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 4) 05:16:25 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) ftruncate(r0, 0x5) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000340)={0x0}, &(0x7f0000000380)=0xc) sendmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r2}}}], 0x20}, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0) read(r3, &(0x7f0000000000), 0x2000) close(r3) r4 = perf_event_open$cgroup(&(0x7f00000004c0)={0x0, 0x80, 0x1, 0x46, 0x0, 0x2, 0x0, 0x1, 0x8000, 0x4, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x7, 0x2, @perf_bp={&(0x7f0000000140)}, 0x800, 0x100000001, 0x3, 0x9, 0x3, 0x7, 0x40, 0x0, 0x9}, r3, 0xe, r0, 0xc) perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x2, 0x9, 0x3f, 0x8, 0x0, 0x0, 0x0, 0xb, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x3, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f00000002c0), 0x8}, 0x26a0, 0x9a8a, 0x0, 0x1, 0x3, 0xfffffffe, 0x1f, 0x0, 0x4, 0x0, 0x8}, r2, 0x1, r4, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000000000)=""/140, 0x8e}, {&(0x7f00000000c0)=""/93, 0x5d}, {&(0x7f0000000280)=""/23, 0xb}, {&(0x7f0000000180)=""/130, 0x82}], 0x2, 0x4, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) 05:16:25 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bb4, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:16:25 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) (fail_nth: 1) 05:16:25 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xfffe, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) [ 2930.063218] FAULT_INJECTION: forcing a failure. [ 2930.063218] name failslab, interval 1, probability 0, space 0, times 0 [ 2930.064199] CPU: 0 PID: 16986 Comm: syz-executor.2 Not tainted 5.10.210 #1 [ 2930.064753] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2930.065436] Call Trace: [ 2930.065664] dump_stack+0x107/0x167 [ 2930.065971] should_fail.cold+0x5/0xa [ 2930.066287] ? create_object.isra.0+0x3a/0xa20 [ 2930.066666] should_failslab+0x5/0x20 [ 2930.066990] kmem_cache_alloc+0x5b/0x310 [ 2930.067340] create_object.isra.0+0x3a/0xa20 [ 2930.067697] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2930.068117] __kmalloc_node+0x1ae/0x420 [ 2930.068466] kvmalloc_node+0x119/0x170 [ 2930.068808] alloc_netdev_mqs+0x774/0xe80 [ 2930.069168] ieee802154_if_add+0xc3/0x1040 [ 2930.069525] ? mutex_lock_io_nested+0xf30/0xf30 [ 2930.069903] ? mac802154_wpan_ioctl+0x2b0/0x2b0 [ 2930.070291] ? skb_put+0x134/0x180 [ 2930.070586] ? memset+0x20/0x50 [ 2930.070867] ? __nlmsg_put+0x155/0x1c0 [ 2930.071191] ? genlmsg_put+0x25b/0x2d0 [ 2930.071530] ieee802154_add_iface_deprecated+0x3e/0x60 [ 2930.071959] ieee802154_add_iface+0x44d/0x8f0 [ 2930.072336] ? ieee802154_dump_phy+0x160/0x160 [ 2930.072716] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280 [ 2930.073266] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280 [ 2930.073806] genl_family_rcv_msg_doit+0x22d/0x330 [ 2930.074206] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 2930.074773] ? ns_capable+0xe2/0x110 [ 2930.075091] genl_rcv_msg+0x33c/0x5a0 [ 2930.075413] ? genl_get_cmd+0x480/0x480 [ 2930.075747] ? ieee802154_dump_phy+0x160/0x160 [ 2930.076139] ? lock_release+0x680/0x680 [ 2930.076467] ? __lockdep_reset_lock+0x180/0x180 [ 2930.076876] netlink_rcv_skb+0x14b/0x430 [ 2930.077209] ? genl_get_cmd+0x480/0x480 [ 2930.077543] ? netlink_ack+0xab0/0xab0 [ 2930.077882] ? netlink_deliver_tap+0x1c4/0xcd0 [ 2930.078257] ? is_vmalloc_addr+0x7b/0xb0 [ 2930.078596] genl_rcv+0x24/0x40 [ 2930.078874] netlink_unicast+0x549/0x7f0 [ 2930.079219] ? netlink_attachskb+0x870/0x870 [ 2930.079598] netlink_sendmsg+0x90f/0xdf0 [ 2930.079941] ? netlink_unicast+0x7f0/0x7f0 [ 2930.080307] ? netlink_unicast+0x7f0/0x7f0 [ 2930.080653] __sock_sendmsg+0x154/0x190 [ 2930.081047] ____sys_sendmsg+0x70d/0x870 [ 2930.081391] ? sock_write_iter+0x3d0/0x3d0 [ 2930.081736] ? do_recvmmsg+0x6d0/0x6d0 [ 2930.082055] ? perf_trace_lock+0x2bd/0x490 [ 2930.082414] ? __lockdep_reset_lock+0x180/0x180 [ 2930.082815] ___sys_sendmsg+0xf3/0x170 [ 2930.083150] ? sendmsg_copy_msghdr+0x160/0x160 [ 2930.083535] ? lock_downgrade+0x6d0/0x6d0 [ 2930.083878] ? find_held_lock+0x2c/0x110 [ 2930.084225] ? __fget_files+0x296/0x4c0 [ 2930.084568] ? __fget_light+0xea/0x290 [ 2930.084920] __sys_sendmsg+0xe5/0x1b0 [ 2930.085235] ? __sys_sendmsg_sock+0x40/0x40 [ 2930.085590] ? rcu_read_lock_any_held+0x75/0xa0 [ 2930.086022] do_syscall_64+0x33/0x40 [ 2930.086325] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2930.086742] RIP: 0033:0x7f72473f4b19 [ 2930.087052] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2930.088544] RSP: 002b:00007f724496a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2930.089172] RAX: ffffffffffffffda RBX: 00007f7247507f60 RCX: 00007f72473f4b19 [ 2930.089739] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2930.090313] RBP: 00007f724496a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2930.090876] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2930.091449] R13: 00007fff0764456f R14: 00007f724496a300 R15: 0000000000022000 [ 2930.116771] FAULT_INJECTION: forcing a failure. [ 2930.116771] name failslab, interval 1, probability 0, space 0, times 0 [ 2930.117570] FAULT_INJECTION: forcing a failure. [ 2930.117570] name failslab, interval 1, probability 0, space 0, times 0 [ 2930.117785] CPU: 0 PID: 16997 Comm: syz-executor.4 Not tainted 5.10.210 #1 [ 2930.120292] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2930.120968] Call Trace: [ 2930.121192] dump_stack+0x107/0x167 [ 2930.121492] should_fail.cold+0x5/0xa [ 2930.121809] ? __alloc_skb+0x6d/0x5b0 [ 2930.122125] should_failslab+0x5/0x20 [ 2930.122436] kmem_cache_alloc_node+0x55/0x330 [ 2930.122808] __alloc_skb+0x6d/0x5b0 [ 2930.123116] netlink_sendmsg+0x998/0xdf0 [ 2930.123455] ? netlink_unicast+0x7f0/0x7f0 [ 2930.123820] ? netlink_unicast+0x7f0/0x7f0 [ 2930.124168] __sock_sendmsg+0x154/0x190 [ 2930.124492] ____sys_sendmsg+0x70d/0x870 [ 2930.124838] ? sock_write_iter+0x3d0/0x3d0 [ 2930.125183] ? do_recvmmsg+0x6d0/0x6d0 [ 2930.125495] ? perf_trace_lock+0x2bd/0x490 [ 2930.125854] ? __lockdep_reset_lock+0x180/0x180 [ 2930.126238] ___sys_sendmsg+0xf3/0x170 [ 2930.126560] ? sendmsg_copy_msghdr+0x160/0x160 [ 2930.126937] ? lock_downgrade+0x6d0/0x6d0 [ 2930.127277] ? find_held_lock+0x2c/0x110 [ 2930.127625] ? __fget_files+0x296/0x4c0 [ 2930.127966] ? __fget_light+0xea/0x290 [ 2930.128294] __sys_sendmsg+0xe5/0x1b0 [ 2930.128603] ? __sys_sendmsg_sock+0x40/0x40 [ 2930.128972] ? rcu_read_lock_any_held+0x75/0xa0 [ 2930.129397] do_syscall_64+0x33/0x40 [ 2930.129696] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2930.130110] RIP: 0033:0x7f044fd89b19 [ 2930.130411] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2930.131885] RSP: 002b:00007f044d2de188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2930.132495] RAX: ffffffffffffffda RBX: 00007f044fe9d020 RCX: 00007f044fd89b19 [ 2930.133090] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2930.133664] RBP: 00007f044d2de1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2930.134236] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2930.134807] R13: 00007ffd87edac3f R14: 00007f044d2de300 R15: 0000000000022000 [ 2930.135421] CPU: 1 PID: 16991 Comm: syz-executor.5 Not tainted 5.10.210 #1 [ 2930.136552] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2930.137910] Call Trace: [ 2930.138344] dump_stack+0x107/0x167 [ 2930.138945] should_fail.cold+0x5/0xa [ 2930.139572] ? alloc_pipe_info+0x10a/0x590 [ 2930.140271] should_failslab+0x5/0x20 [ 2930.140904] kmem_cache_alloc_trace+0x55/0x320 [ 2930.141660] alloc_pipe_info+0x10a/0x590 [ 2930.142309] splice_direct_to_actor+0x774/0x980 [ 2930.143072] ? _cond_resched+0x12/0x80 [ 2930.143686] ? inode_security+0x107/0x140 [ 2930.144363] ? pipe_to_sendpage+0x380/0x380 [ 2930.145049] ? selinux_file_permission+0x92/0x520 [ 2930.145844] ? do_splice_to+0x160/0x160 [ 2930.146471] ? security_file_permission+0x24e/0x570 [ 2930.147300] do_splice_direct+0x1c4/0x290 [ 2930.147950] ? splice_direct_to_actor+0x980/0x980 [ 2930.148732] ? selinux_file_permission+0x92/0x520 [ 2930.149515] ? security_file_permission+0x24e/0x570 [ 2930.150347] do_sendfile+0x553/0x1090 [ 2930.150964] ? do_pwritev+0x270/0x270 [ 2930.151600] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2930.152455] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2930.153302] ? trace_hardirqs_on+0x5b/0x180 [ 2930.154012] __x64_sys_sendfile64+0x1d1/0x210 [ 2930.154719] ? __ia32_sys_sendfile+0x220/0x220 [ 2930.155484] do_syscall_64+0x33/0x40 [ 2930.156073] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2930.156914] RIP: 0033:0x7fa47a8f1b19 [ 2930.157504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2930.160468] RSP: 002b:00007fa477e67188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2930.161715] RAX: ffffffffffffffda RBX: 00007fa47aa04f60 RCX: 00007fa47a8f1b19 [ 2930.162874] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 2930.164028] RBP: 00007fa477e671d0 R08: 0000000000000000 R09: 0000000000000000 [ 2930.165201] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000001 [ 2930.166359] R13: 00007ffc61c0da3f R14: 00007fa477e67300 R15: 0000000000022000 [ 2930.166515] FAULT_INJECTION: forcing a failure. [ 2930.166515] name failslab, interval 1, probability 0, space 0, times 0 [ 2930.168493] CPU: 0 PID: 16998 Comm: syz-executor.7 Not tainted 5.10.210 #1 [ 2930.169080] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2930.169759] Call Trace: [ 2930.169982] dump_stack+0x107/0x167 [ 2930.170282] should_fail.cold+0x5/0xa [ 2930.170596] ? create_object.isra.0+0x3a/0xa20 [ 2930.170972] should_failslab+0x5/0x20 [ 2930.171288] kmem_cache_alloc+0x5b/0x310 [ 2930.171632] create_object.isra.0+0x3a/0xa20 [ 2930.171992] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2930.172424] kmem_cache_alloc_node+0x169/0x330 [ 2930.172822] __alloc_skb+0x6d/0x5b0 [ 2930.173136] netlink_sendmsg+0x998/0xdf0 [ 2930.173478] ? netlink_unicast+0x7f0/0x7f0 [ 2930.173842] ? netlink_unicast+0x7f0/0x7f0 [ 2930.174187] __sock_sendmsg+0x154/0x190 [ 2930.174513] ____sys_sendmsg+0x70d/0x870 [ 2930.174853] ? sock_write_iter+0x3d0/0x3d0 [ 2930.175208] ? do_recvmmsg+0x6d0/0x6d0 [ 2930.175526] ? perf_trace_lock+0x2bd/0x490 [ 2930.175892] ? __lockdep_reset_lock+0x180/0x180 [ 2930.176283] ___sys_sendmsg+0xf3/0x170 [ 2930.176605] ? sendmsg_copy_msghdr+0x160/0x160 [ 2930.176996] ? lock_downgrade+0x6d0/0x6d0 [ 2930.177338] ? find_held_lock+0x2c/0x110 [ 2930.177695] ? __fget_files+0x296/0x4c0 [ 2930.178038] ? __fget_light+0xea/0x290 [ 2930.178368] __sys_sendmsg+0xe5/0x1b0 [ 2930.178680] ? __sys_sendmsg_sock+0x40/0x40 [ 2930.179034] ? rcu_read_lock_any_held+0x75/0xa0 [ 2930.179454] do_syscall_64+0x33/0x40 [ 2930.179761] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2930.180176] RIP: 0033:0x7f9dea275b19 [ 2930.180480] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2930.181964] RSP: 002b:00007f9de77ca188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2930.182574] RAX: ffffffffffffffda RBX: 00007f9dea389020 RCX: 00007f9dea275b19 [ 2930.183147] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2930.183719] RBP: 00007f9de77ca1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2930.184296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2930.184882] R13: 00007ffce689820f R14: 00007f9de77ca300 R15: 0000000000022000 05:16:26 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) (fail_nth: 2) 05:16:26 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/cgroups\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read(r1, &(0x7f0000000000), 0x2000) close(r1) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f0000000000)) r2 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read(r2, &(0x7f0000000000), 0x2000) close(r2) preadv(r2, &(0x7f0000000200)=[{&(0x7f00000002c0)=""/4096, 0x1000}, {&(0x7f0000000100)=""/107, 0x6b}, {&(0x7f0000000180)=""/68, 0x44}, {&(0x7f00000012c0)=""/200, 0xc8}, {&(0x7f00000013c0)=""/232, 0xe8}], 0x5, 0x3, 0x3f) 05:16:26 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x153f0, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) [ 2930.315074] FAULT_INJECTION: forcing a failure. [ 2930.315074] name failslab, interval 1, probability 0, space 0, times 0 [ 2930.316173] CPU: 0 PID: 17006 Comm: syz-executor.5 Not tainted 5.10.210 #1 [ 2930.316730] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2930.317405] Call Trace: [ 2930.317628] dump_stack+0x107/0x167 [ 2930.317936] should_fail.cold+0x5/0xa [ 2930.318248] ? create_object.isra.0+0x3a/0xa20 [ 2930.318623] should_failslab+0x5/0x20 [ 2930.318936] kmem_cache_alloc+0x5b/0x310 [ 2930.319276] create_object.isra.0+0x3a/0xa20 [ 2930.319637] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2930.320053] kmem_cache_alloc_trace+0x151/0x320 [ 2930.320447] alloc_pipe_info+0x10a/0x590 [ 2930.320786] splice_direct_to_actor+0x774/0x980 [ 2930.321183] ? _cond_resched+0x12/0x80 [ 2930.321505] ? inode_security+0x107/0x140 [ 2930.321839] ? pipe_to_sendpage+0x380/0x380 [ 2930.322192] ? selinux_file_permission+0x92/0x520 [ 2930.322586] ? do_splice_to+0x160/0x160 [ 2930.322911] ? security_file_permission+0x24e/0x570 [ 2930.323335] do_splice_direct+0x1c4/0x290 [ 2930.323671] ? splice_direct_to_actor+0x980/0x980 [ 2930.324063] ? selinux_file_permission+0x92/0x520 [ 2930.324463] ? security_file_permission+0x24e/0x570 [ 2930.324892] do_sendfile+0x553/0x1090 [ 2930.325219] ? do_pwritev+0x270/0x270 [ 2930.325536] ? wait_for_completion_io+0x270/0x270 [ 2930.325934] ? rcu_read_lock_any_held+0x75/0xa0 [ 2930.326310] ? vfs_write+0x354/0xa70 [ 2930.326628] __x64_sys_sendfile64+0x1d1/0x210 [ 2930.326991] ? __ia32_sys_sendfile+0x220/0x220 [ 2930.327384] do_syscall_64+0x33/0x40 [ 2930.327694] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2930.328108] RIP: 0033:0x7fa47a8f1b19 [ 2930.328411] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2930.329872] RSP: 002b:00007fa477e67188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2930.330492] RAX: ffffffffffffffda RBX: 00007fa47aa04f60 RCX: 00007fa47a8f1b19 [ 2930.331065] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 2930.331639] RBP: 00007fa477e671d0 R08: 0000000000000000 R09: 0000000000000000 [ 2930.332209] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000001 [ 2930.332789] R13: 00007ffc61c0da3f R14: 00007fa477e67300 R15: 0000000000022000 05:16:26 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 5) 05:16:26 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bb5, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:16:26 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0xeffdffff, 0x0, 0x0, 0x0) 05:16:26 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 4) 05:16:26 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 22) [ 2930.422718] FAULT_INJECTION: forcing a failure. [ 2930.422718] name failslab, interval 1, probability 0, space 0, times 0 [ 2930.422978] FAULT_INJECTION: forcing a failure. [ 2930.422978] name failslab, interval 1, probability 0, space 0, times 0 [ 2930.424523] CPU: 1 PID: 17018 Comm: syz-executor.4 Not tainted 5.10.210 #1 [ 2930.426512] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2930.427860] Call Trace: [ 2930.428300] dump_stack+0x107/0x167 [ 2930.428912] should_fail.cold+0x5/0xa [ 2930.429540] ? create_object.isra.0+0x3a/0xa20 [ 2930.430289] should_failslab+0x5/0x20 [ 2930.430914] kmem_cache_alloc+0x5b/0x310 [ 2930.431587] create_object.isra.0+0x3a/0xa20 [ 2930.432305] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2930.433154] kmem_cache_alloc_node+0x169/0x330 [ 2930.433911] __alloc_skb+0x6d/0x5b0 [ 2930.434513] netlink_sendmsg+0x998/0xdf0 [ 2930.435185] ? netlink_unicast+0x7f0/0x7f0 [ 2930.435890] ? netlink_unicast+0x7f0/0x7f0 [ 2930.436582] __sock_sendmsg+0x154/0x190 [ 2930.437244] ____sys_sendmsg+0x70d/0x870 [ 2930.437914] ? sock_write_iter+0x3d0/0x3d0 [ 2930.438600] ? do_recvmmsg+0x6d0/0x6d0 [ 2930.439240] ? perf_trace_lock+0xac/0x490 [ 2930.439928] ? __lockdep_reset_lock+0x180/0x180 [ 2930.440685] ? perf_trace_lock+0xac/0x490 [ 2930.441372] ? SOFTIRQ_verbose+0x10/0x10 [ 2930.442043] ___sys_sendmsg+0xf3/0x170 [ 2930.442683] ? sendmsg_copy_msghdr+0x160/0x160 [ 2930.443436] ? lock_downgrade+0x6d0/0x6d0 [ 2930.444118] ? find_held_lock+0x2c/0x110 [ 2930.444803] ? __fget_files+0x296/0x4c0 [ 2930.445472] ? __fget_light+0xea/0x290 [ 2930.446120] __sys_sendmsg+0xe5/0x1b0 [ 2930.446741] ? __sys_sendmsg_sock+0x40/0x40 [ 2930.447443] ? rcu_read_lock_any_held+0x75/0xa0 [ 2930.448241] do_syscall_64+0x33/0x40 [ 2930.448859] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2930.449692] RIP: 0033:0x7f044fd89b19 [ 2930.450301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2930.453278] RSP: 002b:00007f044d2ff188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2930.454514] RAX: ffffffffffffffda RBX: 00007f044fe9cf60 RCX: 00007f044fd89b19 [ 2930.455710] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2930.456871] RBP: 00007f044d2ff1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2930.458020] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2930.459172] R13: 00007ffd87edac3f R14: 00007f044d2ff300 R15: 0000000000022000 [ 2930.460351] CPU: 0 PID: 17017 Comm: syz-executor.7 Not tainted 5.10.210 #1 [ 2930.460921] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2930.461583] Call Trace: [ 2930.461804] dump_stack+0x107/0x167 [ 2930.462113] should_fail.cold+0x5/0xa [ 2930.462432] should_failslab+0x5/0x20 [ 2930.462745] __kmalloc_node_track_caller+0x74/0x3b0 [ 2930.463155] ? netlink_sendmsg+0x998/0xdf0 [ 2930.463509] __alloc_skb+0xb1/0x5b0 [ 2930.463813] netlink_sendmsg+0x998/0xdf0 [ 2930.464157] ? netlink_unicast+0x7f0/0x7f0 [ 2930.464514] ? netlink_unicast+0x7f0/0x7f0 [ 2930.464865] __sock_sendmsg+0x154/0x190 [ 2930.465199] ____sys_sendmsg+0x70d/0x870 [ 2930.465532] ? sock_write_iter+0x3d0/0x3d0 [ 2930.465877] ? do_recvmmsg+0x6d0/0x6d0 [ 2930.466191] ? perf_trace_lock+0x2bd/0x490 [ 2930.466541] ? __lockdep_reset_lock+0x180/0x180 [ 2930.466931] ___sys_sendmsg+0xf3/0x170 [ 2930.467255] ? sendmsg_copy_msghdr+0x160/0x160 [ 2930.467645] ? lock_downgrade+0x6d0/0x6d0 [ 2930.467994] ? find_held_lock+0x2c/0x110 [ 2930.468336] ? __fget_files+0x296/0x4c0 [ 2930.468687] ? __fget_light+0xea/0x290 [ 2930.469032] __sys_sendmsg+0xe5/0x1b0 [ 2930.469348] ? __sys_sendmsg_sock+0x40/0x40 [ 2930.469704] ? rcu_read_lock_any_held+0x75/0xa0 [ 2930.470125] do_syscall_64+0x33/0x40 [ 2930.470427] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2930.470847] RIP: 0033:0x7f9dea275b19 [ 2930.471157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2930.472633] RSP: 002b:00007f9de77eb188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2930.473258] RAX: ffffffffffffffda RBX: 00007f9dea388f60 RCX: 00007f9dea275b19 [ 2930.473834] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2930.474418] RBP: 00007f9de77eb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2930.474997] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2930.475575] R13: 00007ffce689820f R14: 00007f9de77eb300 R15: 0000000000022000 [ 2930.522446] FAULT_INJECTION: forcing a failure. [ 2930.522446] name failslab, interval 1, probability 0, space 0, times 0 [ 2930.523506] CPU: 0 PID: 17022 Comm: syz-executor.2 Not tainted 5.10.210 #1 [ 2930.524072] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2930.524734] Call Trace: [ 2930.524974] dump_stack+0x107/0x167 [ 2930.525281] should_fail.cold+0x5/0xa [ 2930.525605] ? kvmalloc_node+0x119/0x170 [ 2930.525948] should_failslab+0x5/0x20 [ 2930.526262] __kmalloc_node+0x76/0x420 [ 2930.526588] ? lockdep_init_map_type+0x2c7/0x780 [ 2930.526986] kvmalloc_node+0x119/0x170 [ 2930.527317] alloc_netdev_mqs+0x911/0xe80 [ 2930.527679] ieee802154_if_add+0xc3/0x1040 [ 2930.528030] ? mutex_lock_io_nested+0xf30/0xf30 [ 2930.528414] ? mac802154_wpan_ioctl+0x2b0/0x2b0 [ 2930.528808] ? skb_put+0x134/0x180 [ 2930.529106] ? memset+0x20/0x50 [ 2930.529387] ? __nlmsg_put+0x155/0x1c0 [ 2930.529712] ? genlmsg_put+0x25b/0x2d0 [ 2930.530056] ieee802154_add_iface_deprecated+0x3e/0x60 [ 2930.530489] ieee802154_add_iface+0x44d/0x8f0 [ 2930.530872] ? ieee802154_dump_phy+0x160/0x160 [ 2930.531250] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280 [ 2930.531793] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280 [ 2930.532333] genl_family_rcv_msg_doit+0x22d/0x330 [ 2930.532743] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 2930.533315] ? ns_capable+0xe2/0x110 [ 2930.533638] genl_rcv_msg+0x33c/0x5a0 [ 2930.533961] ? genl_get_cmd+0x480/0x480 [ 2930.534292] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2930.534732] ? ieee802154_dump_phy+0x160/0x160 [ 2930.535122] ? netlink_rcv_skb+0x320/0x430 [ 2930.535475] netlink_rcv_skb+0x14b/0x430 [ 2930.535813] ? genl_get_cmd+0x480/0x480 [ 2930.536145] ? netlink_ack+0xab0/0xab0 [ 2930.536487] ? netlink_deliver_tap+0x1c4/0xcd0 [ 2930.536868] ? is_vmalloc_addr+0x7b/0xb0 [ 2930.537215] genl_rcv+0x24/0x40 [ 2930.537486] netlink_unicast+0x549/0x7f0 [ 2930.537834] ? netlink_attachskb+0x870/0x870 [ 2930.538216] netlink_sendmsg+0x90f/0xdf0 [ 2930.538559] ? netlink_unicast+0x7f0/0x7f0 [ 2930.538933] ? netlink_unicast+0x7f0/0x7f0 [ 2930.539282] __sock_sendmsg+0x154/0x190 [ 2930.539613] ____sys_sendmsg+0x70d/0x870 [ 2930.539956] ? sock_write_iter+0x3d0/0x3d0 [ 2930.540303] ? do_recvmmsg+0x6d0/0x6d0 [ 2930.540624] ? perf_trace_lock+0x2bd/0x490 [ 2930.540993] ? __lockdep_reset_lock+0x180/0x180 [ 2930.541392] ___sys_sendmsg+0xf3/0x170 [ 2930.541716] ? sendmsg_copy_msghdr+0x160/0x160 [ 2930.542107] ? lock_downgrade+0x6d0/0x6d0 [ 2930.542455] ? find_held_lock+0x2c/0x110 [ 2930.542811] ? __fget_files+0x296/0x4c0 [ 2930.543153] ? __fget_light+0xea/0x290 [ 2930.543494] __sys_sendmsg+0xe5/0x1b0 [ 2930.543810] ? __sys_sendmsg_sock+0x40/0x40 [ 2930.544168] ? rcu_read_lock_any_held+0x75/0xa0 [ 2930.544590] do_syscall_64+0x33/0x40 [ 2930.544911] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2930.545332] RIP: 0033:0x7f72473f4b19 [ 2930.545637] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2930.547117] RSP: 002b:00007f724496a188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2930.547742] RAX: ffffffffffffffda RBX: 00007f7247507f60 RCX: 00007f72473f4b19 [ 2930.548323] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2930.548910] RBP: 00007f724496a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2930.549490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2930.550070] R13: 00007fff0764456f R14: 00007f724496a300 R15: 0000000000022000 05:16:47 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 23) 05:16:47 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) (fail_nth: 3) 05:16:47 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bb6, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:16:47 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 6) 05:16:47 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 5) 05:16:47 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0xf5ffffff, 0x0, 0x0, 0x0) 05:16:47 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x153f1, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:16:47 executing program 3: ioctl$sock_ipv6_tunnel_SIOCDEL6RD(0xffffffffffffffff, 0x89fa, &(0x7f0000000080)={'syztnl0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x4, 0x9, 0x2, 0x0, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @loopback, 0x0, 0xf980, 0x3, 0x9}}) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000000), 0x0, 0x0, 0x0) [ 2951.824270] FAULT_INJECTION: forcing a failure. [ 2951.824270] name failslab, interval 1, probability 0, space 0, times 0 [ 2951.825708] CPU: 1 PID: 17081 Comm: syz-executor.7 Not tainted 5.10.210 #1 [ 2951.826511] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2951.827465] Call Trace: [ 2951.827779] dump_stack+0x107/0x167 [ 2951.828207] should_fail.cold+0x5/0xa [ 2951.828670] ? create_object.isra.0+0x3a/0xa20 [ 2951.829221] should_failslab+0x5/0x20 [ 2951.829673] kmem_cache_alloc+0x5b/0x310 [ 2951.830151] create_object.isra.0+0x3a/0xa20 [ 2951.830671] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2951.831268] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 2951.831870] ? netlink_sendmsg+0x998/0xdf0 [ 2951.832366] __alloc_skb+0xb1/0x5b0 [ 2951.832491] FAULT_INJECTION: forcing a failure. [ 2951.832491] name failslab, interval 1, probability 0, space 0, times 0 [ 2951.832801] netlink_sendmsg+0x998/0xdf0 [ 2951.834656] ? netlink_unicast+0x7f0/0x7f0 [ 2951.835155] ? netlink_unicast+0x7f0/0x7f0 [ 2951.835656] __sock_sendmsg+0x154/0x190 [ 2951.836115] ____sys_sendmsg+0x70d/0x870 [ 2951.836593] ? sock_write_iter+0x3d0/0x3d0 [ 2951.837085] ? do_recvmmsg+0x6d0/0x6d0 [ 2951.837548] ? perf_trace_lock+0xac/0x490 [ 2951.838029] ? __lockdep_reset_lock+0x180/0x180 [ 2951.838576] ? perf_trace_lock+0xac/0x490 [ 2951.839050] ? SOFTIRQ_verbose+0x10/0x10 [ 2951.839534] ___sys_sendmsg+0xf3/0x170 [ 2951.839983] ? sendmsg_copy_msghdr+0x160/0x160 [ 2951.840526] ? lock_downgrade+0x6d0/0x6d0 [ 2951.841014] ? find_held_lock+0x2c/0x110 [ 2951.841517] ? __fget_files+0x296/0x4c0 [ 2951.841954] ? __fget_light+0xea/0x290 [ 2951.842275] __sys_sendmsg+0xe5/0x1b0 [ 2951.842608] ? __sys_sendmsg_sock+0x40/0x40 [ 2951.842962] ? rcu_read_lock_any_held+0x75/0xa0 [ 2951.843366] do_syscall_64+0x33/0x40 [ 2951.843685] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2951.844106] RIP: 0033:0x7f9dea275b19 [ 2951.844411] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2951.845927] RSP: 002b:00007f9de77eb188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2951.846559] RAX: ffffffffffffffda RBX: 00007f9dea388f60 RCX: 00007f9dea275b19 [ 2951.847137] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2951.847729] RBP: 00007f9de77eb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2951.848309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2951.848901] R13: 00007ffce689820f R14: 00007f9de77eb300 R15: 0000000000022000 [ 2951.849531] CPU: 0 PID: 17086 Comm: syz-executor.4 Not tainted 5.10.210 #1 [ 2951.850409] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2951.851475] Call Trace: [ 2951.851832] dump_stack+0x107/0x167 [ 2951.852318] should_fail.cold+0x5/0xa [ 2951.852828] should_failslab+0x5/0x20 [ 2951.853333] __kmalloc_node_track_caller+0x74/0x3b0 [ 2951.853971] ? netlink_sendmsg+0x998/0xdf0 [ 2951.854537] __alloc_skb+0xb1/0x5b0 [ 2951.855019] netlink_sendmsg+0x998/0xdf0 [ 2951.855556] ? netlink_unicast+0x7f0/0x7f0 [ 2951.856129] ? netlink_unicast+0x7f0/0x7f0 [ 2951.856679] __sock_sendmsg+0x154/0x190 [ 2951.857205] ____sys_sendmsg+0x70d/0x870 [ 2951.857739] ? sock_write_iter+0x3d0/0x3d0 [ 2951.858284] ? do_recvmmsg+0x6d0/0x6d0 [ 2951.858792] ? perf_trace_lock+0x2bd/0x490 [ 2951.859356] ? __lockdep_reset_lock+0x180/0x180 [ 2951.859970] ___sys_sendmsg+0xf3/0x170 [ 2951.860477] ? sendmsg_copy_msghdr+0x160/0x160 [ 2951.861091] ? lock_downgrade+0x6d0/0x6d0 [ 2951.861631] ? find_held_lock+0x2c/0x110 [ 2951.862177] ? __fget_files+0x296/0x4c0 [ 2951.862707] ? __fget_light+0xea/0x290 [ 2951.863232] __sys_sendmsg+0xe5/0x1b0 [ 2951.863726] ? __sys_sendmsg_sock+0x40/0x40 [ 2951.864270] ? rcu_read_lock_any_held+0x75/0xa0 [ 2951.864913] do_syscall_64+0x33/0x40 [ 2951.865388] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2951.866032] RIP: 0033:0x7f044fd89b19 [ 2951.866501] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2951.868749] RSP: 002b:00007f044d2ff188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2951.869639] RAX: ffffffffffffffda RBX: 00007f044fe9cf60 RCX: 00007f044fd89b19 [ 2951.870533] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2951.871417] RBP: 00007f044d2ff1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2951.872303] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2951.873191] R13: 00007ffd87edac3f R14: 00007f044d2ff300 R15: 0000000000022000 05:16:47 executing program 3: openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read(r0, &(0x7f0000000000), 0x2000) close(r0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) 05:16:47 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bb7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:16:47 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 7) [ 2951.952281] FAULT_INJECTION: forcing a failure. [ 2951.952281] name failslab, interval 1, probability 0, space 0, times 0 [ 2951.953829] CPU: 0 PID: 17084 Comm: syz-executor.5 Not tainted 5.10.210 #1 [ 2951.954628] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2951.955678] Call Trace: [ 2951.956021] dump_stack+0x107/0x167 [ 2951.956489] should_fail.cold+0x5/0xa [ 2951.956976] ? alloc_pipe_info+0x1e5/0x590 [ 2951.957530] should_failslab+0x5/0x20 [ 2951.958017] __kmalloc+0x72/0x390 [ 2951.958468] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2951.959125] alloc_pipe_info+0x1e5/0x590 [ 2951.959658] splice_direct_to_actor+0x774/0x980 [ 2951.960261] ? _cond_resched+0x12/0x80 [ 2951.960762] ? inode_security+0x107/0x140 [ 2951.961287] ? pipe_to_sendpage+0x380/0x380 [ 2951.961833] ? selinux_file_permission+0x92/0x520 [ 2951.962455] ? do_splice_to+0x160/0x160 [ 2951.962969] ? security_file_permission+0x24e/0x570 [ 2951.963632] do_splice_direct+0x1c4/0x290 [ 2951.964170] ? splice_direct_to_actor+0x980/0x980 [ 2951.964785] ? selinux_file_permission+0x92/0x520 [ 2951.965423] ? security_file_permission+0x24e/0x570 [ 2951.966077] do_sendfile+0x553/0x1090 [ 2951.966612] ? do_pwritev+0x270/0x270 [ 2951.967101] ? wait_for_completion_io+0x270/0x270 [ 2951.967725] ? rcu_read_lock_any_held+0x75/0xa0 [ 2951.968321] ? vfs_write+0x354/0xa70 [ 2951.968813] __x64_sys_sendfile64+0x1d1/0x210 [ 2951.969395] ? __ia32_sys_sendfile+0x220/0x220 [ 2951.970002] do_syscall_64+0x33/0x40 [ 2951.970480] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2951.971132] RIP: 0033:0x7fa47a8f1b19 [ 2951.971608] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2951.973931] RSP: 002b:00007fa477e67188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2951.974893] RAX: ffffffffffffffda RBX: 00007fa47aa04f60 RCX: 00007fa47a8f1b19 [ 2951.975781] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000005 [ 2951.976680] RBP: 00007fa477e671d0 R08: 0000000000000000 R09: 0000000000000000 [ 2951.977587] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000001 [ 2951.978485] R13: 00007ffc61c0da3f R14: 00007fa477e67300 R15: 0000000000022000 [ 2952.012511] FAULT_INJECTION: forcing a failure. [ 2952.012511] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2952.013554] CPU: 1 PID: 17107 Comm: syz-executor.7 Not tainted 5.10.210 #1 [ 2952.014140] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2952.014829] Call Trace: [ 2952.015060] dump_stack+0x107/0x167 [ 2952.015359] should_fail.cold+0x5/0xa [ 2952.015696] _copy_from_iter_full+0x201/0xa60 [ 2952.016071] ? __virt_addr_valid+0x170/0x5c0 [ 2952.016435] ? __check_object_size+0x319/0x440 [ 2952.016825] netlink_sendmsg+0x879/0xdf0 [ 2952.017172] ? netlink_unicast+0x7f0/0x7f0 [ 2952.017540] ? netlink_unicast+0x7f0/0x7f0 [ 2952.017889] __sock_sendmsg+0x154/0x190 [ 2952.018213] ____sys_sendmsg+0x70d/0x870 [ 2952.018557] ? sock_write_iter+0x3d0/0x3d0 [ 2952.018901] ? do_recvmmsg+0x6d0/0x6d0 [ 2952.019219] ? perf_trace_lock+0xac/0x490 [ 2952.019577] ? __lockdep_reset_lock+0x180/0x180 [ 2952.019951] ? perf_trace_lock+0xac/0x490 [ 2952.020286] ? SOFTIRQ_verbose+0x10/0x10 [ 2952.020635] ___sys_sendmsg+0xf3/0x170 [ 2952.020956] ? sendmsg_copy_msghdr+0x160/0x160 [ 2952.021341] ? lock_downgrade+0x6d0/0x6d0 [ 2952.021693] ? find_held_lock+0x2c/0x110 [ 2952.022030] ? __fget_files+0x296/0x4c0 [ 2952.022362] ? __fget_light+0xea/0x290 [ 2952.022694] __sys_sendmsg+0xe5/0x1b0 [ 2952.023005] ? __sys_sendmsg_sock+0x40/0x40 [ 2952.023360] ? rcu_read_lock_any_held+0x75/0xa0 [ 2952.023779] do_syscall_64+0x33/0x40 [ 2952.024092] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2952.024595] RIP: 0033:0x7f9dea275b19 [ 2952.024982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2952.026760] RSP: 002b:00007f9de77eb188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2952.027507] RAX: ffffffffffffffda RBX: 00007f9dea388f60 RCX: 00007f9dea275b19 [ 2952.028114] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2952.028703] RBP: 00007f9de77eb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2952.029289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2952.029872] R13: 00007ffce689820f R14: 00007f9de77eb300 R15: 0000000000022000 05:16:47 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x153f2, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:16:47 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:16:47 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 6) [ 2952.071987] FAULT_INJECTION: forcing a failure. [ 2952.071987] name failslab, interval 1, probability 0, space 0, times 0 [ 2952.073037] CPU: 1 PID: 17112 Comm: syz-executor.4 Not tainted 5.10.210 #1 [ 2952.073629] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2952.074297] Call Trace: [ 2952.074520] dump_stack+0x107/0x167 [ 2952.074826] should_fail.cold+0x5/0xa [ 2952.075143] ? create_object.isra.0+0x3a/0xa20 [ 2952.075522] should_failslab+0x5/0x20 [ 2952.075845] kmem_cache_alloc+0x5b/0x310 [ 2952.076180] create_object.isra.0+0x3a/0xa20 [ 2952.076552] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2952.076974] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 2952.077390] ? netlink_sendmsg+0x998/0xdf0 [ 2952.077763] __alloc_skb+0xb1/0x5b0 [ 2952.078063] netlink_sendmsg+0x998/0xdf0 [ 2952.078398] ? netlink_unicast+0x7f0/0x7f0 [ 2952.078756] ? netlink_unicast+0x7f0/0x7f0 [ 2952.079099] __sock_sendmsg+0x154/0x190 [ 2952.079426] ____sys_sendmsg+0x70d/0x870 [ 2952.079769] ? sock_write_iter+0x3d0/0x3d0 [ 2952.080109] ? do_recvmmsg+0x6d0/0x6d0 [ 2952.080430] ? perf_trace_lock+0xac/0x490 [ 2952.080780] ? __lockdep_reset_lock+0x180/0x180 [ 2952.081169] ? perf_trace_lock+0xac/0x490 [ 2952.081503] ? SOFTIRQ_verbose+0x10/0x10 [ 2952.081855] ___sys_sendmsg+0xf3/0x170 [ 2952.082175] ? sendmsg_copy_msghdr+0x160/0x160 [ 2952.082563] ? lock_downgrade+0x6d0/0x6d0 [ 2952.082907] ? find_held_lock+0x2c/0x110 [ 2952.083243] ? __fget_files+0x296/0x4c0 [ 2952.083585] ? __fget_light+0xea/0x290 [ 2952.083909] __sys_sendmsg+0xe5/0x1b0 [ 2952.084219] ? __sys_sendmsg_sock+0x40/0x40 [ 2952.084582] ? rcu_read_lock_any_held+0x75/0xa0 [ 2952.084981] do_syscall_64+0x33/0x40 [ 2952.085296] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2952.085729] RIP: 0033:0x7f044fd89b19 [ 2952.086039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2952.087527] RSP: 002b:00007f044d2ff188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2952.088157] RAX: ffffffffffffffda RBX: 00007f044fe9cf60 RCX: 00007f044fd89b19 [ 2952.088741] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2952.089330] RBP: 00007f044d2ff1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2952.089918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2952.090496] R13: 00007ffd87edac3f R14: 00007f044d2ff300 R15: 0000000000022000 05:16:48 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x5, 0x0) 05:16:48 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 8) 05:16:48 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) (fail_nth: 4) [ 2952.177167] FAULT_INJECTION: forcing a failure. [ 2952.177167] name failslab, interval 1, probability 0, space 0, times 0 [ 2952.178117] CPU: 1 PID: 17124 Comm: syz-executor.7 Not tainted 5.10.210 #1 [ 2952.178682] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2952.179354] Call Trace: [ 2952.179579] dump_stack+0x107/0x167 [ 2952.179892] should_fail.cold+0x5/0xa [ 2952.180217] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x280 [ 2952.180770] should_failslab+0x5/0x20 [ 2952.181091] __kmalloc+0x72/0x390 [ 2952.181384] genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x280 [ 2952.181921] genl_family_rcv_msg_doit+0xda/0x330 [ 2952.182308] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 2952.182863] ? cap_capable+0x1cd/0x230 [ 2952.183188] ? security_capable+0x95/0xc0 [ 2952.183536] ? ns_capable+0xe2/0x110 [ 2952.183854] genl_rcv_msg+0x33c/0x5a0 [ 2952.184168] ? genl_get_cmd+0x480/0x480 [ 2952.184501] ? ieee802154_dump_phy+0x160/0x160 [ 2952.184897] ? lock_release+0x680/0x680 [ 2952.185237] ? __lockdep_reset_lock+0x180/0x180 [ 2952.185634] netlink_rcv_skb+0x14b/0x430 [ 2952.185966] ? genl_get_cmd+0x480/0x480 [ 2952.186293] ? netlink_ack+0xab0/0xab0 [ 2952.186628] ? netlink_deliver_tap+0x1c4/0xcd0 [ 2952.187002] ? is_vmalloc_addr+0x7b/0xb0 [ 2952.187341] genl_rcv+0x24/0x40 [ 2952.187626] netlink_unicast+0x549/0x7f0 [ 2952.187967] ? netlink_attachskb+0x870/0x870 [ 2952.188339] netlink_sendmsg+0x90f/0xdf0 [ 2952.188691] ? netlink_unicast+0x7f0/0x7f0 [ 2952.189057] ? netlink_unicast+0x7f0/0x7f0 [ 2952.189411] __sock_sendmsg+0x154/0x190 [ 2952.189760] ____sys_sendmsg+0x70d/0x870 [ 2952.190099] ? sock_write_iter+0x3d0/0x3d0 [ 2952.190448] ? do_recvmmsg+0x6d0/0x6d0 [ 2952.190778] ? perf_trace_lock+0xac/0x490 [ 2952.191131] ? __lockdep_reset_lock+0x180/0x180 [ 2952.191510] ? perf_trace_lock+0xac/0x490 [ 2952.191859] ? SOFTIRQ_verbose+0x10/0x10 [ 2952.192198] ___sys_sendmsg+0xf3/0x170 [ 2952.192524] ? sendmsg_copy_msghdr+0x160/0x160 [ 2952.192912] ? lock_downgrade+0x6d0/0x6d0 [ 2952.193263] ? find_held_lock+0x2c/0x110 [ 2952.193618] ? __fget_files+0x296/0x4c0 [ 2952.193959] ? __fget_light+0xea/0x290 [ 2952.194286] __sys_sendmsg+0xe5/0x1b0 [ 2952.194606] ? __sys_sendmsg_sock+0x40/0x40 [ 2952.194974] ? rcu_read_lock_any_held+0x75/0xa0 [ 2952.195381] do_syscall_64+0x33/0x40 [ 2952.195695] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2952.196111] RIP: 0033:0x7f9dea275b19 [ 2952.196414] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2952.197928] RSP: 002b:00007f9de77eb188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2952.198546] RAX: ffffffffffffffda RBX: 00007f9dea388f60 RCX: 00007f9dea275b19 [ 2952.199134] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2952.199731] RBP: 00007f9de77eb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2952.200310] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2952.200913] R13: 00007ffce689820f R14: 00007f9de77eb300 R15: 0000000000022000 05:16:48 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0xfffffdef, 0x0, 0x0, 0x0) 05:16:48 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sysvipc/msg\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) 05:16:48 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x9, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:16:48 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 7) [ 2952.264295] FAULT_INJECTION: forcing a failure. [ 2952.264295] name failslab, interval 1, probability 0, space 0, times 0 [ 2952.265337] CPU: 0 PID: 17126 Comm: syz-executor.5 Not tainted 5.10.210 #1 [ 2952.265915] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2952.266566] Call Trace: [ 2952.266802] dump_stack+0x107/0x167 [ 2952.267114] should_fail.cold+0x5/0xa [ 2952.267424] ? create_object.isra.0+0x3a/0xa20 [ 2952.267799] ? create_object.isra.0+0x3a/0xa20 [ 2952.268192] should_failslab+0x5/0x20 [ 2952.268497] kmem_cache_alloc+0x5b/0x310 [ 2952.268835] create_object.isra.0+0x3a/0xa20 [ 2952.269220] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2952.269642] __kmalloc+0x16e/0x390 [ 2952.269951] alloc_pipe_info+0x1e5/0x590 [ 2952.270306] splice_direct_to_actor+0x774/0x980 [ 2952.270679] ? _cond_resched+0x12/0x80 [ 2952.270996] ? inode_security+0x107/0x140 [ 2952.271347] ? pipe_to_sendpage+0x380/0x380 [ 2952.271691] ? selinux_file_permission+0x92/0x520 [ 2952.272082] ? do_splice_to+0x160/0x160 [ 2952.272433] ? security_file_permission+0x24e/0x570 [ 2952.272852] do_splice_direct+0x1c4/0x290 [ 2952.273216] ? splice_direct_to_actor+0x980/0x980 [ 2952.273610] ? selinux_file_permission+0x92/0x520 [ 2952.274010] ? security_file_permission+0x24e/0x570 [ 2952.274434] do_sendfile+0x553/0x1090 [ 2952.274769] ? do_pwritev+0x270/0x270 [ 2952.275080] ? wait_for_completion_io+0x270/0x270 [ 2952.275494] ? rcu_read_lock_any_held+0x75/0xa0 [ 2952.275877] ? vfs_write+0x354/0xa70 [ 2952.276192] __x64_sys_sendfile64+0x1d1/0x210 [ 2952.276566] ? __ia32_sys_sendfile+0x220/0x220 [ 2952.276968] do_syscall_64+0x33/0x40 [ 2952.277300] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2952.277717] RIP: 0033:0x7fa47a8f1b19 [ 2952.278031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2952.279462] RSP: 002b:00007fa477e67188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2952.280090] RAX: ffffffffffffffda RBX: 00007fa47aa04f60 RCX: 00007fa47a8f1b19 [ 2952.280644] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 2952.281261] RBP: 00007fa477e671d0 R08: 0000000000000000 R09: 0000000000000000 [ 2952.281816] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000001 [ 2952.282402] R13: 00007ffc61c0da3f R14: 00007fa477e67300 R15: 0000000000022000 [ 2952.282550] FAULT_INJECTION: forcing a failure. [ 2952.282550] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2952.283950] CPU: 1 PID: 17133 Comm: syz-executor.4 Not tainted 5.10.210 #1 [ 2952.284514] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2952.285197] Call Trace: [ 2952.285422] dump_stack+0x107/0x167 [ 2952.285725] should_fail.cold+0x5/0xa [ 2952.286044] __alloc_pages_nodemask+0x182/0x600 [ 2952.286430] ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130 [ 2952.286934] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 2952.287366] ? perf_trace_lock+0xac/0x490 [ 2952.287712] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2952.288129] ? __kmalloc_node_track_caller+0x189/0x3b0 [ 2952.288556] ? __alloc_skb+0xb1/0x5b0 [ 2952.288873] alloc_pages_current+0x187/0x280 [ 2952.289250] allocate_slab+0x26f/0x380 [ 2952.289574] ___slab_alloc+0x470/0x700 [ 2952.289897] ? create_object.isra.0+0x3a/0xa20 [ 2952.290270] ? lock_acquire+0x197/0x470 [ 2952.290604] ? fs_reclaim_acquire+0xa5/0x100 [ 2952.290970] ? create_object.isra.0+0x3a/0xa20 [ 2952.291346] ? kmem_cache_alloc+0x301/0x310 [ 2952.291699] ? create_object.isra.0+0x3a/0xa20 [ 2952.292078] kmem_cache_alloc+0x301/0x310 [ 2952.292422] create_object.isra.0+0x3a/0xa20 [ 2952.292779] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2952.293208] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 2952.293623] ? netlink_sendmsg+0x998/0xdf0 [ 2952.293974] __alloc_skb+0xb1/0x5b0 [ 2952.294275] netlink_sendmsg+0x998/0xdf0 [ 2952.294610] ? netlink_unicast+0x7f0/0x7f0 [ 2952.294966] ? netlink_unicast+0x7f0/0x7f0 [ 2952.295316] __sock_sendmsg+0x154/0x190 [ 2952.295642] ____sys_sendmsg+0x70d/0x870 [ 2952.295975] ? sock_write_iter+0x3d0/0x3d0 [ 2952.296318] ? do_recvmmsg+0x6d0/0x6d0 [ 2952.296636] ? perf_trace_lock+0xac/0x490 [ 2952.296981] ? __lockdep_reset_lock+0x180/0x180 [ 2952.297367] ? perf_trace_lock+0xac/0x490 [ 2952.297704] ? SOFTIRQ_verbose+0x10/0x10 [ 2952.298040] ___sys_sendmsg+0xf3/0x170 [ 2952.298361] ? sendmsg_copy_msghdr+0x160/0x160 [ 2952.298740] ? lock_downgrade+0x6d0/0x6d0 [ 2952.299085] ? find_held_lock+0x2c/0x110 [ 2952.299424] ? __fget_files+0x296/0x4c0 [ 2952.299761] ? __fget_light+0xea/0x290 [ 2952.300086] __sys_sendmsg+0xe5/0x1b0 [ 2952.300400] ? __sys_sendmsg_sock+0x40/0x40 [ 2952.300753] ? rcu_read_lock_any_held+0x75/0xa0 [ 2952.301167] do_syscall_64+0x33/0x40 [ 2952.301472] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2952.301889] RIP: 0033:0x7f044fd89b19 [ 2952.302195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2952.303682] RSP: 002b:00007f044d2ff188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2952.304308] RAX: ffffffffffffffda RBX: 00007f044fe9cf60 RCX: 00007f044fd89b19 [ 2952.304885] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2952.305472] RBP: 00007f044d2ff1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2952.306046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2952.306626] R13: 00007ffd87edac3f R14: 00007f044d2ff300 R15: 0000000000022000 05:17:11 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) (fail_nth: 5) 05:17:11 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bb8, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:17:11 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 8) 05:17:11 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 9) 05:17:11 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x153f3, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:17:11 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0) connect$inet(r1, &(0x7f0000000140)={0x2, 0x4e20, @broadcast}, 0x10) syz_mount_image$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) setxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000100)='system.posix_acl_default\x00', &(0x7f0000000280), 0x24, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x410101, 0x0) read(r1, &(0x7f0000000000), 0x2000) close(r1) openat2(r1, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)={0x10000, 0x4, 0x8}, 0x18) 05:17:11 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:17:11 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0xfffffff5, 0x0, 0x0, 0x0) [ 2975.656068] FAULT_INJECTION: forcing a failure. [ 2975.656068] name failslab, interval 1, probability 0, space 0, times 0 [ 2975.657995] CPU: 1 PID: 17208 Comm: syz-executor.7 Not tainted 5.10.210 #1 [ 2975.659129] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2975.660463] Call Trace: [ 2975.660899] dump_stack+0x107/0x167 [ 2975.661501] should_fail.cold+0x5/0xa [ 2975.662113] ? create_object.isra.0+0x3a/0xa20 [ 2975.662854] should_failslab+0x5/0x20 [ 2975.663458] kmem_cache_alloc+0x5b/0x310 [ 2975.664085] ? lock_release+0x680/0x680 [ 2975.664708] create_object.isra.0+0x3a/0xa20 [ 2975.665408] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2975.666234] __kmalloc+0x16e/0x390 [ 2975.666814] genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x280 [ 2975.667851] genl_family_rcv_msg_doit+0xda/0x330 [ 2975.668621] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 2975.669687] ? cap_capable+0x1cd/0x230 [ 2975.670317] ? security_capable+0x95/0xc0 [ 2975.671023] ? ns_capable+0xe2/0x110 [ 2975.671642] genl_rcv_msg+0x33c/0x5a0 [ 2975.672255] ? genl_get_cmd+0x480/0x480 [ 2975.672884] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2975.673774] ? ieee802154_dump_phy+0x160/0x160 [ 2975.674517] ? netlink_rcv_skb+0x320/0x430 [ 2975.675199] ? netlink_rcv_skb+0xf1/0x430 [ 2975.675875] netlink_rcv_skb+0x14b/0x430 [ 2975.676535] ? genl_get_cmd+0x480/0x480 [ 2975.677199] ? netlink_ack+0xab0/0xab0 [ 2975.677841] ? netlink_deliver_tap+0x1c4/0xcd0 [ 2975.678541] ? is_vmalloc_addr+0x7b/0xb0 [ 2975.679202] genl_rcv+0x24/0x40 [ 2975.679735] netlink_unicast+0x549/0x7f0 [ 2975.680400] ? netlink_attachskb+0x870/0x870 [ 2975.681115] netlink_sendmsg+0x90f/0xdf0 [ 2975.681766] ? netlink_unicast+0x7f0/0x7f0 [ 2975.682444] ? netlink_unicast+0x7f0/0x7f0 [ 2975.683118] __sock_sendmsg+0x154/0x190 [ 2975.683741] ____sys_sendmsg+0x70d/0x870 [ 2975.684376] ? sock_write_iter+0x3d0/0x3d0 [ 2975.685037] ? do_recvmmsg+0x6d0/0x6d0 [ 2975.685656] ? perf_trace_lock+0xac/0x490 [ 2975.686313] ? __lockdep_reset_lock+0x180/0x180 [ 2975.687035] ? perf_trace_lock+0xac/0x490 [ 2975.687682] ? SOFTIRQ_verbose+0x10/0x10 [ 2975.688319] ___sys_sendmsg+0xf3/0x170 [ 2975.688931] ? sendmsg_copy_msghdr+0x160/0x160 [ 2975.689660] ? lock_downgrade+0x6d0/0x6d0 [ 2975.690325] ? find_held_lock+0x2c/0x110 [ 2975.690974] ? __fget_files+0x296/0x4c0 [ 2975.691609] ? __fget_light+0xea/0x290 [ 2975.692228] __sys_sendmsg+0xe5/0x1b0 [ 2975.692818] ? __sys_sendmsg_sock+0x40/0x40 [ 2975.693493] ? rcu_read_lock_any_held+0x75/0xa0 [ 2975.694257] do_syscall_64+0x33/0x40 [ 2975.694842] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2975.695638] RIP: 0033:0x7f9dea275b19 [ 2975.696224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2975.699049] RSP: 002b:00007f9de77eb188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2975.700229] RAX: ffffffffffffffda RBX: 00007f9dea388f60 RCX: 00007f9dea275b19 [ 2975.701340] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2975.702444] RBP: 00007f9de77eb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2975.703550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2975.704651] R13: 00007ffce689820f R14: 00007f9de77eb300 R15: 0000000000022000 [ 2975.732510] FAULT_INJECTION: forcing a failure. [ 2975.732510] name failslab, interval 1, probability 0, space 0, times 0 [ 2975.734471] CPU: 0 PID: 17211 Comm: syz-executor.5 Not tainted 5.10.210 #1 [ 2975.735561] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2975.736870] Call Trace: [ 2975.737301] dump_stack+0x107/0x167 [ 2975.737904] should_fail.cold+0x5/0xa [ 2975.738517] ? iter_file_splice_write+0x16d/0xc30 [ 2975.739284] should_failslab+0x5/0x20 [ 2975.739884] __kmalloc+0x72/0x390 [ 2975.740464] iter_file_splice_write+0x16d/0xc30 [ 2975.741204] ? atime_needs_update+0x600/0x600 [ 2975.741972] ? generic_splice_sendpage+0x140/0x140 [ 2975.742751] ? pipe_to_user+0x170/0x170 [ 2975.743385] ? _cond_resched+0x12/0x80 [ 2975.744019] ? avc_policy_seqno+0x9/0x70 [ 2975.744669] ? selinux_file_permission+0x92/0x520 [ 2975.745463] ? lockdep_init_map_type+0x2c7/0x780 [ 2975.746228] ? generic_splice_sendpage+0x140/0x140 [ 2975.747016] direct_splice_actor+0x10f/0x170 [ 2975.747727] splice_direct_to_actor+0x387/0x980 [ 2975.748487] ? pipe_to_sendpage+0x380/0x380 [ 2975.749185] ? do_splice_to+0x160/0x160 [ 2975.749827] ? security_file_permission+0x24e/0x570 [ 2975.750661] do_splice_direct+0x1c4/0x290 [ 2975.751322] ? splice_direct_to_actor+0x980/0x980 [ 2975.752080] ? selinux_file_permission+0x92/0x520 [ 2975.752860] ? security_file_permission+0x24e/0x570 [ 2975.753692] do_sendfile+0x553/0x1090 [ 2975.754333] ? do_pwritev+0x270/0x270 [ 2975.755010] ? wait_for_completion_io+0x270/0x270 [ 2975.755783] ? rcu_read_lock_any_held+0x75/0xa0 [ 2975.756516] ? vfs_write+0x354/0xa70 [ 2975.757130] __x64_sys_sendfile64+0x1d1/0x210 [ 2975.757861] ? __ia32_sys_sendfile+0x220/0x220 [ 2975.758622] do_syscall_64+0x33/0x40 [ 2975.759216] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2975.760027] RIP: 0033:0x7fa47a8f1b19 [ 2975.760625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2975.763507] RSP: 002b:00007fa477e67188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2975.764726] RAX: ffffffffffffffda RBX: 00007fa47aa04f60 RCX: 00007fa47a8f1b19 [ 2975.765889] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 2975.767059] RBP: 00007fa477e671d0 R08: 0000000000000000 R09: 0000000000000000 [ 2975.768179] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000001 [ 2975.769314] R13: 00007ffc61c0da3f R14: 00007fa477e67300 R15: 0000000000022000 05:17:11 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 10) [ 2975.840715] FAULT_INJECTION: forcing a failure. [ 2975.840715] name failslab, interval 1, probability 0, space 0, times 0 [ 2975.842606] CPU: 0 PID: 17214 Comm: syz-executor.4 Not tainted 5.10.210 #1 [ 2975.843703] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2975.845042] Call Trace: [ 2975.845510] dump_stack+0x107/0x167 [ 2975.846116] should_fail.cold+0x5/0xa [ 2975.846739] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x280 [ 2975.847754] should_failslab+0x5/0x20 [ 2975.848356] __kmalloc+0x72/0x390 [ 2975.848963] genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x280 [ 2975.850008] genl_family_rcv_msg_doit+0xda/0x330 [ 2975.850790] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 2975.851825] ? cap_capable+0x1cd/0x230 [ 2975.852452] ? security_capable+0x95/0xc0 [ 2975.853124] ? ns_capable+0xe2/0x110 [ 2975.853737] genl_rcv_msg+0x33c/0x5a0 [ 2975.854356] ? genl_get_cmd+0x480/0x480 [ 2975.854995] ? ieee802154_dump_phy+0x160/0x160 [ 2975.855759] ? lock_release+0x680/0x680 [ 2975.856399] ? __lockdep_reset_lock+0x180/0x180 [ 2975.857151] netlink_rcv_skb+0x14b/0x430 [ 2975.857806] ? genl_get_cmd+0x480/0x480 [ 2975.858444] ? netlink_ack+0xab0/0xab0 [ 2975.859078] ? netlink_deliver_tap+0x1c4/0xcd0 [ 2975.859795] ? is_vmalloc_addr+0x7b/0xb0 [ 2975.860452] genl_rcv+0x24/0x40 [ 2975.860980] netlink_unicast+0x549/0x7f0 [ 2975.861648] ? netlink_attachskb+0x870/0x870 [ 2975.862374] netlink_sendmsg+0x90f/0xdf0 [ 2975.863037] ? netlink_unicast+0x7f0/0x7f0 [ 2975.863730] ? netlink_unicast+0x7f0/0x7f0 [ 2975.864450] __sock_sendmsg+0x154/0x190 [ 2975.865122] ____sys_sendmsg+0x70d/0x870 [ 2975.865795] ? sock_write_iter+0x3d0/0x3d0 [ 2975.866477] ? do_recvmmsg+0x6d0/0x6d0 [ 2975.867111] ? perf_trace_lock+0x2bd/0x490 [ 2975.867803] ? __lockdep_reset_lock+0x180/0x180 [ 2975.868566] ___sys_sendmsg+0xf3/0x170 [ 2975.869209] ? sendmsg_copy_msghdr+0x160/0x160 [ 2975.869970] ? lock_downgrade+0x6d0/0x6d0 [ 2975.870661] ? find_held_lock+0x2c/0x110 [ 2975.871336] ? __fget_files+0x296/0x4c0 [ 2975.872016] ? __fget_light+0xea/0x290 [ 2975.872651] __sys_sendmsg+0xe5/0x1b0 [ 2975.873259] ? __sys_sendmsg_sock+0x40/0x40 [ 2975.873949] ? rcu_read_lock_any_held+0x75/0xa0 [ 2975.874765] do_syscall_64+0x33/0x40 [ 2975.875357] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2975.876161] RIP: 0033:0x7f044fd89b19 [ 2975.876752] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2975.879658] RSP: 002b:00007f044d2ff188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2975.880898] RAX: ffffffffffffffda RBX: 00007f044fe9cf60 RCX: 00007f044fd89b19 [ 2975.882011] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2975.883119] RBP: 00007f044d2ff1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2975.884229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2975.885378] R13: 00007ffd87edac3f R14: 00007f044d2ff300 R15: 0000000000022000 05:17:11 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) (fail_nth: 6) 05:17:11 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) openat(r0, &(0x7f0000000000)='./file0\x00', 0x20000, 0x2) [ 2975.978202] FAULT_INJECTION: forcing a failure. [ 2975.978202] name failslab, interval 1, probability 0, space 0, times 0 [ 2975.980194] CPU: 0 PID: 17225 Comm: syz-executor.7 Not tainted 5.10.210 #1 [ 2975.981288] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2975.982594] Call Trace: [ 2975.983028] dump_stack+0x107/0x167 [ 2975.983616] should_fail.cold+0x5/0xa [ 2975.984228] ? __alloc_skb+0x6d/0x5b0 [ 2975.984846] should_failslab+0x5/0x20 [ 2975.985461] kmem_cache_alloc_node+0x55/0x330 [ 2975.986216] __alloc_skb+0x6d/0x5b0 [ 2975.986819] ? mark_held_locks+0x9e/0xe0 [ 2975.987504] ieee802154_nl_new_reply+0x2f/0x100 [ 2975.988280] ieee802154_add_iface+0x22f/0x8f0 [ 2975.989017] ? __nla_parse+0x3e/0x50 [ 2975.989646] ? ieee802154_dump_phy+0x160/0x160 [ 2975.990407] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280 [ 2975.991479] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280 [ 2975.992532] genl_family_rcv_msg_doit+0x22d/0x330 [ 2975.993307] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 2975.994404] ? ns_capable+0xe2/0x110 [ 2975.995029] genl_rcv_msg+0x33c/0x5a0 [ 2975.995672] ? genl_get_cmd+0x480/0x480 [ 2975.996334] ? ieee802154_dump_phy+0x160/0x160 [ 2975.997100] ? lock_release+0x680/0x680 [ 2975.997759] ? __lockdep_reset_lock+0x180/0x180 [ 2975.998512] netlink_rcv_skb+0x14b/0x430 [ 2975.999185] ? genl_get_cmd+0x480/0x480 [ 2975.999847] ? netlink_ack+0xab0/0xab0 [ 2976.000515] ? netlink_deliver_tap+0x1c4/0xcd0 [ 2976.001265] ? is_vmalloc_addr+0x7b/0xb0 [ 2976.001935] genl_rcv+0x24/0x40 [ 2976.002463] netlink_unicast+0x549/0x7f0 [ 2976.003144] ? netlink_attachskb+0x870/0x870 [ 2976.003899] netlink_sendmsg+0x90f/0xdf0 [ 2976.004587] ? netlink_unicast+0x7f0/0x7f0 [ 2976.005316] ? netlink_unicast+0x7f0/0x7f0 [ 2976.006023] __sock_sendmsg+0x154/0x190 [ 2976.006687] ____sys_sendmsg+0x70d/0x870 [ 2976.007366] ? sock_write_iter+0x3d0/0x3d0 [ 2976.008056] ? do_recvmmsg+0x6d0/0x6d0 [ 2976.008694] ? perf_trace_lock+0x2bd/0x490 [ 2976.009419] ? __lockdep_reset_lock+0x180/0x180 [ 2976.010203] ___sys_sendmsg+0xf3/0x170 [ 2976.010853] ? sendmsg_copy_msghdr+0x160/0x160 [ 2976.011602] ? lock_downgrade+0x6d0/0x6d0 [ 2976.012281] ? find_held_lock+0x2c/0x110 [ 2976.012951] ? __fget_files+0x296/0x4c0 [ 2976.013647] ? __fget_light+0xea/0x290 [ 2976.014313] __sys_sendmsg+0xe5/0x1b0 [ 2976.014945] ? __sys_sendmsg_sock+0x40/0x40 [ 2976.015642] ? rcu_read_lock_any_held+0x75/0xa0 [ 2976.016447] do_syscall_64+0x33/0x40 [ 2976.017043] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2976.017866] RIP: 0033:0x7f9dea275b19 [ 2976.018459] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2976.021411] RSP: 002b:00007f9de77eb188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2976.022635] RAX: ffffffffffffffda RBX: 00007f9dea388f60 RCX: 00007f9dea275b19 [ 2976.023792] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2976.024918] RBP: 00007f9de77eb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2976.026078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2976.027236] R13: 00007ffce689820f R14: 00007f9de77eb300 R15: 0000000000022000 [ 2976.030772] FAULT_INJECTION: forcing a failure. [ 2976.030772] name failslab, interval 1, probability 0, space 0, times 0 [ 2976.032624] CPU: 1 PID: 17227 Comm: syz-executor.5 Not tainted 5.10.210 #1 [ 2976.033745] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2976.035071] Call Trace: [ 2976.035510] dump_stack+0x107/0x167 [ 2976.036117] should_fail.cold+0x5/0xa [ 2976.036735] ? create_object.isra.0+0x3a/0xa20 [ 2976.037479] should_failslab+0x5/0x20 [ 2976.038130] kmem_cache_alloc+0x5b/0x310 [ 2976.038806] ? igrab+0xc0/0xc0 [ 2976.039346] create_object.isra.0+0x3a/0xa20 [ 2976.040047] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2976.040849] __kmalloc+0x16e/0x390 [ 2976.041439] iter_file_splice_write+0x16d/0xc30 [ 2976.042160] ? atime_needs_update+0x600/0x600 [ 2976.042879] ? generic_splice_sendpage+0x140/0x140 [ 2976.043648] ? pipe_to_user+0x170/0x170 [ 2976.044273] ? _cond_resched+0x12/0x80 [ 2976.044890] ? avc_policy_seqno+0x9/0x70 [ 2976.045550] ? selinux_file_permission+0x92/0x520 [ 2976.046311] ? lockdep_init_map_type+0x2c7/0x780 [ 2976.047047] ? generic_splice_sendpage+0x140/0x140 [ 2976.047810] direct_splice_actor+0x10f/0x170 [ 2976.048496] splice_direct_to_actor+0x387/0x980 [ 2976.049220] ? pipe_to_sendpage+0x380/0x380 [ 2976.049938] ? do_splice_to+0x160/0x160 [ 2976.050598] ? security_file_permission+0x24e/0x570 05:17:11 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 9) 05:17:11 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x10, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) [ 2976.051433] do_splice_direct+0x1c4/0x290 [ 2976.052269] ? splice_direct_to_actor+0x980/0x980 [ 2976.053035] ? selinux_file_permission+0x92/0x520 [ 2976.053810] ? security_file_permission+0x24e/0x570 [ 2976.054612] do_sendfile+0x553/0x1090 [ 2976.055222] ? do_pwritev+0x270/0x270 [ 2976.055819] ? wait_for_completion_io+0x270/0x270 [ 2976.056566] ? rcu_read_lock_any_held+0x75/0xa0 [ 2976.057281] ? vfs_write+0x354/0xa70 [ 2976.057876] __x64_sys_sendfile64+0x1d1/0x210 [ 2976.058574] ? __ia32_sys_sendfile+0x220/0x220 [ 2976.059300] do_syscall_64+0x33/0x40 [ 2976.059870] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2976.060654] RIP: 0033:0x7fa47a8f1b19 [ 2976.061231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2976.064030] RSP: 002b:00007fa477e67188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2976.065189] RAX: ffffffffffffffda RBX: 00007fa47aa04f60 RCX: 00007fa47a8f1b19 [ 2976.066304] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 2976.067406] RBP: 00007fa477e671d0 R08: 0000000000000000 R09: 0000000000000000 [ 2976.068498] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000001 [ 2976.069612] R13: 00007ffc61c0da3f R14: 00007fa477e67300 R15: 0000000000022000 [ 2976.086414] FAULT_INJECTION: forcing a failure. [ 2976.086414] name failslab, interval 1, probability 0, space 0, times 0 [ 2976.088224] CPU: 1 PID: 17230 Comm: syz-executor.4 Not tainted 5.10.210 #1 [ 2976.089305] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2976.090612] Call Trace: [ 2976.091034] dump_stack+0x107/0x167 [ 2976.091614] should_fail.cold+0x5/0xa [ 2976.092212] ? create_object.isra.0+0x3a/0xa20 [ 2976.092927] should_failslab+0x5/0x20 [ 2976.093543] kmem_cache_alloc+0x5b/0x310 [ 2976.094176] ? lock_release+0x680/0x680 [ 2976.094806] create_object.isra.0+0x3a/0xa20 [ 2976.095487] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2976.096286] __kmalloc+0x16e/0x390 [ 2976.096852] genl_family_rcv_msg_attrs_parse.constprop.0+0xdb/0x280 [ 2976.097843] genl_family_rcv_msg_doit+0xda/0x330 [ 2976.098627] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 2976.099661] ? cap_capable+0x1cd/0x230 [ 2976.100295] ? security_capable+0x95/0xc0 [ 2976.100950] ? ns_capable+0xe2/0x110 [ 2976.101565] genl_rcv_msg+0x33c/0x5a0 [ 2976.102172] ? genl_get_cmd+0x480/0x480 [ 2976.102802] ? ieee802154_dump_phy+0x160/0x160 [ 2976.103522] ? lock_release+0x680/0x680 [ 2976.104158] ? __lockdep_reset_lock+0x180/0x180 [ 2976.104881] netlink_rcv_skb+0x14b/0x430 [ 2976.105543] ? genl_get_cmd+0x480/0x480 [ 2976.106192] ? netlink_ack+0xab0/0xab0 [ 2976.106879] ? netlink_deliver_tap+0x1c4/0xcd0 [ 2976.107623] ? is_vmalloc_addr+0x7b/0xb0 [ 2976.108265] genl_rcv+0x24/0x40 [ 2976.108799] netlink_unicast+0x549/0x7f0 [ 2976.109481] ? netlink_attachskb+0x870/0x870 [ 2976.110208] netlink_sendmsg+0x90f/0xdf0 [ 2976.110875] ? netlink_unicast+0x7f0/0x7f0 [ 2976.111555] ? netlink_unicast+0x7f0/0x7f0 [ 2976.112214] __sock_sendmsg+0x154/0x190 [ 2976.112842] ____sys_sendmsg+0x70d/0x870 [ 2976.113489] ? sock_write_iter+0x3d0/0x3d0 [ 2976.114161] ? do_recvmmsg+0x6d0/0x6d0 [ 2976.114792] ? perf_trace_lock+0xac/0x490 [ 2976.115465] ? __lockdep_reset_lock+0x180/0x180 [ 2976.116191] ? perf_trace_lock+0xac/0x490 [ 2976.116842] ? SOFTIRQ_verbose+0x10/0x10 [ 2976.117493] ___sys_sendmsg+0xf3/0x170 [ 2976.118096] ? sendmsg_copy_msghdr+0x160/0x160 [ 2976.118819] ? lock_downgrade+0x6d0/0x6d0 [ 2976.119465] ? find_held_lock+0x2c/0x110 [ 2976.120138] ? __fget_files+0x296/0x4c0 [ 2976.120790] ? __fget_light+0xea/0x290 [ 2976.121435] __sys_sendmsg+0xe5/0x1b0 [ 2976.122034] ? __sys_sendmsg_sock+0x40/0x40 [ 2976.122730] ? rcu_read_lock_any_held+0x75/0xa0 [ 2976.123522] do_syscall_64+0x33/0x40 [ 2976.124138] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2976.124947] RIP: 0033:0x7f044fd89b19 [ 2976.125564] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2976.128394] RSP: 002b:00007f044d2ff188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2976.129590] RAX: ffffffffffffffda RBX: 00007f044fe9cf60 RCX: 00007f044fd89b19 [ 2976.130750] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2976.131894] RBP: 00007f044d2ff1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2976.133040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2976.134193] R13: 00007ffd87edac3f R14: 00007f044d2ff300 R15: 0000000000022000 05:17:32 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x153f4, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:17:32 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) (fail_nth: 7) 05:17:32 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x14, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:17:32 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 10) 05:17:32 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 11) 05:17:32 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bb9, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:17:32 executing program 3: ioctl$CDROMSETSPINDOWN(0xffffffffffffffff, 0x531e, &(0x7f0000000000)=0x5) 05:17:32 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0xffffffff, 0x0, 0x0, 0x0) [ 2996.393308] FAULT_INJECTION: forcing a failure. [ 2996.393308] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2996.394965] CPU: 0 PID: 17280 Comm: syz-executor.5 Not tainted 5.10.210 #1 [ 2996.395674] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2996.396515] Call Trace: [ 2996.396803] dump_stack+0x107/0x167 [ 2996.397195] should_fail.cold+0x5/0xa [ 2996.397611] __alloc_pages_nodemask+0x182/0x600 [ 2996.398110] ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130 [ 2996.398743] ? find_get_entry+0x2c8/0x740 [ 2996.399194] alloc_pages_current+0x187/0x280 [ 2996.399655] __page_cache_alloc+0x2d2/0x360 [ 2996.400101] ? perf_trace_run_bpf_submit+0xf5/0x190 [ 2996.400627] pagecache_get_page+0x2c7/0xc80 [ 2996.401094] grab_cache_page_write_begin+0x64/0xa0 [ 2996.401618] cont_write_begin+0x448/0x980 [ 2996.402068] ? fat_add_cluster+0x100/0x100 [ 2996.402515] ? nobh_write_begin+0xed0/0xed0 [ 2996.402966] ? __mark_inode_dirty+0x93b/0xd40 [ 2996.403435] ? lock_downgrade+0x6d0/0x6d0 [ 2996.403869] ? do_raw_spin_lock+0x121/0x260 [ 2996.404319] ? iov_iter_fault_in_readable+0x9a/0x410 [ 2996.404857] fat_write_begin+0x89/0x180 [ 2996.405280] ? fat_add_cluster+0x100/0x100 [ 2996.405744] generic_perform_write+0x20a/0x4f0 [ 2996.406236] ? fat_direct_IO+0x1ef/0x380 [ 2996.406663] ? page_cache_prev_miss+0x310/0x310 [ 2996.407177] __generic_file_write_iter+0x2cd/0x5d0 [ 2996.407716] generic_file_write_iter+0xdb/0x230 [ 2996.408210] do_iter_readv_writev+0x476/0x750 [ 2996.408687] ? new_sync_write+0x660/0x660 [ 2996.409121] ? selinux_file_permission+0x92/0x520 [ 2996.409672] do_iter_write+0x191/0x670 [ 2996.410112] ? trace_hardirqs_on+0x5b/0x180 [ 2996.410586] vfs_iter_write+0x70/0xa0 [ 2996.410988] iter_file_splice_write+0x762/0xc30 [ 2996.411505] ? generic_splice_sendpage+0x140/0x140 [ 2996.412027] ? avc_policy_seqno+0x9/0x70 [ 2996.412451] ? selinux_file_permission+0x92/0x520 [ 2996.412964] ? lockdep_init_map_type+0x2c7/0x780 [ 2996.413467] ? generic_splice_sendpage+0x140/0x140 [ 2996.413989] direct_splice_actor+0x10f/0x170 [ 2996.414413] FAULT_INJECTION: forcing a failure. [ 2996.414413] name failslab, interval 1, probability 0, space 0, times 0 [ 2996.414454] splice_direct_to_actor+0x387/0x980 [ 2996.416719] ? pipe_to_sendpage+0x380/0x380 [ 2996.417180] ? do_splice_to+0x160/0x160 [ 2996.417602] ? security_file_permission+0x24e/0x570 [ 2996.418141] do_splice_direct+0x1c4/0x290 [ 2996.418577] ? splice_direct_to_actor+0x980/0x980 [ 2996.419080] ? selinux_file_permission+0x92/0x520 [ 2996.419591] ? security_file_permission+0x24e/0x570 [ 2996.420133] do_sendfile+0x553/0x1090 [ 2996.420553] ? do_pwritev+0x270/0x270 [ 2996.420959] ? wait_for_completion_io+0x270/0x270 [ 2996.421463] ? rcu_read_lock_any_held+0x75/0xa0 [ 2996.421928] ? vfs_write+0x354/0xa70 [ 2996.422329] __x64_sys_sendfile64+0x1d1/0x210 [ 2996.422818] ? __ia32_sys_sendfile+0x220/0x220 [ 2996.423326] do_syscall_64+0x33/0x40 [ 2996.423720] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2996.424247] RIP: 0033:0x7fa47a8f1b19 [ 2996.424632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2996.426503] RSP: 002b:00007fa477e67188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2996.427285] RAX: ffffffffffffffda RBX: 00007fa47aa04f60 RCX: 00007fa47a8f1b19 [ 2996.428017] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 2996.428747] RBP: 00007fa477e671d0 R08: 0000000000000000 R09: 0000000000000000 [ 2996.429479] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000001 [ 2996.430220] R13: 00007ffc61c0da3f R14: 00007fa477e67300 R15: 0000000000022000 [ 2996.430997] CPU: 1 PID: 17279 Comm: syz-executor.4 Not tainted 5.10.210 #1 [ 2996.432133] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2996.433472] Call Trace: [ 2996.433920] dump_stack+0x107/0x167 [ 2996.434523] should_fail.cold+0x5/0xa [ 2996.435149] ? __alloc_skb+0x6d/0x5b0 [ 2996.435775] should_failslab+0x5/0x20 [ 2996.436399] kmem_cache_alloc_node+0x55/0x330 [ 2996.437144] __alloc_skb+0x6d/0x5b0 [ 2996.437744] ? mark_held_locks+0x9e/0xe0 [ 2996.438411] ieee802154_nl_new_reply+0x2f/0x100 [ 2996.439177] ieee802154_add_iface+0x22f/0x8f0 [ 2996.439909] ? __nla_parse+0x3e/0x50 [ 2996.440531] ? ieee802154_dump_phy+0x160/0x160 [ 2996.441285] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280 [ 2996.442368] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280 [ 2996.443430] genl_family_rcv_msg_doit+0x22d/0x330 [ 2996.444220] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 2996.445310] ? ns_capable+0xe2/0x110 [ 2996.445930] genl_rcv_msg+0x33c/0x5a0 [ 2996.446561] ? genl_get_cmd+0x480/0x480 [ 2996.447215] ? ieee802154_dump_phy+0x160/0x160 [ 2996.447968] ? lock_release+0x680/0x680 [ 2996.448614] ? __lockdep_reset_lock+0x180/0x180 [ 2996.449374] netlink_rcv_skb+0x14b/0x430 [ 2996.450045] ? genl_get_cmd+0x480/0x480 [ 2996.450697] ? netlink_ack+0xab0/0xab0 [ 2996.451340] ? netlink_deliver_tap+0x1c4/0xcd0 [ 2996.452085] ? is_vmalloc_addr+0x7b/0xb0 [ 2996.452750] genl_rcv+0x24/0x40 [ 2996.453283] netlink_unicast+0x549/0x7f0 [ 2996.453956] ? netlink_attachskb+0x870/0x870 [ 2996.454683] netlink_sendmsg+0x90f/0xdf0 [ 2996.455346] ? netlink_unicast+0x7f0/0x7f0 [ 2996.456082] ? netlink_unicast+0x7f0/0x7f0 [ 2996.456762] __sock_sendmsg+0x154/0x190 [ 2996.457399] ____sys_sendmsg+0x70d/0x870 [ 2996.458078] ? sock_write_iter+0x3d0/0x3d0 [ 2996.458749] ? do_recvmmsg+0x6d0/0x6d0 [ 2996.459371] ? perf_trace_lock+0xac/0x490 [ 2996.460044] ? __lockdep_reset_lock+0x180/0x180 [ 2996.460803] ? perf_trace_lock+0xac/0x490 [ 2996.461466] ? SOFTIRQ_verbose+0x10/0x10 [ 2996.462154] ___sys_sendmsg+0xf3/0x170 [ 2996.462790] ? sendmsg_copy_msghdr+0x160/0x160 [ 2996.463528] ? lock_downgrade+0x6d0/0x6d0 [ 2996.464198] ? find_held_lock+0x2c/0x110 [ 2996.464860] ? __fget_files+0x296/0x4c0 [ 2996.465510] ? __fget_light+0xea/0x290 [ 2996.466152] __sys_sendmsg+0xe5/0x1b0 [ 2996.466766] ? __sys_sendmsg_sock+0x40/0x40 [ 2996.467453] ? rcu_read_lock_any_held+0x75/0xa0 [ 2996.468238] do_syscall_64+0x33/0x40 [ 2996.468834] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2996.469657] RIP: 0033:0x7f044fd89b19 [ 2996.470255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2996.473218] RSP: 002b:00007f044d2ff188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2996.474430] RAX: ffffffffffffffda RBX: 00007f044fe9cf60 RCX: 00007f044fd89b19 [ 2996.475565] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2996.476688] RBP: 00007f044d2ff1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2996.477838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2996.478961] R13: 00007ffd87edac3f R14: 00007f044d2ff300 R15: 0000000000022000 05:17:32 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) (fail_nth: 8) 05:17:32 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000340)={0x0}, &(0x7f0000000380)=0xc) sendmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r1}}}], 0x20}, 0x0) process_vm_readv(r1, &(0x7f0000001600)=[{&(0x7f0000000340)=""/4096, 0x1000}, {&(0x7f00000000c0)=""/167, 0xa7}, {&(0x7f0000000180)=""/102, 0x66}, {&(0x7f0000001340)=""/242, 0xf2}, {&(0x7f0000001440)=""/184, 0xb8}, {&(0x7f0000000000)=""/46, 0x2e}, {&(0x7f0000001500)=""/246, 0xf6}, {&(0x7f0000000200)=""/8, 0x8}], 0x8, &(0x7f0000001680)=[{&(0x7f0000000240)=""/50, 0x32}, {&(0x7f00000002c0)=""/4, 0x4}], 0x2, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r2, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) 05:17:32 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:17:32 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 11) 05:17:32 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x153f5, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:17:32 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bba, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:17:32 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x9, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) [ 2996.630818] FAULT_INJECTION: forcing a failure. [ 2996.630818] name failslab, interval 1, probability 0, space 0, times 0 [ 2996.631815] CPU: 0 PID: 17299 Comm: syz-executor.4 Not tainted 5.10.210 #1 [ 2996.632423] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2996.633151] Call Trace: [ 2996.633388] dump_stack+0x107/0x167 [ 2996.633717] should_fail.cold+0x5/0xa [ 2996.634067] ? create_object.isra.0+0x3a/0xa20 [ 2996.634475] should_failslab+0x5/0x20 [ 2996.634814] kmem_cache_alloc+0x5b/0x310 [ 2996.635176] create_object.isra.0+0x3a/0xa20 [ 2996.635560] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2996.636088] kmem_cache_alloc_node+0x169/0x330 [ 2996.636540] __alloc_skb+0x6d/0x5b0 [ 2996.636914] ? mark_held_locks+0x9e/0xe0 [ 2996.637284] ieee802154_nl_new_reply+0x2f/0x100 [ 2996.637780] ieee802154_add_iface+0x22f/0x8f0 [ 2996.638183] ? __nla_parse+0x3e/0x50 [ 2996.638574] ? ieee802154_dump_phy+0x160/0x160 [ 2996.639019] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280 [ 2996.639690] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280 [ 2996.640267] genl_family_rcv_msg_doit+0x22d/0x330 [ 2996.640764] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 2996.641462] ? ns_capable+0xe2/0x110 [ 2996.641861] genl_rcv_msg+0x33c/0x5a0 [ 2996.642261] ? genl_get_cmd+0x480/0x480 [ 2996.642658] ? ieee802154_dump_phy+0x160/0x160 [ 2996.643079] ? lock_release+0x680/0x680 [ 2996.643410] ? __lockdep_reset_lock+0x180/0x180 [ 2996.643842] netlink_rcv_skb+0x14b/0x430 [ 2996.644201] ? genl_get_cmd+0x480/0x480 [ 2996.644545] ? netlink_ack+0xab0/0xab0 [ 2996.644890] ? netlink_deliver_tap+0x1c4/0xcd0 [ 2996.645278] ? is_vmalloc_addr+0x7b/0xb0 [ 2996.645641] genl_rcv+0x24/0x40 [ 2996.645925] netlink_unicast+0x549/0x7f0 [ 2996.646268] ? netlink_attachskb+0x870/0x870 [ 2996.646669] netlink_sendmsg+0x90f/0xdf0 [ 2996.647037] ? netlink_unicast+0x7f0/0x7f0 [ 2996.647404] ? netlink_unicast+0x7f0/0x7f0 [ 2996.647810] __sock_sendmsg+0x154/0x190 [ 2996.648228] ____sys_sendmsg+0x70d/0x870 [ 2996.648664] ? sock_write_iter+0x3d0/0x3d0 [ 2996.649105] ? do_recvmmsg+0x6d0/0x6d0 [ 2996.649523] ? perf_trace_lock+0x2bd/0x490 [ 2996.649998] ? __lockdep_reset_lock+0x180/0x180 [ 2996.650502] ___sys_sendmsg+0xf3/0x170 [ 2996.650894] ? sendmsg_copy_msghdr+0x160/0x160 [ 2996.651284] ? lock_downgrade+0x6d0/0x6d0 [ 2996.651669] ? find_held_lock+0x2c/0x110 [ 2996.652031] ? __fget_files+0x296/0x4c0 [ 2996.652390] ? __fget_light+0xea/0x290 [ 2996.652752] __sys_sendmsg+0xe5/0x1b0 [ 2996.653081] ? __sys_sendmsg_sock+0x40/0x40 [ 2996.653457] ? rcu_read_lock_any_held+0x75/0xa0 [ 2996.653905] do_syscall_64+0x33/0x40 [ 2996.654231] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2996.654694] RIP: 0033:0x7f044fd89b19 [ 2996.655009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2996.656622] RSP: 002b:00007f044d2ff188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2996.657375] RAX: ffffffffffffffda RBX: 00007f044fe9cf60 RCX: 00007f044fd89b19 [ 2996.658015] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2996.658610] RBP: 00007f044d2ff1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2996.659235] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2996.659853] R13: 00007ffd87edac3f R14: 00007f044d2ff300 R15: 0000000000022000 [ 2996.709081] FAULT_INJECTION: forcing a failure. [ 2996.709081] name failslab, interval 1, probability 0, space 0, times 0 [ 2996.711136] CPU: 1 PID: 17294 Comm: syz-executor.5 Not tainted 5.10.210 #1 [ 2996.712270] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2996.713624] Call Trace: [ 2996.714055] dump_stack+0x107/0x167 [ 2996.714671] should_fail.cold+0x5/0xa [ 2996.715292] ? create_object.isra.0+0x3a/0xa20 [ 2996.716033] should_failslab+0x5/0x20 [ 2996.716648] kmem_cache_alloc+0x5b/0x310 [ 2996.717315] create_object.isra.0+0x3a/0xa20 [ 2996.718038] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2996.718867] kmem_cache_alloc+0x159/0x310 [ 2996.719549] alloc_buffer_head+0x20/0x110 [ 2996.720219] alloc_page_buffers+0x14d/0x700 [ 2996.720926] create_empty_buffers+0x2c/0x640 [ 2996.721660] create_page_buffers+0x1bb/0x230 [ 2996.722382] __block_write_begin_int+0x1d1/0x19c0 [ 2996.723163] ? fat_add_cluster+0x100/0x100 [ 2996.723850] ? add_to_page_cache_locked+0x40/0x40 [ 2996.724629] ? __page_cache_alloc+0x10d/0x360 [ 2996.725358] ? remove_inode_buffers+0x300/0x300 [ 2996.726115] ? pagecache_get_page+0x243/0xc80 [ 2996.726845] ? perf_trace_lock+0xac/0x490 [ 2996.727520] ? wait_for_stable_page+0x92/0xe0 [ 2996.728251] cont_write_begin+0x472/0x980 [ 2996.728936] ? fat_add_cluster+0x100/0x100 [ 2996.729630] ? nobh_write_begin+0xed0/0xed0 [ 2996.730323] ? __mark_inode_dirty+0x93b/0xd40 [ 2996.731050] ? lock_downgrade+0x6d0/0x6d0 [ 2996.731721] ? do_raw_spin_lock+0x121/0x260 05:17:32 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 12) [ 2996.732421] ? iov_iter_fault_in_readable+0x9a/0x410 [ 2996.733146] fat_write_begin+0x89/0x180 [ 2996.733552] ? fat_add_cluster+0x100/0x100 [ 2996.733985] generic_perform_write+0x20a/0x4f0 [ 2996.734445] ? fat_direct_IO+0x1ef/0x380 [ 2996.734851] ? page_cache_prev_miss+0x310/0x310 [ 2996.735334] __generic_file_write_iter+0x2cd/0x5d0 [ 2996.735842] generic_file_write_iter+0xdb/0x230 [ 2996.736322] do_iter_readv_writev+0x476/0x750 [ 2996.736789] ? new_sync_write+0x660/0x660 [ 2996.737213] ? selinux_file_permission+0x92/0x520 [ 2996.737739] do_iter_write+0x191/0x670 [ 2996.738143] ? trace_hardirqs_on+0x5b/0x180 [ 2996.738577] vfs_iter_write+0x70/0xa0 [ 2996.738979] iter_file_splice_write+0x762/0xc30 [ 2996.739470] ? generic_splice_sendpage+0x140/0x140 [ 2996.739986] ? avc_policy_seqno+0x9/0x70 [ 2996.740402] ? selinux_file_permission+0x92/0x520 [ 2996.740912] ? lockdep_init_map_type+0x2c7/0x780 [ 2996.741388] ? generic_splice_sendpage+0x140/0x140 [ 2996.741898] direct_splice_actor+0x10f/0x170 [ 2996.742352] splice_direct_to_actor+0x387/0x980 [ 2996.742838] ? pipe_to_sendpage+0x380/0x380 [ 2996.743285] ? do_splice_to+0x160/0x160 [ 2996.743682] ? security_file_permission+0x24e/0x570 [ 2996.744213] do_splice_direct+0x1c4/0x290 [ 2996.744630] ? splice_direct_to_actor+0x980/0x980 [ 2996.745108] ? selinux_file_permission+0x92/0x520 [ 2996.745608] ? security_file_permission+0x24e/0x570 [ 2996.746135] do_sendfile+0x553/0x1090 [ 2996.746543] ? do_pwritev+0x270/0x270 [ 2996.746934] ? wait_for_completion_io+0x270/0x270 [ 2996.747427] ? rcu_read_lock_any_held+0x75/0xa0 [ 2996.747895] ? vfs_write+0x354/0xa70 [ 2996.748284] __x64_sys_sendfile64+0x1d1/0x210 [ 2996.748744] ? __ia32_sys_sendfile+0x220/0x220 [ 2996.749225] do_syscall_64+0x33/0x40 [ 2996.749621] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2996.750136] RIP: 0033:0x7fa47a8f1b19 [ 2996.750518] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2996.752338] RSP: 002b:00007fa477e67188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 2996.753114] RAX: ffffffffffffffda RBX: 00007fa47aa04f60 RCX: 00007fa47a8f1b19 [ 2996.753839] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 2996.754559] RBP: 00007fa477e671d0 R08: 0000000000000000 R09: 0000000000000000 [ 2996.755275] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000001 [ 2996.756008] R13: 00007ffc61c0da3f R14: 00007fa477e67300 R15: 0000000000022000 05:17:32 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0) read(r1, &(0x7f0000000000), 0x2000) close(r1) sendfile(r0, r1, &(0x7f0000000000)=0x3ff, 0x200) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) [ 2996.965846] FAULT_INJECTION: forcing a failure. [ 2996.965846] name failslab, interval 1, probability 0, space 0, times 0 [ 2996.967938] CPU: 1 PID: 17322 Comm: syz-executor.4 Not tainted 5.10.210 #1 [ 2996.969047] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2996.970374] Call Trace: [ 2996.970803] dump_stack+0x107/0x167 [ 2996.971402] should_fail.cold+0x5/0xa [ 2996.972026] should_failslab+0x5/0x20 [ 2996.972647] __kmalloc_node_track_caller+0x74/0x3b0 [ 2996.973441] ? ieee802154_nl_new_reply+0x2f/0x100 [ 2996.974244] __alloc_skb+0xb1/0x5b0 [ 2996.974837] ieee802154_nl_new_reply+0x2f/0x100 [ 2996.975604] ieee802154_add_iface+0x22f/0x8f0 [ 2996.976318] ? __nla_parse+0x3e/0x50 [ 2996.976930] ? ieee802154_dump_phy+0x160/0x160 [ 2996.977675] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280 [ 2996.978718] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280 [ 2996.979765] genl_family_rcv_msg_doit+0x22d/0x330 [ 2996.980536] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 2996.981610] ? ns_capable+0xe2/0x110 [ 2996.982212] genl_rcv_msg+0x33c/0x5a0 [ 2996.982828] ? genl_get_cmd+0x480/0x480 [ 2996.983469] ? ieee802154_dump_phy+0x160/0x160 [ 2996.984209] ? lock_release+0x680/0x680 [ 2996.984859] ? __lockdep_reset_lock+0x180/0x180 [ 2996.985614] netlink_rcv_skb+0x14b/0x430 [ 2996.986276] ? genl_get_cmd+0x480/0x480 [ 2996.986916] ? netlink_ack+0xab0/0xab0 [ 2996.987555] ? netlink_deliver_tap+0x1c4/0xcd0 [ 2996.988290] ? is_vmalloc_addr+0x7b/0xb0 [ 2996.988945] genl_rcv+0x24/0x40 [ 2996.989475] netlink_unicast+0x549/0x7f0 [ 2996.990142] ? netlink_attachskb+0x870/0x870 [ 2996.990861] netlink_sendmsg+0x90f/0xdf0 [ 2996.991521] ? netlink_unicast+0x7f0/0x7f0 [ 2996.992219] ? netlink_unicast+0x7f0/0x7f0 [ 2996.992895] __sock_sendmsg+0x154/0x190 [ 2996.993533] ____sys_sendmsg+0x70d/0x870 [ 2996.994194] ? sock_write_iter+0x3d0/0x3d0 [ 2996.994865] ? do_recvmmsg+0x6d0/0x6d0 [ 2996.995490] ? perf_trace_lock+0xac/0x490 [ 2996.996165] ? __lockdep_reset_lock+0x180/0x180 [ 2996.996911] ? perf_trace_lock+0xac/0x490 [ 2996.997587] ? SOFTIRQ_verbose+0x10/0x10 [ 2996.998260] ___sys_sendmsg+0xf3/0x170 [ 2996.998886] ? sendmsg_copy_msghdr+0x160/0x160 [ 2996.999620] ? lock_downgrade+0x6d0/0x6d0 [ 2997.000294] ? find_held_lock+0x2c/0x110 [ 2997.000971] ? __fget_files+0x296/0x4c0 [ 2997.001630] ? __fget_light+0xea/0x290 [ 2997.002277] __sys_sendmsg+0xe5/0x1b0 [ 2997.002900] ? __sys_sendmsg_sock+0x40/0x40 [ 2997.003604] ? rcu_read_lock_any_held+0x75/0xa0 [ 2997.004392] do_syscall_64+0x33/0x40 [ 2997.005002] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 2997.005823] RIP: 0033:0x7f044fd89b19 [ 2997.006418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2997.009324] RSP: 002b:00007f044d2ff188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2997.010539] RAX: ffffffffffffffda RBX: 00007f044fe9cf60 RCX: 00007f044fd89b19 [ 2997.011668] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 2997.012798] RBP: 00007f044d2ff1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2997.013975] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2997.015104] R13: 00007ffd87edac3f R14: 00007f044d2ff300 R15: 0000000000022000 05:17:54 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x900, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:17:54 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0xf5, 0x0, 0x0) 05:17:54 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0xa, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:17:54 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x153f6, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:17:54 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bbb, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:17:54 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = socket$packet(0x11, 0x2, 0x300) r2 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000000)='tasks\x00', 0x2, 0x0) ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f0000000180)=ANY=[@ANYBLOB="0002000000000000ab750000000000000300000000000000", @ANYRES32=r1, @ANYBLOB='\x00\x00\x00\x00\a\x00'/28, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00@\x00'/28, @ANYRES32=r2, @ANYBLOB="000000000900000000000000000000000000000000000000000001a9e552c0b38ac7c61e1f0000"]) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r3, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, &(0x7f0000000140)={0x0, @aes256, 0x0, @desc4}) 05:17:54 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 13) 05:17:54 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) (fail_nth: 9) [ 3018.713196] FAULT_INJECTION: forcing a failure. [ 3018.713196] name failslab, interval 1, probability 0, space 0, times 0 [ 3018.714595] CPU: 0 PID: 17379 Comm: syz-executor.4 Not tainted 5.10.210 #1 [ 3018.715411] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3018.716379] Call Trace: [ 3018.716703] dump_stack+0x107/0x167 [ 3018.717146] should_fail.cold+0x5/0xa [ 3018.717617] should_failslab+0x5/0x20 [ 3018.718082] __kmalloc_node_track_caller+0x74/0x3b0 [ 3018.718673] ? ieee802154_nl_new_reply+0x2f/0x100 [ 3018.719263] __alloc_skb+0xb1/0x5b0 [ 3018.719711] ieee802154_nl_new_reply+0x2f/0x100 [ 3018.720278] ieee802154_add_iface+0x22f/0x8f0 [ 3018.720813] ? __nla_parse+0x3e/0x50 [ 3018.721268] ? ieee802154_dump_phy+0x160/0x160 [ 3018.721821] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280 [ 3018.722609] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280 [ 3018.723392] genl_family_rcv_msg_doit+0x22d/0x330 [ 3018.723968] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3018.724774] ? ns_capable+0xe2/0x110 [ 3018.725228] genl_rcv_msg+0x33c/0x5a0 [ 3018.725689] ? genl_get_cmd+0x480/0x480 [ 3018.726180] ? ieee802154_dump_phy+0x160/0x160 [ 3018.726735] ? lock_release+0x680/0x680 [ 3018.727202] ? __lockdep_reset_lock+0x180/0x180 [ 3018.727754] netlink_rcv_skb+0x14b/0x430 [ 3018.728241] ? genl_get_cmd+0x480/0x480 [ 3018.728713] ? netlink_ack+0xab0/0xab0 [ 3018.729196] ? netlink_deliver_tap+0x1c4/0xcd0 [ 3018.729733] ? is_vmalloc_addr+0x7b/0xb0 [ 3018.730235] genl_rcv+0x24/0x40 [ 3018.730624] netlink_unicast+0x549/0x7f0 [ 3018.731116] ? netlink_attachskb+0x870/0x870 [ 3018.731652] netlink_sendmsg+0x90f/0xdf0 [ 3018.732150] ? netlink_unicast+0x7f0/0x7f0 [ 3018.732668] ? netlink_unicast+0x7f0/0x7f0 [ 3018.733174] __sock_sendmsg+0x154/0x190 [ 3018.733644] ____sys_sendmsg+0x70d/0x870 [ 3018.734142] ? sock_write_iter+0x3d0/0x3d0 [ 3018.734636] ? do_recvmmsg+0x6d0/0x6d0 [ 3018.735097] ? perf_trace_lock+0x2bd/0x490 [ 3018.735608] ? __lockdep_reset_lock+0x180/0x180 [ 3018.736179] ___sys_sendmsg+0xf3/0x170 [ 3018.736647] ? sendmsg_copy_msghdr+0x160/0x160 [ 3018.737197] ? lock_downgrade+0x6d0/0x6d0 [ 3018.737693] ? find_held_lock+0x2c/0x110 [ 3018.738203] ? __fget_files+0x296/0x4c0 [ 3018.738699] ? __fget_light+0xea/0x290 [ 3018.739175] __sys_sendmsg+0xe5/0x1b0 [ 3018.739627] ? __sys_sendmsg_sock+0x40/0x40 [ 3018.740132] ? rcu_read_lock_any_held+0x75/0xa0 [ 3018.740733] do_syscall_64+0x33/0x40 [ 3018.741173] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 3018.741762] RIP: 0033:0x7f044fd89b19 [ 3018.742208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3018.744303] RSP: 002b:00007f044d2ff188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3018.745187] RAX: ffffffffffffffda RBX: 00007f044fe9cf60 RCX: 00007f044fd89b19 [ 3018.746011] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 3018.746828] RBP: 00007f044d2ff1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3018.747643] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3018.748471] R13: 00007ffd87edac3f R14: 00007f044d2ff300 R15: 0000000000022000 [ 3018.789820] FAULT_INJECTION: forcing a failure. [ 3018.789820] name failslab, interval 1, probability 0, space 0, times 0 [ 3018.791209] CPU: 0 PID: 17381 Comm: syz-executor.5 Not tainted 5.10.210 #1 [ 3018.791974] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3018.792891] Call Trace: [ 3018.793200] dump_stack+0x107/0x167 [ 3018.793620] should_fail.cold+0x5/0xa [ 3018.794068] ? create_object.isra.0+0x3a/0xa20 [ 3018.794580] should_failslab+0x5/0x20 [ 3018.795009] kmem_cache_alloc+0x5b/0x310 [ 3018.795482] create_object.isra.0+0x3a/0xa20 [ 3018.795973] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3018.796554] kmem_cache_alloc+0x159/0x310 [ 3018.797033] alloc_buffer_head+0x20/0x110 [ 3018.797500] alloc_page_buffers+0x14d/0x700 [ 3018.798005] create_empty_buffers+0x2c/0x640 [ 3018.798514] create_page_buffers+0x1bb/0x230 [ 3018.799011] __block_write_begin_int+0x1d1/0x19c0 [ 3018.799556] ? fat_add_cluster+0x100/0x100 [ 3018.800024] ? add_to_page_cache_locked+0x40/0x40 [ 3018.800563] ? __page_cache_alloc+0x10d/0x360 [ 3018.801059] ? perf_trace_run_bpf_submit+0xf5/0x190 [ 3018.801632] ? remove_inode_buffers+0x300/0x300 [ 3018.802156] ? pagecache_get_page+0x243/0xc80 [ 3018.802657] ? wait_for_stable_page+0x92/0xe0 [ 3018.803160] cont_write_begin+0x472/0x980 [ 3018.803634] ? fat_add_cluster+0x100/0x100 [ 3018.804106] ? nobh_write_begin+0xed0/0xed0 [ 3018.804576] ? __mark_inode_dirty+0x93b/0xd40 [ 3018.805094] ? lock_downgrade+0x6d0/0x6d0 [ 3018.805559] ? do_raw_spin_lock+0x121/0x260 [ 3018.806044] ? iov_iter_fault_in_readable+0x9a/0x410 [ 3018.806609] fat_write_begin+0x89/0x180 [ 3018.807045] ? fat_add_cluster+0x100/0x100 [ 3018.807522] generic_perform_write+0x20a/0x4f0 [ 3018.808037] ? fat_direct_IO+0x1ef/0x380 [ 3018.808478] ? page_cache_prev_miss+0x310/0x310 [ 3018.809018] __generic_file_write_iter+0x2cd/0x5d0 [ 3018.809564] generic_file_write_iter+0xdb/0x230 [ 3018.810087] do_iter_readv_writev+0x476/0x750 [ 3018.810586] ? new_sync_write+0x660/0x660 [ 3018.811036] ? selinux_file_permission+0x92/0x520 [ 3018.811602] do_iter_write+0x191/0x670 [ 3018.812042] ? trace_hardirqs_on+0x5b/0x180 [ 3018.812532] vfs_iter_write+0x70/0xa0 [ 3018.812946] iter_file_splice_write+0x762/0xc30 [ 3018.813484] ? generic_splice_sendpage+0x140/0x140 [ 3018.814033] ? avc_policy_seqno+0x9/0x70 [ 3018.814479] ? selinux_file_permission+0x92/0x520 [ 3018.815010] ? lockdep_init_map_type+0x2c7/0x780 [ 3018.815539] ? generic_splice_sendpage+0x140/0x140 [ 3018.816066] direct_splice_actor+0x10f/0x170 [ 3018.816556] splice_direct_to_actor+0x387/0x980 [ 3018.817063] ? pipe_to_sendpage+0x380/0x380 [ 3018.817547] ? do_splice_to+0x160/0x160 [ 3018.818001] ? security_file_permission+0x24e/0x570 [ 3018.818561] do_splice_direct+0x1c4/0x290 [ 3018.819013] ? splice_direct_to_actor+0x980/0x980 [ 3018.819529] ? selinux_file_permission+0x92/0x520 [ 3018.820060] ? security_file_permission+0x24e/0x570 [ 3018.820628] do_sendfile+0x553/0x1090 [ 3018.821061] ? do_pwritev+0x270/0x270 [ 3018.821494] ? wait_for_completion_io+0x270/0x270 [ 3018.822025] ? rcu_read_lock_any_held+0x75/0xa0 [ 3018.822533] ? vfs_write+0x354/0xa70 [ 3018.822954] __x64_sys_sendfile64+0x1d1/0x210 [ 3018.823441] ? __ia32_sys_sendfile+0x220/0x220 [ 3018.823967] do_syscall_64+0x33/0x40 [ 3018.824376] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 3018.824931] RIP: 0033:0x7fa47a8f1b19 [ 3018.825341] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3018.827296] RSP: 002b:00007fa477e67188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3018.828111] RAX: ffffffffffffffda RBX: 00007fa47aa04f60 RCX: 00007fa47a8f1b19 [ 3018.828880] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 3018.829639] RBP: 00007fa477e671d0 R08: 0000000000000000 R09: 0000000000000000 [ 3018.830409] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000001 [ 3018.831169] R13: 00007ffc61c0da3f R14: 00007fa477e67300 R15: 0000000000022000 05:17:54 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:17:54 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0xf, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:17:54 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x10000) clone3(&(0x7f00000001c0)={0x90100500, &(0x7f00000000c0)=0xffffffffffffffff, &(0x7f0000000100), &(0x7f0000000140), {0x3f}, &(0x7f0000000340)=""/4096, 0x1000, &(0x7f0000001340)=""/4096, &(0x7f0000000180)=[0x0], 0x1, {r0}}, 0x58) fcntl$setflags(r2, 0x2, 0x1) fcntl$dupfd(r1, 0x0, r2) recvmmsg$unix(r0, &(0x7f0000007d00)=[{{&(0x7f0000000040)=@abs, 0x6e, &(0x7f00000047c0)=[{&(0x7f0000002340)=""/4096, 0x1000}, {&(0x7f0000000240)=""/134, 0x86}, {&(0x7f0000003340)=""/108, 0x6c}, {&(0x7f00000033c0)=""/223, 0xdf}, {&(0x7f00000034c0)=""/230, 0xe6}, {&(0x7f00000035c0)=""/12, 0xc}, {&(0x7f0000003600)=""/221, 0xdd}, {&(0x7f0000003700)=""/4096, 0x1000}, {&(0x7f0000004700)=""/137, 0x89}], 0x9, &(0x7f0000004880)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x70}}, {{&(0x7f0000004900), 0x6e, &(0x7f0000004b40)=[{&(0x7f0000004980)=""/230, 0xe6}, {&(0x7f0000004a80)=""/179, 0xb3}], 0x2, &(0x7f0000004b80)=[@rights={{0x10}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x80}}, {{&(0x7f0000004c40), 0x6e, &(0x7f0000005000)=[{&(0x7f0000004cc0)=""/2, 0x2}, {&(0x7f0000004d00)=""/221, 0xdd}, {&(0x7f0000004e00)=""/208, 0xd0}, {&(0x7f0000004f00)=""/122, 0x7a}, {&(0x7f0000004f80)=""/76, 0x4c}], 0x5, &(0x7f0000005080)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xa0}}, {{&(0x7f0000005140), 0x6e, &(0x7f0000005580)=[{&(0x7f00000051c0)=""/254, 0xfe}, {&(0x7f00000052c0)=""/86, 0x56}, {&(0x7f0000005340)=""/58, 0x3a}, {&(0x7f0000005380)=""/124, 0x7c}, {&(0x7f0000005400)=""/22, 0x16}, {&(0x7f0000005440)=""/159, 0x9f}, {&(0x7f0000005500)=""/81, 0x51}], 0x7}}, {{&(0x7f0000005600)=@abs, 0x6e, &(0x7f0000007b00)=[{&(0x7f0000005680)=""/4096, 0x1000}, {&(0x7f0000006680)=""/46, 0x2e}, {&(0x7f0000007e80)=""/212, 0xd4}, {&(0x7f00000067c0)=""/176, 0xb0}, {&(0x7f0000006880)=""/112, 0x70}, {&(0x7f0000006900)=""/86, 0x56}, {&(0x7f0000006980)=""/202, 0xca}, {&(0x7f0000006a80)=""/124, 0x7c}, {&(0x7f0000006b00)=""/4096, 0x1000}], 0x9, &(0x7f0000007bc0)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x110}}], 0x5, 0x40002000, &(0x7f0000007e40)={0x77359400}) setns(r3, 0x20000000) 05:17:54 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf02, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:17:54 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x2000, 0x0, 0x0) 05:17:54 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bbc, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:17:54 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x153f7, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:18:14 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 14) 05:18:14 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) (fail_nth: 10) 05:18:14 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf03, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:18:14 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x153f8, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:18:14 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x14, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:18:14 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) sendfile(0xffffffffffffffff, r0, 0x0, 0x7ff) r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read(r1, &(0x7f0000000000), 0x2000) close(r1) lseek(r1, 0x4, 0x4) 05:18:14 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bbd, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:18:14 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x4000, 0x0, 0x0) [ 3038.903060] FAULT_INJECTION: forcing a failure. [ 3038.903060] name failslab, interval 1, probability 0, space 0, times 0 [ 3038.903956] CPU: 1 PID: 17466 Comm: syz-executor.4 Not tainted 5.10.210 #1 [ 3038.904474] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3038.905088] Call Trace: [ 3038.905308] dump_stack+0x107/0x167 [ 3038.905586] should_fail.cold+0x5/0xa [ 3038.905880] ? kvmalloc_node+0xc0/0x170 [ 3038.906200] should_failslab+0x5/0x20 [ 3038.906493] __kmalloc_node+0x76/0x420 [ 3038.906793] kvmalloc_node+0xc0/0x170 [ 3038.907090] alloc_netdev_mqs+0x97/0xe80 [ 3038.907397] ? mac802154_unlock_table+0x80/0x80 [ 3038.907756] ieee802154_if_add+0xc3/0x1040 [ 3038.908081] ? mutex_lock_io_nested+0xf30/0xf30 [ 3038.908436] ? mac802154_wpan_ioctl+0x2b0/0x2b0 [ 3038.908785] ? skb_put+0x134/0x180 [ 3038.909062] ? memset+0x20/0x50 [ 3038.909330] ? __nlmsg_put+0x155/0x1c0 [ 3038.909629] ? genlmsg_put+0x25b/0x2d0 [ 3038.909934] ieee802154_add_iface_deprecated+0x3e/0x60 [ 3038.910343] ieee802154_add_iface+0x44d/0x8f0 [ 3038.910691] ? ieee802154_dump_phy+0x160/0x160 [ 3038.911039] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280 [ 3038.911542] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280 [ 3038.912036] genl_family_rcv_msg_doit+0x22d/0x330 [ 3038.912402] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 3038.912913] ? ns_capable+0xe2/0x110 [ 3038.913200] genl_rcv_msg+0x33c/0x5a0 [ 3038.913493] ? genl_get_cmd+0x480/0x480 [ 3038.913795] ? ieee802154_dump_phy+0x160/0x160 [ 3038.914161] ? lock_release+0x680/0x680 [ 3038.914463] ? __lockdep_reset_lock+0x180/0x180 [ 3038.914819] netlink_rcv_skb+0x14b/0x430 [ 3038.915130] ? genl_get_cmd+0x480/0x480 [ 3038.915451] ? netlink_ack+0xab0/0xab0 [ 3038.915754] ? netlink_deliver_tap+0x1c4/0xcd0 [ 3038.916096] ? is_vmalloc_addr+0x7b/0xb0 [ 3038.916399] genl_rcv+0x24/0x40 [ 3038.916643] netlink_unicast+0x549/0x7f0 [ 3038.916948] ? netlink_attachskb+0x870/0x870 [ 3038.917283] netlink_sendmsg+0x90f/0xdf0 [ 3038.917587] ? netlink_unicast+0x7f0/0x7f0 [ 3038.917910] ? netlink_unicast+0x7f0/0x7f0 [ 3038.918230] __sock_sendmsg+0x154/0x190 [ 3038.918524] ____sys_sendmsg+0x70d/0x870 [ 3038.918827] ? sock_write_iter+0x3d0/0x3d0 [ 3038.919136] ? do_recvmmsg+0x6d0/0x6d0 [ 3038.919422] ? perf_trace_lock+0xac/0x490 [ 3038.919732] ? __lockdep_reset_lock+0x180/0x180 [ 3038.920073] ? perf_trace_lock+0xac/0x490 [ 3038.920377] ? SOFTIRQ_verbose+0x10/0x10 [ 3038.920688] ___sys_sendmsg+0xf3/0x170 [ 3038.920977] ? sendmsg_copy_msghdr+0x160/0x160 [ 3038.921352] ? lock_downgrade+0x6d0/0x6d0 [ 3038.921662] ? find_held_lock+0x2c/0x110 [ 3038.921970] ? __fget_files+0x296/0x4c0 [ 3038.922283] ? __fget_light+0xea/0x290 [ 3038.922579] __sys_sendmsg+0xe5/0x1b0 [ 3038.922860] ? __sys_sendmsg_sock+0x40/0x40 [ 3038.923179] ? rcu_read_lock_any_held+0x75/0xa0 [ 3038.923549] do_syscall_64+0x33/0x40 [ 3038.923857] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 3038.924236] RIP: 0033:0x7f044fd89b19 [ 3038.924541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3038.925868] RSP: 002b:00007f044d2ff188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 3038.926434] RAX: ffffffffffffffda RBX: 00007f044fe9cf60 RCX: 00007f044fd89b19 [ 3038.926953] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 3038.927471] RBP: 00007f044d2ff1d0 R08: 0000000000000000 R09: 0000000000000000 [ 3038.927991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 3038.928509] R13: 00007ffd87edac3f R14: 00007f044d2ff300 R15: 0000000000022000 [ 3039.010109] FAULT_INJECTION: forcing a failure. [ 3039.010109] name failslab, interval 1, probability 0, space 0, times 0 [ 3039.011932] CPU: 0 PID: 17473 Comm: syz-executor.5 Not tainted 5.10.210 #1 [ 3039.012941] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3039.014148] Call Trace: [ 3039.014550] dump_stack+0x107/0x167 [ 3039.015099] should_fail.cold+0x5/0xa [ 3039.015668] ? create_object.isra.0+0x3a/0xa20 [ 3039.016352] should_failslab+0x5/0x20 [ 3039.016911] kmem_cache_alloc+0x5b/0x310 [ 3039.017523] create_object.isra.0+0x3a/0xa20 [ 3039.018187] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3039.018946] kmem_cache_alloc+0x159/0x310 [ 3039.019570] alloc_buffer_head+0x20/0x110 [ 3039.020184] alloc_page_buffers+0x14d/0x700 [ 3039.020837] create_empty_buffers+0x2c/0x640 [ 3039.021507] create_page_buffers+0x1bb/0x230 [ 3039.022180] __block_write_begin_int+0x1d1/0x19c0 [ 3039.022905] ? fat_add_cluster+0x100/0x100 [ 3039.023538] ? add_to_page_cache_locked+0x40/0x40 [ 3039.024258] ? __page_cache_alloc+0x10d/0x360 [ 3039.024910] ? perf_trace_run_bpf_submit+0xf5/0x190 [ 3039.025655] ? remove_inode_buffers+0x300/0x300 [ 3039.026354] ? pagecache_get_page+0x243/0xc80 [ 3039.027035] ? wait_for_stable_page+0x92/0xe0 [ 3039.027712] cont_write_begin+0x472/0x980 [ 3039.028358] ? fat_add_cluster+0x100/0x100 [ 3039.028993] ? nobh_write_begin+0xed0/0xed0 [ 3039.029629] ? __mark_inode_dirty+0x93b/0xd40 [ 3039.030305] ? lock_downgrade+0x6d0/0x6d0 [ 3039.030924] ? do_raw_spin_lock+0x121/0x260 [ 3039.031564] ? iov_iter_fault_in_readable+0x9a/0x410 [ 3039.032330] fat_write_begin+0x89/0x180 [ 3039.032919] ? fat_add_cluster+0x100/0x100 [ 3039.033559] generic_perform_write+0x20a/0x4f0 [ 3039.034273] ? fat_direct_IO+0x1ef/0x380 [ 3039.034874] ? page_cache_prev_miss+0x310/0x310 [ 3039.035606] __generic_file_write_iter+0x2cd/0x5d0 [ 3039.036351] generic_file_write_iter+0xdb/0x230 [ 3039.037045] do_iter_readv_writev+0x476/0x750 [ 3039.037721] ? new_sync_write+0x660/0x660 [ 3039.038342] ? selinux_file_permission+0x92/0x520 [ 3039.039113] do_iter_write+0x191/0x670 [ 3039.039706] ? trace_hardirqs_on+0x5b/0x180 [ 3039.040365] vfs_iter_write+0x70/0xa0 [ 3039.040944] iter_file_splice_write+0x762/0xc30 [ 3039.041674] ? generic_splice_sendpage+0x140/0x140 [ 3039.042433] ? avc_policy_seqno+0x9/0x70 [ 3039.043038] ? selinux_file_permission+0x92/0x520 [ 3039.043760] ? lockdep_init_map_type+0x2c7/0x780 [ 3039.044488] ? generic_splice_sendpage+0x140/0x140 [ 3039.045225] direct_splice_actor+0x10f/0x170 [ 3039.045887] splice_direct_to_actor+0x387/0x980 [ 3039.046602] ? pipe_to_sendpage+0x380/0x380 [ 3039.047263] ? do_splice_to+0x160/0x160 [ 3039.047868] ? security_file_permission+0x24e/0x570 [ 3039.048634] do_splice_direct+0x1c4/0x290 [ 3039.049257] ? splice_direct_to_actor+0x980/0x980 [ 3039.049970] ? selinux_file_permission+0x92/0x520 [ 3039.050719] ? security_file_permission+0x24e/0x570 [ 3039.051485] do_sendfile+0x553/0x1090 [ 3039.052082] ? do_pwritev+0x270/0x270 [ 3039.052656] ? wait_for_completion_io+0x270/0x270 [ 3039.053386] ? rcu_read_lock_any_held+0x75/0xa0 [ 3039.054085] ? vfs_write+0x354/0xa70 [ 3039.054657] __x64_sys_sendfile64+0x1d1/0x210 [ 3039.055327] ? __ia32_sys_sendfile+0x220/0x220 [ 3039.056040] do_syscall_64+0x33/0x40 [ 3039.056594] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 3039.057355] RIP: 0033:0x7fa47a8f1b19 [ 3039.057914] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3039.060582] RSP: 002b:00007fa477e67188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3039.061694] RAX: ffffffffffffffda RBX: 00007fa47aa04f60 RCX: 00007fa47a8f1b19 [ 3039.062735] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 3039.063783] RBP: 00007fa477e671d0 R08: 0000000000000000 R09: 0000000000000000 [ 3039.064817] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000002 [ 3039.065853] R13: 00007ffc61c0da3f R14: 00007fa477e67300 R15: 0000000000022000 05:18:34 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) (fail_nth: 11) 05:18:34 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x153f9, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:18:34 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x27, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:18:34 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) getsockopt$WPAN_SECURITY_LEVEL(r0, 0x0, 0x2, &(0x7f0000000000), &(0x7f00000000c0)=0x4) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) 05:18:34 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0xeffd, 0x0, 0x0) 05:18:34 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bbe, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:18:34 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf04, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:18:34 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) (fail_nth: 15) [ 3059.006251] FAULT_INJECTION: forcing a failure. [ 3059.006251] name failslab, interval 1, probability 0, space 0, times 0 [ 3059.007499] CPU: 1 PID: 17533 Comm: syz-executor.5 Not tainted 5.10.210 #1 [ 3059.008156] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3059.008926] Call Trace: [ 3059.009191] dump_stack+0x107/0x167 [ 3059.009551] should_fail.cold+0x5/0xa [ 3059.009919] ? create_object.isra.0+0x3a/0xa20 [ 3059.010374] should_failslab+0x5/0x20 [ 3059.010745] kmem_cache_alloc+0x5b/0x310 [ 3059.011124] ? create_object.isra.0+0x3ad/0xa20 [ 3059.011579] create_object.isra.0+0x3a/0xa20 [ 3059.011995] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3059.012491] __kmalloc_node+0x1ae/0x420 [ 3059.012874] memcg_alloc_page_obj_cgroups+0x73/0x100 [ 3059.013369] memcg_slab_post_alloc_hook+0x1f0/0x430 [ 3059.013838] ? trace_hardirqs_on+0x5b/0x180 [ 3059.014259] kmem_cache_alloc+0x171/0x310 [ 3059.014679] alloc_buffer_head+0x20/0x110 [ 3059.015077] alloc_page_buffers+0x14d/0x700 [ 3059.015508] create_empty_buffers+0x2c/0x640 [ 3059.015939] create_page_buffers+0x1bb/0x230 [ 3059.016378] __block_write_begin_int+0x1d1/0x19c0 [ 3059.016842] ? fat_add_cluster+0x100/0x100 [ 3059.017254] ? add_to_page_cache_locked+0x40/0x40 [ 3059.017715] ? __page_cache_alloc+0x10d/0x360 [ 3059.018143] ? remove_inode_buffers+0x300/0x300 [ 3059.018601] ? pagecache_get_page+0x243/0xc80 [ 3059.019038] ? perf_trace_lock+0xac/0x490 [ 3059.019439] ? wait_for_stable_page+0x92/0xe0 [ 3059.019879] cont_write_begin+0x472/0x980 [ 3059.020292] ? fat_add_cluster+0x100/0x100 [ 3059.020701] ? nobh_write_begin+0xed0/0xed0 [ 3059.021112] ? __mark_inode_dirty+0x93b/0xd40 [ 3059.021539] ? lock_downgrade+0x6d0/0x6d0 [ 3059.021948] ? do_raw_spin_lock+0x121/0x260 [ 3059.022377] ? iov_iter_fault_in_readable+0x9a/0x410 [ 3059.022891] fat_write_begin+0x89/0x180 [ 3059.023280] ? fat_add_cluster+0x100/0x100 [ 3059.023709] generic_perform_write+0x20a/0x4f0 [ 3059.024165] ? fat_direct_IO+0x1ef/0x380 [ 3059.024577] ? page_cache_prev_miss+0x310/0x310 [ 3059.025043] __generic_file_write_iter+0x2cd/0x5d0 [ 3059.025542] generic_file_write_iter+0xdb/0x230 [ 3059.026003] do_iter_readv_writev+0x476/0x750 [ 3059.026470] ? new_sync_write+0x660/0x660 [ 3059.026873] ? selinux_file_permission+0x92/0x520 [ 3059.027376] do_iter_write+0x191/0x670 [ 3059.027764] ? trace_hardirqs_on+0x5b/0x180 [ 3059.028210] vfs_iter_write+0x70/0xa0 [ 3059.028590] iter_file_splice_write+0x762/0xc30 [ 3059.029088] ? generic_splice_sendpage+0x140/0x140 [ 3059.029592] ? avc_policy_seqno+0x9/0x70 [ 3059.029983] ? selinux_file_permission+0x92/0x520 [ 3059.030482] ? lockdep_init_map_type+0x2c7/0x780 [ 3059.030964] ? generic_splice_sendpage+0x140/0x140 [ 3059.031458] direct_splice_actor+0x10f/0x170 [ 3059.031890] splice_direct_to_actor+0x387/0x980 [ 3059.032362] ? pipe_to_sendpage+0x380/0x380 [ 3059.032795] ? do_splice_to+0x160/0x160 [ 3059.033190] ? security_file_permission+0x24e/0x570 [ 3059.033687] do_splice_direct+0x1c4/0x290 [ 3059.034089] ? splice_direct_to_actor+0x980/0x980 [ 3059.034554] ? selinux_file_permission+0x92/0x520 [ 3059.035029] ? security_file_permission+0x24e/0x570 [ 3059.035515] do_sendfile+0x553/0x1090 [ 3059.035908] ? do_pwritev+0x270/0x270 [ 3059.036286] ? wait_for_completion_io+0x270/0x270 [ 3059.036758] ? rcu_read_lock_any_held+0x75/0xa0 [ 3059.037207] ? vfs_write+0x354/0xa70 [ 3059.037581] __x64_sys_sendfile64+0x1d1/0x210 [ 3059.038024] ? __ia32_sys_sendfile+0x220/0x220 [ 3059.038499] do_syscall_64+0x33/0x40 [ 3059.038866] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 3059.039360] RIP: 0033:0x7fa47a8f1b19 [ 3059.039723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3059.041470] RSP: 002b:00007fa477e67188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3059.042207] RAX: ffffffffffffffda RBX: 00007fa47aa04f60 RCX: 00007fa47a8f1b19 [ 3059.042900] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 3059.043588] RBP: 00007fa477e671d0 R08: 0000000000000000 R09: 0000000000000000 [ 3059.044267] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000002 [ 3059.044942] R13: 00007ffc61c0da3f R14: 00007fa477e67300 R15: 0000000000022000 05:18:34 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000540)=[{&(0x7f0000000000)=""/221, 0xdd}, {&(0x7f0000000100)=""/59, 0x3b}, {&(0x7f0000000140)=""/120, 0x78}, {&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/92, 0x5c}, {&(0x7f0000000340)=""/127, 0x7f}, {&(0x7f0000000400)=""/161, 0xa1}, {&(0x7f00000002c0)=""/49, 0x31}, {&(0x7f00000004c0)=""/10, 0xa}, {&(0x7f0000000500)=""/64, 0x40}], 0xa, 0x21, 0x0) 05:18:35 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf05, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:18:35 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x29, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:18:35 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:18:35 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bbf, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:18:35 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0xf5ff, 0x0, 0x0) 05:18:35 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x63, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:18:35 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x153fa, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:18:53 executing program 3: r0 = open_tree(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x100000) sendmsg$AUDIT_TTY_GET(r0, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x10, 0x3f8, 0x300, 0x70bd2c, 0x25dfdbfc, "", ["", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x8019}, 0x20000080) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) preadv(r1, &(0x7f0000000140)=[{&(0x7f0000000040)=""/126, 0x7e}, {&(0x7f00000000c0)=""/126, 0x7e}], 0x2, 0x1, 0x0) r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$bt_BT_SNDMTU(r2, 0x112, 0xc, &(0x7f0000000180)=0x8, 0x2) ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(r1, 0x8982, &(0x7f0000000200)={0x6, 'gre0\x00', {0x100}}) 05:18:53 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x153fb, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:18:53 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0xc0, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:18:53 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf06, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:18:53 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0xfdef, 0x0, 0x0) 05:18:53 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x201, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:18:53 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) (fail_nth: 12) 05:18:53 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bc0, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:18:53 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf07, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:18:53 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0xec0, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:18:53 executing program 3: setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x1d, &(0x7f0000000000)=0x4, 0x4) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x182, 0x1, 0x0) [ 3077.843577] FAULT_INJECTION: forcing a failure. [ 3077.843577] name failslab, interval 1, probability 0, space 0, times 0 [ 3077.844534] CPU: 1 PID: 17641 Comm: syz-executor.5 Not tainted 5.10.210 #1 [ 3077.845085] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3077.845762] Call Trace: [ 3077.845984] dump_stack+0x107/0x167 [ 3077.846285] should_fail.cold+0x5/0xa [ 3077.846622] ? create_object.isra.0+0x3a/0xa20 [ 3077.846998] should_failslab+0x5/0x20 [ 3077.847305] kmem_cache_alloc+0x5b/0x310 [ 3077.847637] create_object.isra.0+0x3a/0xa20 [ 3077.847985] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3077.848408] kmem_cache_alloc+0x159/0x310 [ 3077.848747] alloc_buffer_head+0x20/0x110 [ 3077.849090] alloc_page_buffers+0x14d/0x700 [ 3077.849445] create_empty_buffers+0x2c/0x640 [ 3077.849794] create_page_buffers+0x1bb/0x230 [ 3077.850156] __block_write_begin_int+0x1d1/0x19c0 [ 3077.850553] ? fat_add_cluster+0x100/0x100 [ 3077.850906] ? add_to_page_cache_locked+0x40/0x40 [ 3077.851297] ? __page_cache_alloc+0x10d/0x360 [ 3077.851671] ? remove_inode_buffers+0x300/0x300 [ 3077.852048] ? pagecache_get_page+0x243/0xc80 [ 3077.852412] ? perf_trace_lock+0xac/0x490 [ 3077.852749] ? wait_for_stable_page+0x92/0xe0 [ 3077.853103] cont_write_begin+0x472/0x980 [ 3077.853451] ? fat_add_cluster+0x100/0x100 [ 3077.853786] ? nobh_write_begin+0xed0/0xed0 [ 3077.854135] ? __mark_inode_dirty+0x93b/0xd40 [ 3077.854487] ? lock_downgrade+0x6d0/0x6d0 [ 3077.854840] ? do_raw_spin_lock+0x121/0x260 [ 3077.855195] ? iov_iter_fault_in_readable+0x9a/0x410 [ 3077.855617] fat_write_begin+0x89/0x180 [ 3077.855940] ? fat_add_cluster+0x100/0x100 [ 3077.856275] generic_perform_write+0x20a/0x4f0 [ 3077.856654] ? fat_direct_IO+0x1ef/0x380 [ 3077.856984] ? page_cache_prev_miss+0x310/0x310 [ 3077.857380] __generic_file_write_iter+0x2cd/0x5d0 [ 3077.857780] generic_file_write_iter+0xdb/0x230 [ 3077.858204] do_iter_readv_writev+0x476/0x750 [ 3077.858595] ? new_sync_write+0x660/0x660 [ 3077.858925] ? selinux_file_permission+0x92/0x520 [ 3077.859327] do_iter_write+0x191/0x670 [ 3077.859658] ? trace_hardirqs_on+0x5b/0x180 [ 3077.860021] vfs_iter_write+0x70/0xa0 [ 3077.860336] iter_file_splice_write+0x762/0xc30 [ 3077.860725] ? generic_splice_sendpage+0x140/0x140 [ 3077.861131] ? avc_policy_seqno+0x9/0x70 [ 3077.861454] ? selinux_file_permission+0x92/0x520 [ 3077.861847] ? lockdep_init_map_type+0x2c7/0x780 [ 3077.862240] ? generic_splice_sendpage+0x140/0x140 [ 3077.862649] direct_splice_actor+0x10f/0x170 [ 3077.863006] splice_direct_to_actor+0x387/0x980 [ 3077.863390] ? pipe_to_sendpage+0x380/0x380 [ 3077.863750] ? do_splice_to+0x160/0x160 [ 3077.864070] ? security_file_permission+0x24e/0x570 [ 3077.864473] do_splice_direct+0x1c4/0x290 [ 3077.864818] ? splice_direct_to_actor+0x980/0x980 [ 3077.865201] ? selinux_file_permission+0x92/0x520 [ 3077.865596] ? security_file_permission+0x24e/0x570 [ 3077.865998] do_sendfile+0x553/0x1090 [ 3077.866330] ? do_pwritev+0x270/0x270 [ 3077.866653] ? wait_for_completion_io+0x270/0x270 [ 3077.867049] ? rcu_read_lock_any_held+0x75/0xa0 [ 3077.867427] ? vfs_write+0x354/0xa70 [ 3077.867730] __x64_sys_sendfile64+0x1d1/0x210 [ 3077.868099] ? __ia32_sys_sendfile+0x220/0x220 [ 3077.868473] do_syscall_64+0x33/0x40 [ 3077.868777] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 3077.869197] RIP: 0033:0x7fa47a8f1b19 [ 3077.869504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3077.870964] RSP: 002b:00007fa477e67188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3077.871574] RAX: ffffffffffffffda RBX: 00007fa47aa04f60 RCX: 00007fa47a8f1b19 [ 3077.872145] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 3077.872709] RBP: 00007fa477e671d0 R08: 0000000000000000 R09: 0000000000000000 [ 3077.873275] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000002 [ 3077.873846] R13: 00007ffc61c0da3f R14: 00007fa477e67300 R15: 0000000000022000 05:18:53 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bc1, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:18:53 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x300, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:18:53 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x153fc, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:18:53 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0xfff5, 0x0, 0x0) 05:18:53 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf09, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:18:53 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) ioctl$EXT4_IOC_CLEAR_ES_CACHE(r0, 0x6628) r1 = accept4$unix(r0, 0x0, &(0x7f0000000000), 0x800) ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000240)={0x0, 0x5, [0x0, 0xeac, 0x401, 0x1, 0x9, 0x100000001]}) preadv(r1, &(0x7f00000001c0)=[{&(0x7f0000000040)=""/109, 0x6d}, {&(0x7f00000000c0)=""/54, 0x36}, {&(0x7f0000000100)=""/6, 0x6}, {&(0x7f0000000140)=""/61, 0x3d}, {&(0x7f0000000180)=""/39, 0x27}], 0x5, 0x1, 0xfffffffe) 05:18:53 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x33fe0, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:18:53 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x400000, 0x0, 0x0) 05:18:53 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x153fd, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:19:15 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) (fail_nth: 13) 05:19:15 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf0a, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:19:15 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x153fe, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:19:15 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x301, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:19:15 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0) read(r1, &(0x7f0000000000), 0x2000) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), r1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000340)={0x0}, &(0x7f0000000380)=0xc) sendmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r4}}}], 0x20}, 0x0) r5 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000200), 0x404000, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r5, 0x40089413, &(0x7f0000000240)=0x3f) sendmsg$DEVLINK_CMD_RELOAD(r1, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8880010c}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x38, r2, 0x200, 0x70bd26, 0x25dfdbfb, {}, [{@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x2008080) close(r1) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000000)={@mcast2, 0xfffffffa, 0x1, 0x2, 0x6, 0x7}, 0x20) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) 05:19:15 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x5f5e0ff, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:19:15 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x800000, 0x0, 0x0) 05:19:15 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bc2, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) [ 3099.299383] FAULT_INJECTION: forcing a failure. [ 3099.299383] name failslab, interval 1, probability 0, space 0, times 0 [ 3099.300376] CPU: 0 PID: 17760 Comm: syz-executor.5 Not tainted 5.10.210 #1 [ 3099.300940] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3099.301604] Call Trace: [ 3099.301827] dump_stack+0x107/0x167 [ 3099.302129] should_fail.cold+0x5/0xa [ 3099.302448] ? create_object.isra.0+0x3a/0xa20 [ 3099.302835] should_failslab+0x5/0x20 [ 3099.303151] kmem_cache_alloc+0x5b/0x310 [ 3099.303492] create_object.isra.0+0x3a/0xa20 [ 3099.303853] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3099.304278] kmem_cache_alloc+0x159/0x310 [ 3099.304627] alloc_buffer_head+0x20/0x110 [ 3099.304963] alloc_page_buffers+0x14d/0x700 [ 3099.305324] create_empty_buffers+0x2c/0x640 [ 3099.305696] create_page_buffers+0x1bb/0x230 [ 3099.306068] __block_write_begin_int+0x1d1/0x19c0 [ 3099.306467] ? fat_add_cluster+0x100/0x100 [ 3099.306829] ? add_to_page_cache_locked+0x40/0x40 [ 3099.307223] ? __page_cache_alloc+0x10d/0x360 [ 3099.307590] ? perf_trace_run_bpf_submit+0xf5/0x190 [ 3099.307998] ? remove_inode_buffers+0x300/0x300 [ 3099.308382] ? pagecache_get_page+0x243/0xc80 [ 3099.308758] ? wait_for_stable_page+0x92/0xe0 [ 3099.309135] cont_write_begin+0x472/0x980 [ 3099.309490] ? fat_add_cluster+0x100/0x100 [ 3099.309837] ? nobh_write_begin+0xed0/0xed0 [ 3099.310188] ? __mark_inode_dirty+0x93b/0xd40 [ 3099.310561] ? lock_downgrade+0x6d0/0x6d0 [ 3099.310911] ? do_raw_spin_lock+0x121/0x260 [ 3099.311268] ? iov_iter_fault_in_readable+0x9a/0x410 [ 3099.311688] fat_write_begin+0x89/0x180 [ 3099.312017] ? fat_add_cluster+0x100/0x100 [ 3099.312370] generic_perform_write+0x20a/0x4f0 [ 3099.312751] ? fat_direct_IO+0x1ef/0x380 [ 3099.313090] ? page_cache_prev_miss+0x310/0x310 [ 3099.313493] __generic_file_write_iter+0x2cd/0x5d0 [ 3099.313897] generic_file_write_iter+0xdb/0x230 [ 3099.314286] do_iter_readv_writev+0x476/0x750 [ 3099.314680] ? new_sync_write+0x660/0x660 [ 3099.315038] ? selinux_file_permission+0x92/0x520 [ 3099.315469] do_iter_write+0x191/0x670 [ 3099.315802] ? trace_hardirqs_on+0x5b/0x180 [ 3099.316171] vfs_iter_write+0x70/0xa0 [ 3099.316503] iter_file_splice_write+0x762/0xc30 [ 3099.316930] ? generic_splice_sendpage+0x140/0x140 [ 3099.317358] ? avc_policy_seqno+0x9/0x70 [ 3099.317699] ? selinux_file_permission+0x92/0x520 [ 3099.318118] ? lockdep_init_map_type+0x2c7/0x780 [ 3099.318525] ? generic_splice_sendpage+0x140/0x140 [ 3099.318953] direct_splice_actor+0x10f/0x170 [ 3099.319325] splice_direct_to_actor+0x387/0x980 [ 3099.319723] ? pipe_to_sendpage+0x380/0x380 [ 3099.320104] ? do_splice_to+0x160/0x160 [ 3099.320447] ? security_file_permission+0x24e/0x570 [ 3099.320880] do_splice_direct+0x1c4/0x290 [ 3099.321234] ? splice_direct_to_actor+0x980/0x980 [ 3099.321625] ? selinux_file_permission+0x92/0x520 [ 3099.322052] ? security_file_permission+0x24e/0x570 [ 3099.322492] do_sendfile+0x553/0x1090 [ 3099.322851] ? do_pwritev+0x270/0x270 [ 3099.323181] ? wait_for_completion_io+0x270/0x270 [ 3099.323587] ? rcu_read_lock_any_held+0x75/0xa0 [ 3099.323980] ? vfs_write+0x354/0xa70 [ 3099.324302] __x64_sys_sendfile64+0x1d1/0x210 [ 3099.324681] ? __ia32_sys_sendfile+0x220/0x220 [ 3099.325086] do_syscall_64+0x33/0x40 [ 3099.325404] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 3099.325829] RIP: 0033:0x7fa47a8f1b19 [ 3099.326149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3099.327688] RSP: 002b:00007fa477e67188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3099.328325] RAX: ffffffffffffffda RBX: 00007fa47aa04f60 RCX: 00007fa47a8f1b19 [ 3099.328918] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 3099.329503] RBP: 00007fa477e671d0 R08: 0000000000000000 R09: 0000000000000000 [ 3099.330098] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000002 [ 3099.330701] R13: 00007ffc61c0da3f R14: 00007fa477e67300 R15: 0000000000022000 05:19:15 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x500, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:19:15 executing program 3: r0 = open(&(0x7f0000000000)='./file0\x00', 0x480080, 0x3) r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x408880, 0x0) pidfd_getfd(r0, r1, 0x0) read(r1, &(0x7f0000000000), 0x2000) close(r1) fallocate(r1, 0x5c, 0x8, 0x1) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r2, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) r3 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs2/binder-control\x00', 0x2, 0x0) ioctl$AUTOFS_IOC_PROTOSUBVER(r3, 0x80049367, &(0x7f0000000100)) r4 = syz_open_dev$ptys(0xc, 0x3, 0x1) ioctl$AUTOFS_DEV_IOCTL_VERSION(r0, 0xc0189371, &(0x7f0000000140)={{0x1, 0x1, 0x18, r4}, './file0\x00'}) 05:19:15 executing program 3: r0 = socket$unix(0x1, 0x5, 0x0) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {r0}}, './file0\x00'}) close_range(r1, r2, 0x2) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) r4 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read(r4, &(0x7f0000000000), 0x2000) close(r4) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r3, 0xc0189379, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r4}, './file0\x00'}) preadv(r3, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) 05:19:15 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf48, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:19:15 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x200000e8, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:19:15 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x20000000, 0x0, 0x0) 05:19:15 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) (fail_nth: 14) 05:19:15 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x153ff, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:19:15 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bc3, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:19:15 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x501, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) [ 3099.727015] FAULT_INJECTION: forcing a failure. [ 3099.727015] name failslab, interval 1, probability 0, space 0, times 0 [ 3099.728070] CPU: 0 PID: 17797 Comm: syz-executor.5 Not tainted 5.10.210 #1 [ 3099.728647] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3099.729336] Call Trace: [ 3099.729568] dump_stack+0x107/0x167 [ 3099.729876] should_fail.cold+0x5/0xa [ 3099.730201] ? create_object.isra.0+0x3a/0xa20 [ 3099.730589] should_failslab+0x5/0x20 [ 3099.730925] kmem_cache_alloc+0x5b/0x310 [ 3099.731315] create_object.isra.0+0x3a/0xa20 [ 3099.731715] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3099.732190] kmem_cache_alloc+0x159/0x310 [ 3099.732592] alloc_buffer_head+0x20/0x110 [ 3099.732973] alloc_page_buffers+0x14d/0x700 [ 3099.733390] create_empty_buffers+0x2c/0x640 [ 3099.733815] create_page_buffers+0x1bb/0x230 [ 3099.734228] __block_write_begin_int+0x1d1/0x19c0 [ 3099.734673] ? fat_add_cluster+0x100/0x100 [ 3099.735075] ? add_to_page_cache_locked+0x40/0x40 [ 3099.735513] ? __page_cache_alloc+0x10d/0x360 [ 3099.735916] ? perf_trace_run_bpf_submit+0xf5/0x190 [ 3099.736371] ? remove_inode_buffers+0x300/0x300 [ 3099.736791] ? pagecache_get_page+0x243/0xc80 [ 3099.737213] ? wait_for_stable_page+0x92/0xe0 [ 3099.737642] cont_write_begin+0x472/0x980 [ 3099.738055] ? fat_add_cluster+0x100/0x100 [ 3099.738441] ? nobh_write_begin+0xed0/0xed0 [ 3099.738852] ? __mark_inode_dirty+0x93b/0xd40 [ 3099.739264] ? lock_downgrade+0x6d0/0x6d0 [ 3099.739647] ? do_raw_spin_lock+0x121/0x260 [ 3099.740042] ? iov_iter_fault_in_readable+0x9a/0x410 [ 3099.740513] fat_write_begin+0x89/0x180 [ 3099.740873] ? fat_add_cluster+0x100/0x100 [ 3099.741270] generic_perform_write+0x20a/0x4f0 [ 3099.741701] ? fat_direct_IO+0x1ef/0x380 [ 3099.742086] ? page_cache_prev_miss+0x310/0x310 [ 3099.742550] __generic_file_write_iter+0x2cd/0x5d0 [ 3099.743016] generic_file_write_iter+0xdb/0x230 [ 3099.743449] do_iter_readv_writev+0x476/0x750 [ 3099.743862] ? new_sync_write+0x660/0x660 [ 3099.744225] ? selinux_file_permission+0x92/0x520 [ 3099.744699] do_iter_write+0x191/0x670 [ 3099.745067] ? trace_hardirqs_on+0x5b/0x180 [ 3099.745480] vfs_iter_write+0x70/0xa0 [ 3099.745833] iter_file_splice_write+0x762/0xc30 [ 3099.746256] ? generic_splice_sendpage+0x140/0x140 [ 3099.746683] ? avc_policy_seqno+0x9/0x70 [ 3099.747026] ? selinux_file_permission+0x92/0x520 [ 3099.747435] ? lockdep_init_map_type+0x2c7/0x780 [ 3099.747835] ? generic_splice_sendpage+0x140/0x140 [ 3099.748253] direct_splice_actor+0x10f/0x170 [ 3099.748621] splice_direct_to_actor+0x387/0x980 [ 3099.749024] ? pipe_to_sendpage+0x380/0x380 [ 3099.749388] ? do_splice_to+0x160/0x160 [ 3099.749729] ? security_file_permission+0x24e/0x570 [ 3099.750159] do_splice_direct+0x1c4/0x290 [ 3099.750516] ? splice_direct_to_actor+0x980/0x980 [ 3099.750925] ? selinux_file_permission+0x92/0x520 [ 3099.751344] ? security_file_permission+0x24e/0x570 [ 3099.751786] do_sendfile+0x553/0x1090 [ 3099.752132] ? do_pwritev+0x270/0x270 [ 3099.752462] ? wait_for_completion_io+0x270/0x270 [ 3099.752868] ? rcu_read_lock_any_held+0x75/0xa0 [ 3099.753250] ? vfs_write+0x354/0xa70 [ 3099.753570] __x64_sys_sendfile64+0x1d1/0x210 [ 3099.753949] ? __ia32_sys_sendfile+0x220/0x220 [ 3099.754352] do_syscall_64+0x33/0x40 [ 3099.754664] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 3099.755101] RIP: 0033:0x7fa47a8f1b19 [ 3099.755417] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3099.756927] RSP: 002b:00007fa477e67188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3099.757559] RAX: ffffffffffffffda RBX: 00007fa47aa04f60 RCX: 00007fa47a8f1b19 [ 3099.758164] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 3099.758753] RBP: 00007fa477e671d0 R08: 0000000000000000 R09: 0000000000000000 [ 3099.759366] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000002 [ 3099.759956] R13: 00007ffc61c0da3f R14: 00007fa477e67300 R15: 0000000000022000 05:19:35 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf4c, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:19:35 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) (fail_nth: 15) 05:19:35 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bc4, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:19:35 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0xeffdffff, 0x0, 0x0) 05:19:35 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0) read(r1, &(0x7f0000000340)=""/102400, 0xffffffffffffff43) close(r1) fadvise64(r1, 0x7, 0x8, 0x4104510e6f7f28d0) 05:19:35 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x7ffff000, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:19:35 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x15400, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:19:35 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x600, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) [ 3119.195298] FAULT_INJECTION: forcing a failure. [ 3119.195298] name failslab, interval 1, probability 0, space 0, times 0 [ 3119.196958] CPU: 0 PID: 17873 Comm: syz-executor.5 Not tainted 5.10.210 #1 [ 3119.197824] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3119.198876] Call Trace: [ 3119.199242] dump_stack+0x107/0x167 [ 3119.199755] should_fail.cold+0x5/0xa [ 3119.200267] ? create_object.isra.0+0x3a/0xa20 [ 3119.200930] should_failslab+0x5/0x20 [ 3119.201417] kmem_cache_alloc+0x5b/0x310 [ 3119.201983] create_object.isra.0+0x3a/0xa20 [ 3119.202583] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3119.203353] kmem_cache_alloc+0x159/0x310 [ 3119.204016] alloc_buffer_head+0x20/0x110 [ 3119.204596] alloc_page_buffers+0x14d/0x700 [ 3119.205209] create_empty_buffers+0x2c/0x640 [ 3119.205886] create_page_buffers+0x1bb/0x230 [ 3119.206560] __block_write_begin_int+0x1d1/0x19c0 [ 3119.207295] ? fat_add_cluster+0x100/0x100 [ 3119.207931] ? add_to_page_cache_locked+0x40/0x40 [ 3119.208656] ? __page_cache_alloc+0x10d/0x360 [ 3119.209314] ? perf_trace_run_bpf_submit+0xf5/0x190 [ 3119.210073] ? remove_inode_buffers+0x300/0x300 [ 3119.210771] ? pagecache_get_page+0x243/0xc80 [ 3119.211476] ? wait_for_stable_page+0x92/0xe0 [ 3119.212167] cont_write_begin+0x472/0x980 [ 3119.212826] ? fat_add_cluster+0x100/0x100 [ 3119.213470] ? nobh_write_begin+0xed0/0xed0 [ 3119.214118] ? __mark_inode_dirty+0x93b/0xd40 [ 3119.214790] ? lock_downgrade+0x6d0/0x6d0 [ 3119.215429] ? do_raw_spin_lock+0x121/0x260 [ 3119.216074] ? iov_iter_fault_in_readable+0x9a/0x410 [ 3119.216834] fat_write_begin+0x89/0x180 [ 3119.217441] ? fat_add_cluster+0x100/0x100 [ 3119.218084] generic_perform_write+0x20a/0x4f0 [ 3119.218797] ? fat_direct_IO+0x1ef/0x380 [ 3119.219482] ? page_cache_prev_miss+0x310/0x310 [ 3119.220225] __generic_file_write_iter+0x2cd/0x5d0 [ 3119.220977] generic_file_write_iter+0xdb/0x230 [ 3119.221772] do_iter_readv_writev+0x476/0x750 [ 3119.222652] ? new_sync_write+0x660/0x660 [ 3119.223282] ? selinux_file_permission+0x92/0x520 [ 3119.224047] do_iter_write+0x191/0x670 [ 3119.224644] ? trace_hardirqs_on+0x5b/0x180 [ 3119.225309] vfs_iter_write+0x70/0xa0 [ 3119.225882] iter_file_splice_write+0x762/0xc30 [ 3119.226623] ? generic_splice_sendpage+0x140/0x140 [ 3119.227384] ? avc_policy_seqno+0x9/0x70 [ 3119.227991] ? selinux_file_permission+0x92/0x520 [ 3119.228730] ? lockdep_init_map_type+0x2c7/0x780 [ 3119.229446] ? generic_splice_sendpage+0x140/0x140 [ 3119.230145] direct_splice_actor+0x10f/0x170 [ 3119.230688] splice_direct_to_actor+0x387/0x980 [ 3119.231398] ? pipe_to_sendpage+0x380/0x380 [ 3119.232061] ? do_splice_to+0x160/0x160 [ 3119.232654] ? security_file_permission+0x24e/0x570 [ 3119.233436] do_splice_direct+0x1c4/0x290 [ 3119.234061] ? splice_direct_to_actor+0x980/0x980 [ 3119.234777] ? selinux_file_permission+0x92/0x520 [ 3119.235525] ? security_file_permission+0x24e/0x570 [ 3119.236296] do_sendfile+0x553/0x1090 [ 3119.236917] ? do_pwritev+0x270/0x270 [ 3119.237505] ? wait_for_completion_io+0x270/0x270 [ 3119.238241] ? rcu_read_lock_any_held+0x75/0xa0 [ 3119.238940] ? vfs_write+0x354/0xa70 [ 3119.239533] __x64_sys_sendfile64+0x1d1/0x210 [ 3119.240211] ? __ia32_sys_sendfile+0x220/0x220 [ 3119.240939] do_syscall_64+0x33/0x40 [ 3119.241502] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 3119.242261] RIP: 0033:0x7fa47a8f1b19 [ 3119.242815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3119.245425] RSP: 002b:00007fa477e67188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3119.246540] RAX: ffffffffffffffda RBX: 00007fa47aa04f60 RCX: 00007fa47a8f1b19 [ 3119.247590] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 3119.248639] RBP: 00007fa477e671d0 R08: 0000000000000000 R09: 0000000000000000 [ 3119.249671] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000002 [ 3119.250703] R13: 00007ffc61c0da3f R14: 00007fa477e67300 R15: 0000000000022000 05:19:35 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r0, 0x8010671f, &(0x7f0000000000)={&(0x7f0000000140)=""/237, 0xed}) preadv(r0, &(0x7f0000000080)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1, 0x40000000, 0x0) 05:19:35 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x601, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:19:35 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x2, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:19:35 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0xf5ffffff, 0x0, 0x0) 05:19:35 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf68, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:19:35 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x15401, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:19:35 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bc5, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:19:35 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/crypto\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f00000000c0)=""/126, 0x7e}], 0x1, 0x1, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/diskstats\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x110041, 0x0) read(r1, &(0x7f0000000000), 0x2000) close(r1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0) ioctl$BTRFS_IOC_DEV_REPLACE(r2, 0xca289435, &(0x7f00000002c0)={0x2, 0x8, @status={[0x2, 0x4ba4, 0x9, 0x5, 0xd0, 0x9d]}, [0xffffffffffff0000, 0x100000001, 0x40, 0x9, 0x80, 0x9, 0x3, 0x9, 0x3, 0x80, 0x1, 0xfff, 0x2, 0xa63, 0x101, 0x0, 0x1, 0x3f, 0x8, 0x80, 0x0, 0x2, 0x7f, 0x3, 0x3, 0xf91, 0x100, 0x7bd, 0x6, 0x7, 0x81, 0x9, 0xfffffffffffffffd, 0x2, 0x40, 0x1fc000000000, 0xfffffffffffffffe, 0x400, 0x3, 0x6, 0x10000, 0x0, 0x7, 0x7f, 0xba9, 0x5d53, 0xed7, 0xf09d, 0x20, 0x29c1f1c1, 0x3f, 0x4, 0x2, 0xc1, 0x0, 0x3, 0xfffffffffffffffc, 0x0, 0x7, 0xb0, 0x2, 0xffff, 0x3fb, 0xa54f]}) read(r2, &(0x7f0000000000), 0x2000) close(r2) pidfd_getfd(r1, r2, 0x0) 05:19:35 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) (fail_nth: 16) 05:19:35 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x3, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:19:35 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0xfffffdef, 0x0, 0x0) [ 3119.592600] FAULT_INJECTION: forcing a failure. [ 3119.592600] name failslab, interval 1, probability 0, space 0, times 0 [ 3119.594463] CPU: 0 PID: 17919 Comm: syz-executor.5 Not tainted 5.10.210 #1 [ 3119.595306] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3119.596294] Call Trace: [ 3119.596621] dump_stack+0x107/0x167 [ 3119.597069] should_fail.cold+0x5/0xa [ 3119.597536] ? create_object.isra.0+0x3a/0xa20 [ 3119.598094] should_failslab+0x5/0x20 [ 3119.598558] kmem_cache_alloc+0x5b/0x310 [ 3119.599076] create_object.isra.0+0x3a/0xa20 [ 3119.599608] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3119.600237] __kmalloc+0x16e/0x390 [ 3119.600684] ext4_find_extent+0xa3d/0xd30 [ 3119.601212] ext4_ext_map_blocks+0x1c8/0x5850 [ 3119.601782] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 3119.602420] ? SOFTIRQ_verbose+0x10/0x10 [ 3119.602910] ? perf_trace_lock+0x2bd/0x490 [ 3119.603425] ? SOFTIRQ_verbose+0x10/0x10 [ 3119.603942] ? ext4_ext_release+0x10/0x10 [ 3119.604446] ? lock_release+0x680/0x680 [ 3119.604943] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 3119.605498] ? lock_downgrade+0x6d0/0x6d0 [ 3119.606026] ? down_read+0x10f/0x430 [ 3119.606469] ? down_write+0x160/0x160 [ 3119.606934] ? ext4_es_lookup_extent+0xc4/0xaa0 [ 3119.607514] ext4_map_blocks+0x9cc/0x1940 [ 3119.608030] ? kmem_cache_alloc+0x2a6/0x310 [ 3119.608536] ? __kernel_text_address+0x9/0x40 [ 3119.609083] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 3119.609614] ? jbd2__journal_start+0xf3/0x7e0 [ 3119.610171] ? __ext4_journal_start_sb+0x214/0x390 [ 3119.610744] ? __ext4_journal_start_sb+0x1db/0x390 [ 3119.611354] ext4_iomap_begin+0x3ad/0x700 [ 3119.611869] ? ext4_iomap_begin_report+0x5a0/0x5a0 [ 3119.612461] ? kasan_save_stack+0x1b/0x40 [ 3119.612958] ? ext4_file_write_iter+0xb26/0x18d0 [ 3119.613541] ? truncate_exceptional_pvec_entries.part.0+0x510/0x510 [ 3119.614282] ? splice_direct_to_actor+0x387/0x980 [ 3119.614860] ? do_splice_direct+0x1c4/0x290 [ 3119.615385] ? do_sendfile+0x553/0x1090 [ 3119.615866] ? __x64_sys_sendfile64+0x1d1/0x210 [ 3119.616425] ? do_syscall_64+0x33/0x40 [ 3119.616894] ? entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 3119.617545] iomap_apply+0x164/0x810 [ 3119.617994] ? iomap_dio_rw+0x90/0x90 [ 3119.618464] ? trace_event_raw_event_iomap_apply+0x430/0x430 [ 3119.619190] ? mark_held_locks+0x9e/0xe0 [ 3119.619712] ? filemap_check_errors+0xa5/0x150 [ 3119.620276] __iomap_dio_rw+0x6cd/0x1110 [ 3119.620749] ? iomap_dio_rw+0x90/0x90 [ 3119.621250] ? iomap_dio_bio_actor+0xef0/0xef0 [ 3119.621790] ? ext4_orphan_add+0x253/0x9e0 [ 3119.622303] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 3119.622902] ? ext4_empty_dir+0xae0/0xae0 [ 3119.623395] ? jbd2__journal_start+0xf3/0x7e0 [ 3119.623959] iomap_dio_rw+0x31/0x90 [ 3119.624408] ext4_file_write_iter+0xb26/0x18d0 [ 3119.624996] ? ext4_file_read_iter+0x4c0/0x4c0 [ 3119.625544] ? kasan_save_stack+0x32/0x40 [ 3119.626047] ? kasan_save_stack+0x1b/0x40 [ 3119.626546] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3119.627145] ? iter_file_splice_write+0x16d/0xc30 [ 3119.627719] ? direct_splice_actor+0x10f/0x170 [ 3119.628261] ? splice_direct_to_actor+0x387/0x980 [ 3119.628838] ? do_splice_direct+0x1c4/0x290 [ 3119.629351] ? do_sendfile+0x553/0x1090 [ 3119.629832] ? __x64_sys_sendfile64+0x1d1/0x210 [ 3119.630410] do_iter_readv_writev+0x476/0x750 [ 3119.630949] ? new_sync_write+0x660/0x660 [ 3119.631457] ? selinux_file_permission+0x92/0x520 [ 3119.632079] do_iter_write+0x191/0x670 [ 3119.632552] ? trace_hardirqs_on+0x5b/0x180 [ 3119.633091] vfs_iter_write+0x70/0xa0 [ 3119.633551] iter_file_splice_write+0x762/0xc30 [ 3119.634155] ? generic_splice_sendpage+0x140/0x140 [ 3119.634768] ? avc_policy_seqno+0x9/0x70 [ 3119.635268] ? selinux_file_permission+0x92/0x520 [ 3119.635862] ? lockdep_init_map_type+0x2c7/0x780 [ 3119.636441] ? generic_splice_sendpage+0x140/0x140 [ 3119.637049] direct_splice_actor+0x10f/0x170 [ 3119.637593] splice_direct_to_actor+0x387/0x980 [ 3119.638173] ? pipe_to_sendpage+0x380/0x380 [ 3119.638709] ? do_splice_to+0x160/0x160 [ 3119.639204] ? security_file_permission+0x24e/0x570 [ 3119.639829] do_splice_direct+0x1c4/0x290 [ 3119.640334] ? splice_direct_to_actor+0x980/0x980 [ 3119.640914] ? selinux_file_permission+0x92/0x520 [ 3119.641514] ? security_file_permission+0x24e/0x570 [ 3119.642149] do_sendfile+0x553/0x1090 [ 3119.642648] ? do_pwritev+0x270/0x270 [ 3119.643130] ? wait_for_completion_io+0x270/0x270 [ 3119.643723] ? rcu_read_lock_any_held+0x75/0xa0 [ 3119.644278] ? vfs_write+0x354/0xa70 [ 3119.644749] __x64_sys_sendfile64+0x1d1/0x210 [ 3119.645303] ? __ia32_sys_sendfile+0x220/0x220 [ 3119.645885] do_syscall_64+0x33/0x40 [ 3119.646332] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 3119.646953] RIP: 0033:0x7fa47a8f1b19 [ 3119.647421] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3119.649600] RSP: 002b:00007fa477e67188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3119.650517] RAX: ffffffffffffffda RBX: 00007fa47aa04f60 RCX: 00007fa47a8f1b19 [ 3119.651381] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 3119.652230] RBP: 00007fa477e671d0 R08: 0000000000000000 R09: 0000000000000000 [ 3119.653079] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000002 [ 3119.653931] R13: 00007ffc61c0da3f R14: 00007fa477e67300 R15: 0000000000022000 05:19:52 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x700, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:19:52 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) (fail_nth: 17) 05:19:52 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x5, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:19:52 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x15402, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:19:52 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf6c, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:19:52 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/126, 0x7e}], 0x1, 0x6df7, 0x1) 05:19:52 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0xfffffff5, 0x0, 0x0) 05:19:52 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bc6, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:19:52 executing program 3: openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) [ 3137.122600] FAULT_INJECTION: forcing a failure. [ 3137.122600] name failslab, interval 1, probability 0, space 0, times 0 [ 3137.124506] CPU: 0 PID: 18003 Comm: syz-executor.5 Not tainted 5.10.210 #1 [ 3137.125386] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3137.126472] Call Trace: [ 3137.126841] dump_stack+0x107/0x167 [ 3137.127343] should_fail.cold+0x5/0xa [ 3137.127861] ? create_object.isra.0+0x3a/0xa20 [ 3137.128480] should_failslab+0x5/0x20 [ 3137.128989] kmem_cache_alloc+0x5b/0x310 [ 3137.129531] create_object.isra.0+0x3a/0xa20 [ 3137.130112] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3137.130771] kmem_cache_alloc+0x159/0x310 [ 3137.131357] ? mempool_free_pages+0x20/0x20 [ 3137.131927] mempool_alloc+0x148/0x360 [ 3137.132449] ? __lockdep_reset_lock+0x180/0x180 [ 3137.133047] ? mempool_resize+0x7d0/0x7d0 [ 3137.133605] ? lock_acquire+0x197/0x470 [ 3137.134116] ? find_held_lock+0x2c/0x110 [ 3137.134686] bio_alloc_bioset+0x36e/0x600 [ 3137.135249] ? bvec_alloc+0x2f0/0x2f0 [ 3137.135765] ? __brelse+0x84/0xa0 [ 3137.136236] submit_bh_wbc.constprop.0+0x1b8/0x780 [ 3137.136897] __bread_gfp+0x166/0x3a0 [ 3137.137386] fat_ent_bread+0x175/0x310 [ 3137.137916] fat_alloc_clusters+0x571/0xf30 [ 3137.138523] ? fat_ent_write+0x1a0/0x1a0 [ 3137.139087] ? __lock_acquire+0x1657/0x5b00 [ 3137.139684] ? perf_trace_run_bpf_submit+0xf5/0x190 [ 3137.140324] ? perf_trace_run_bpf_submit+0xf5/0x190 [ 3137.140985] ? perf_trace_lock+0x2bd/0x490 [ 3137.141553] fat_add_cluster+0x6d/0x100 [ 3137.142082] ? fat_fill_super+0x36e0/0x36e0 [ 3137.142629] ? lock_release+0x680/0x680 [ 3137.143157] ? fat_bmap+0x200/0x460 [ 3137.143659] fat_get_block+0x5b3/0x940 [ 3137.144205] ? fat_add_cluster+0x100/0x100 [ 3137.144760] ? create_empty_buffers+0x4a3/0x640 [ 3137.145373] ? create_page_buffers+0x139/0x230 [ 3137.145990] __block_write_begin_int+0x3d1/0x19c0 [ 3137.146635] ? fat_add_cluster+0x100/0x100 [ 3137.147200] ? perf_trace_run_bpf_submit+0xf5/0x190 [ 3137.147870] ? remove_inode_buffers+0x300/0x300 [ 3137.148485] ? pagecache_get_page+0x243/0xc80 [ 3137.149070] ? wait_for_stable_page+0x92/0xe0 [ 3137.149673] cont_write_begin+0x472/0x980 [ 3137.150232] ? fat_add_cluster+0x100/0x100 [ 3137.150788] ? nobh_write_begin+0xed0/0xed0 [ 3137.151370] ? __mark_inode_dirty+0x93b/0xd40 [ 3137.151957] ? lock_downgrade+0x6d0/0x6d0 [ 3137.152489] ? do_raw_spin_lock+0x121/0x260 [ 3137.153052] ? iov_iter_fault_in_readable+0x9a/0x410 [ 3137.153738] fat_write_begin+0x89/0x180 [ 3137.154259] ? fat_add_cluster+0x100/0x100 [ 3137.154826] generic_perform_write+0x20a/0x4f0 [ 3137.155434] ? fat_direct_IO+0x1ef/0x380 [ 3137.155975] ? page_cache_prev_miss+0x310/0x310 [ 3137.156625] __generic_file_write_iter+0x2cd/0x5d0 [ 3137.157271] generic_file_write_iter+0xdb/0x230 [ 3137.157905] do_iter_readv_writev+0x476/0x750 [ 3137.158493] ? new_sync_write+0x660/0x660 [ 3137.159036] ? selinux_file_permission+0x92/0x520 [ 3137.159702] do_iter_write+0x191/0x670 [ 3137.160232] ? trace_hardirqs_on+0x5b/0x180 [ 3137.160806] vfs_iter_write+0x70/0xa0 [ 3137.161323] iter_file_splice_write+0x762/0xc30 [ 3137.161949] ? generic_splice_sendpage+0x140/0x140 [ 3137.162605] ? avc_policy_seqno+0x9/0x70 [ 3137.163123] ? selinux_file_permission+0x92/0x520 [ 3137.163775] ? lockdep_init_map_type+0x2c7/0x780 [ 3137.164399] ? generic_splice_sendpage+0x140/0x140 [ 3137.165022] direct_splice_actor+0x10f/0x170 [ 3137.165602] splice_direct_to_actor+0x387/0x980 [ 3137.166219] ? pipe_to_sendpage+0x380/0x380 [ 3137.166777] ? do_splice_to+0x160/0x160 [ 3137.167302] ? security_file_permission+0x24e/0x570 [ 3137.167971] do_splice_direct+0x1c4/0x290 [ 3137.168514] ? splice_direct_to_actor+0x980/0x980 [ 3137.169136] ? selinux_file_permission+0x92/0x520 [ 3137.169767] ? security_file_permission+0x24e/0x570 [ 3137.170424] do_sendfile+0x553/0x1090 [ 3137.170951] ? do_pwritev+0x270/0x270 [ 3137.171451] ? wait_for_completion_io+0x270/0x270 [ 3137.172068] ? rcu_read_lock_any_held+0x75/0xa0 [ 3137.172665] ? vfs_write+0x354/0xa70 [ 3137.173167] __x64_sys_sendfile64+0x1d1/0x210 [ 3137.173736] ? __ia32_sys_sendfile+0x220/0x220 [ 3137.174357] do_syscall_64+0x33/0x40 [ 3137.174839] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 3137.175523] RIP: 0033:0x7fa47a8f1b19 [ 3137.175997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3137.178342] RSP: 002b:00007fa477e67188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3137.179350] RAX: ffffffffffffffda RBX: 00007fa47aa04f60 RCX: 00007fa47a8f1b19 [ 3137.180273] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 3137.181187] RBP: 00007fa477e671d0 R08: 0000000000000000 R09: 0000000000000000 [ 3137.182111] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000002 [ 3137.183027] R13: 00007ffc61c0da3f R14: 00007fa477e67300 R15: 0000000000022000 05:19:53 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000140)=""/119, 0x77}], 0x1, 0x1, 0xfffffffe) r1 = syz_open_dev$vcsu(&(0x7f0000000000), 0x80000001, 0x20040) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0) read(r2, &(0x7f0000000000), 0x2000) close(r2) read(0xffffffffffffffff, &(0x7f0000000000), 0x2000) close(0xffffffffffffffff) flistxattr(0xffffffffffffffff, &(0x7f0000000100)=""/55, 0x37) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f00000000c0)={0x0, 0x1, r2, 0x7d0, 0x80000}) 05:19:53 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x6, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) [ 3142.447888] Bluetooth: hci3: command 0x0409 tx timeout [ 3144.496516] Bluetooth: hci3: command 0x041b tx timeout [ 3146.543844] Bluetooth: hci3: command 0x040f tx timeout [ 3148.591842] Bluetooth: hci3: command 0x0419 tx timeout [ 3148.836420] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 3148.838067] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 3148.841587] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 3148.877035] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 3148.878809] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 3148.881312] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 05:20:24 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x701, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:20:24 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x40000000000000, 0x0, 0x0) 05:20:24 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bc7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:20:24 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x15403, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:20:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x8, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:20:24 executing program 3: getpeername$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000000c0)=0x14) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) 05:20:24 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) (fail_nth: 18) 05:20:24 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf74, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) [ 3168.429921] FAULT_INJECTION: forcing a failure. [ 3168.429921] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3168.432284] CPU: 1 PID: 18540 Comm: syz-executor.5 Not tainted 5.10.210 #1 [ 3168.433405] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3168.434739] Call Trace: [ 3168.435175] dump_stack+0x107/0x167 [ 3168.435785] should_fail.cold+0x5/0xa [ 3168.436412] __alloc_pages_nodemask+0x182/0x600 [ 3168.437173] ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130 [ 3168.438153] ? find_get_entry+0x2c8/0x740 [ 3168.438830] ? lock_chain_count+0x20/0x20 [ 3168.439512] alloc_pages_current+0x187/0x280 [ 3168.440236] __page_cache_alloc+0x2d2/0x360 [ 3168.440945] pagecache_get_page+0x2c7/0xc80 [ 3168.441649] ? unlock_page_memcg+0x96/0x170 [ 3168.442336] grab_cache_page_write_begin+0x64/0xa0 [ 3168.443134] cont_write_begin+0x448/0x980 [ 3168.443825] ? fat_add_cluster+0x100/0x100 [ 3168.444512] ? nobh_write_begin+0xed0/0xed0 [ 3168.445215] ? __wb_update_bandwidth.constprop.0+0xe00/0xe00 [ 3168.446143] ? generic_write_end+0x20e/0x3f0 [ 3168.446855] ? iov_iter_fault_in_readable+0x9a/0x410 [ 3168.447691] fat_write_begin+0x89/0x180 [ 3168.448336] ? fat_add_cluster+0x100/0x100 [ 3168.449028] generic_perform_write+0x20a/0x4f0 [ 3168.449776] ? fat_direct_IO+0x1ef/0x380 [ 3168.450433] ? page_cache_prev_miss+0x310/0x310 [ 3168.451208] __generic_file_write_iter+0x2cd/0x5d0 [ 3168.452017] generic_file_write_iter+0xdb/0x230 [ 3168.452779] do_iter_readv_writev+0x476/0x750 [ 3168.453509] ? new_sync_write+0x660/0x660 [ 3168.454179] ? selinux_file_permission+0x92/0x520 [ 3168.454983] do_iter_write+0x191/0x670 [ 3168.455625] ? trace_hardirqs_on+0x5b/0x180 [ 3168.456338] vfs_iter_write+0x70/0xa0 [ 3168.456940] iter_file_splice_write+0x762/0xc30 [ 3168.457692] ? generic_splice_sendpage+0x140/0x140 [ 3168.458472] ? avc_policy_seqno+0x9/0x70 [ 3168.459110] ? selinux_file_permission+0x92/0x520 [ 3168.459879] ? lockdep_init_map_type+0x2c7/0x780 [ 3168.460627] ? generic_splice_sendpage+0x140/0x140 [ 3168.461395] direct_splice_actor+0x10f/0x170 [ 3168.462089] splice_direct_to_actor+0x387/0x980 [ 3168.462824] ? pipe_to_sendpage+0x380/0x380 [ 3168.463507] ? do_splice_to+0x160/0x160 [ 3168.464137] ? security_file_permission+0x24e/0x570 [ 3168.464967] do_splice_direct+0x1c4/0x290 [ 3168.465618] ? splice_direct_to_actor+0x980/0x980 [ 3168.466367] ? selinux_file_permission+0x92/0x520 [ 3168.467128] ? security_file_permission+0x24e/0x570 [ 3168.467932] do_sendfile+0x553/0x1090 [ 3168.468543] ? do_pwritev+0x270/0x270 [ 3168.469145] ? wait_for_completion_io+0x270/0x270 [ 3168.469903] ? rcu_read_lock_any_held+0x75/0xa0 [ 3168.470624] ? vfs_write+0x354/0xa70 [ 3168.471237] __x64_sys_sendfile64+0x1d1/0x210 [ 3168.471982] ? __ia32_sys_sendfile+0x220/0x220 [ 3168.472738] do_syscall_64+0x33/0x40 [ 3168.473343] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 3168.474169] RIP: 0033:0x7fa47a8f1b19 [ 3168.474753] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3168.477697] RSP: 002b:00007fa477e67188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3168.478922] RAX: ffffffffffffffda RBX: 00007fa47aa04f60 RCX: 00007fa47a8f1b19 [ 3168.480076] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 3168.481224] RBP: 00007fa477e671d0 R08: 0000000000000000 R09: 0000000000000000 [ 3168.482367] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000002 [ 3168.483509] R13: 00007ffc61c0da3f R14: 00007fa477e67300 R15: 0000000000022000 05:20:24 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read(r1, &(0x7f0000000000), 0x2000) close(r1) ioctl$int_in(r1, 0x5421, &(0x7f0000000000)=0x2) 05:20:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x9, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:20:24 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bc8, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:20:24 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf7a, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:20:24 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x801, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:20:24 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/consoles\x00', 0x0, 0x0) recvmsg$unix(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000100)=""/168, 0xa8}, {&(0x7f00000001c0)=""/30, 0x1e}, {&(0x7f00000002c0)=""/160, 0xa0}], 0x3}, 0x2041) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x2001, 0x0) preadv2(r0, &(0x7f00000014c0)=[{&(0x7f0000000380)=""/97, 0x61}, {&(0x7f0000000400)=""/180, 0xb4}, {&(0x7f00000004c0)=""/4096, 0x1000}], 0x3, 0x10001, 0xffff, 0x4) openat$cgroup_netprio_ifpriomap(r0, &(0x7f00000000c0), 0x2, 0x0) fchmod(r0, 0x18) r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000001500), 0x20000, 0x0) openat$cgroup_subtree(r1, &(0x7f0000001540), 0x2, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0) read(r2, &(0x7f0000000000), 0x2000) close(r2) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000001580)={0x3, 0xa006}, 0x4) 05:20:24 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x15404, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:20:24 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) ioctl$TUNSETNOCSUM(r0, 0x400454c8, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) 05:20:24 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x80000000000000, 0x0, 0x0) 05:20:24 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0xa, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:20:24 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x900, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:20:24 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bc9, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:20:52 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x1400, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:20:52 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) (fail_nth: 19) 05:20:52 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x2000000000000000, 0x0, 0x0) 05:20:52 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bca, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:20:52 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/timers\x00', 0x0, 0x0) lseek(r0, 0x1000, 0x1) r1 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)={0x309100, 0x22, 0x2}, 0x18) preadv(r1, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/132, 0x84}], 0x1, 0x1, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0) read(r2, &(0x7f0000000000), 0x2000) close(r2) r3 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x8) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000200), 0x800000, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB="2c63616368653d6eef6e652c6e6f646576da3305e9fdc6b61b2c706f73697861636c2c61707072616973655f747970653d696d617369672c646f6e745f6d6561737572652c7569643c", @ANYRESDEC=0xee00, @ANYBLOB=',smackfsfloor=/proc/asound/timers\x00,\x00']) 05:20:52 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x15405, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:20:52 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0xb, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:20:52 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x901, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) [ 3196.803687] FAULT_INJECTION: forcing a failure. [ 3196.803687] name failslab, interval 1, probability 0, space 0, times 0 [ 3196.805858] CPU: 1 PID: 18655 Comm: syz-executor.5 Not tainted 5.10.210 #1 [ 3196.806884] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3196.808127] Call Trace: [ 3196.808533] dump_stack+0x107/0x167 [ 3196.809101] should_fail.cold+0x5/0xa [ 3196.809683] ? xas_alloc+0x336/0x440 [ 3196.810249] should_failslab+0x5/0x20 [ 3196.810823] kmem_cache_alloc+0x5b/0x310 [ 3196.811443] xas_alloc+0x336/0x440 [ 3196.811992] xas_create+0x60f/0x10d0 [ 3196.812575] xas_store+0x8c/0x1c40 [ 3196.813116] ? xas_find_conflict+0x4b5/0xa70 [ 3196.813792] __add_to_page_cache_locked+0x708/0xc80 [ 3196.814552] ? file_write_and_wait_range+0x130/0x130 [ 3196.815319] ? memcg_drain_all_list_lrus+0x720/0x720 [ 3196.816095] ? find_get_entry+0x2c8/0x740 [ 3196.816725] add_to_page_cache_lru+0xe6/0x2e0 [ 3196.817407] ? add_to_page_cache_locked+0x40/0x40 [ 3196.818146] ? __page_cache_alloc+0x10d/0x360 [ 3196.818848] pagecache_get_page+0x38b/0xc80 [ 3196.819500] ? unlock_page_memcg+0x96/0x170 [ 3196.820163] grab_cache_page_write_begin+0x64/0xa0 [ 3196.820903] cont_write_begin+0x448/0x980 [ 3196.821542] ? fat_add_cluster+0x100/0x100 [ 3196.822180] ? nobh_write_begin+0xed0/0xed0 [ 3196.822833] ? __wb_update_bandwidth.constprop.0+0xe00/0xe00 [ 3196.823696] ? generic_write_end+0x20e/0x3f0 [ 3196.824366] ? iov_iter_fault_in_readable+0x9a/0x410 [ 3196.825129] fat_write_begin+0x89/0x180 [ 3196.825729] ? fat_add_cluster+0x100/0x100 [ 3196.826369] generic_perform_write+0x20a/0x4f0 [ 3196.827067] ? fat_direct_IO+0x1ef/0x380 [ 3196.827679] ? page_cache_prev_miss+0x310/0x310 [ 3196.828408] __generic_file_write_iter+0x2cd/0x5d0 [ 3196.829150] generic_file_write_iter+0xdb/0x230 [ 3196.829858] do_iter_readv_writev+0x476/0x750 [ 3196.830536] ? new_sync_write+0x660/0x660 [ 3196.831157] ? selinux_file_permission+0x92/0x520 [ 3196.831903] do_iter_write+0x191/0x670 [ 3196.832504] ? trace_hardirqs_on+0x5b/0x180 [ 3196.833163] vfs_iter_write+0x70/0xa0 [ 3196.833745] iter_file_splice_write+0x762/0xc30 [ 3196.834485] ? generic_splice_sendpage+0x140/0x140 [ 3196.835228] ? avc_policy_seqno+0x9/0x70 [ 3196.835836] ? selinux_file_permission+0x92/0x520 [ 3196.836575] ? lockdep_init_map_type+0x2c7/0x780 [ 3196.837293] ? generic_splice_sendpage+0x140/0x140 [ 3196.838027] direct_splice_actor+0x10f/0x170 [ 3196.838690] splice_direct_to_actor+0x387/0x980 [ 3196.839394] ? pipe_to_sendpage+0x380/0x380 [ 3196.840110] ? do_splice_to+0x160/0x160 [ 3196.840711] ? security_file_permission+0x24e/0x570 [ 3196.841532] do_splice_direct+0x1c4/0x290 [ 3196.842155] ? splice_direct_to_actor+0x980/0x980 [ 3196.842931] ? selinux_file_permission+0x92/0x520 [ 3196.843661] ? security_file_permission+0x24e/0x570 [ 3196.844495] do_sendfile+0x553/0x1090 [ 3196.845133] ? do_pwritev+0x270/0x270 [ 3196.845757] ? wait_for_completion_io+0x270/0x270 [ 3196.846540] ? rcu_read_lock_any_held+0x75/0xa0 [ 3196.847289] ? vfs_write+0x354/0xa70 [ 3196.847903] __x64_sys_sendfile64+0x1d1/0x210 [ 3196.848637] ? __ia32_sys_sendfile+0x220/0x220 [ 3196.849413] do_syscall_64+0x33/0x40 [ 3196.850031] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 3196.850862] RIP: 0033:0x7fa47a8f1b19 [ 3196.851466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3196.854424] RSP: 002b:00007fa477e67188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3196.855655] RAX: ffffffffffffffda RBX: 00007fa47aa04f60 RCX: 00007fa47a8f1b19 [ 3196.856808] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 3196.857954] RBP: 00007fa477e671d0 R08: 0000000000000000 R09: 0000000000000000 [ 3196.859111] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000002 [ 3196.860279] R13: 00007ffc61c0da3f R14: 00007fa477e67300 R15: 0000000000022000 05:20:52 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x10, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:20:52 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0xeffdffffffffffff, 0x0, 0x0) [ 3197.441994] device lo left promiscuous mode [ 3202.351840] Bluetooth: hci1: command 0x0409 tx timeout [ 3204.399870] Bluetooth: hci1: command 0x041b tx timeout [ 3206.447867] Bluetooth: hci1: command 0x040f tx timeout [ 3206.503625] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 3206.504717] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 3206.506445] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 3206.554732] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 3206.556340] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 3206.559723] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 3208.496875] Bluetooth: hci1: command 0x0419 tx timeout 05:21:19 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x6300, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:21:19 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) (fail_nth: 20) 05:21:19 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x15406, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:21:19 executing program 3: ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) r0 = openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0x62202, 0xc, 0xc}, 0x18) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="00000000001f002e2f1e9153c108f90b"]) write$selinux_attr(r1, &(0x7f0000000080)='system_u:object_r:mount_tmp_t:s0\x00', 0x21) ioctl$EXT4_IOC_CLEAR_ES_CACHE(r0, 0x6628) openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/sr_mod', 0x200, 0x3b) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x8, 0x13, r2, 0x0) r3 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read(r3, &(0x7f0000000000), 0x2000) close(r3) preadv(r3, &(0x7f0000000140), 0x100000000000000e, 0x1, 0xfffffffb) 05:21:19 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa01, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:21:19 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bcb, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:21:19 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x11, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:21:19 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0xf5ffffffffffffff, 0x0, 0x0) [ 3223.223732] FAULT_INJECTION: forcing a failure. [ 3223.223732] name failslab, interval 1, probability 0, space 0, times 0 [ 3223.225367] CPU: 1 PID: 19196 Comm: syz-executor.5 Not tainted 5.10.210 #1 [ 3223.226594] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3223.228135] Call Trace: [ 3223.228654] dump_stack+0x107/0x167 [ 3223.229338] should_fail.cold+0x5/0xa [ 3223.230051] ? create_object.isra.0+0x3a/0xa20 [ 3223.230906] should_failslab+0x5/0x20 [ 3223.231616] kmem_cache_alloc+0x5b/0x310 [ 3223.232386] create_object.isra.0+0x3a/0xa20 [ 3223.233202] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3223.233930] kmem_cache_alloc+0x159/0x310 [ 3223.234711] xas_alloc+0x336/0x440 [ 3223.235365] xas_create+0x60f/0x10d0 [ 3223.235929] xas_store+0x8c/0x1c40 [ 3223.236591] ? xas_find_conflict+0x4b5/0xa70 [ 3223.237285] __add_to_page_cache_locked+0x708/0xc80 [ 3223.238015] ? file_write_and_wait_range+0x130/0x130 [ 3223.238942] ? memcg_drain_all_list_lrus+0x720/0x720 [ 3223.239673] ? find_get_entry+0x2c8/0x740 [ 3223.240438] add_to_page_cache_lru+0xe6/0x2e0 [ 3223.241091] ? add_to_page_cache_locked+0x40/0x40 [ 3223.241969] ? __page_cache_alloc+0x10d/0x360 [ 3223.242814] pagecache_get_page+0x38b/0xc80 [ 3223.243603] ? unlock_page_memcg+0x96/0x170 [ 3223.244231] grab_cache_page_write_begin+0x64/0xa0 [ 3223.245158] cont_write_begin+0x448/0x980 [ 3223.245938] ? fat_add_cluster+0x100/0x100 [ 3223.246597] ? nobh_write_begin+0xed0/0xed0 [ 3223.247374] ? __wb_update_bandwidth.constprop.0+0xe00/0xe00 [ 3223.248198] ? generic_write_end+0x20e/0x3f0 [ 3223.249014] ? iov_iter_fault_in_readable+0x9a/0x410 [ 3223.249937] fat_write_begin+0x89/0x180 [ 3223.250508] ? fat_add_cluster+0x100/0x100 [ 3223.251305] generic_perform_write+0x20a/0x4f0 [ 3223.252155] ? fat_direct_IO+0x1ef/0x380 [ 3223.252929] ? page_cache_prev_miss+0x310/0x310 [ 3223.253624] __generic_file_write_iter+0x2cd/0x5d0 [ 3223.254529] generic_file_write_iter+0xdb/0x230 [ 3223.255234] do_iter_readv_writev+0x476/0x750 [ 3223.256058] ? new_sync_write+0x660/0x660 [ 3223.256677] ? selinux_file_permission+0x92/0x520 [ 3223.257562] do_iter_write+0x191/0x670 [ 3223.258135] ? trace_hardirqs_on+0x5b/0x180 [ 3223.258947] vfs_iter_write+0x70/0xa0 [ 3223.259504] iter_file_splice_write+0x762/0xc30 [ 3223.260381] ? generic_splice_sendpage+0x140/0x140 [ 3223.261100] ? avc_policy_seqno+0x9/0x70 [ 3223.261855] ? selinux_file_permission+0x92/0x520 [ 3223.262746] ? lockdep_init_map_type+0x2c7/0x780 [ 3223.263460] ? generic_splice_sendpage+0x140/0x140 [ 3223.264386] direct_splice_actor+0x10f/0x170 [ 3223.265020] splice_direct_to_actor+0x387/0x980 [ 3223.265891] ? pipe_to_sendpage+0x380/0x380 [ 3223.266695] ? do_splice_to+0x160/0x160 [ 3223.267431] ? security_file_permission+0x24e/0x570 [ 3223.268156] do_splice_direct+0x1c4/0x290 [ 3223.268936] ? splice_direct_to_actor+0x980/0x980 [ 3223.269836] ? selinux_file_permission+0x92/0x520 [ 3223.270737] ? security_file_permission+0x24e/0x570 [ 3223.271536] do_sendfile+0x553/0x1090 [ 3223.272264] ? do_pwritev+0x270/0x270 [ 3223.272962] ? wait_for_completion_io+0x270/0x270 [ 3223.273846] ? rcu_read_lock_any_held+0x75/0xa0 [ 3223.274508] ? vfs_write+0x354/0xa70 [ 3223.275203] __x64_sys_sendfile64+0x1d1/0x210 [ 3223.276037] ? __ia32_sys_sendfile+0x220/0x220 [ 3223.276901] do_syscall_64+0x33/0x40 [ 3223.277490] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 3223.278427] RIP: 0033:0x7fa47a8f1b19 [ 3223.278962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3223.282226] RSP: 002b:00007fa477e67188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3223.283632] RAX: ffffffffffffffda RBX: 00007fa47aa04f60 RCX: 00007fa47a8f1b19 [ 3223.284919] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 3223.286236] RBP: 00007fa477e671d0 R08: 0000000000000000 R09: 0000000000000000 [ 3223.287544] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000002 [ 3223.288855] R13: 00007ffc61c0da3f R14: 00007fa477e67300 R15: 0000000000022000 05:21:19 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa02, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:21:19 executing program 3: sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='@\x00\x00', @ANYRES16=0x0, @ANYBLOB="10002cbd7000ffdbdf2507000000080005000a0101022200070073797374656d5f753a6f626a6563745f723a736861646f775f743a7330000000"], 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0x40000) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) sendmsg$IEEE802154_SCAN_REQ(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x34, 0x0, 0x400, 0x70bd2a, 0x25dfdbff, {}, [@IEEE802154_ATTR_SCAN_TYPE={0x5, 0x13, 0x81}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x5}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0xa}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x1c}]}, 0x34}}, 0x8800) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r0, 0xc018937c, &(0x7f00000002c0)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) syz_genetlink_get_family_id$batadv(&(0x7f0000000380), r0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000004c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_GET_MPP(r1, &(0x7f00000005c0)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x64, 0x0, 0x100, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x64}, 0x1, 0x0, 0x0, 0x4890}, 0x4000000) 05:21:19 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xff7f, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:21:19 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0xffffffff00000000, 0x0, 0x0) 05:21:19 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bcc, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:21:19 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x14, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:21:19 executing program 3: connect(0xffffffffffffffff, &(0x7f00000000c0)=@pptp={0x18, 0x2, {0x3, @private=0x10000}}, 0x80) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0) read(r0, &(0x7f0000000000), 0x2000) close(r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth0_to_batadv\x00'}) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0) read(r2, &(0x7f0000000000), 0x2000) close(r2) connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x10) r3 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read(r3, &(0x7f0000000000), 0x2000) close(r3) write$binfmt_aout(r3, &(0x7f0000000340)={{0x104, 0x81, 0x2, 0x342, 0x14, 0x1f1, 0x11e, 0x1000}, "7f2d60261b372fdcc85f49786cb5d478414d8953e48709e1af20270a5fa4f33e131a98c7e03db2e27a6934ba19c801bb633020eebbed53cb9b2b359636681166944d35accc95a54c53e86265c1b7f655f4c28dd3100b0be2f267a6f3dd83ca03175a73f4c429a615fa4c67a9f0dbccde64dc674c2b0558b9fb9d48a5ac53d0ab6fa03993d82a7192e64984b9fe46c0ea5e1263cb9a10ca29541526fec0ac55e66ea4f11eab933be08defc2b47df2660a08f85058d2f3b0f3cab7cda0a3956675dfb192c65db116fbbbff4d150c8969542c6eda5296204046166959f5e99a82e97767b375fa71551db035023d48799a644397e77bcd082ba4e9e07eea79df4edc131aba7415a700487916866a766e0b314ef877491ad41b7c11e9ba1ae50351d3383e22ee0c96e140651fa27aa10a4f8359f82b4e0b03fd4ca42d147da7a0178ccbf74d724070c578244ecd00c8b093bc78e007409338d7361ff1fc5bec4821027b09a78042c493fb6ac26df7fe4855c150d7d175b33e3c36bc5d1aa8ac5ae00deb904db0da2f0e2c036996119ab0d53d2d2d742139f0dc56c2285526cee29d9030b6db15f9597d71ad145cdc51d6121cf12035ad106075767e7593654b716307f5db149fefb4c8697acec8df02058dc009fa70ba6e56400677f6aaf44f36b8bf1df1853db5b2980ad0b57493be00f472c51b989b77be7982138f343eb8efca58c5546ac970da3a88c3368d932f9d33f7f15f415ab4b8e8952d9fcfdb54314bc8a6cdad6e82bac2ab2a69dda95ca0bcfa1aa5cca645f6518a76356b294d0064ef84efac4e674d4cdf0d06f4783591af997313db3baab6414697ef1b719357c612e9d8072378c314a09568696811c1c16350055c8b084ca6421b91cccd9cf18769dbe99eb1b36620b79ff0183470ae16433d0b7f099d2dfaaa573900cc7aac166a8a62da40b6de3d303f258d17ddc5389252bd8aec20053b70d854083a601cda29776514f9d7b77670c2e61e83411750c8e35d273fa5486ec307c2747432d3b1fd61428e49e5e0e8274ffcafa83a102016d181bc1f4d80dcec20f7b4353f13e76317b639442eb39e0671d643b1311ef9d35015ac3cbc21cd043f91d73029961313a983259f0bcab3a3947bb5db65be867836801f438ec301d814835fc743df8a3362cd1bc6179a1401bf7872b3a3e764a7866b6b7a5692f235bf8bf06d58836dc3b42d87f0e2aaffbb5d1e5a91e09e89150b612221f7943f268950834e6c6394faa173f46922e98d0b62be0c6ed8ec75e0610638aab4b0b2c4e5b36ec0d5883ae13b8b7dc07963a61ff82439c87d0d688f4a92a36e788e155c213b817a60ffc8b49bfa3ecdb0b300a632464b0783b5dd2a0148dac83814ed32cedd8ecbde21243b59310d026fb475712d9dd40f250711de2bd564c739c137ab4fa5227e8bd8a050ccad96b678cbf289017cd4050c5230d9834c644aa5a4291d7c043b8e239426efaf64b59cf1848a48d30870d936b7561d0d193e94f54cd12b993f6f05111d7ea469bbbed5f627cdd28d89171dc738524f4efa689384901d2790f4b72aa26e402afcf034dc54901bb66c4d1f1f0b8c7b5f22f5873ca9ca402d5a2cfaafc32c6630e2b8d0a5dcb9406a8f66f9e0ef285eafa06e193a5f73730340cde75a6e3cdbf9d00e549ff7018fc0cbd92ca4518422adf416c62876bba93d0f1396cc204320516852b61b328d2eabc58aa4923b226319b9f885461a57f61b37fe14e8f90a1eb8149ff98d2e58cb8d23e612ff79f4656247d83aab2f695eccaa2d6a4ebb3c729b4006161ba677f176d0ddbcff44c46af30e5799b6bbb43bcbde09b73421e67ba73e98463b011b14ec049b887ca6735d0a4dd6a35be55f48920a477da3ade7b4b8609b622375de73202749e8aa153233502526db0c56d214edc941be5630ae9b6a06883f974623978ffdd3a6e8499c41903fa92df1fd22955b47437e49b61e9f24e3489493075d6ed5a810075f6d4aa49db101fc5f68dd9255eeee2e3dc0795cc07dbc3530d57374337cb3808a42d3e462653b88aa32ea374f4cbb478428bf47d6db7c06a9d37676075c6aa5776baa582bb38b73adb072b3b8fc49d911f6d01c048cae61a82fa76258d9446decd46eea80be4c49ae3ee11db04191a7e788b4d6a0edc499b40ed68957f1e4f5e75b23cbbc2ee4748fa9bcd412b251581cff0c7806ed4c244a6abc5a6d1129103ae9fe117def19607f4fef4de2ca9266679ecbafb63b5bd813105ad0752fde56a2aabec6df8ec5639ce4ac89c3c64ac77482b683fffdbcdd54d7485b156a9d47caa960871eb76ad2e43c704113943962c97d708bf0f5f5451e76886a6863b81db4000d3cac3d21dd8adfd88808141815197cecee0e5970d7f38635b020df050bf67512c8abbbe64fbac1f29b052733de23f982fde0539918dd3b4ea0a39c6bdb5210a31f6acb62b8af7413a3d133561968a3d2da3be483304f67f0dd431ff629c83a547fbc73a6e8c11ba3aba225c19edc29af68bb8e13ec41afcda1e88a6d36f96caa62cab6b4ed0f6fb814996a87b1162b7c75340ee400a61cd8679a9d57e4933e622632ff73923ea160d7926c26110a4407b7251ce9a78fd71b7c71c9dc92e05c032df68f7606087c6e267ba3992d12de1c5a06e5a4e00a13d6225aa1824a0b38eda991569772980813133a1f22d268b12508c6b6fda6d4ff515c45af1db6093dda7ad8c798502a7dbf1a75afe15bca9cb4c59c48a044526853f9b051fdc22a4caf3c1435347c2dc59a2379619d5c3ca4107ccf33fa7d96dd598299d8cd1b28bf3a123d89818b16ffd0a9e8e71ab59171afc802b260f5bf0ce2e84ce13bb587b2486f8c3ce1e3982dfa46cb314d33e9429614fc78a8d7be3590d62756a64ce0af0d12cdf717be1f2ce71deda4d1f15eb8b4803d46bd5dc085e6c070030fff1dc084a828bf8292b019d09064e37768da645b67b3e0611bc2e604b9b1d7da12e6782f8876726697e570f5ccbd0270c41b9532a31abb282a15de06c6186098818935aad988eb5a348ac6e8e9d5abf99f4918b0f497de7be2dc5463812564305cbb67c2a2f7df177df5c34d3326d8168454d4ec90b533a0ab60844e3549540683068862945461ab3c29fef216bffb187145e0cfaf3ad01288547521b08e17a868059c2c2f333906deba061e6d16d23b9799984b2b0732cf9f029e6a380da004cfb59ead5c06248fead59895eafd64f6553273a157c8fc13d469cedd1a25d13d43a8fc0b41d0e3c86298b0d195fe5a34c94563adee65670ff4f96dcc8bb95980240202d81e4c9fff6dd1d429b7f4c61c78a3ef9abf8cacefd2faa1f613af5a0d40a22fe318da59c923376592a6df7275b63b95e0ea16895fa847b311dd562a396930c5f7fc5acea83899cef29f30a012afac05aadee86deb0151632e82862c908cdeab3ee2f40a71ba833d2cf6ed4b753aa1c31ee8bee186a6541140befd036af6e05802e31f2c3aa928cfabcad8e381186223e2697af942b65000214cb7424524aa338a6006d142ab9167895bd0b0ea111a2aa4f2e531e0dbde0b62641c338945d4731224f2a082fa1dc1b8dfe8eefcce6b6a644aa4a669e1522891463cfa2620a1e1afb58cfd79419904f1577bc32e79e8b879da75ca605e40f1336a6ecc765c898075ea78e6f325f4ca16b472d40e1295b1cadad0ac95bf7ab4bd75982f7ca32aec5f27fc6e8f88fff4e7c145fd8df7823844e09182308758c83cb9fd85bf566649a7aee22e477ed42ed0ff82281c9722e4463443182c69be7f8e63a3409f2f6f31add39d6a009b1a21f39365fe956af03913f1c3552633a187f7decdc85e5cb3d04b945a25786c164addfdc16dc7868b12fc1d9e485650872f95c32b71640a4e0dfc6b54d52dcc7d38e9f6f8b1e18f3c5a27213f82b31f00f4e8afbf000ca578dccc9cd1fdaed69e2b3f893c32b8dd19c103c858924ce37f6cf60234ef720257cdffb8ac50e392df453f5141556c6b017191ea859e85cdb6bbb57f6f242c341614e7ad147ca91b645f5e493daa630ff4d5ab7d1d4786f5c45f03245576a3c3b0430ed0fe60976a57109fbad98f85ae16cc4328231042f956dd0e0d93834035f38d7a14c359e5c9382a5d3b14324f04ba13370d15f12241eba1b98a58024c1e99fa0392d44385fd3ee737822abfb8431f0af03a7f8d3cfa3c1035a3ed733e379ad452ed4b8c785d99332ed651437e9af193bb621db9cec01f28273428fad7f84b830f57ec4780f01e7acfc5633d201110f8ece4d93fd67e2facba7023883dc03b7b3d1c2bb03c375d2cead6fb353bad6996c48b7d58a303e7deea3c8ca62999361ca423f4923b75b22a37cfe6b508d5253a377ab2ee0633920191f7938779179f8bd198bbc84a17354016852f5936465fba06cddef4578726c7c37b7dc6ef388207f99d1e9f41a3b67c3eeb1251440f2e158db3776741ea93e956dbb500b02790c681d0259d51dcfd48358ad0c1fc28ee6d68f0de24b825bb6b94cc088a8ed9842ffeaff40817170c02552b5e6714e2d064d5d43f690200b1fb5dcfb2a663e32f7e31eca80f153cef24d27ba17a6ac170deb5e3707c13d125d6ec2c5c1099e4e499429d906538a3eff027a95c4492fadc92b7536f18b03e70adde7206036c8f42becc894fd9daf1a0233f206eb8f32ef94e6d007152e3ddbf540bb79e5a91ee7eb42b1fb1f6c4ba4dc4dcacaa542cb5ab3239426c4ae3c3a548ee62404bc056e221a58b4fdfbb846c7cf789a87516b672c7ac101a6fe84a0c1defd5863cffae222c57d8cb8dcaf6b36550ffad36a409f986cf51306a83c110ad7f72da85539bdc2dce3a035afa212fd23b9830226bb19822b0076eab6a0898b3c8a5affcf5123dd61a7c6c87401c841ab5d2766b9a83ae2fad1bf77afedb760f27aba2022bc525de34d434d6d45a1050b6365f38557aaf72a655fceb086b1afd3165fee1b05e4febf2793c55454bfb8311005eac1553f81ba7578fb3a72444a97a80aca9632cf4e0258b97f516ef26a72f0832be468b9933f84b168cd41701d5c72c93adf08d034b3bb88de9af7d11ee2b5cfa1df48381391748d880b6e4e375f904a6824c7838bb89258aec3a023e740e529f605cd14fce067fca265deb3027ec1a11e6355131afe3d8c156a74577f6f4ea0bc1ea6845e7b8d4316f91b1d59da2dda6d6cfda259eaac3e46be035eb477c6528e25a79d613a780290a8e8d22c0cacf20aa390a3d6aba6ccfb8c29f48ae38f7fee54355cd44a4f870c30e66e34795339865a41d8ba8cdcbbb391eb558b5fb3afce61159dab391ac3c75c06844672c6b360f5fe6413042ccf24dc806b34f880127fb0a9fcbb7dbd19ef47a00b78f501a8bed859a83f7cb9b60a7cab32799d5d9e8c08c3390cab464f599f5c8ea8377e2af95a1750aca1fa15a2cc9c33cd45168a7fe6e616bb82fac34a1bbd553fd1a876d9402d91dc4d7a8ae1123a5d40b1f5649397c290bef0ff93e3a2baaaf1de614560cf09f8f1b585659a517fd0f6f485bd304142f9f9fb0542aa434669a82ae92449caf681d700669cbf629de76b1494c32d28b7b0d5ee1160ec72f857ddaaabdb0e9393d9b7c9ff760e48efa091a4a72453660abd1e97bd4dcb703cebd3884be34fe946581251d6f863bb9c2cc344643693d6f9ea35af9fd353efa2e62d828d6bf5082ee87a9ed95063797f03b80005c8ea2c0f808f137b1775d5560b97cf437fe1d0e4875e5334758de11ff1b6c62c686257134ca3113c316", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x1920) preadv(r1, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) 05:21:19 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x15407, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:21:19 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x9, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:21:19 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) (fail_nth: 21) 05:21:19 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa03, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:21:19 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000700)=[{&(0x7f0000000000)=""/42, 0x2a}, {&(0x7f00000002c0)=""/6, 0x6}, {&(0x7f0000000080)=""/74, 0x4a}, {&(0x7f0000000100)=""/102, 0x66}, {&(0x7f0000000180)=""/239, 0xef}, {&(0x7f0000000280)=""/13, 0xd}, {&(0x7f0000000340)=""/244, 0xf4}, {&(0x7f00000005c0)=""/55, 0x37}, {&(0x7f0000000040)=""/16, 0x10}, {&(0x7f00000004c0)=""/32, 0x20}, {&(0x7f0000000600)=""/222, 0xde}], 0xb, 0x5, 0x4) openat$procfs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/diskstats\x00', 0x0, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000440), 0x42000, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937c, &(0x7f0000000480)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) 05:21:19 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bcd, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) [ 3223.822066] FAULT_INJECTION: forcing a failure. [ 3223.822066] name failslab, interval 1, probability 0, space 0, times 0 [ 3223.824379] CPU: 0 PID: 19256 Comm: syz-executor.5 Not tainted 5.10.210 #1 [ 3223.825488] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3223.826800] Call Trace: [ 3223.827228] dump_stack+0x107/0x167 [ 3223.827824] should_fail.cold+0x5/0xa [ 3223.828446] ? ext4_mb_new_blocks+0x64d/0x45b0 [ 3223.829180] should_failslab+0x5/0x20 [ 3223.829796] kmem_cache_alloc+0x5b/0x310 [ 3223.830452] ext4_mb_new_blocks+0x64d/0x45b0 [ 3223.831176] ? trace_hardirqs_on+0x5b/0x180 [ 3223.831869] ? kasan_unpoison_shadow+0x33/0x50 [ 3223.832598] ? ext4_cache_extents+0x68/0x2d0 [ 3223.833301] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3223.834104] ? ext4_discard_preallocations+0xd80/0xd80 [ 3223.834938] ? ext4_ext_search_right+0x2e3/0xbd0 [ 3223.835689] ? ext4_inode_to_goal_block+0x320/0x430 [ 3223.836501] ext4_ext_map_blocks+0x1d68/0x5850 [ 3223.837255] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 3223.838088] ? perf_trace_lock+0xac/0x490 [ 3223.838760] ? ext4_ext_release+0x10/0x10 [ 3223.839426] ? ext4_map_blocks+0x5e0/0x1940 [ 3223.840117] ? lock_release+0x680/0x680 [ 3223.840761] ? ext4_es_lookup_extent+0x48d/0xaa0 [ 3223.841513] ? find_held_lock+0x2c/0x110 [ 3223.842186] ? down_write_killable+0x180/0x180 [ 3223.842932] ext4_map_blocks+0x652/0x1940 [ 3223.843600] ? kmem_cache_alloc+0x2a6/0x310 [ 3223.844296] ? __kernel_text_address+0x9/0x40 [ 3223.845014] ? ext4_issue_zeroout+0x1c0/0x1c0 [ 3223.845728] ? jbd2__journal_start+0xf3/0x7e0 [ 3223.846453] ? __ext4_journal_start_sb+0x214/0x390 [ 3223.847233] ? __ext4_journal_start_sb+0x1db/0x390 [ 3223.848015] ext4_iomap_begin+0x3ad/0x700 [ 3223.848703] ? ext4_iomap_begin_report+0x5a0/0x5a0 [ 3223.849478] ? kasan_save_stack+0x1b/0x40 [ 3223.850140] ? ext4_file_write_iter+0xb26/0x18d0 [ 3223.850899] ? truncate_exceptional_pvec_entries.part.0+0x510/0x510 [ 3223.851900] ? splice_direct_to_actor+0x387/0x980 [ 3223.852675] ? do_splice_direct+0x1c4/0x290 [ 3223.853361] ? do_sendfile+0x553/0x1090 [ 3223.853996] ? __x64_sys_sendfile64+0x1d1/0x210 [ 3223.854739] ? do_syscall_64+0x33/0x40 [ 3223.855357] ? entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 3223.856210] iomap_apply+0x164/0x810 [ 3223.856818] ? iomap_dio_rw+0x90/0x90 [ 3223.857434] ? trace_event_raw_event_iomap_apply+0x430/0x430 [ 3223.858365] ? mark_held_locks+0x9e/0xe0 [ 3223.859035] ? filemap_check_errors+0xa5/0x150 [ 3223.859771] __iomap_dio_rw+0x6cd/0x1110 [ 3223.860426] ? iomap_dio_rw+0x90/0x90 [ 3223.861059] ? iomap_dio_bio_actor+0xef0/0xef0 [ 3223.861791] ? ext4_orphan_add+0x253/0x9e0 [ 3223.862461] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 3223.863250] ? ext4_empty_dir+0xae0/0xae0 [ 3223.863910] ? jbd2__journal_start+0xf3/0x7e0 [ 3223.864651] iomap_dio_rw+0x31/0x90 [ 3223.865242] ext4_file_write_iter+0xb26/0x18d0 [ 3223.865998] ? ext4_file_read_iter+0x4c0/0x4c0 [ 3223.866729] ? kasan_save_stack+0x32/0x40 [ 3223.867396] ? kasan_save_stack+0x1b/0x40 [ 3223.868059] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3223.868876] ? iter_file_splice_write+0x16d/0xc30 [ 3223.869642] ? direct_splice_actor+0x10f/0x170 [ 3223.870369] ? splice_direct_to_actor+0x387/0x980 [ 3223.871131] ? do_splice_direct+0x1c4/0x290 [ 3223.871821] ? do_sendfile+0x553/0x1090 [ 3223.872461] ? __x64_sys_sendfile64+0x1d1/0x210 [ 3223.873220] do_iter_readv_writev+0x476/0x750 [ 3223.873936] ? new_sync_write+0x660/0x660 [ 3223.874600] ? selinux_file_permission+0x92/0x520 [ 3223.875397] do_iter_write+0x191/0x670 [ 3223.876030] ? trace_hardirqs_on+0x5b/0x180 [ 3223.876738] vfs_iter_write+0x70/0xa0 [ 3223.877352] iter_file_splice_write+0x762/0xc30 [ 3223.878115] ? generic_splice_sendpage+0x140/0x140 [ 3223.878917] ? avc_policy_seqno+0x9/0x70 [ 3223.879558] ? selinux_file_permission+0x92/0x520 [ 3223.880353] ? lockdep_init_map_type+0x2c7/0x780 [ 3223.881111] ? generic_splice_sendpage+0x140/0x140 [ 3223.881900] direct_splice_actor+0x10f/0x170 [ 3223.882602] splice_direct_to_actor+0x387/0x980 [ 3223.883354] ? pipe_to_sendpage+0x380/0x380 [ 3223.884043] ? do_splice_to+0x160/0x160 [ 3223.884695] ? security_file_permission+0x24e/0x570 [ 3223.885499] do_splice_direct+0x1c4/0x290 [ 3223.886163] ? splice_direct_to_actor+0x980/0x980 [ 3223.886925] ? selinux_file_permission+0x92/0x520 [ 3223.887709] ? security_file_permission+0x24e/0x570 [ 3223.888523] do_sendfile+0x553/0x1090 [ 3223.889150] ? do_pwritev+0x270/0x270 [ 3223.889759] ? wait_for_completion_io+0x270/0x270 [ 3223.890536] ? rcu_read_lock_any_held+0x75/0xa0 [ 3223.891270] ? vfs_write+0x354/0xa70 [ 3223.891881] __x64_sys_sendfile64+0x1d1/0x210 [ 3223.892607] ? __ia32_sys_sendfile+0x220/0x220 [ 3223.893361] do_syscall_64+0x33/0x40 [ 3223.893950] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 3223.894777] RIP: 0033:0x7fa47a8f1b19 [ 3223.895373] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3223.898302] RSP: 002b:00007fa477e67188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3223.899506] RAX: ffffffffffffffda RBX: 00007fa47aa04f60 RCX: 00007fa47a8f1b19 [ 3223.900639] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 3223.901758] RBP: 00007fa477e671d0 R08: 0000000000000000 R09: 0000000000000000 [ 3223.902915] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000002 [ 3223.904032] R13: 00007ffc61c0da3f R14: 00007fa477e67300 R15: 0000000000022000 05:21:36 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) (fail_nth: 22) 05:21:36 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bce, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:21:36 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x18, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:21:36 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x15408, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:21:36 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read(r1, &(0x7f0000000000), 0x2000) close(r1) r2 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read(r2, &(0x7f0000000000), 0x2000) close(r2) dup3(r1, r2, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) ioctl$FS_IOC_MEASURE_VERITY(r0, 0xc0046686, &(0x7f0000000000)=ANY=[@ANYBLOB="d852c2b628cd2119"]) 05:21:36 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0xa, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:21:36 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0xfffffffffffffdef, 0x0, 0x0) 05:21:36 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa04, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) [ 3241.097227] FAULT_INJECTION: forcing a failure. [ 3241.097227] name failslab, interval 1, probability 0, space 0, times 0 [ 3241.098275] CPU: 1 PID: 19337 Comm: syz-executor.5 Not tainted 5.10.210 #1 [ 3241.098859] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3241.099566] Call Trace: [ 3241.099797] dump_stack+0x107/0x167 [ 3241.100118] should_fail.cold+0x5/0xa [ 3241.100461] ? create_object.isra.0+0x3a/0xa20 [ 3241.100849] should_failslab+0x5/0x20 [ 3241.101169] kmem_cache_alloc+0x5b/0x310 [ 3241.101510] create_object.isra.0+0x3a/0xa20 [ 3241.101872] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3241.102279] kmem_cache_alloc+0x159/0x310 [ 3241.102627] alloc_buffer_head+0x20/0x110 [ 3241.102966] alloc_page_buffers+0x14d/0x700 [ 3241.103326] create_empty_buffers+0x2c/0x640 [ 3241.103681] create_page_buffers+0x1bb/0x230 [ 3241.104052] __block_write_begin_int+0x1d1/0x19c0 [ 3241.104450] ? fat_add_cluster+0x100/0x100 [ 3241.104806] ? add_to_page_cache_locked+0x40/0x40 [ 3241.105191] ? __page_cache_alloc+0x10d/0x360 [ 3241.105561] ? remove_inode_buffers+0x300/0x300 [ 3241.105930] ? pagecache_get_page+0x243/0xc80 [ 3241.106303] ? unlock_page_memcg+0x96/0x170 [ 3241.106650] ? wait_for_stable_page+0x92/0xe0 [ 3241.107025] cont_write_begin+0x472/0x980 [ 3241.107380] ? fat_add_cluster+0x100/0x100 [ 3241.107718] ? nobh_write_begin+0xed0/0xed0 [ 3241.108077] ? __wb_update_bandwidth.constprop.0+0xe00/0xe00 [ 3241.108543] ? generic_write_end+0x20e/0x3f0 [ 3241.108909] ? iov_iter_fault_in_readable+0x9a/0x410 [ 3241.109323] fat_write_begin+0x89/0x180 [ 3241.109652] ? fat_add_cluster+0x100/0x100 [ 3241.110000] generic_perform_write+0x20a/0x4f0 [ 3241.110381] ? fat_direct_IO+0x1ef/0x380 [ 3241.110716] ? page_cache_prev_miss+0x310/0x310 [ 3241.111110] __generic_file_write_iter+0x2cd/0x5d0 [ 3241.111518] generic_file_write_iter+0xdb/0x230 [ 3241.111891] do_iter_readv_writev+0x476/0x750 [ 3241.112280] ? new_sync_write+0x660/0x660 [ 3241.112637] ? selinux_file_permission+0x92/0x520 [ 3241.113063] do_iter_write+0x191/0x670 [ 3241.113399] ? trace_hardirqs_on+0x5b/0x180 [ 3241.113757] vfs_iter_write+0x70/0xa0 [ 3241.114089] iter_file_splice_write+0x762/0xc30 [ 3241.114492] ? generic_splice_sendpage+0x140/0x140 [ 3241.114911] ? avc_policy_seqno+0x9/0x70 [ 3241.115250] ? selinux_file_permission+0x92/0x520 [ 3241.115677] ? lockdep_init_map_type+0x2c7/0x780 [ 3241.116087] ? generic_splice_sendpage+0x140/0x140 [ 3241.116505] direct_splice_actor+0x10f/0x170 [ 3241.116877] splice_direct_to_actor+0x387/0x980 [ 3241.117284] ? pipe_to_sendpage+0x380/0x380 [ 3241.117650] ? do_splice_to+0x160/0x160 [ 3241.117987] ? security_file_permission+0x24e/0x570 [ 3241.118413] do_splice_direct+0x1c4/0x290 [ 3241.118757] ? splice_direct_to_actor+0x980/0x980 [ 3241.119172] ? selinux_file_permission+0x92/0x520 [ 3241.119570] ? security_file_permission+0x24e/0x570 [ 3241.120007] do_sendfile+0x553/0x1090 [ 3241.120334] ? do_pwritev+0x270/0x270 [ 3241.120663] ? wait_for_completion_io+0x270/0x270 [ 3241.121084] ? rcu_read_lock_any_held+0x75/0xa0 [ 3241.121476] ? vfs_write+0x354/0xa70 [ 3241.121799] __x64_sys_sendfile64+0x1d1/0x210 [ 3241.122192] ? __ia32_sys_sendfile+0x220/0x220 [ 3241.122587] do_syscall_64+0x33/0x40 [ 3241.122900] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 3241.123331] RIP: 0033:0x7fa47a8f1b19 [ 3241.123623] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3241.125187] RSP: 002b:00007fa477e67188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3241.125831] RAX: ffffffffffffffda RBX: 00007fa47aa04f60 RCX: 00007fa47a8f1b19 [ 3241.126435] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 3241.127048] RBP: 00007fa477e671d0 R08: 0000000000000000 R09: 0000000000000000 [ 3241.127649] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000002 [ 3241.128259] R13: 00007ffc61c0da3f R14: 00007fa477e67300 R15: 0000000000022000 05:21:37 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x63, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:21:37 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0xfffffffffffffff5, 0x0, 0x0) 05:21:37 executing program 3: prctl$PR_SVE_GET_VL(0x33, 0x106af) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) r1 = syz_open_dev$hiddev(&(0x7f00000013c0), 0x6ba, 0x424882) r2 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read(r2, &(0x7f0000000000), 0x2000) close(r2) ioctl$BTRFS_IOC_SNAP_DESTROY(r1, 0x5000940f, &(0x7f0000000340)={{r2}, "09c3e09ec5f71146764da99e8e5c5151b463119665706cac1ca5a5f362e9a5410c5b07b8bc3a6aca4f19a1c0ad67a9faf3ec9f2e8974032961d4f62b0b702c9dba48dba544373cfd5d0139709fd620178ab440d529ca578c31e0b0145650cc06c193c499661aceaf0f73d3533594ba8d30482c366e7a3a50096295bcb54ebb982c55d0afff8c941372325dc524c70ec9ba77bbb514744c46bc11b450de105fd95b772e7d660fb9753dd676fb265ecff978c5aa15974e47bf09b2ddca0d5c10c889e7aeee72d63cfb148cc04d3bca204926529dc15eca8840bef5c08bf2225f11647718b94e0a534f6da52d5e3d7f188dd12c6301ba136677baf5c98bd75ecfd6f501510446b85be00c2e3a2a6954b85942ac6c7eb000369aa7749d0ce8d1a627fb77ea6a95c1361aab4115ea70e8bb9fc7c2ef469b0febbe493710891daff8d8fd3f3ebdfca951ab68ab59692bfe1a461a3018f70e23c5fb2fcb2d0aed4c540d0544baed2db2708fcea8c4728b6d1417cdb4c24e5ddd61d17404095ee09a879119bdcf9a41f12e1289a855459bfc1232735c5a3ca5348e508b0051a4bb78c684a7a73cbd3f54721ceaced40a00823ae800459039550aa97bdc5f1535ff2107f8728ce10bdfd44a488dd8338cbfe7b990b11190607bb50e135b111670fdce8de492c84c0525bc939847a2f3dee91c3c20db3e0508d58a1645b4e46970ce27a729b4fa6008e9f774a27b9b8798f3c495980e148b49f8779bd336a2c493616e5c18eba6352c3c94d2c656a4df258e0e8aa4abe0bb63b46cf492d7cea93e9dfa30ab48a52d28e3047d92087940a6bf4b7289ed91e8434ae15b38a40c19d30a916c240afaceddee1f693b48d96abc663e9d087017da205e9a5e8d34739b275b31ae2072d46c7f89c8a7b0eb15c4b7c58a947b7eb9eb590e441a90e67fd361b5c79acc7a4f029f73e132ec51c471f07adb8f5138e87d658897e1a3fc9ae32b5acd89fc7bc5dff65323bab8eeb0b34ac9b9af37419ec350861a2454aa2295e9db7b80e6e682c190ec10c98145b9d73a380c98485c4d7e6179710250aafcf2d1ee48f698970abc6c178fff531c2bdf8fce9e211fef5f10f85731b67e54586695f4038c1f7fbc03fe1f3573af60f7efff5d82b7826b886893f6c4d590bc1730d248ee20ef1cc49a096e07bc6137052de6beb68701d8aba6e83b4a7b3788d10517048e22688a3f952ffca5c16866de378228c3eaaed176797fde25b911b0e5e6538d0c6599805b8270e195b40ace4a5d0b1017d075e2621a088f7487f0e8fb9ee267be6392babd77e80360f0833b40e9fe5fd00eb4fd934710c238dc61b87ecf5e3dcee99595f2d5ab17f926af4bc00d6f996ee456b13e143dd3b5f52ebcf80e94e4514bc9f410390441b52cadfc006730e6edadf44240be67c57b605581975d92b3fe9040f0980bbeb5eb8eec1e7e06f3532930f7dd27431176c10adbb33160deb1d59693acd16befcda27a445688e5257dae943d31101c7eb32e49cec07667edceeb674a4bb88e8d4f8a5d1d33aff519ee840efc2e22cd6f93844d7045a176fc0e65e03cfc39b390e0afecf6d20f6af9db9a26307c16888ea69779f80a2b7198f185dcd65406a2b514b0ec10b68f0b756117b1117a3bbe36ddd5278cd87789fb0540c2191b108afe0c0c078f6a28a15e2dd9475124a301c1c95e98948f5513f390cbf418afcc71362f2c74253b223a359ddad759ac7013344676865b23e7e869a1488f572a1ebe9d057b65e04481afd41e79ccca82df6a47495c45122dcf611df880ba284344df3148f768b11af288d76e424fc8286dfd9355968f8a8702aa60c0dc25acbcbd1e97343179f98b667b2a98600dd7327021f109f1f62566eb72c0a1fd947bbff2a1098f7caf8e8898b1a0f96733c397c91907ff52da07192580e461e51ca606ea8ee5ff92d8699c2530459a2f85d09c0c310bc1972e414f39a55ffc68b9a6ec8014a8c41946d9eff92acf1ba907475ebc99997ae941a827e66153638207ced614452d3e99375f92055e47b18d429bc4c1f9c54888438f617040a6ed5042d190bad2fd678bc6ff73c6d83cb77b7ac68f294b505be83e240a2176c842027458b52ee0f4c9fb8055a681f2f88071be72b945264d118c6c4edce2631692820c8687f9c76da839df805316cec1ee0635b7bb8a55a26a25592030e950c5a657d8e5bbfe19158d7c46db4b947244cfa533d7ebd0faf24c2a5f36f19afb607be42901e86b7462a6369ff225ce1c58ae4ef1d7bb7e5a6685efd13126e62a649e89a7235ba287cff38d3ff9861f19d40d92dcface4afb05a6096e8b9afd03e11a30c232a107fcfead3bdb84c9345e220d91a5eab709fec7d60de8075056e7f9ba82f352ffec4ae923d70775571dff50d8717e35f0a384d8b28b0a7d0008016cac92c93ed47851d975357f169ecb691c411380bfe719497995e083d02ae45fc9c19351cfcc32df600147f9f4b31697d8dff314ee947365bdcaf18858cd2f7cf838438ad98244443359181cd7777e4191f0d9d3302989bb91cc40ce6fd5660a5e8ce31fe5832cc084cede4a94436b1eeda07db18455cf325f8b13d769c233fe138d5ffd5df5a96d006eb20ba3b8a16e1ada47aeace053b2bdbfeb49cdc287ec15d96876351c9bafa35deea1ec23aebe98a7ee52d0915936dc668317c7fc3080d9b0333e98b8ece130361f02faf216279c422807f4a2c2f906f0a36142703cf5ff20a10c65dd58138d44869c719f02f7e060ed468a1c19f4493cfedf209bd8026135f517851f7f88836b8af5a7a2314d9c9b3262654b06831371a376ce4f432a6684faba6c3ffbc10d93dbba72ca55b47b72c9dbb08b66cb594943ef21da156afa5ae7c2ea03d9a0a35701501a5e2b762e857bde4f9b7c098dbb9da77d48b8242ee133ab63eafc86231d92404135ada3c1d907a9ae0ecf7d1b6d0d0255b6b93360f014d666b336c3fc5a0c697eeab42b7e854bd1b7a31cf67f8dda00e7861cb8019ce6ce36a6a8c05bf79f6c9ce39048da1c0f2032bf713e1ac8b70ed1d5747364ef7fd30eceaa6fc458ac5e625b6e75507fe30a2969b2de2e5a9656f494ed77a3806c29f05f16259f3c909686108d94a34e1178c8e337be997d16b7c357ca67956a0811a12da3e8e8d77cf76540b4ac0ff311f0e5d01a852e8cd9168fa4a61368cc5e64036d4704314f4c284002ae6638f82ae571763ec3981b7be30bc9b14e6efd661cdb9dd650ef3150b8473eda65436cd91cb28e87b2532f627f5023609823c04fb9b2c7ed567fc23bb44649b2d4654261f2927c33761b04a1636a26957764552bd675e0ed2f7e636601b66c4e91135404036ad918f48dede26436ae67ac64c1102554fbe84f5098a9b27865c7aea9db6f16f8bf623a8d9bc50e4103eeefd5bd3bf4a45f80f50df8134b523df36214e2a00429dd010afbd8301620965a8102af7d4100d3d7b24ce065390f96030751ea2f180a4312d4e58b855d580dfda26e0cc546946393db1c871e02db7115620e84bcd8a2fb64804e6bef43f396c08d5d4332aaa8d2b14abc4e8fd308a6cb425590d45207c6664df5d4b08e987cf8ae86da048fc3c98acc081fb8ed830ec092af5c43f138f491208ded1071531f403b9b38845e3b32170a1ddd2409228271fc345523b404b84b00c7233809038a74185960fcce318e3e4109f7be132ec0da10ea2e30db62dcac4779c15387dccbd748ecfa16ef06437abc4b8f3efdc362249531dfa05fc1d005750bee4027fa308af58fdc86d201f546855720db0643efa6afc9dc66ea0373dc9c631afb69020c70535328b807b75fa0fe650741af00d5c1d8064e8034e51cca564027e14dc02b4e04a337b966bfb2046dcb84f82141e856d7be7d2cf80606a2ada3d396f0d74fe579528e58cba74c6a28d9fbca519e620b100d404e5c135ab1e0a552a58467f61d6ec3c1bac4b21eeb068a856b379f25119bfd9853cc73fa8823491ed77b444d7556fcb76de51fdcdd7af709e576b107cb502fac286a2e55b84597f6f3b4adc895dac992ba26214cbd7c4f134b790cb2f0ac1183456d456f52d65d85dbcadde00f490e504a0b78382c9b78ca799ac6b6311bb5c516c97d8ef5cdecad0e8f2124fa485680995326ae27853846a28771ac04f037f1ce194f346b6289f883462dd9660b05f4b2dccbf0a35affc91bb2d6509e83a8572c23e0d0532eec476c775d6881269a1673d42fcd6c1aefeada59b387d9f8df134eb12621ed9109909239242fd82b95f971d05786fbafa6b71fe82ecbb2f95cf39281a9a85766000a11eae8f9e30ec08a824e2fea0dfec00b8cb41a6bfe6e59f3dac407c5f2d19110e3c3459cc77fa7c2dfe83007d5a4aa6821b2ed59b084dbb98f0fe0835d2ce6e64cd90c729528946257d03ce0a0749427c9fc5a780bea6b9de5c1ed889ab25000a2e4f50460778715130937cf3b5af615725ed89e72bea5524183000a58b989893bccba07f2cc53392451fb949813ab10b6301192202e9e79359d0b71aeeea8714fa511e5c55d5034c000a78d76755a480cb20607e9503936cf14b877371d1c5251f77dae998a7ebe4733665b8d9ebd2a4530d982fdb3063a7635a5354377082f11d5893d7d69d466e54fa66ca744b1e597d629cbdfa108fce4754434225fc9a22121f59e1f052214fa4ae149a7bc6d42b912bfa9d1ea5c40bf676bf9414d26a1584cdf696fa2a612599a760b33bd55893124ac9b7486fcd3bae5eed2b579784059f802d2d303123484365c4bac3627b038eb3b1883a269e2be6a2bedc045c739ab31f377e7cfac256298dfd98e2438bc37420906a05d0fdae28703bff28578cd91b7ac4ef56f7513376060dd844fc26effedd4865722797ca353a7b4da30099fc563f9a66deac158a057e9c9eefe02f3ea5c580292d6e196a1066ff964d3fa3512ea921651f7a18442484de513b0e795ed18aeafc94e509487c5c15c29794ccbb96654d4cb54349f8e9ce3ccba7bbdaab683828e2db55aa37f358411cf303d352cc5af8fd6e495bbd8af65e78f2228e554f8729422c75d4f37db1b34789303daba177a41d06c01d015ef35d714303700fb0cd4b8614fb5f4c47fbc649d3d4ee7c3565384c70a7f6ea4126cea825c31972987c4b4cc2ff6a5b52ddfb3b1ad41399a20e41e26432dec31ee5538eb815053edc69cf2e641c287e9695dd2aa20341b7f7cded1854720eec2138ed9649ded997f7e105cd2d028052318e4bd096b360e470b5f69aeeb84d04ce03348286e58d39c20dc0591d887a61a8edf837c3efea5d7df60b97919ecf49fd9d5ab545ae96d94eb8905d4f649e2074252a59e9c392362a71fa17c1c8774e683595a70d58a03fccaf9750369ce6a3c990e91ba62ed0d50c86947ec7ee91ba327c3fa8629784ae732cd99e0101a65d091279d05ab757adcd2a60b1ea085a4829e37a8d335bd490a939a78f4d6a77705ba24784f1c5f49d58549512235b59b436aec63a84e22e6beec213325cf0664e3e8478f494bfe53b91f25e3b9ef44f1f0977786701ff0fb4b5acab5098284ec549ce896861123a9a0cd2f0c948c541c2160759190ffaa66402c185357821bdbd3b0e54353dcdd46928151e45fe505ad3c7f6491f4311b6efa8223e20c18ce433a78cef48defa803058f97c4d43efde93efa676ea8b5fa35e7e1e5001788f4ce7ba399c830cc277a2440397e744a0981436720d7f5610b3811362d77c3f5992bc78e37348a79744f66f571"}) stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0}) openat2(r0, &(0x7f0000001400)='./file0\x00', &(0x7f0000001440)={0x40400, 0x4, 0x8}, 0x18) setresuid(0x0, r3, 0x0) r4 = socket$netlink(0x10, 0x3, 0xf) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000005e00c5e5000000000000000000000200"], 0x14}}, 0x0) pwrite64(r1, &(0x7f00000000c0)="f66302ee91370ac2a14e473b7f627c283d7fc7d0eabfc85159aa7c49cacdd22f5b015b5e87a2c354ad52caa8817e3d0cbd906a06757cb79ee2e016f0df70f747d8c79820e25e72f69b4137fa4c1223d0e9004e595b4fe863785d3b31d1a595d06d44eae988a4e08225e988a7c9a3b2dbfce355831c6c4b9ffc14834e3ec7fca2ecc2476175ff2a8e52ab52e805f1888d02270bd9d8d9f8cc65c2ff302e50c96547320e2386fc6a14a356c44dab0d586feef32d7090afb28dffdd9b269b91d321d55257d4003c2624a5", 0xc9, 0x5) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000240), 0x4000, 0x0) lstat(&(0x7f00000002c0)='./file0\x00', &(0x7f0000001340)={0x0, 0x0, 0x0, 0x0, 0x0}) mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0xa00000, &(0x7f00000015c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@version_9p2000}], [{@euid_lt={'euid<', r3}}, {@smackfsfloor={'smackfsfloor', 0x3d, '.-'}}, {@fsuuid={'fsuuid', 0x3d, {[0x33, 0x39, 0x63, 0x34, 0x63, 0x61, 0x66], 0x2d, [0x30, 0x63, 0x66, 0x61], 0x2d, [0x32, 0x63, 0x36, 0x5a], 0x2d, [0x34, 0x37, 0x30, 0x35], 0x2d, [0x35, 0x62, 0x33, 0x61, 0x61, 0x30, 0x65, 0x32]}}}, {@smackfstransmute}, {@subj_type={'subj_type', 0x3d, '/dev/usb/hiddev#\x00'}}, {@fscontext={'fscontext', 0x3d, 'staff_u'}}, {@smackfsroot={'smackfsroot', 0x3d, '/dev/urandom\x00'}}, {@fsname={'fsname', 0x3d, '/proc/key-users\x00'}}, {@euid_eq={'euid', 0x3d, r6}}, {@fowner_lt={'fowner<', r3}}]}}) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) 05:21:37 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0xf, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:21:37 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa05, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:21:37 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x15409, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:21:52 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0xa00, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:21:52 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) (fail_nth: 23) 05:21:52 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x1540a, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:21:52 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x14, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:21:52 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bcf, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:21:52 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0xffffffffffffffff, 0x0, 0x0) 05:21:52 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa06, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:21:52 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000002040)=[{{&(0x7f0000000380)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001600)=[{&(0x7f00000003c0)="db9c", 0xffe7}], 0x1, &(0x7f0000001640)=ANY=[@ANYBLOB="14000000000000000000000007000000c4048f01000000001c000000000000000000000008000000", @ANYRES32=r2], 0x38}}], 0x1, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) sendmmsg$inet(r3, &(0x7f0000002040)=[{{&(0x7f0000000380)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001600)=[{&(0x7f00000003c0)="db9c", 0xffe7}], 0x1, &(0x7f0000001640)=ANY=[@ANYBLOB="14000000000000000000000007000000c4048f01000000001c000000000000000000000008000000", @ANYRES32=r5], 0x38}}], 0x1, 0x0) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) sendmmsg$inet(r6, &(0x7f0000002040)=[{{&(0x7f0000000380)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001600)=[{&(0x7f00000003c0)="db9c", 0xffe7}], 0x1, &(0x7f0000001640)=ANY=[@ANYBLOB="14000000000000000000000007000000c4048f01000000001c000000000000000000000008000000", @ANYRES32=r8], 0x38}}], 0x1, 0x0) r9 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r10 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) sendmmsg$inet(r9, &(0x7f0000002040)=[{{&(0x7f0000000380)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001600)=[{&(0x7f00000003c0)="db9c", 0xffe7}], 0x1, &(0x7f0000001640)=ANY=[@ANYBLOB="14000000000000000000000007000000c4048f01000000001c000000000000000000000008000000", @ANYRES32=r11], 0x38}}], 0x1, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000004700)={'syztnl1\x00', &(0x7f0000004680)={'sit0\x00', 0x0, 0x29, 0x40, 0xfe, 0x3c3, 0xa8, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @remote, 0x40, 0x10, 0x0, 0x1}}) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f00000047c0)={'erspan0\x00', &(0x7f0000004740)={'syztnl2\x00', 0x0, 0x7, 0x10, 0x80, 0x80000000, {{0x18, 0x4, 0x3, 0x1, 0x60, 0x66, 0x0, 0x81, 0x29, 0x0, @loopback, @multicast2, {[@timestamp_prespec={0x44, 0xc, 0xda, 0x3, 0x3, [{@multicast1, 0x1}]}, @noop, @timestamp_prespec={0x44, 0x3c, 0x7, 0x3, 0x5, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x2}, {@private=0xa010100, 0x4}, {@multicast1, 0x1ff}, {@multicast1, 0x10000}, {@rand_addr=0x64010102, 0x1}, {@loopback, 0x80000001}, {@remote, 0x101}]}]}}}}}) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000004940)=[{{&(0x7f0000000000)={0x2, 0x4e22, @private=0xa010100}, 0x10, &(0x7f00000006c0)=[{&(0x7f00000000c0)="c16a1c263f927269066622bf7841dd96bed14c93a2faf8841e34040aef08a54761d4ac9c22a9b12f691419997d6e9db155ed80", 0x33}, {&(0x7f0000000100)="e81a7f123d", 0x5}, {&(0x7f0000000140)="dca29410956a749280e0a4495784a9d9f1384bfab9dd152611cd5ef9b71046a8566d2c7a1cd841adaf00abd6e2e2e7498d360d1222163fd417756455922f44cf896f496d265938fb478fca7147d68cc0242bc12946f2b5", 0x57}, {&(0x7f00000001c0)="2c0c790f4d1ea435a50585460820d4120cd21a95d3de883c247bf1f16e7eb49ee7cb169d0df60edaab96d9b27c3444b43da54c43d910ae8742ca186f39db09cf351a59461494709beb9bc1010f97d9952beed72cedd9f9c419d688a44864c2bb4231d06eb2e73c77d8e64b2aca5fe217c335b2d35251d1702e37c956a5c1c89e90720459407c329c95afcc1f969a408c", 0x90}, {&(0x7f0000000340)="89bda8a27fee9d227606f30b508c58b4c376def8c46325394017710f387475953df724de745370e4b2421aba6dfdb100bd991c5c6ebe34aa338062da31fb5758ed0efe85b1ad3559a13b7fea0bb28eff00b292c3a08b44954da132d3b6aa7953ecfa6232e40481ef124b9f829eecbb68e529025f6d45a2c7d2a333f9bd33b7b2a4dee771a7", 0x85}, {&(0x7f0000000400)="6294604c3e0d7769b3ea115991b78577ba10bec5548a6257b0faa8b008d0cd0c6bc44c8b6c821c1431219b887c8cd80b02c49b11ff3dbef5083f74c12986615b3d68cc80439824241ba5fbe6f3bb230e560d0d273853909208c114a07cdfc35b7343a6375444696a86422bcbb08bd4abe50c04c473981f6914155de9a35cfdd3a10ec80014354c318f8ecf4028a0f9ea2fcc58044e0f72b4c870d84493baa63d174e8ca8e0345a371bfce158a0de70962445b483c1d4207179fe77b31a3f0ac74d2d78e7f865ff6247f5b346e68659d17c4aedae541fcc277d6f5044188e0c7428528a4c52c9e70cf643d705c6", 0xed}, {&(0x7f0000000500)="64a4cc8027e8433f12be1a3baa68fe7fddf9b40157b7eac7f84c34559e22bbdb2e0f4460f714ef5a50fc774867a4da9bb68e273429aa1c919c7f8318fa76f62645670bdb55dec9f2a1f146c64aa6d3cbc108c02c3d0cb7ce4226e3aa672f0ca7645e3cde8d16b2b9f7f92e370a6ead147cd4c2ac0e036a2da0ffcfef4b13b875d7a7885b75f990ad4396f0b20e7aa344e5c116d4fa8ef1667da886f8d53f1dfee238e85e2b020c781e69889459ff299e33948f144780dfe066afad4f1d7905d0087731a36b16e62e8a6cce5186d7a7c63ce50d531333d879b1f5311449ca0c295ee86e05ae0fea8820f09733", 0xec}, {&(0x7f0000000600)="cfd86f563d3bacd38f9d5b6714a73dc74c8c9961c3c1c85f24031a224b5936da4c2e7e5f3a7dd8e900d92e1b89f9de1232003fd4e5fcaf0fd7d6f7d1e602d47c5d16aefa4f138514f00ce3c018d3ab39273de862dedea2fd098cffb1681c7c660972e5e9aac71146af1ba450b30bec6ea66ef5027e5ff5be5bad2a988b4a691d6e3cc4aa7aec047f66a30953bfef8fe568243a9a1736705b1a2749afd7bf181f243a2333f4de910ec1", 0xa9}, {&(0x7f00000002c0)="6d3fe685a60981d21512b984f9a5f26ab07f369a5b67afb92bf65026281e1a", 0x1f}], 0x9, &(0x7f0000004d00)=ANY=[@ANYBLOB="1c000000006be774c5a68596c2ee4d105f3f660000000000000008000000161326e42185245ae14150c5dfbcd4bceabc57249efdf6ec207ce17dcb3234053b7de93215674cd39e7906227454dfc79f704c47282713b8be8b53c2dc9a9cde3d", @ANYRES32=0x0, @ANYBLOB="e0000002ac141439000000001400009f015ca4eefdf5bc642b0a1d897e0be311905e558e195a00020000000600000000f700001c000000000000000000000008000000973b4696c19e10d4081129ddfcd0f9154346c1abd97938d7dcc22288a4bcd1369de1296408a6d3f8f8814993c3eae7c48b56736cab4fd118cf7ae106a39805000000600a857aa5ade88409c31c90ee8ddbfeaf977bc09e7215abd313d94d988e36ec9e5cc18940c43e52a35ffc63321fb53b", @ANYRES32=0x0, @ANYBLOB="7f00000164010101000000001400000000000000000000000200000003000000000000004c00000000000000000000000700000044349501000000002ae52f3cac14142900000001ac141410000000000a010102000000027f00000100000007ac14143f0000040000940400000000000000000014000000000000000000000002000000000000000000000014000000000000000000000001000000020000000000000014000000000000000000000001000000090000000000000011000000000000000000000001000000f80000000000000011000000000000000000000001000000b000000000000000"], 0x138}}, {{&(0x7f00000008c0)={0x2, 0x4e21, @rand_addr=0x64010101}, 0x10, &(0x7f0000000a00)=[{&(0x7f0000000900)="99fcce833da3f8ac211776dae5e7d78bfcb930ed9f5b", 0x16}, {&(0x7f0000000940)="e248175ae6c01fda3e19b9cee5bf8c65e299ce504b5d2a25f6424c4cc7fa41bdb2fade04456f9791a127579bdd9cefe1667fe03c90e71ad29e33453c16f812f30e95553407740d6ad9c9144bca9913298941df419713917a5f09887307ea4499523f5ddb0eb2b7383dd5c905d01a15506099547cd55297bbdc030e951c3de43709c4dc133fbbb6afaec481268f29043eac0b8fb34b64aa1fd06bb4e1d5935734ef61", 0xa2}], 0x2, &(0x7f0000000a40)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x9}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_addr={0x44, 0x2c, 0xcc, 0x1, 0x9, [{@local}, {@multicast1, 0x6}, {@rand_addr=0x64010100, 0x5}, {@broadcast, 0x4}, {@empty, 0x9}]}, @generic={0x82, 0x11, "d860743b1d3ba7e768ecb1c068f91d"}]}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x2}}], 0x80}}, {{&(0x7f0000000ac0)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000000bc0)=[{&(0x7f0000000b00)="236dd68af20f7bc22550d8d30ae6c5a738e5f1d2a7e021eb8af2d5e8be00579b455bb916af3b7ed23ca8b2a75af1415c822714db324c8d31448abcc8d547aa48d2aeac36a4259e255ca73dd2f0e2b7b592554d20322a315564ad20c7c45dc2bcdb5d3423d122798e", 0x68}, {&(0x7f0000000b80)="25981f27c352dcb3a35b", 0xa}], 0x2, &(0x7f0000000c00)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x35}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @initdev={0xac, 0x1e, 0x1, 0x0}, @dev={0xac, 0x14, 0x14, 0x10}}}}, @ip_retopts={{0x18, 0x0, 0x7, {[@generic={0x0, 0x5, "9b4d3e"}]}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x8001}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @broadcast, @broadcast}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @broadcast, @loopback}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r8, @remote, @multicast2}}}], 0xc8}}, {{&(0x7f0000000d00)={0x2, 0x4e20, @broadcast}, 0x10, &(0x7f0000002000)=[{&(0x7f0000000d40)="8f2e0c1dfffa3ceda3aed8e3fa056fe7e45408999982413eac36fa8164252321eb56b7fc5431544d7a74bce65b58aa607045ffa0177972722686c4940004091d4fdb1805a3b002a3", 0x48}, {&(0x7f0000000dc0)="50875da1babffe0dcd60f9acca83b0e77b0d6e5b860f445a95b5c85e2dddc68f7e960bd83b", 0x25}, {&(0x7f0000000e00)="ba4402e0df530fe98d5d090bb1f2bfef8f285005c33ef6947219d542b2a33a6ab0cc470a34e5911859498729518a14a6bb12c44698d4aa4ac9a78911774ee6a00bb74a35d3786bc0908204fed23f0c1f6dad7f0e45bcf7b8e4848a6f5777d0ff9de54d84fc8ea163a21ad8e1036c430d5f2dbe9580d50bc99f970a14fb", 0x7d}, {&(0x7f0000000e80)="a04f5e40bd61b0fcaa7a63c99663d05ba798ffd3f2faabe953dcd8e51330e928ec4d641902bdd32f6362a1b02c4ae6a4f822c191464d7a7260d5bc83c59a6a8b25b4169ae8d14c15a58aa1ea7b0552ee1755c3761e3df46f18efcea3f2851768870ce9eb36b2eb37e6131b72d38d38f3f3b7ad049389c4056e489a0b9fa1677b3c3f94431ca68cecb6b90533ee21629e721d3ce1966b970eaf9e959d728a6a0dc0e0200dbe38636d4d8a8ce4f43937e870513bc01a80b94216b44fc90067f033cd98a320db8174a74ba5096c5aec71230cd4a82326d78f3be8337696c6218bd96473ebf2833e77ce435faa4c4d25c7d8f9cddc1e954709d10fee1f6a0d308ee8a90a3d8fc8bb2b2a888499febbd640c6c44f9ee7498bd7650e137446e5f408c37bded4a733db36861f1108a48e2e4c091472adb82933d65dec3910a2b8224b670a1321294947ca8636d17c3ac19fc60149a4dd3232eaa9ee1ba0a25dbb025d18d0167576a330f9e231887f1733209234688149d78fe48ace32ec8302562895d18d76f9ecb1c984456a946cbcf6f55964d06d93e1bd906372470e6465a3342002b6ec8faf081d302b0eb4a8b3ed4da26fb071e2c490495eb4f4ab2c46a3f346054869fe0643cb6834508510d5d945c186e896f6d0fda210f23d567e448e2e6a2c680fb5887636c11d99f13e288985101b02b478af317ad3eae818a15def889078a541d71103265f621b961771f421d74afb6e51d5647306f4d11295114da2764c7d0e847160b54b67e712114685f1147671fbec19632a931a0baa80601c5f2ee9ee61f6a946cb977978c41b130ffb2fab95c9a8a1fe5410691d41e677b27d866750a7e49a94e2e653697e6939c18b5d04b0d0e967704e194cbf096e92481d497f82cc9b4b956214ee31d39caf4d3dcc8ef44e073f3a2c3ce41a2618315761817f18e6087cb30aa608fce9f8e06bf62237587a63aeecfc8c481bdd579a3904b6297b9a5d19767b8045c8101dffd3dbe73abcf66e918f08d1d77deb90af7741c1fdc57cd91376898ec7ac42896c66f0cddc49a5f04cf30e4470bb2f8eb1b2f393d1fc23c236e795e8207474fd9696277000cae002f192bc6975176a6018d8e454a4e39e8f2c56d91a529adb7ff0febfc583212632ab49f0f1339b5ea9d86710cb78ea5ded7058dbf9d67ab5f6ce86e33728b7cb7f8cf0509ca667972f28449ee4d9b6d259715d2a7f98eeb740a14ef3434ab6ef8f2d256b47f566dec54f2dca4fd8e284771d42a7d5395dc7adfdc194265df12f84c57e6bbf0028417654d298a4d7a21577508604b272b69661dad11e62ca23f6193a665cf9c1a99e47b4e2c80ef34dcdf006dee5debdd19af58abbcc391eabc571ecfe014ab2314b13742869ad74b0b5e21f5b134d3b6ce9a787a4d1a5916b595e97a4d9fcd6d511a82da187f383c9d954f9692439532464e27bfe54624442dee7527f464adccba1baa089dd2cb96ac8e646bdfaf1bafa273f395d9a6b3d3bda6e8dcf67cb58a819200d1e68eb2e92d6aea9e20a0d8a25da86325e782ccd2d630c1fea2bc5e1ef1b13e656165cdc6a8edc83b250b3b73c7e09234a1be9df4707a8bee4641f51ab83c98d44c43fc1593b60efe371d32f0878244a404141c1d3cf9ddb48d6c1e0e3de28c95cf07e15bfe7d9cb9016e437c543558650014439a04bb776a5976ed0b49c0e13575785b3720890ad1c4db0624013d7084040cdbec337356055f8329dc63f2d3da7044bbbeb4710074e12ef7c86cefb60b1f5f8a2c3b7f51d4b97f86862841bfee82550be7873d511a14ae2f9c0cef11323c4be4cfd2c8741f5f56c55317cfe1c80b57edede9ff85ecd008b12ede9a18d7c7117e9afd85a764e8ed26fa58bd6b77a1e9830b915ede5175e2f789b328586feeb4435d48322a2b7267bc8bab48b3826f14928f1ef9af4b4d24c3a55ecb1aa0ec71626bd6c7f6f401cc6ca219c97e2089fc0cc7ed734fe97ffb6ba2c2a74c74c094760e88be7aadfd4a46f8db1508c5b0cba2b1fc13ff5b641ad3c96daacaead931835e03f74ca1c2dbc4ccff46c9a2435dafa0cfabd15a124305c87f43e5c069ba23ca20136b51964421741056205d38f18b0433b5578082a319065743defd2ce613ceb700c8f720e1217bdfc23cdf855cc9ab83b087c22fd0aaeffc45eec1c4bf074b491ad3c6e9a0b8c980783d4dc31b70c1aed326626d4b23eef2607b9e8b9d32aa3508bf66018b2bd5e005dc9f72ae5c79f92f7b68a9cca3e594d127b8820b0038918ac91be13340489435f270df16f0e0e287c8bc6f07aa02c9d308a8d88368b07d941193afeaf17db0f8d3b883a8080efa3b33d6932d6c0f161d6f47d73dcfca6ec64036662575fd34c37932f3838da379634c9b4ec5fca4a14e4ae0487dae78e2be029217c229d57aac002c40a7083c4bdc2271bcfe4f9cbd917b6b60d152202b4b8a179c075dbe050828221465dfc7703f11926ed934b8f664fa3461451ec7fe0169e4fca0a156e8d3e9adf51e32024c43c9da55746d75b138373cf3d8f6de66fb1ad1390cdbf4a0ed7b644a2fe627d443fc98a1efd4c9f7010c314a9f07b444f4e875f5872787e1c64afbe3374be72b457da094f94388b59600ebeefcca97f94af434d82042cc2744bfba1d9de28765f294ddba10cf4d37a5782ebcc3e6c3a966972803345ab1c2bb9b03f0c67142bff380f1ac6119c007c9d0aac9f232f584a1a02cb3ca17c4cc718501315a4961194d17b6195dbf29159d3357e736d0c5d5939ebf030b5197ed64c0aa04eb0cbd6282095fc6db678890954cec9da312def442c0243e199069562bc205677da93f936b34fa1307ba2055417cf8c69a745875eadd0edcb5d21fde0f2abaf003f70aebed6cddffc06a1ef1a3ceb2ef887c45f988f58ca61a316cbc7aea7a9a9379c67a38453d243ed55b4896bde52e7dea164b3fa592dcd353e510175e3532d5a33b69ac856b291e8d8edbb0b367d2070602e7e43cae91c675235ae2659648b8a85e48711d140573004f021616846914d92ba249c98e8e72da4fc564e33b4a3d9585a6dfc9046337235d224e5a26913370b65b7f69828cc836f9c5e4695349267c2c25000a49e957afbc95e42a170c3182daebd25908e969a6436f080e027ee827c35d9e500dc6ad0e2b6ae61da93d6dab7a418425b94ac8591871745dc094a5b20d1a38196341aa28a686b563994327381805d391ab2f88f4eef3ce74607c443dedcbc2862bd4d95a835e18ff73389e8ce9c8fe8f84902995d4bb01d00f69e7b4b8222bfaa27af5b6eefe37d64b5becc3a502044fe14481ecda5360b8c25afe355a455cd2147c118c5a4a1a4bcf8a41ad914cd381720bca657662b55eb87614095256b1be92130f3c266b822f596f3f870f4953524620e177a12c8d8a60a45f4cad7faee26b6e533cc140c1a62dda51e1ea8a9f55ce9b9acf05236d3a4d6ded2a9bfbd9200e8bc050fc8fd6c0485013be65771934d26a3c23d6f1559e37a4feb8f8dd80b00329b8b6edf8d736cad655bbd129f4b66342216ed0e705ea1e7fbeb05b7dd285c21a549860e2521f27c2d79b46beba54cd2d696ee5281bc694e38c9841551d89bb08deb21a7c27266ba75d1a03815a818927366147e82ec3045e355bff7bc24e566007a23679f7fe7db27cc6b8fae24038cc1b6f0d0ac04d4db9052c570036fe52e8fea2421bd0598f5ccf46bb45226bbeda4e215a6974d54bd3814c897eb9a1714275e9672a21783e30e26a02eb4c3e64bc546bf891460cc9fce8f601479e907684f63cb047da62a8de9e6587ed2531cf3ec2485ce8af06d9037d8d4b87000a7edd19199ac5e6c51c4463e002803877b1c4f0f3bbdef56d1900f861f6e6843d4a556a7b25fd17da075c7e2a6b32970f3e85f3f87c52ec1270f86beb52a0f2f9299a657e811f412c8b41e0651bdae755029a514e5e455ba5585e3f03b056b9043e14dd1604d95222d2c666677423ae267314bf2211228a29a543df1067a1d16848362551dc2df5c8006209bfad73918b991eb92023aac7c883137489d0e1045591e2e4c1e5c27e598074e11d223aa1e22debeddd96109040d5d39abd027ddb4e308834c17f7358e80dda506b05880e3e41aad84a9468fa20d225e5aa8c2ee5feb95a63436a30778168a6b08e0805877fd4f871c09010f0accda703f8bad4bf39add0cb1c8277246e811aa11eda2f08821649429f7c50249f4b204dc636b44eca9ab101275f3e0e5ecc488807bb5a38da5e2bcd1ba7b377788e56992b9a0a14f27d91b2c5494df919ecc2da4665f206b184b4596a91ee498e8a786c8c50e4fae5d0d2fb4dde2515a4057c1ca47ad99b9b6e7a48a4175a6799c7c18f6f34f4d3b1402bcb9d1af86944f00affa04a6c6844aa69950648d2081437bf22553d70096395eda72a0285b9ff9b5abebb389b35d1830b41c9e9f199133d1d0d32724fc45ceafc9e0859bd36fbf822edae3e6cff547566e97cb99e465d4633264fd6d7d6549e495d0eb49c5767e34eecae956e7f1ebac4b9704e2a8dc53a6dd3178e4f03ea68c3aab3ec607a80098cedbf4ded406e13fc021586074c603212672a9d83d089c48c22a9b99dc852d03d8a50a182f2a376ef2d09c8954ac85ba54e994f49eabf5f54687d53722620472ccc2118cf3be4313fda1fadf854d21d6a5025dd75fc759eadddf42078b355c2fe587f1c995cacbac1c6a72cc3922ea50dde038b0f16d5f0d8f56e912f347ee635ebea91dbf41237442447fff70ada4d6be652513d5591df0fd8161589fe935628143e2014c50bfdf72c056f5e3b124dca5e7f01f19f73f6501156934c146bd9a3847156107637719a1ebf2ae3e6ec4fc74355401fc5379aaac8b59abf6646cf4ff2c3c378536f63576980b98c54da8b57d8cd8fa9c401019f86af32cc841e3a2b7b0542202121d656a140c48cb150539439f03d192b70f648bd7198deff5a4a927d7cb29bc21224acc6c702a3ceaa88c5d8068f9781abfdda22873a4016a37f0c2356aed6c9cfa7d114f89e542ee3c75b157705c808e9b4fc5c6c86c256e5fcbe793a44d5f802ced13d4a444507fe8610b49f335b53f76dbbf915e52b125e772d05896db3d96501cde49d2218a7c2c58f6185e4b6ce71b3fa097d95f900f7ad17a25c5457feea56387a6a046f08890bc2b475131b0a95def944fa3a84f2308e5a7ed9489d8d0dee3ef438a10ad5dc3d6912b96639d1b6534d3739a78438e6f74f778db1b8546fa12fa11197a2c3ae05e1a52033ccdbf94d1a717c06637be0353a130168c57b470c53697090dbdfc12b375dfd45068d0c2e745f0b0e0b88a9833142785d2c7da0e7dfb5771fdf3c359d70e2545488e0606b81ab8b536a1bb1e965647d74feb63c60b74a70b1b80551014223b195a2c122835285016908d42860b51a535446361cd5b701e273d33298f853e906be155fbc8ef17af6e80ca7e83c1061662225fedad68ab5b1bb2fe37df3c5c654d3586338c96a3b481f4838eeef81a07a55209affb19e09a765eacb1e520d4d7fc240dd9d88242caae2b7c4db776431c10e7fc7c567a59061cdccb3a73e6c6df9d85f737dd6d3ad8557d579cc122943b4856a4c18fa87852720b26e7642dda1c8cb074a337f7945b69b863619d61a1fd54508d8d9f0791fe0da3185b9ba93a924f2f83971972daa0cbcb547b974afa8b41dcb4dfea63d2389eee4f7c870c68692882264084bb095402686260b858044b5dca7f853b7d5026517a8449709c232e42", 0x1000}, {&(0x7f0000001e80)="7dbf7568d3d35d63f8c8c4775e1c6d4a7793493598e1a6927ccaab5576c8fc72c559338aab1632d7d3b75d09ba28037845955b88d9ab6a730ae0426e10da3d1fca50911fff1d1d3528a271c653b9d181b09ee52d9ac3e2c0049f508b6425e0a5ffc1dfa9069ccd0b7ccdb378255ba53ac6ec57e60effab64aec3c03651c6267357150cb759ce01b2ad443f5cbbdb1c4753bcb60cfadff984f4b83bf387b53ebf012f3f52b2031aa1b9df529f610c9e1906be9e35a25a41f31dc8a9f32f05f9eb7c335635a75dc721404296cf1b2800627a09b564b179281751287691eedef81913bdd76db0e17cbef17e854484aec921527fcc22ce2ea343bed3ab", 0xfb}, {&(0x7f0000001f80)="8a1457e394108d8839879d11cc39ba9a2801c0b4567e7691cf6f166ea799c8c6ec2f31bd83f915516c3ec6", 0x2b}, {&(0x7f0000001fc0)="283da30af0c0b0a5889fda8bafe1dda252492e0a31604e10be7b66890a60281abefb3e042a3ff89c3b7f732d4a4ade8a", 0x30}], 0x7, &(0x7f0000002080)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7ff}}], 0x18}}, {{&(0x7f00000020c0)={0x2, 0x4e24, @local}, 0x10, &(0x7f0000003480)=[{&(0x7f0000002100)="e63ac65c91bb5e1f5a7b566e29de9bc667d97d2e26b5da2259b1b3d4db0370276a5805e1ee09aa8c92420ea8def77138007d6ee87c0fbfe045906539d9e1cab6b15fb500c28db74ec46fe5779c48884d611ea8f86961e4bada2b815065d63a721172973a07072234541360decfb4e20be20815ea3ae663bfe893a087c28c104a78d7c9e0ebcc9b11f5f9510018e7db36db318f40a560d0005815b8291be9e1a2b4a5e4d531d7a41c693e3141739a542249ca0c66ba11fae8757ca6d79304f522e864cef34a2ff91ab34e7e27c5fa14b20eeaff92e4b32c3a6cd1cf6a8781869f8b42c5d7252d8f6a8e4ef6bcc3a0a8cb6f98e26bf60fc13ca78eca448d010e87dd64ba823377abbb4ecb3a4b0634fa8b1d18129914eec418485ef49c0484667571d14c870f6824eafd97d07e246c226f44878e2d8460cffe4563c4bf46c4250bfbe33e7387cd9a2405253664fab88bd1527e6b32cd7506dcaa6aa9ac63f32f974c0c8357bc29983680019ed965728d94411324447e4663dd0f715bb49a86c1dceadc8d0aa275d9ea752653a1b701dec34d927882bf3e6bfd1e931257beb71c7d911c25ad084e54ff065201355d721e89ff7bc62518c7a6bf4569a0ab4b29ff059c72e25d8f30a3e8c76e96ba946a71a6046422bf72d0737ec87c6fd1a7921ce2e0b12dbe658fbbb465f7e5264d1b921328c5ca62e9f2664904b64fb7701a1f1e5c3f08f9da9ea9890393befc0111fa24d949a2811325a8d3f9f1d62a0bb7da822af7a4c17bf1901761766825fc529525f0d85b56e73783e2e63b9bfbbe1c095eefb7b5d87763ebf17e125e7b9835bfe333014c0ac9cc536aeb8bd337d4d9c0710b18dbfced2b95605800d9d28afeba9671c93ba90c964cf2e733d57adcd699f8ec46f5134e29d3f5201d1a39ac0cbec25959c40a1a62561f7bda602c8381b78f2203933b0f778d306c030bafa047057d9b39158f0fed082e2a88a2660b97e530fb97b6ce2c3afbfbd3a5476f602d34e10eb15d1c43f2f08b7c68f55846a5b5ea7dcd450e8b0de168771a7c88b882c8f81470f1d21f368f14ca1e21010f2fbe46b90d9afb3a8d0ed08735f8c351c53d69e869a6c20bd4871e06aa6a5100f633e388a73dedb00d3f5b2277199b241f69e86c2a8a8875a82cfde930e1efa683f22068b6af818476a11131dcf75f9b66e879f6d223ace8399f927f4956eb7ca6bd9d48ee8480817587a13526d6da6ccf64dd8a1eb2efebb244ddbf4c9ddd57f1742b68bd514a1231814989b8b2f9e7ff46dd7f7a737a731d271959e4dc61fdd117baa598cc4bd7b5875b45b23f5ae50e520a0d8d3560b11553379b15af6ea3cfde518a1e90d2b9a723882fc96108d8992c264420db341490180a6d2e59e2f621091fbd9bbc00921ddd65b2d009ad5a2568027df64f054df70a00fc8a713b40d4ff5915391efa2173359666cb547e732eb8bdc27f32b2c3e14d543a27e043ec50cbd9dbcbc635f3aebc4f8d9c64ffbc729c3747ab66afbd248b08d79248c02e41024a999ae8f017305c92f5cf562f0b39971be532199873ebc0a6c78093687abb8445b9fecbfd4a91c3a3263d4657fd77ca96e6eb6f98a5294981930b50e29147518fd52fdf2ee17cc9a55428719a30ec166403c31438829514678524b37016f05d35953453eadd5f0fa52bb8607497bdb54bbbf2a296172a1f72e719e91434a57f5e23e98a228c4676ac3874e83a6d5d654f1bc5c89d6905990bbc05443edf7291186c3933295ee8863828886705efb5e3637881a6d762e93d594012fc8c2f11b48b0510315f7cda2877030739128245529b932ac92de729a2601e09325f16585eb354784d5fedbfdd20f9829741702032da8b39e80a28e33a39b782f4aaa5715c1a048cbaf2bd9f8c0322541b0143f73a17bb8b6d0826a74426b016d0665ec97f5028802e542582bb48dbc043e52db7246dae5fc0d6d1d2b0c94d918f464e305a533d23d820a5e4856cf9aca77502fa2fbeb95fb755d60d7ab2d63617181d220d7e1bb34499af24a645447c844fd6ff6a5407b8e13c247df18eef81a4dc1b545afd3a4072240c9fcb5599bef356e399830a7cd5d875d4d02436f8d5513f2be189ce0d6c10daceea4f22c36efe2b3e25501193dfb4a7478501e01d05e965d7076f89fb45cc7d8de945830b806de29b821cc2183b71e274d012c38cb376dde26197dcba23fc82d50bb2d22a7f110bf9427fa2d430ad62ef05ca4b4e53648e627a3fef7648397a280649ec09c0304ecf0d74da10549108e9c89f898e948f5cd543504f51da858e7b5c3dabf204944394178742cf5a33f13572d6f570bc032f36f991ff387595b4858e213d65b2904cb9eb67a2ffa4d3954431ec5cff426dd6b70545c959a250cf85329f6f812c652351b53df3b1344bb88470ca6ec6d8e4fe0a5b442352d3b62bcde72017cc35d9a154e6eb40e8a9d8174d56215f61eaa0849d352858395c03b9f29e76795e6a70812c41468d9122a59270e352d44777de151c9b5be546e7ca9107562b2c987d7a80228d522b7b9edce4a7ad5c2c9cf494a2881ae03faba35dfd29eb7c4a3774ede33a48b0b2a282c065876e166ed76ebef07d8a5aebdc085a0b4a753ef2d3b659534346ddb8701c209b64655f8aff064d606084987aea42b30ee3113fa391c7a612a228dee4791a076db81ebc5bb42464aa9cf2cbdbba1db920b01393cf7808fe745068d31c38207fbd98bfc8d8c05a5c36bd15056c2eb9969035d1350fb11b43b0cdf11c0155c6aa7777ca5950855193c3edd1056573df88713a40b8a62e0abd12b62ec8f38213aa88fd7db06ea85c7c27d1af392964c1c97efcd3c31a0b095fa37fcdf3e2b8f0b1d9c76c504caf75838da43ac06140d6bb55b717289650ccc6b41487f0639e2723ef0ef8e51aae3c5995d57c8a8c6beec2e9847303f5ea8f4a783b0b255d15841932ce4d21752088b418c5c316be1fb25d8f50d791d9ddd69afc16cd9ceecb90b0a1904c555bf7bd1b305bb2d0d9fe3d99ad85a9e96a0a6de8e8e27c47b1b55b2428def5d4cc5707a488733a049907769cdc786af0e6dbc62f5eed1b949f0c6780a9267b5ee123dc9660ee90574964729ba8c3e1abd199f0a82c4332ef15c1c0c18059d45bc3a3417719f31e406ddbda5526d3b4764c551a9527db7413d5c0a7d1bee3113629633239f40b472e016917c82f161fbb162039a83513395139cd37560eb0e930c25c79df17a8c4964c8509c0370c66dbd2791499d543e12d72958b8e40c58186ef6f35cad11059aa42365552f1d62f10b15088ddae7cc1bd73364405103fa6d264e08b13e8ad64645eb9183e0bd045c77fdf9009e15a0b51a7e0c445cd72a3abd951bbebb79771b3e2d59522b7f8bc78edd8723d3dbdaddd4b77da22415ae2d5855f9f0f7103c3bbf25412594e135b400b4044ebdfd024eda71bc8dc244b8fd9c85599b7ace9470770a76673ca1e646d32977c30d9a7cb49c865840eff0e236cabd8e65009b1dcacda5774cfa4919878ec8b49531a41d202ba88e2470d4490102a70bac4321aa650cef37ac782d176e1ae3161a68a5cdf636721e8d560eedef77b707d6f654b18a580f264c88cdfe5f8e1de9f29ac08c4c5eb123080370166b661240cd886a64847a1511efcc9807e27b5f92d488100d84d2d56e1dd506e879eb80dccb0af5db5ea213500c302e302c0de6e402e93b5a0471d4f6bf20577219176f5631eae1b1b6d917e9c1afce59b3afca51770ff3e88d45209f98430afddd7272a320713ba483a493939c3a7b45dd8c014aa174a7c2820d0776d45289c35d06194f55db1a3e6e30c5978582dfcdd69b69eef95cd7a8536d2015707041674c065efb3ac8b8c77a44706ff3293a8f78e7618c0cf3385f88e61367c9dae9a6664cff430d2c754466b0a3125bfc0783576ecf09f18b24eaf465c357324eefd3058048bc7c2951bb329c8d9bd9199429ab0906c19aab3983b2e6641b4e421603aa99b2256b91dca4932a0c6675654ec78b30c7bb934b3faba1e084822dce0dab7a78be7332154c82ed9b6451f11f46f2a9ebef2b602c3e8afefb8598c0e73ec13c51d574e57d7584bedcc2610a2ff6c53f30b8a8f38618f498d021d0ddcdf7e6b8aa93270e98059e9cb0ba75cea5b60bf8f27af07e084d577bc708e3f4a034d87c2b84c2892c5afe187dae9b579166d63b5b0f29ed6b8bcf48ec4d19f46cbd0a7b7ba7289a62d3e2e670c68230e00c08f6298d72df16a396ac31c2128408c767e7cee152732d2f641ebe37490cab109da72a514df0fa2ec41ed87d20e490b4f51fdcc85a84c01fa5520edc2a93e42536a62f080bca16961647c8f4de7bd9fbcae468877bc225b90441585db105976bad82734e57670faefcd04ba830e759be4fda223c640ec4e5a4a88118310a5ae57bb65d9ec8ebd7d332c96fb9f1b7fffd267a50e3c611c4ddb8d2fe11c2118ee59e4f5a3bd80fa609b1d3700fda747a46622b417176215dfaad7eade201ad65d5ea62083d67af1e959a61621ec85ac59e3ff789df45fb73e3abf99f17051422e060e6530f87bbb4866f6fed745dcbaf037ffd9ab14104cf2d329850d60eb9b2b670aa45dd2e289e5b513807005ed54bede97b78ccbdf40abb374b4fd56e5d0f5ea4e3f91992d72aefb16116251bab866e6da3c069b7290b289cf4e46002b3b45e8b8089bbb1b75c78630272145caad55b713d051a32d482ee106ab828e7f7b66964b255e4946efa7531ea54c0278bef3dc1fa81b64b73ec5405ad735e043ceedd05be993c3def23afea0a7be84a7fea2deb0bff0a0ae24d8315cf570b930b4c19a83f71128e614b48909f4709600437829028017f9769dc5a9cebefe6753fb331c192f30d14c16109ac8df3301fdfbb014053107b6f8ceba18335c5c40fe791c8381bd6a53f6239fed2977f27d7fc42e42cb2cbc7e5052139453c325e7e8dc26442b0a633a4c72dc3b612ca31a3dcb1a97f1b4d6cdbb63e3ce801e28ccf048b57e6dbf6694ac63162370e4423ca0e81e7cac078bb92cf3219083f1fb18cad025ca9c8b2ea4722a4da7189320e646f60ced9f727a256248b3f5ee3c8f4454ca6ee419aca87f94978199a422cdaacf0cf1e512393a867b19e6e83f021adccd29c8ce4ec5bcfa735a2a072de1a943294e1e3fcd276e3b0fe0ec8f1e8e6967c3ea520d41a03fac4218853cadec425776cf7170e00b6fce4a42a5f89f8fcf81ef76fd515036658e6a718d92ad89420dddefdf30bf3df571bd9b705b22da6344a7ab526c79de1d96747602e6ae2efb77c0fd4c832990facb6f44fe2d1d0a9314956d1e13376fea3d79b0ee31cc53c0cc2f8c4349f84321c64f2c1db326404dbdf09a29c0b7758a50bfa4bc89e5a20bad794a2cb4f60bb3c64beb9dd5bd6155937fcfee2ce1dc0007747459188f5b37d8d2bb0824a3479f3ff164fe772d25f40b82725d1691fc445daf47fec7765e427d9812a9059ba67787c0404bf54da279b27bc4f64024a3d268f82a14fdfaa153d4943410a20b55602e8b26e3fa5574e2d57f6f36d74769e389b0d7671db63fd4341518a165dd93446cf471f98be82f7ac2d3dd65bc953f54b5bef295c49eeb924840e3531dfa6b9a1ccc30b1e869e36985dccabf3a195200d463f8991102e15f0a43498a022b6a7fccba4da75fdb1ee82b2c8298cf7b3ab8e0e023cd08218ea194570e9620934f6961da3f5abcf0cabb14c863a95c7829156edd60c6e5935a414bb8a1ae2ef1bf2c831f7abcefe541e3", 0x1000}, {&(0x7f0000003100)="cead71605eaae9ebd8c64dafdfd558ae11ba599d5b50598808addbb4431fb4f9ff342f0781ebb1cd9f5fa4d03f31d69c094fca67ca00c192167fe69f2b33c54e9116c5023a23ebd664bbda8fdf1a9a9940a248b05cfe5c19ba98eef6ba1ea4bafeac2d39f9d359d9cefb8e765a28cc8b5dd649c28e45d264cc555a468428ff83fdbb118612d904760a9eaeb5da4acfc5c278f6d0c5", 0x95}, {&(0x7f00000031c0)="dbd5c6b8c75f7208b2a1e2b6660e76f637deca132793d4fa098c62888e10b45087b7a06c4922f49556cba36b17c2e4408a554b1e765ffb9df279daea080222851c6c97f110910b5460e757f9ddd4d268d1074532d79903a893689a6e9ad3094ebbe9c0f69ee8f60b0d280d0f55a1f922616b1ee1b9a3077319f73d6b2cceeee818f6d1e1c3754376c1482943dbd40047b9d4019c8172acf743f87750ced117ce80c69ff2", 0xa4}, {&(0x7f0000003280)="ff5cc1c555b88aa47e1cfb21f24da47ef102872178c9860e89ab211c30235ee989c6227f48b7d172b63149f325ce8cd9addfa2f3cc78eb375750fb208281dc9b2aa2eed38e203e8dd02c43b49cc31d3ba8899961890dd21a4f6c58402767560ec506e61bc839bdfae3a1d5771a8c5c9382abbef743e5f1355af18d52ace9a7020ad151f645123fe71b6d3ef774a05e3a95fa345ee7d80c34decc7285c6e14a3c605a87b82fa0c6f5b84aba57293a50755e715a52f116a90483503bebafb8b463c2e2adbb9a42fdcba25fbdca", 0xcc}, {&(0x7f0000003380)="32800d39938ddb10eea1813c8a070de526a0429531f54c0df2bbf03a8572761a83da96559793a5b6135a03a99fbdb049d55554bc218cbfab31deb41420e13d46d17b2e4e80f2d9d804616d013d05fc743a4c9f73e88022b371e74ff9d0fc067c0cfa431fbfdb9910597a630dfe36448386d8e10ea975b82ab8d7b6f5cb60b45879a5796d569d8ee2d1a44f12e2dfd0896bcdbf4e9c9cadf9a87e0a47e8204102ef4f684e9678c795d7b47b90cc31383117922fd9f7f1163eca03557f03add4b53360e11b14858ae4a4b470c7857b9da0e138500cba71c1dc833e7d7a286011b10f", 0xe1}], 0x5, &(0x7f0000003500)=[@ip_tos_int={{0x14, 0x0, 0x1, 0xd4b0}}, @ip_ttl={{0x14, 0x0, 0x2, 0x1}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r11, @remote, @multicast1}}}], 0x50}}, {{&(0x7f0000003580)={0x2, 0x4e21, @private=0xa010100}, 0x10, &(0x7f0000004640)=[{&(0x7f00000035c0)="347bb584ad5d1c947d9cff520a710fd23a0b0c566fa8e3858b26bea5b74b2b1015c58c8939adbb00e2e11524d72e0ad8d8f9aa2cb43a0c02ac2d75fb63e6cf70e66424227ea3a76734f87f4dce8c2be88b9adfbf536f6f3dc10cd2106b3dba68e241b9d9", 0x64}, {&(0x7f0000003640)="9fd50563a72319b66653ad2d2d8b1c93c1b53297fd2d1cb6abf3243115633a7254027b80c80b148bf9ef1f46665681eae1b60a5d46fc0797ee2aab60d58e6bd1d1edc817ce7861dcfb70dd8736a01e9b75970dc89052b56599b342586ce81749aa5f08241ce7843dfc0b6433f8f77ae407272a3f6c39a400234a0ed1bf7dcc98b130a68eba913d4c3d45fcab804c45c43be266d69eea8990c35953c9b1f3cca73b708523184df8c82e1976385e864d2f1e5bef3cd11bdc57b589330a2267216f76d75804090bf93750213ff19a5ac1c50c02b939332ed8676490651cd837f90a149e303271d998153d3c3e86d1d8f54ff20298062fd92fb43fe74e2e172664cc4243a00be35093fd1cfaf2730b8255f05cca0219d23e4dd69f1e61191cc3ad3bd23b9b63292e411a7fd1224fb2de88b08adafa91f6251f340efef07ec06d31d5e852aed7243d0bab1a2a4eeed3c9311acc99f56a0a1de4005ce4ce4f2b42305658c5496456c0b59bf33f7cde9a19b7b18e277e4643ca3b7b1db58d58cc07d9d833b64bf77a537cbf6c1fa6a0d682dfa2db93da14d40de42c0870cbfb7391bc1fcfeef6860ecb9e61c71e0841a845e4be10ae16beee90d1f7b53ec4797fd3b3e2a1f956843570124924cdc97e0054102c7ec81ada670dffbe6e8f43adfab8f20af4e198048492129b115ba40ac38ed0e012862ab8f55633fc49b9f2c2332ff589cd8e02eb10a0e901ee4bf3a59ec00ae958690246c22e7ca313e2867badb93d55d23ee026f0004826ae99c98dcd57cfb0e7ffb096c70ffeb200e4f644ce5585f0e5835a475f835007bfa9deb0d22fdc6f96f424be4262f7748e5be328cd43fed1f0d1fd9c8d24d44b540912fcdb47d6f10c8b5d47927377608e17709141d58c0cb309a846515856356a3dfcf3ae4ef1ba8f3d1392f382eb6aea18807b2e4254b090a4aaa88c36e9df9de6f7029c922c31b7dcb686d9c330381409777529c08f8f1d18d332a673cdce021a72bd71f9b7ba09cb39c3bdd9713594329f89fbccecc15d2457d56ba55a3c046a3ac4f93f7d2eec5ab736ee0d23d6f5652456fe8f360b5098a94206ee1e6115c0f25048815e14e5bccbd307edf89f8b2155160cbf2f80c1b06e0b51bc66ccc552d421d66e7f49588b781355c967acb614b5a1c5c762e44e183222705f253bee3e6ac71dc3a578f27d8989218f3790ef0dd7f6d736fc1fb337ff070fd55f146e80cfefab23335b9bf2ebd0dadbfa7469b6232ebf8983a92da7ef8776d38df731b0672370c98617e6ae9b9e6c718d65345bbcbc61df23d90c3d1438d0ff2e069539075445605d204a850eb5c6713645c46c352245cce985f700410d478e5e237791e7118fe0721db69c5e17fde1eeeb8390723ec54ad2ea7155c2b4173999dd543ad3750bdb6fc85437392be24fd262adcf66ae55b65f4c1ce2e1c6028c6feaf5fea6cd9be34e46ba675798d2d7e6d4a0da3a7123fb64ff0e3b41004419371c6c55a0566a1decae49dc8bd519517ad45b0800cedac878742bf190fca6676579085b1e793095a7756b78d12778a35c6ff4e0009ef6124d7207f4699a2a0b9125dce3b375b6e11f5488b57dc2358b7973f6f5fb7ca9e879069a7b19dcd02301a80d3243f0868f396ba8dd3eb79674858edb28f43679f6b96b9a41f5fb21bd794c0e120b8eec3e4fb9ce31fc579ac873bc617961d49744314df248229cd99bbc8b4fd768106a1bbef6115548d380beeeed3be82329e71bec26275ee3b06f541659298084218cb605612785e8b63602a483f6d4b601b85f8bff6cffe0c561cc2f7049a4d1024182e81629d269bb8a32c484f46c73cf8e2b726b5f8d9afd0ca0a6e8ee1298ab6bdab56ecb47fefed9b54ecb4f0bde9c2257de49d2a0b1f67b738e7e3f96ccf90e57f665cfe3287e0ac93e5ade2cb11d0967a1f70e14bad7169704722fe730491f5527332fd2c8708722aa1c4731f9c035e662e105f6c1cf7e9b583ec6ca17d2eb2932d291128e6ea538d0b8bdc2d408b7e9738783da00af16bcb073cc46ef12fa1f6eace923ca178a584e685ae509e2c5e95d02f1ce380b2dfadce23c30680df8cba0cc3fde18fc77d30f264173062799eec5eb9e01dcbea60eb5209da30b93f26d33d3d4c2fd4f22fdb94ab4e63de501af90129f3cbdb8b6640839bcfd28fb621580d6857ab5a7369812f4dc7ec716cf2b07e0176adfb149e9563c15dc7e02b000492907bea498dffb8c2a7961505df53dc527c38efc16387293a3052281e977921f33810bcc94464dd63b4da64522b06ea41348b0aa2a0b7ab4335885fa4d0057ae5b5f65ad8daffc6ba54d695853448454356f70d20c89be3e1671e78764dd2295abbd90ccda20f96fb447c699f19a649d5ec3220f35d50bb2d813dc3c059e5f5edeff55027852722ba553cde4e625489175a152bdf4221b7e2a4b0d5bc0c4e53de5b76f916d97a66dd3d838ad12f671d13a4858bae920797c1c5985638cb6d2596dc9dcb873332c9c914892d98489acd9cd15cabd1f0c9b49c85dc075292350695f439c9458802a206ab21ed2c0409362721ea7168e42f32462cb448f32328d211835603e5f7038d692243805651e9d267187ea6e14ecf654b6aafd83dd13fb9fedacab453218ddf68977bb23394803918b3362d12e6076bd1fdf1fa886a49885cde5b26b345cd0fea99fcc54887872c20de9f963b92d55e559b7e515c42efaf2207d6e6fabc1d78a8d215083aabbbb6c674c6f87474eae77af4a14c0a84991c96c41eba01afe13659005c4f9456c3f566cf3ba2c180f57e45b8c8416043b4c7bc1486ac24516cc37c65c45cd91a626c643db783e1009efe5349eef0a983b2844634dd7c65f22f0323adf2d8e1b75295add48c98cce2fe39f69d738a4d3a3f859c2f1dfe148785b04a3ae67a33a1381525a2d7ca7c1525d0c5d9b1b2bca8be060a15037a48e62511966d5d16b2920f778bf19121ee46e265874352fccf8d35171fb33853a9111a640099ce7e2848da40d3f296a64fb972117b386a0b7864ec9d91706e80908c7736a999ea73578b2ab799c38c563b51eb30c13851dce0589c29bcacc8d9243b5ba7f5ebb08430b01f322b5ae7984a81e557b8fafa33afb3ddbefed731803ce9425e9c5558f367016eda5121deb15ac94b347be16ff12fa9c1a9bb6d2a147db157bfc32c4e4d85b889081ea311a764c0455e3a9ade4a9abb43bd183d3a8535f0978a32cfa37e0a5fcd88607855c0c9c6ad4c845161b332c7bd30859324a42de415b88f336bb1fc91c356efb15afd40463f68550b10927671f51660ac9bfe93f67c030e596482e213c5d1ba8f90b20c408df6e73eb395d22fc7a65419cd18552100ab7a1060fb456a5ac1f86c5f1a4472c5a6e9ec9121106d5f60351dbbdc2e526b88ccad15961f819b03bf8be1d774cfbebd536de2ed96705d3c4affc7625d3edf545304c8a83eda2b03323b53aa27e390970295b3ee55706a1e0ce61f3ac9d8515def34bd3dc83fecf672250454764445244c9e4fe16db099bbb8ac48820727c935ce78a6a888b6d5f2884b0355a7531fad5b317daa806567ab0fe58a1c638248ee305fa318f656620a31df25befa10e8128ee41badf2937c645c8f326770bb0d065cd0a0f61a06cd240fb145f63523626b615784dbf5a1597f7b665d7f4ebd19abce1957e9bce8de594428308cff22e4df5cfd4a1e16a4a81c0687fc06a42b43a194da17a55d34c5657ad0b29a0b536b0738edaabe3584efe6f1165a7391ca230fe1d056c4c2487285131cd837f1542331627e6fd23edd979528c2f62acd99e1552aa074a57fa5f7e93dec11b5b93fa45697a601982573f14ab67a9efccb3257a120d113ec373fb14e10a39c5ef43be9dc8659303592a4cd8e66d0b594e0ed7afece3701a76c8878238f34f283e3f2689a7e1045970114d092af41242781030b05990bc5ae5aafa78305e78dd49e58e9f1e93a8342ccc41560e1736f62984c7f7467d7d772bf617dcd862b409d20cbef78f7bcd1c0afebb0788129c5b3b79cd32587bf950a948eb978229d1dc24f940b5446ac63f294f0a5e6967ebd667d86bd179ef06b446dd43d18846c58c5cd5177c802f69d4a6d0a754b08af84d07e111bfa4aa49f975ff8ebcfa84c03aac9d132780af262dd36c75ee321af0b7c2e7d67318ac6f141f604af4224c975026b5b90c883de3656c5374c4c030b0476e6c9db1e77089156f28035f9a71594d36f80e9418dc1f22459869fe65bdc8fcaa15fb4a679abef5fb73db88d0a48b82a649faade5ca114a817c9c4c32356a75fc2b346bbaf46c884713c1812ddf2fb4c1b219a0dab5cfa2b1eb4cda479252247acffa6c92696684b72a9ba8785e5d7d5a6ed60cc12b7b94533591d2679debd57b4f9f1bde19e655a8775ee38c3848f7d16c74a3e66f55a25600c39b96daca9715488723ba3e9b55a5906fae7c5bc3da78755a93bfbaaae6de7ea4889a7c6c3c970ca67c4a8a3fcb7413a2e74fc4e95c9f3d07c7d41df809548b9685735f5cb5257d38d009162ec2fc60520931b522bfaaf134cb42ec4d517f6ae10a5ca20c0293daefd35a29b73838b8aacb71cb5950fda41c113fc11b6c6dbd26737000189369d9290db11e486c47ccc0bb2f33404811ed4811724e97e2e2d4ed2d140006375c445f4c58ec156944e1fa302af351c508f6719ee61a0defdf86276de9d6cffb68e62c2caeecf39215ad002de580584267386dc2d2266dc0af0303811683b8ab8c321dc3ef3245f25ddbb7cac5b7c62914a1d947fde3735667f68088d89f7ac107011ccd33a2ca3a4d5078f3fa0eb7147ca3e7a5b66272c821e6e67ec6b351ec5f3f6da0103d32d6dcf55a7dea4e853f49560435f817a74ac92f1a2afaec2024d56d706042ce6da1523f2218af443c80ae66327c3acf55581106bfbb711c8c8a9815c2aebb48a1942fc23c6a50222f69d8aa577003c4fe5e08e00c5a55691861320e63c1bb89ba906cfc7a21f8313ac4307d01aabcd84c1cd9bdbbf3d520ea032fe86060bee163b7432cc80f79ac502dec1551e88a3b5281bdb8a5ba61da3abf31a6a7580e702f7c17e3e6c1de422306f4777b4508ce0e382b7fab65eaae7c03576383d55c901b68338a8bd325a1065ef586e0028e017cc76efa27e9ff302cc255490d933b6a6cba6a2977ad6807543c7321a2f78203447c269a2bc0854c3231e47610790f1de729f3bc8f5fdc2330ac5a354b2fcc8cd2860b6ec8c11ad623008fe972e24fde6d50c12713a76343e3f190491056cf9771c4a215dbb8f379db52c9368aedbbd624fbe881b43c1734f70500f2a98269662f7f13d34ad6e6bd5fc6757f27a2fb438f7271aac85c1e3fc5b89f3ad537deb4930f1b0282ed8054e75f42684d0bc0eb9a487d2bc6eda9f8df94f563b4a24d0c33e222243625b286afe308dce9ab1242748a3a67841686bb2b38634eb7e71a2add9d3a3e5657c2f7d58de01d852c63513b5605eb3adb992bf68ef0a074f523f473fd3d21b7a0d42cd962a355d238efa36bc0a8692b51dd50f534b9c6e7f4ad48594b41919661843803bd22a04d51e376955a2926c71140dd8e996a5139e29f7cde962df63da6e394cfbcdf78f93b61117e2f61c3388e78e0ff38a268306fc6c335d44642b0eb47de05ebf2ad1744f99ad2be151a09d5c6ab8e58f5b0db41502e9e45e1cfff7bef692156456e93bac09c3c0c756d5035256bfca81d7ab51fb9a28d58a18cd5c2483e639b250f9a18064c55e54e3e1b3131bd", 0x1000}], 0x2, &(0x7f0000004800)=[@ip_retopts={{0xac, 0x0, 0x7, {[@timestamp_prespec={0x44, 0x1c, 0x24, 0x3, 0xe, [{@rand_addr=0x64010101, 0x3f}, {@remote, 0x1}, {@multicast2, 0xfffff800}]}, @cipso={0x86, 0x7f, 0x1, [{0x0, 0x12, "060ae1c84205b06d1413c1de10fb832f"}, {0x1, 0xf, "acb6290631304d255ac678f43d"}, {0x0, 0x6, "248c2c18"}, {0x5, 0xe, "ddc5712f285375a3a73ff735"}, {0x5, 0x4, "d9d5"}, {0x7, 0xd, "ee279573bae51220b8ca63"}, {0x6, 0x6, "873dded9"}, {0x5, 0xf, "db8f22f8dd73cf062aeb5e3758"}, {0x7, 0xe, "167c8c909d5f479222477a3e"}, {0x1, 0x10, "8f5c04fe26f34e80b53438062c30"}]}]}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x8000}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r12, @local, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0xfffffff7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r13, @remote, @empty}}}], 0x120}}], 0x6, 0x4044004) [ 3257.127873] FAULT_INJECTION: forcing a failure. [ 3257.127873] name failslab, interval 1, probability 0, space 0, times 0 05:21:53 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x2700, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) [ 3257.129145] CPU: 1 PID: 19439 Comm: syz-executor.5 Not tainted 5.10.210 #1 [ 3257.129925] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3257.130752] Call Trace: [ 3257.131029] dump_stack+0x107/0x167 [ 3257.131403] should_fail.cold+0x5/0xa [ 3257.131795] ? create_object.isra.0+0x3a/0xa20 [ 3257.132260] should_failslab+0x5/0x20 [ 3257.132655] kmem_cache_alloc+0x5b/0x310 [ 3257.133077] create_object.isra.0+0x3a/0xa20 [ 3257.133521] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3257.134038] kmem_cache_alloc+0x159/0x310 [ 3257.134468] alloc_buffer_head+0x20/0x110 [ 3257.134893] alloc_page_buffers+0x14d/0x700 [ 3257.135345] create_empty_buffers+0x2c/0x640 [ 3257.135802] create_page_buffers+0x1bb/0x230 [ 3257.136259] __block_write_begin_int+0x1d1/0x19c0 [ 3257.136756] ? fat_add_cluster+0x100/0x100 [ 3257.137190] ? add_to_page_cache_locked+0x40/0x40 [ 3257.137683] ? __page_cache_alloc+0x10d/0x360 [ 3257.138141] ? remove_inode_buffers+0x300/0x300 [ 3257.138616] ? pagecache_get_page+0x243/0xc80 [ 3257.139074] ? unlock_page_memcg+0x96/0x170 [ 3257.139517] ? wait_for_stable_page+0x92/0xe0 [ 3257.139982] cont_write_begin+0x472/0x980 [ 3257.140416] ? fat_add_cluster+0x100/0x100 [ 3257.140864] ? nobh_write_begin+0xed0/0xed0 [ 3257.141313] ? __wb_update_bandwidth.constprop.0+0xe00/0xe00 [ 3257.141917] ? generic_write_end+0x20e/0x3f0 [ 3257.142366] ? iov_iter_fault_in_readable+0x9a/0x410 [ 3257.142893] fat_write_begin+0x89/0x180 [ 3257.143297] ? fat_add_cluster+0x100/0x100 [ 3257.143732] generic_perform_write+0x20a/0x4f0 [ 3257.144225] ? fat_direct_IO+0x1ef/0x380 [ 3257.144660] ? page_cache_prev_miss+0x310/0x310 [ 3257.145160] __generic_file_write_iter+0x2cd/0x5d0 [ 3257.145665] generic_file_write_iter+0xdb/0x230 [ 3257.146150] do_iter_readv_writev+0x476/0x750 [ 3257.146611] ? new_sync_write+0x660/0x660 [ 3257.147027] ? selinux_file_permission+0x92/0x520 [ 3257.147545] do_iter_write+0x191/0x670 [ 3257.147944] ? trace_hardirqs_on+0x5b/0x180 [ 3257.148393] vfs_iter_write+0x70/0xa0 [ 3257.148798] iter_file_splice_write+0x762/0xc30 [ 3257.149287] ? generic_splice_sendpage+0x140/0x140 [ 3257.149787] ? avc_policy_seqno+0x9/0x70 [ 3257.150195] ? selinux_file_permission+0x92/0x520 [ 3257.150695] ? lockdep_init_map_type+0x2c7/0x780 [ 3257.151185] ? generic_splice_sendpage+0x140/0x140 [ 3257.151686] direct_splice_actor+0x10f/0x170 [ 3257.152148] splice_direct_to_actor+0x387/0x980 [ 3257.152621] ? pipe_to_sendpage+0x380/0x380 [ 3257.153078] ? do_splice_to+0x160/0x160 [ 3257.153486] ? security_file_permission+0x24e/0x570 [ 3257.154011] do_splice_direct+0x1c4/0x290 [ 3257.154440] ? splice_direct_to_actor+0x980/0x980 [ 3257.154937] ? selinux_file_permission+0x92/0x520 [ 3257.155435] ? security_file_permission+0x24e/0x570 [ 3257.155969] do_sendfile+0x553/0x1090 [ 3257.156378] ? do_pwritev+0x270/0x270 [ 3257.156785] ? wait_for_completion_io+0x270/0x270 [ 3257.157283] ? rcu_read_lock_any_held+0x75/0xa0 [ 3257.157756] ? vfs_write+0x354/0xa70 [ 3257.158147] __x64_sys_sendfile64+0x1d1/0x210 [ 3257.158611] ? __ia32_sys_sendfile+0x220/0x220 [ 3257.159100] do_syscall_64+0x33/0x40 [ 3257.159482] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 3257.160004] RIP: 0033:0x7fa47a8f1b19 [ 3257.160385] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3257.162257] RSP: 002b:00007fa477e67188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3257.163040] RAX: ffffffffffffffda RBX: 00007fa47aa04f60 RCX: 00007fa47a8f1b19 [ 3257.163764] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 3257.164495] RBP: 00007fa477e671d0 R08: 0000000000000000 R09: 0000000000000000 [ 3257.165232] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000002 [ 3257.165958] R13: 00007ffc61c0da3f R14: 00007fa477e67300 R15: 0000000000022000 05:21:53 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0xf5) 05:21:53 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa07, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:21:53 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x27, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:21:53 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/mdstat\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) fstat(0xffffffffffffffff, &(0x7f0000000100)) pread64(r0, &(0x7f0000000000)=""/45, 0x2d, 0xfff) 05:21:53 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bd0, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:21:53 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x1540b, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:21:53 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x6300, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) [ 3263.727873] Bluetooth: hci3: command 0x0406 tx timeout 05:22:10 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) (fail_nth: 24) 05:22:10 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x2000) 05:22:10 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bd1, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:22:10 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/tty/ldiscs\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280), 0x0, 0x5155, 0x0) 05:22:10 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x29, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:22:10 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0xff7f, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:22:10 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x1540c, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:22:10 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa09, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:22:10 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x63, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:22:10 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = dup(r0) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan1\x00', 0x0}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_4ADDR={0x5}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_POWER_SAVE(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r3, 0x8, 0x70bd2b, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [""]}, 0x1c}}, 0x10) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r4, &(0x7f0000000280)=[{&(0x7f0000000040)=""/112, 0x70}], 0x1, 0x1, 0x0) [ 3274.940579] FAULT_INJECTION: forcing a failure. [ 3274.940579] name failslab, interval 1, probability 0, space 0, times 0 [ 3274.941893] CPU: 0 PID: 19550 Comm: syz-executor.5 Not tainted 5.10.210 #1 [ 3274.942589] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3274.943417] Call Trace: [ 3274.943694] dump_stack+0x107/0x167 [ 3274.944076] should_fail.cold+0x5/0xa [ 3274.944470] ? create_object.isra.0+0x3a/0xa20 [ 3274.944950] should_failslab+0x5/0x20 [ 3274.945349] kmem_cache_alloc+0x5b/0x310 [ 3274.945768] create_object.isra.0+0x3a/0xa20 [ 3274.946216] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3274.946733] kmem_cache_alloc+0x159/0x310 [ 3274.947169] alloc_buffer_head+0x20/0x110 [ 3274.947590] alloc_page_buffers+0x14d/0x700 [ 3274.948038] create_empty_buffers+0x2c/0x640 [ 3274.948501] create_page_buffers+0x1bb/0x230 [ 3274.948968] __block_write_begin_int+0x1d1/0x19c0 [ 3274.949466] ? fat_add_cluster+0x100/0x100 [ 3274.949893] ? add_to_page_cache_locked+0x40/0x40 [ 3274.950363] ? __page_cache_alloc+0x10d/0x360 [ 3274.950824] ? remove_inode_buffers+0x300/0x300 [ 3274.951296] ? pagecache_get_page+0x243/0xc80 [ 3274.951751] ? unlock_page_memcg+0x96/0x170 [ 3274.952191] ? wait_for_stable_page+0x92/0xe0 [ 3274.952651] cont_write_begin+0x472/0x980 [ 3274.953097] ? fat_add_cluster+0x100/0x100 [ 3274.953527] ? nobh_write_begin+0xed0/0xed0 [ 3274.953972] ? __wb_update_bandwidth.constprop.0+0xe00/0xe00 [ 3274.954548] ? generic_write_end+0x20e/0x3f0 [ 3274.954997] ? iov_iter_fault_in_readable+0x9a/0x410 [ 3274.955517] fat_write_begin+0x89/0x180 [ 3274.955924] ? fat_add_cluster+0x100/0x100 [ 3274.956362] generic_perform_write+0x20a/0x4f0 [ 3274.956833] ? fat_direct_IO+0x1ef/0x380 [ 3274.957255] ? page_cache_prev_miss+0x310/0x310 [ 3274.957747] __generic_file_write_iter+0x2cd/0x5d0 [ 3274.958254] generic_file_write_iter+0xdb/0x230 [ 3274.958727] do_iter_readv_writev+0x476/0x750 [ 3274.959188] ? new_sync_write+0x660/0x660 [ 3274.959612] ? selinux_file_permission+0x92/0x520 [ 3274.960122] do_iter_write+0x191/0x670 [ 3274.960530] ? trace_hardirqs_on+0x5b/0x180 [ 3274.960992] vfs_iter_write+0x70/0xa0 [ 3274.961390] iter_file_splice_write+0x762/0xc30 [ 3274.961883] ? generic_splice_sendpage+0x140/0x140 [ 3274.962401] ? avc_policy_seqno+0x9/0x70 [ 3274.962813] ? selinux_file_permission+0x92/0x520 [ 3274.963314] ? lockdep_init_map_type+0x2c7/0x780 [ 3274.963805] ? generic_splice_sendpage+0x140/0x140 [ 3274.964308] direct_splice_actor+0x10f/0x170 [ 3274.964750] splice_direct_to_actor+0x387/0x980 [ 3274.965211] ? pipe_to_sendpage+0x380/0x380 [ 3274.965631] ? do_splice_to+0x160/0x160 [ 3274.966018] ? security_file_permission+0x24e/0x570 [ 3274.966524] do_splice_direct+0x1c4/0x290 [ 3274.966941] ? splice_direct_to_actor+0x980/0x980 [ 3274.967434] ? selinux_file_permission+0x92/0x520 [ 3274.967930] ? security_file_permission+0x24e/0x570 [ 3274.968446] do_sendfile+0x553/0x1090 [ 3274.968862] ? do_pwritev+0x270/0x270 [ 3274.969251] ? wait_for_completion_io+0x270/0x270 [ 3274.969745] ? rcu_read_lock_any_held+0x75/0xa0 [ 3274.970219] ? vfs_write+0x354/0xa70 [ 3274.970611] __x64_sys_sendfile64+0x1d1/0x210 [ 3274.971053] ? __ia32_sys_sendfile+0x220/0x220 [ 3274.971538] do_syscall_64+0x33/0x40 [ 3274.971912] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 3274.972427] RIP: 0033:0x7fa47a8f1b19 [ 3274.972779] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3274.974620] RSP: 002b:00007fa477e67188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3274.975391] RAX: ffffffffffffffda RBX: 00007fa47aa04f60 RCX: 00007fa47a8f1b19 [ 3274.976108] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 3274.976828] RBP: 00007fa477e671d0 R08: 0000000000000000 R09: 0000000000000000 [ 3274.977558] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000002 [ 3274.978284] R13: 00007ffc61c0da3f R14: 00007fa477e67300 R15: 0000000000022000 05:22:10 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0xc0, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:22:10 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:22:10 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa0a, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:22:11 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0) read(r1, &(0x7f0000000000), 0x2000) close(r1) syz_io_uring_setup(0x6bc3, &(0x7f0000000100)={0x0, 0x95f3, 0x10, 0x2, 0x226, 0x0, r1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000180), &(0x7f00000001c0)=0x0) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000240)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd=r1, 0x0, &(0x7f0000001880)=[{&(0x7f0000000200)="76e4b940e8add8d1ad10be011ff0cf86be9e84917e5fb5e69e3180fdd0f521140bde5628cf34513883cb77f29f3ab023a1", 0x31}, {&(0x7f0000000340)="e0ae20e86617ea2b1dda0382ffcd3d3b4bed1b2f53e903845dd4a6e4ebfcb4f1912db25e5e8a787d1b9fa9ce219931d97c4bfb74f7eab2e3ab21f0cdbe1858ac3549114f7f9e04177ba9456e2b7093deb4d1be87327dd0f3ec93f73f822c6445164d47fbeab6645ec613db3aa6d3e908962815dd83e20297fd036a2abbf3d5fb4b21f44b6bff324f84fab0e98b4f74b027ff043ed6f40fa137898f1ac27e3b60fc2a309168397045572f833fb5f1667c1727075dd9b8f1ba0e6363d61a0fa88938cf9ea3031db99fb7d41298460013af71e8c7", 0xd3}, {&(0x7f0000000440)="7e6675a891c069b88a53e8cc5390ca4a508220e143c5bb65f1083f086587a66b39c166cde4c0f0186a712a7c8481dec815d7aca9b1acb7752c684960c5a7bd12a30f1cf846e0604999bf008b934619619cdef37357291c10bbeb070d024a71446beaa1c2d88b98f1b4df097c7f7c5b6b3f6afd358010049151574e75c91618e60b71ec4a528d385cbc8745164d73be6c75f3f62e35b60e595467ac7ff804a459b12768560b9db1fbc5046828fe146163642f0d10abd65f04c3", 0xb9}, {&(0x7f0000000500)="81aaf19a4863b980ca57e8f15bf469386de6f08ec0dbdaa740817b4b399da07fc68b1bf6f4a27d098a35e74b8c68371e266deae18318fbbf7dc7710848354439b82cc51fcf4d948c0ea55a5f56fe18151ca50939b5409ba268e7640006a9184c5c79aaba1cb2e1dbcf87f4b3f8444e8657ca93163f1327ec0b361ae48e8b12167b3856a1269fa1ee9b4c61cdd250d647206eb11ae6e2864f29bdc41a8a81", 0x9e}, {&(0x7f00000005c0)="4157d862bccfc2f915c7a1a1394bbdf3a07cf2413be0c3d6e469ef1983135bb50348d25ddea4ae5821ffad6532056e5e2f2d0312294bf0cd525a759807756145a05cc1f0d2c89d1321b3c34be6945edd578f1dd6ccc711252d37e2d5", 0x5c}, {&(0x7f0000000640)="9cf6fe14470f50fddd6aeeb7b0f8b2b4ed0049f6b1c40cfeeff5c87cd00fc528bfa063c181ad6ed1e7c3aedf9150ebe77bb0427f55bbb659443109d15322914cfba94fec78801c66ea39ba460493573885232cf86e5348447699f5ce107dfd1d53f29a18", 0x64}, {&(0x7f00000006c0)="2bbd2b659f6102d448dec4b31a0073e1651b85785a30106b55e3318384d04e778ac22646c36ec75bb1b97e551041dd74b386e14d757d44399e0a762730805b8b181093754f6d724dc069278ca75a829d1387b57bb9a9e042b1449a0cb5b4a708c483c7fcd46043ff98dc93cb5ea90987565a10962c15af93ca151c42d0122f2192d12d9cf434999308a75f01f9a0e4451fc630316eae52f397a94f9cfa08788ea09dbe1eebc2debfcfe0f7623d7e4544d00ee2fc400efe6e7bca06e754689e0f5f8b27528403152612", 0xc9}, {&(0x7f00000007c0)="d8b477dca487f61c02473dd0e4ec1f0af3a7be11c1f7f52ccfd5bc4a90615d0db31c8691c83c493d7dafa732d8e377be755b28d4129b5e8a50c27ab66b0344805bf4b4950aad38779f3d02819ad4fabba8bc7e7d6c9a03d004c3682e91c2ce12079dcc0df551332f8ef9b20014dd7f9e245dd56a8259e041a3739659554414b0dd711cfdf3ff74947bf986bfaa3913e2a8593c5e6c9a7c6974fdf7679a7cd7b04cc9db9414fb9eab8b5f73597bd03334f1fd4bf823a2bcde697cecf6b338c73628b3997e4b4f96472675a172f04afe3763b56fa63f358ed1d3a8fa10e6382542dd36e93b658507ad376ed53974d229c9c01c22f39df20d8f6172136dccabf709f97db48edcb1e69cea8c78776bb3f93ffeaa7c15efc53bb968e9dc9cae3c7c3de0bf6fd036ef2ed801112620e7865f7154c36d836f322b00ee76615b1fd92c6d6f396826c30864da5a6088a2750b6705020863857ccd5c1809f029e9fc4b1679106373d7c19da3d4242754b42a3b12ba8b88ba32f72e0b7a332250ea86380a770d78a519e01b4eaf512171b3ad47de2c8aca3a48bb1f6514f57dcdcf9e6eed2de21b3ba179f212d69a84684d4bcbff5c809a4065573a42621a52bb2413fa264376cf72ff7e05ef315badb58a012a60f7b7833eb18edec4e5b599c361db17d6a692e653822ef5b1477bb4ebab548044daf6853eaebf2c81db0e7b6e6d16089e8773caa4784ead8939a51105dd82e8edc81c289f46600a4ddad1831f811ecbb4f2dfe2f09cdb1ff6aa68bbdc7345fdd87746584e106df40d199ae0d1f601dfe99def9a083d92512e6b0eede4dc2625c080d60e48c7b2ea5ae8dd70869b3ff31940ba7ae4070d72ea5f6046c00dd61c550a21ce7535cfb6ca72aae072e5168748c6d71119826f416b892adb5429cdfdf67fd2354cb8b53fa59f72cbd7ddb7f2c83a213e6045f5f4960551f7ff68a4982995ea6099a73b7cc2179a02b3fa1019de06fa4ca735b68a69d15bcc53cf0292984ba04b39f4595f4693a5f1070ace15da3d68d48132b1037240de3c596d9beef97effce44bf1cab5e2544721b85272c3190a3d21a52aa5dd80d3b81d5e93e493c8f85bec2c71b0a8cf2b59108b916491f157bb5a7ea95f652745073f50fcc1d0318a74e8930d269f1c95362cbc3ab6b3fb6ad2f94b49575a245886f1945c82aa8a9ba118da6309fe190de225ab1871e2fbafe8a9c24799987447556e7f24e393317ea378fd4cc492c52483ce36e4a535a36c9909eac24fe8fcc84d100596c76f99d8a449589b59a415a008b377403fa6a66b83b5c0fc0191900fffb6e4de81ef7cb4384c4dc12510da0f57be1fcb3bb123af95d385a45df51e63eefb7de3622d4698fb47e9f63c2059df3acb7d9070c0aa5c346651a0fa70e98b416a5b552ad426508a31c3c52171768bdac0bf7db891cdc9a3b6fbdb22f81f8aaadbf67502788b12ae337718cecbff260f6a6e8e3658cb35ef7bd40cc0b3ce7a06b1b09e47741d699ba6736c95adb070e13d5d127a2c395fefad1b82583b16c7d3e0e1f43f045363cecdd53e11750b0c1f6dd304d66b11c735e8adb54b9d986a2e400dd9a75e64be29dd0fc2fc77458c894d806bd032b12f9dbd46bf4c3f3940e24b0286c23cba08f18a10ca1321729ac55c702385513e937928227dbe4065047e5685d9ac47a407401020ffa1a02f7708596ae41025eb245288cd24ffdb06de6b688b81909c533086e9207110f51fbc7b0d4cd657ee9ab7ba837eee1cf4c307848d685d7fd8cdddb10fe1a59b54681648cf35ca71be863a469e81230e91d685fbd14b090051f073c34e3ab3a74461cfa5ea8d0812f2e82fdd219eefcf6bd1bbfb4c5a87b7cb02dfe98eb16a0129ee1d9a776ea1ebfb4aaaa1aed19393b9aba44678071c02121c36343baed6383a9f6de99c3364c7481e908563e87b1ba248b3296e01b798af637da3625a5e6e0ab8f18aa9e1626b98b62008a8866f3813bc4ccbea4a423c11cd361820ba6d4e58d47f7d9e75c93acd979d023cc36814377a099c69a8f2ce1fecdfac539b2c7bc75e572a296f07bc97e79cb11267ca8825f774e5877e5e7741949ead5fc591c7c4ff9aac925d30b743f8ec4a71ab705a0dbd5ccc70a40435f1c73ef1131ec8823294cbbafbcd97f416444183720be3472b6467cd2dadc7b9fe62be76946fb643e8913e340bac76ba33f1865758e288a8b5b850bb13cdef35699bd377c727db00293b0c7768eccb58621747364b2fbbeafab53f87e5cc8986024bd4dc7573f3150a35866505f5cfadcfdbcfed3016c1ce57c54a39e01145dd426accd40c7cb7471ac8481d87fc480063d542e9877f2b023c74bfa33b4828d6890241d68c051c0ce894ad7a18fcb47e7561bce323b302a85510b8505f92b4dd9e21565ad76ae4dd1f4399676f6e8f6defd722c85a18d6ba14317c9727f3066621461179b0e55431cdb280c265e35e912871224be40f01c10105e1d5af291f6d714cea765b4bbe91dca882b93ca42965648540671390cd08f737131240c569dfa82d8461b461ad9376a26cc13801bdeda512c53743c96f815ab70c96cf8d3d130d64886f87ca038dc872235df7ea25ddc0115666e6a534cfd320bf99dfb65ca4163fc85727f0bb105300fdfecdb03e480c4c82736d988284eb903167a00f06119e43af0e17e3be1630177b24c6f82438c57247fe62ec4c2318c6c394781fb4031343cec19af17054f05a1f3701ed34142123b3e0a81f98d5b89cdb258124fec69abba5e89209eb4d47b30a5493c45a0cec2eb6ca3352868725d26cf77917073ec16d8a8522a876d17305bc26789a6eaf1c514eb9f0201d67fe0a7e6b0cb82f606e6e895306515d6aa57073705b6863ed050e4f2739c35ff60be634fc623f724952443193f2401c94574e614c81588201c734dea6c97ee9d38afb87e44f96790f8233b0150cd5812480e5539ee40044810be9befa1af824114b254ea4020c2017a50f126985af3767649eebbb5777ba72f867b34a530b37e674bade2bac957a2caacac326d323dc6b2619d44d0426b93a1324aaf7f0a09c73ce80c28ef2a62d8dc498ea0f163dec655e254e2c714368162a5a8a09f156ec6b0a2fd204f39b73366006002954ab24931b4ef1d11b50d2ce925a98d60f63d8431291fcfa65d991ac67b902b346fa99915f7dffe4f3b1277b14144701f44dbaa35622b8f76ea170f7a15e37cabf1c2d05fc9b849757b12694d21b51bd061909b28b5dc0d3130035f21e5b5926922e907f39954d945ae1ad6210751c8bbcc8fa20c5d3e5994f87beb347d8ae9f8c2da0b7861bbdedc79e27a170b48fa4241ea6822a62bb02c8036db5cdf6601a35c98a00b9cdde8b483b6194ace566360a42b82eae87b12c70c14752908cc977bc00aebe88e18c062d5a831f4f7ff206e032a5371222b0a3ca4139b6ae9b8422c1f42e64e5e1eeca791883fdaf1affd0b45b0dbf861dbf2de2cdf78e45f2a1a1fabc673f7bf82eafc531d37f82f2797db1d73010234ca6a1d0116271124158b0c9bd8a085a8dc6c3f29a12572ebfa7659f831da268130267f4a7b43abed2e5e2037492bafd6559cae492c5921b554eefea47e1e592d7b105bc5687b1407803e3b6f166417595a254976d1d2220c5259c8918a5c641969cc6bb62207ecfab0a3f3423aa6d3681fa6e33be36cb149692aebfa9859eb1f476caa5e70e86100a0795f571794c02add3166b2be062b41d1da9dd95bf95e6feba30baba74b3e8de89688616e70f7d0fd4328502c31e877f2392e695d439aa00c5cb9ca66a0552ff950edc6157361c75c1a4a41ec245a05d959f1af605698a2495f0c6993028fcc184757ffbb2625e61c916959d30efe6093d04ad3292ebfa4a13db353f5e8e4a46194c919e325629f789aad8895b8595bd394961663148992d1cb97a1027d6f018cecda38be87bd7a64f73bb6ccdde9538ecd738efef9cdadf6a5d5657d935982b7ea38b1eeafd2494a8dc569f252a1be95e03578f3478e37290183e391984db23886c9712a9f534418b9077e2ed348306bd0e7cfed6f09fef79590fa4a5d8294c6151baecaf823a468bde8bcc8bd0a161b71dbeff3404a9c370e626a12dfece1d43bfc87e04e93b34831522681c9538f55a36317037bcd352a913ca33b61af7361ebfb0875d5a4557fe9d59c457eab9e2a3b91d72f37198d77889a801c4904c0077db68a4f6cf3758bfde2c383ddd0e53078ec8282a50fa1f9e49d7ecffd16cbf80e9054be12bcd76504135b85e9e0e3c4cf97f46c55478ea9b53fc124ffa1119d00b4d9fcb173a87e795c1fe0dc6f1ffe97318a14b6e9986d43231a2eb13c146dae793a02f5b95097f3f8f39c75c281199307acb2f1e49cb4688fdc900376b74aa27c0d1978f06aa3682a240903834829927efb4c5120836b980482c1d9c1778e8b0731fa9d465f9aa5dfbd536b13d682c4ba9acd24259fb4c4835038ddc58b5557e1f1540a99a4c28185333d35ec3e3a9ccc86e34568fd7fb4e8742d6ec3033349e69dbed6e3eddb0dcd1f10edaa189e4de5946260f4ebc129484685a77e4c188993a86cef62f7bede3b5887488ad69aa4561283aedbdf1997a98a0ec16ab97bb8d95bf379760ce42135caafb87509052678ed9858b3c9341ecf79fbda19d933b296ad67ce1da3a8f4f62ce57e057b6b8faf152f9454bc078be3f02170a987675597ecb13a9c0629d79df7292d12d0e4b882a368c29a5b8d4a46eddc81192315e2adebd115905d3761f02494e95e4a4be0b8e021a20bc1353a0a2ca178050f3403cb3d8209cb857aa64fd060ab2d4f450219052bc84a3d04700a5c50adedcac0bb75a84a9f6e6f2c7a2d75a2da9c5a6c8ad0d439e241c2a6456417cb8ae824c5030df725368981b687321647769e2ed31b18d30dc8d5db836b07177c9281712ebafbaf8d86045da9aae611038fbd9abdf37887e8b68c9a0620494e3873295e11962c3761176124116bbd2b536150c05cded0ddd6c1aea19e20c4712c5f2cd6f4012fedc23cae32b309ba15f7a6794315c48ac6e4805b942c42741375ea3e0cf82119ff81230ae0bae94e66cdf255d90053d81992c0db96ebc7556cf440f90adf750d40b5249aff60a0a5cbd7bc64ddf3add71a4119a33a127722152436fbfc4a00b9b591954b8a3a9259ea09119703a7658ee0f36ca239c89ec17d829dc09bfebe3c1cfbe518e230fc63a7d2132e075ec86728992f3c22d8bb57be781991e6fce897e94d294ce42bd0696e1a4fd211b644fe5a4846baf519bb0af4f008ed2db9db4c127154276f8062295b838f690436e854c8d4b225b9222cfa1feec81a12f19ee4cc91825b4e1b8c54868424b264fbde1d0f7dc914e1d9fadfeb9917648309427c8fb4baae89ae6b40d55ed677ca23d995924eb728705cfb4f3fbc76f291cda96df6b647781a73679bfc5b00c0d9b14f339dad5c03247763735c2737abd192d9afcb9209cdc0b7209105246a49fe305762a59969eece1e2f1aa1a6f19698908a5a3ee85ebd4b2e09a3089329b1668bf915e94ae65152151d827b5ab299fe593e523f1a9072cb106596eaab946da4548061a5de9640a62d77ea4028eb3644ea0cb4393d2a8c7484c8e0eca7d763ddc7b5c8b98c58eb821e35fc0be6205e07158181816314cb359b698b6aa01e58322fd3e178dabb912bdf8bbf7908715a29bfac919f684222513450a19df98a23869dc1731eafd245019480a31f116c48776708d64246074bcb680b1027613845389e", 0x1000}, {&(0x7f00000017c0)="57899532f5b682bd68df48a5851f8922185315d11a420d53cf7911b084453056ad42e17e3abcb6d36f855fd270dd8694b40f81148f348ec7be78f708b063b7868d41aa6be17c91bd6450403dff604525e2489ca1d8d94412482035ab5d1a503fbf44f3e98ea31c18f2d236aa88a4f9960d55c60b3c6484506eb08c99523157e500f6265e9265d28b2aa4", 0x8a}], 0x9, 0x5, 0x1, {0x0, r3}}, 0x7) fsetxattr$security_ima(r1, &(0x7f0000000000), &(0x7f00000000c0)=@ng={0x4, 0x8, "839c5b"}, 0x5, 0x3) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) 05:22:11 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bd2, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:22:11 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x1540d, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:22:27 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) (fail_nth: 25) 05:22:27 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0xec0, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:22:27 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x1540e, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:22:27 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x4000) 05:22:27 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa48, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:22:27 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bd3, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:22:27 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x2, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:22:27 executing program 3: preadv(0xffffffffffffffff, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) 05:22:27 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0) read(r0, &(0x7f0000000000), 0x2000) close(r0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0) read(r1, &(0x7f0000000000), 0x2000) close(r1) preadv(r1, &(0x7f0000000280)=[{&(0x7f0000000040)=""/114, 0x72}], 0x1, 0x1, 0x0) [ 3291.569102] FAULT_INJECTION: forcing a failure. [ 3291.569102] name failslab, interval 1, probability 0, space 0, times 0 [ 3291.570124] CPU: 0 PID: 19646 Comm: syz-executor.5 Not tainted 5.10.210 #1 [ 3291.570738] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3291.571458] Call Trace: [ 3291.571699] dump_stack+0x107/0x167 [ 3291.572022] should_fail.cold+0x5/0xa [ 3291.572372] ? create_object.isra.0+0x3a/0xa20 [ 3291.572775] should_failslab+0x5/0x20 [ 3291.573123] kmem_cache_alloc+0x5b/0x310 [ 3291.573493] create_object.isra.0+0x3a/0xa20 [ 3291.573880] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3291.574333] kmem_cache_alloc+0x159/0x310 [ 3291.574702] alloc_buffer_head+0x20/0x110 [ 3291.575056] alloc_page_buffers+0x14d/0x700 [ 3291.575438] create_empty_buffers+0x2c/0x640 [ 3291.575838] create_page_buffers+0x1bb/0x230 [ 3291.576230] __block_write_begin_int+0x1d1/0x19c0 [ 3291.576656] ? fat_add_cluster+0x100/0x100 [ 3291.577032] ? add_to_page_cache_locked+0x40/0x40 [ 3291.577476] ? __page_cache_alloc+0x10d/0x360 [ 3291.577869] ? remove_inode_buffers+0x300/0x300 [ 3291.578275] ? pagecache_get_page+0x243/0xc80 [ 3291.578667] ? unlock_page_memcg+0x96/0x170 [ 3291.579052] ? wait_for_stable_page+0x92/0xe0 [ 3291.579450] cont_write_begin+0x472/0x980 [ 3291.579828] ? fat_add_cluster+0x100/0x100 [ 3291.580196] ? nobh_write_begin+0xed0/0xed0 [ 3291.580581] ? __wb_update_bandwidth.constprop.0+0xe00/0xe00 [ 3291.581088] ? generic_write_end+0x20e/0x3f0 [ 3291.581484] ? iov_iter_fault_in_readable+0x9a/0x410 [ 3291.581929] fat_write_begin+0x89/0x180 [ 3291.582286] ? fat_add_cluster+0x100/0x100 [ 3291.582657] generic_perform_write+0x20a/0x4f0 [ 3291.583065] ? fat_direct_IO+0x1ef/0x380 [ 3291.583419] ? page_cache_prev_miss+0x310/0x310 [ 3291.583839] __generic_file_write_iter+0x2cd/0x5d0 [ 3291.584269] generic_file_write_iter+0xdb/0x230 [ 3291.584687] do_iter_readv_writev+0x476/0x750 [ 3291.585091] ? new_sync_write+0x660/0x660 [ 3291.585452] ? selinux_file_permission+0x92/0x520 [ 3291.585891] do_iter_write+0x191/0x670 [ 3291.586238] ? trace_hardirqs_on+0x5b/0x180 [ 3291.586625] vfs_iter_write+0x70/0xa0 [ 3291.586961] iter_file_splice_write+0x762/0xc30 [ 3291.587382] ? generic_splice_sendpage+0x140/0x140 [ 3291.587816] ? avc_policy_seqno+0x9/0x70 [ 3291.588175] ? selinux_file_permission+0x92/0x520 [ 3291.588601] ? lockdep_init_map_type+0x2c7/0x780 [ 3291.589021] ? generic_splice_sendpage+0x140/0x140 [ 3291.589462] direct_splice_actor+0x10f/0x170 [ 3291.589851] splice_direct_to_actor+0x387/0x980 [ 3291.590261] ? pipe_to_sendpage+0x380/0x380 [ 3291.590650] ? do_splice_to+0x160/0x160 [ 3291.590997] ? security_file_permission+0x24e/0x570 [ 3291.591441] do_splice_direct+0x1c4/0x290 [ 3291.591802] ? splice_direct_to_actor+0x980/0x980 [ 3291.592221] ? selinux_file_permission+0x92/0x520 [ 3291.592645] ? security_file_permission+0x24e/0x570 [ 3291.593097] do_sendfile+0x553/0x1090 [ 3291.593443] ? do_pwritev+0x270/0x270 [ 3291.593786] ? wait_for_completion_io+0x270/0x270 [ 3291.594207] ? rcu_read_lock_any_held+0x75/0xa0 [ 3291.594614] ? vfs_write+0x354/0xa70 [ 3291.594946] __x64_sys_sendfile64+0x1d1/0x210 [ 3291.595338] ? __ia32_sys_sendfile+0x220/0x220 [ 3291.595753] do_syscall_64+0x33/0x40 [ 3291.596081] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 3291.596526] RIP: 0033:0x7fa47a8f1b19 [ 3291.596848] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3291.598451] RSP: 002b:00007fa477e67188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3291.599110] RAX: ffffffffffffffda RBX: 00007fa47aa04f60 RCX: 00007fa47a8f1b19 [ 3291.599721] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 3291.600328] RBP: 00007fa477e671d0 R08: 0000000000000000 R09: 0000000000000000 [ 3291.600945] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000002 [ 3291.601564] R13: 00007ffc61c0da3f R14: 00007fa477e67300 R15: 0000000000022000 05:22:27 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x3, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:22:27 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x33fe0, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:22:27 executing program 3: r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000400)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2, 0x80000000}}, './file0\x00'}) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000480), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000580)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x74, r2, 0x100, 0x70bd26, 0x25dfdbfc, {}, [@TIPC_NLA_NET={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x1}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x8}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x8}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xff}, @TIPC_NLA_NET_ID={0x8}]}, @TIPC_NLA_LINK={0x34, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x114}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}]}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000380)={&(0x7f00000005c0)=ANY=[@ANYBLOB="f0020000", @ANYRES16=r0, @ANYBLOB="100026bd7000fedbdf25170000005c000780080001000000010008000100010100000c000300aa0000000000000008000200000000000c000300350000070000000008000100090000000c000400020000000000000008000100010000800c0004000010000000000000780005801c00028008000300430000000800020002000000080004004f0000000c0002800800010018000000070001006962000008000100657468000800010075647000340002800800040000000400080001001700000008000200c2b800000800020091ca000008000200030000000800020005000000780001800d0001007564703a73797a32000000002c0004001400010002004e20e000000100000000000000001400020002004e2200000000000000000000000008000300ff01000008000300090000000d0001007564703a73797a310000000008000300050000000d0001007564703a73797a31000000000c0005800800010075647000840106800400020095000300115a22eff896ae41b7806f7fd3c171a864fdfe6adbf30b614747fbaca287d6030332a62624aad6cd16ae19beea4066299df0432129b91e918a398280d19a0bed85b8e99c433beecaf6ae8a720286fc2c147513531a1fee40ab43e783ad8be983c35b20e964049f7d95cc86045f4155e3fbc7a63c6736c04006ca1f082f3d075e7f1aa4a99d546d3cdf9443bc82ead95a5a000000910003007da7ed28eb98233132990a1a8f68a9c4681711f8e0699324316597005fd789a1b7967c228e948bf1b7eae696933111bd2c85f842852fadfcda5a274fd93e959e07bb8606d15d744979e3f8ee3385cc384aaac9e70da67c7438f06789cd8a015d1e7933c47a68e0c9431d50352d370052293964ba114973a15e433e90cbd1a1aacf5c8048c76c0ec121be1445b60000004a00040067636d28616573290000000000000000000000000000000000000000000000002200000037a2e5cde116b8d85773eb40563472568f3c456b05f041d54433b5bd906ca71bc6ae000004000200cbfa9ea1ac4ebd413dc62fc2566b59652449de5976ad916110e17c"], 0x2f0}, 0x1, 0x0, 0x0, 0x80001}, 0x8044) 05:22:27 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa4c, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:22:27 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bd4, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:22:27 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x1540f, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:22:27 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0xeffd) 05:22:44 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) (fail_nth: 26) 05:22:44 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x5f5e0ff, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:22:44 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f00000000c0)=""/126, 0x7e}], 0x1, 0x1, 0x0) 05:22:44 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bd5, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:22:44 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x4, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:22:44 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa68, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:22:44 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x15410, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:22:44 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0xf5ff) [ 3308.382899] FAULT_INJECTION: forcing a failure. [ 3308.382899] name failslab, interval 1, probability 0, space 0, times 0 [ 3308.384127] CPU: 1 PID: 19759 Comm: syz-executor.5 Not tainted 5.10.210 #1 [ 3308.384842] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3308.385695] Call Trace: [ 3308.385984] dump_stack+0x107/0x167 [ 3308.386356] should_fail.cold+0x5/0xa [ 3308.386750] ? create_object.isra.0+0x3a/0xa20 [ 3308.387230] should_failslab+0x5/0x20 [ 3308.387623] kmem_cache_alloc+0x5b/0x310 [ 3308.388052] create_object.isra.0+0x3a/0xa20 [ 3308.388504] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3308.389034] kmem_cache_alloc+0x159/0x310 [ 3308.389492] alloc_buffer_head+0x20/0x110 [ 3308.389925] alloc_page_buffers+0x14d/0x700 [ 3308.390379] create_empty_buffers+0x2c/0x640 [ 3308.390845] create_page_buffers+0x1bb/0x230 [ 3308.391301] __block_write_begin_int+0x1d1/0x19c0 [ 3308.391807] ? fat_add_cluster+0x100/0x100 [ 3308.392238] ? add_to_page_cache_locked+0x40/0x40 [ 3308.392738] ? __page_cache_alloc+0x10d/0x360 [ 3308.393206] ? remove_inode_buffers+0x300/0x300 [ 3308.393707] ? pagecache_get_page+0x243/0xc80 [ 3308.394196] ? unlock_page_memcg+0x96/0x170 [ 3308.394644] ? wait_for_stable_page+0x92/0xe0 [ 3308.395115] cont_write_begin+0x472/0x980 [ 3308.395553] ? fat_add_cluster+0x100/0x100 [ 3308.395995] ? nobh_write_begin+0xed0/0xed0 [ 3308.396446] ? __wb_update_bandwidth.constprop.0+0xe00/0xe00 [ 3308.397045] ? generic_write_end+0x20e/0x3f0 [ 3308.397510] ? iov_iter_fault_in_readable+0x9a/0x410 [ 3308.398036] fat_write_begin+0x89/0x180 [ 3308.398454] ? fat_add_cluster+0x100/0x100 [ 3308.398917] generic_perform_write+0x20a/0x4f0 [ 3308.399392] ? fat_direct_IO+0x1ef/0x380 [ 3308.399812] ? page_cache_prev_miss+0x310/0x310 [ 3308.400308] __generic_file_write_iter+0x2cd/0x5d0 [ 3308.400810] generic_file_write_iter+0xdb/0x230 [ 3308.401306] do_iter_readv_writev+0x476/0x750 [ 3308.401771] ? new_sync_write+0x660/0x660 [ 3308.402199] ? selinux_file_permission+0x92/0x520 [ 3308.402722] do_iter_write+0x191/0x670 [ 3308.403132] ? trace_hardirqs_on+0x5b/0x180 [ 3308.403586] vfs_iter_write+0x70/0xa0 [ 3308.403987] iter_file_splice_write+0x762/0xc30 [ 3308.404489] ? generic_splice_sendpage+0x140/0x140 [ 3308.405010] ? avc_policy_seqno+0x9/0x70 [ 3308.405453] ? selinux_file_permission+0x92/0x520 [ 3308.405970] ? lockdep_init_map_type+0x2c7/0x780 [ 3308.406470] ? generic_splice_sendpage+0x140/0x140 [ 3308.406977] direct_splice_actor+0x10f/0x170 [ 3308.407442] splice_direct_to_actor+0x387/0x980 [ 3308.407939] ? pipe_to_sendpage+0x380/0x380 [ 3308.408387] ? do_splice_to+0x160/0x160 [ 3308.408792] ? security_file_permission+0x24e/0x570 [ 3308.409327] do_splice_direct+0x1c4/0x290 [ 3308.409761] ? splice_direct_to_actor+0x980/0x980 [ 3308.410261] ? selinux_file_permission+0x92/0x520 [ 3308.410770] ? security_file_permission+0x24e/0x570 [ 3308.411292] do_sendfile+0x553/0x1090 [ 3308.411700] ? do_pwritev+0x270/0x270 [ 3308.412104] ? wait_for_completion_io+0x270/0x270 [ 3308.412602] ? rcu_read_lock_any_held+0x75/0xa0 [ 3308.413086] ? vfs_write+0x354/0xa70 [ 3308.413504] __x64_sys_sendfile64+0x1d1/0x210 [ 3308.413974] ? __ia32_sys_sendfile+0x220/0x220 [ 3308.414458] do_syscall_64+0x33/0x40 [ 3308.414844] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 3308.415368] RIP: 0033:0x7fa47a8f1b19 [ 3308.415755] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3308.417601] RSP: 002b:00007fa477e67188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3308.418376] RAX: ffffffffffffffda RBX: 00007fa47aa04f60 RCX: 00007fa47a8f1b19 [ 3308.419099] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 3308.419830] RBP: 00007fa477e671d0 R08: 0000000000000000 R09: 0000000000000000 [ 3308.420544] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000002 [ 3308.421302] R13: 00007ffc61c0da3f R14: 00007fa477e67300 R15: 0000000000022000 05:22:44 executing program 3: fallocate(0xffffffffffffffff, 0x40, 0x4, 0x3) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/zoneinfo\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280), 0x0, 0x0, 0xffffffff) 05:22:44 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x200000e8, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:22:44 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa6c, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:22:44 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) (fail_nth: 27) 05:22:44 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x15411, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:22:44 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x5, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) [ 3308.640445] FAULT_INJECTION: forcing a failure. [ 3308.640445] name failslab, interval 1, probability 0, space 0, times 0 [ 3308.642090] CPU: 1 PID: 19784 Comm: syz-executor.5 Not tainted 5.10.210 #1 [ 3308.642793] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3308.643627] Call Trace: [ 3308.643907] dump_stack+0x107/0x167 [ 3308.644297] should_fail.cold+0x5/0xa [ 3308.644694] ? mempool_alloc+0x148/0x360 [ 3308.645111] ? mempool_free_pages+0x20/0x20 [ 3308.645565] should_failslab+0x5/0x20 [ 3308.645963] kmem_cache_alloc+0x5b/0x310 [ 3308.646398] ? mempool_free_pages+0x20/0x20 [ 3308.646846] mempool_alloc+0x148/0x360 [ 3308.647256] ? mempool_resize+0x7d0/0x7d0 [ 3308.647685] ? lock_downgrade+0x6d0/0x6d0 [ 3308.648124] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 3308.648638] bio_alloc_bioset+0x36e/0x600 [ 3308.649073] ? bvec_alloc+0x2f0/0x2f0 [ 3308.649486] ? iov_iter_npages+0x1fd/0xa70 [ 3308.649932] iomap_dio_bio_actor+0x518/0xef0 [ 3308.650404] iomap_dio_actor+0x36f/0x560 [ 3308.650824] ? __x64_sys_sendfile64+0x1d1/0x210 [ 3308.651301] ? do_syscall_64+0x33/0x40 [ 3308.651702] ? entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 3308.652255] iomap_apply+0x289/0x810 [ 3308.652636] ? iomap_dio_rw+0x90/0x90 [ 3308.653030] ? trace_event_raw_event_iomap_apply+0x430/0x430 [ 3308.653639] ? mark_held_locks+0x9e/0xe0 [ 3308.654080] ? filemap_check_errors+0xa5/0x150 [ 3308.654551] __iomap_dio_rw+0x6cd/0x1110 [ 3308.654962] ? iomap_dio_rw+0x90/0x90 [ 3308.655375] ? iomap_dio_bio_actor+0xef0/0xef0 [ 3308.655853] ? ext4_orphan_add+0x253/0x9e0 [ 3308.656289] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 3308.656795] ? ext4_empty_dir+0xae0/0xae0 [ 3308.657214] ? jbd2__journal_start+0xf3/0x7e0 [ 3308.657703] iomap_dio_rw+0x31/0x90 [ 3308.658079] ext4_file_write_iter+0xb26/0x18d0 [ 3308.658559] ? ext4_file_read_iter+0x4c0/0x4c0 [ 3308.659031] ? kasan_save_stack+0x32/0x40 [ 3308.659458] ? kasan_save_stack+0x1b/0x40 [ 3308.659896] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3308.660406] ? iter_file_splice_write+0x16d/0xc30 [ 3308.660891] ? direct_splice_actor+0x10f/0x170 [ 3308.661370] ? splice_direct_to_actor+0x387/0x980 [ 3308.661859] ? do_splice_direct+0x1c4/0x290 [ 3308.662310] ? do_sendfile+0x553/0x1090 [ 3308.662720] ? __x64_sys_sendfile64+0x1d1/0x210 [ 3308.663201] do_iter_readv_writev+0x476/0x750 [ 3308.663662] ? new_sync_write+0x660/0x660 [ 3308.664084] ? selinux_file_permission+0x92/0x520 [ 3308.664603] do_iter_write+0x191/0x670 [ 3308.665011] ? trace_hardirqs_on+0x5b/0x180 [ 3308.665475] vfs_iter_write+0x70/0xa0 [ 3308.665874] iter_file_splice_write+0x762/0xc30 [ 3308.666382] ? generic_splice_sendpage+0x140/0x140 [ 3308.666905] ? avc_policy_seqno+0x9/0x70 [ 3308.667320] ? selinux_file_permission+0x92/0x520 [ 3308.667821] ? lockdep_init_map_type+0x2c7/0x780 [ 3308.668314] ? generic_splice_sendpage+0x140/0x140 [ 3308.668802] direct_splice_actor+0x10f/0x170 [ 3308.669255] splice_direct_to_actor+0x387/0x980 [ 3308.669738] ? pipe_to_sendpage+0x380/0x380 [ 3308.670190] ? do_splice_to+0x160/0x160 [ 3308.670592] ? security_file_permission+0x24e/0x570 [ 3308.671109] do_splice_direct+0x1c4/0x290 [ 3308.671532] ? splice_direct_to_actor+0x980/0x980 [ 3308.672020] ? selinux_file_permission+0x92/0x520 [ 3308.672520] ? security_file_permission+0x24e/0x570 [ 3308.673047] do_sendfile+0x553/0x1090 [ 3308.673466] ? do_pwritev+0x270/0x270 [ 3308.673868] ? wait_for_completion_io+0x270/0x270 [ 3308.674360] ? rcu_read_lock_any_held+0x75/0xa0 [ 3308.674827] ? vfs_write+0x354/0xa70 [ 3308.675219] __x64_sys_sendfile64+0x1d1/0x210 [ 3308.675685] ? __ia32_sys_sendfile+0x220/0x220 [ 3308.676168] do_syscall_64+0x33/0x40 [ 3308.676547] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 3308.677067] RIP: 0033:0x7fa47a8f1b19 [ 3308.677462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3308.679293] RSP: 002b:00007fa477e67188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3308.680068] RAX: ffffffffffffffda RBX: 00007fa47aa04f60 RCX: 00007fa47a8f1b19 [ 3308.680778] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 3308.681498] RBP: 00007fa477e671d0 R08: 0000000000000000 R09: 0000000000000000 [ 3308.682210] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000002 [ 3308.682935] R13: 00007ffc61c0da3f R14: 00007fa477e67300 R15: 0000000000022000 05:22:44 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f00000000c0)=""/141, 0x8d}], 0x1, 0x1, 0x0) ioctl$BTRFS_IOC_RM_DEV(r0, 0x5000940b, &(0x7f0000001340)={{}, "934b8fdb3e9a6f389d2b5e7d835575cd6c7bd4057c15b73ac8e5b2e5eb0309a0c8ba9356d590d36cc6728004527619dd8ce3f95104803984b42151c9bbf7228ece8c29896376b61e02beb4549ee5074bc65b384ced6e7926b6458c66b8cf48525dbb61286e364f1a5fb7faf43dbe4b23a8429a1486adaee38b4a4536fe229827c183abb6f0b2014790ecff6a43e5af2ba2a61860b6fed02ead0ef2dca3afbcce08ef9ddd8a0afaafe3031f8ab802cd6683ab90c5e763bd3a46a22c892a356be32fc8ef5c53c50cd2d2f73166ab35ce39c0b825ab4872997dc4bc03e413b326d888984519fb23457000971b47b3f82fd0cd471d25a04147f908999e48eab986419b14089ee91bec25adfcdd20f8dfa6486ec0a786de065dfc6168f6cd46315f6b272ee9d69c73e7891014280672cf992d9df754f2e4745d7dfea3cbfe90a9c78ce7011329e158c68482569ee90b6a3013734857c99a0e96398e565672a6391ee915b147e65b63cd47c7a45026dc34669d4eb3311a723a452c1e427bdc822993443663b3e93c4d35493c11800dab8f16ca29fa0ee4d66fad0475deb987fc4633276b0060010da46a6bf02cb91ba781d387c9a790492b484b387512c575f51268f1b06104077378c5cd1cc38f04adb097ab5154ecd0bcef869b50f573aa0715b6b63edbb986d74440821e1a6f7bfefced335eac4bf8a0bfc6f15b17f98ed7d410d57151593cae25ca5ab9e9a80d06731c4c3f9062bb5cf54dd75d47fe03b092825c78c901579801bc6135cf1b45e99cc7eb24de11403c370b36f0b2e76fba3f09124c63cb2bb8a8d56a2e5aa02cac5a08767e0c1bedf6c61a4aaf153cd70538f2c35e0223956409463365ecd4dac81b068a65e9b6c3fc139d962c798a3c29e5d42f57e29f9f47cd529b071f282fb5b86975d1e96b8ddb3c04cd1ee5575283725b8c8dafc32a32586c0492f983a44d4e7086ca21b07c9272eaefd331432bd0ff807b62abef6f070234413510344a768bb5215c501861fa8d2646d7582ffc0bdd82bd361688505fb78fb740585c573c6f84a872ed9110f6122abbcaf522fb89d6039b6ea9f57ba2b291a43a9380011740a06c6011fce673d24272574b152fecb58168c720ce8eaeaa397ecc42159d7549ca317f811d38b32ff80f744f846af80c6381a80bcd0cf99b67ea10d6596a886c6d00a2dd04cda38ae5339ca48a87aa0509e2ecc8478d3635b6ab8060830689029cc206a89c5bb91a0b27862eb94fc05237e39cadaa5480fc0cc2137226acd5ed7b07c3a5b06a9dd8771928ef213b58961130fa533f0977e6a635e0912dae1c1d80f2c61c061a9dd8918beea7abca8aa8b13dcd91c501a36ea6508d22e474454239c6a781ee6a4b892cc7866b74e833b2d9ea6b9962986fa6023d1001533ee1e24c2fc2acf541d75cfdc3dfab59bd584913ef1362194a2c9e94fe42939db345b51e4ed3e3bcbaf198c4fa96eaf585088ab865397cd48ceb2183da1ea8a002ffa8a5070418154238b5bfef340a1ece234d8d0ab49d9c8cb4b22be643d3fbcf6298cb29730423c79bd16f77c08128b2a73791375b5cc7acdaaafe0280dc34ec4306fa56b9490f4690e6c73808f82a845e210459233b77b8a1a3b6d313ab0dca8ffc8a42198d5f92c43b3c15d460d6f2d88e965072f20050974a337f8fa7fb3c284e5d2b7aaa697ce07c1e99f83f9351448027c7252b09daf565f398155391618e86bc4ed3fa0b4f3dcc547b80e404ed7bef88e0d2462036379d2533e7ae9b29a09c28aad3d6263ed5747390bc624fa60bc9d0dd10c4dfacbd168e672f86be6db2c53080fac253c3bd25d9f90bcb356b11bdab15b652ddcf1a12675b324ea5abdf8266dc1e8c6874f9c86dff4891625a3ea8f5fff845ae929fde6ef5dc66ce85a6663439d2687fc6792d76a90b40833ff348a3f14957423a7f1d1c554d950b20a2c56fc17688d8bdf0ca64947b1d96a0ce285383da40742be79ab22b22981506d7f27e334ee799592e2c264deb2eca5e5e458e382e76bfa4db7d7dd0231a2ea64131314af3c2379fb197279ffa7b451d53e0432e70c287c2f5008d7ac7cfa251b4c66a58fb7e4f8c4c498e67eea691dadbf7f74c8583b1be0eaeb74d2208eaf3c0b1cc23fe13df9e247ca954cd501670f4312e35f6e59f73002bcf4e37682dda4fbc069d6fd5c5821a63671b8a14fb04b0eb8bd802e82c9e4ce9ec5f657fb3691deaa716ae19eb4d75384f775c868d868d2cb1288813ce40d1f78b4caba14ebaa4529709621290da3133ddb1897919143ac4b4071d8e23705e3d270d9401c68ccaacaddd6d1de42e5b02f83bfeed970bc847cd73da8bca1073afba999f99ecbaed5c32072076cd28de1281f6fe1d68789fa21cf13772ae352a9da4e6ce13e17295f07dea94f6239a4ed97ffdac570772ad3b88ea940308c88579d02f972400a33e5839666ae77a2966acd4a125d599324e3e0883e65b1113c8885e63c7c49969687148693f86d34908422e47f41e4513411edd47cd678fc01a4315a19360a15af11cf95461ffc094d9f4c4e4a2c9c9bb610b0bda987b25034f6edfe7ff8f0176f338cb5e1f221e643c711dd40e00a9540546947bedd557c0c1e87472dfb05c3dc2fc0691ad5f3b6884328748affb485a84742fa7ce42be4df1bf9b0d3748e7ccd96a45afca7052e096383732d9c96cd74976c1642f4bedfe40c35d2b8aa399778d2e23eb004300c3d8e0ae022a01f42b62e35c2b4dcf096d074c085d5ccda20eded3dcef59b7382862a147af275253d4ba39e1c641d731a3b86b2fcd93b878a9371cfdfe726cc0f892ea0d4b4d2dc5cfcb91db14a7de1362c418d7f6393bdb7025cc72576a80b43f3fefd54a929222f7aef7a976e0fe2aafc68612516123c486447369d1090407405742e2101dd87ef53a344a6917e8c2b595676e8bb4451b7e81cb640759e708714cddd6cd8e9069dd6deb8551e1d0e02d13f3bf3fdcf8f46a05d269928ecd737c3d6a3d41c2f520516ff132fc764dd23b945380bfb0dcd597178a129f7d93c5d9b159da2521324c97b865434798f70f9ec982979db28c338ac1f18d6f7d1a986237903abab1172927a33f57acffce83d1ba642d5aa378bc987dfaecbe3ddda93aa1e5fd92d776e1ddd393dbfa7e7c2896658aafdcb0edde1e8068164fe426058da6b0a72dba2bc441f10490d8893c7c33a74c83ade53ae7b22bfe99fc8b7407f174450fd514a1b37a1341bda9c919b5dfdde3d5a45e7304b8e72be13e6d039979894684bfa9689671c2cc5dfdd411cc8cb927727a341e7cbc4d749bb45192122862690894604d7769bd8a4e4a626afad0faab419e9227fad14eb554c4d8b51ae870413bb45e210b3689e31a36fa1d8d8ec0530cd1a2644f116e694693fc37e2ac2f583823887a9836a32265aa1ba39614489041dab422a840cf84c36269b75b4b10e656a69e5ce139d1566d7a45d5db5a4bab021a6b0e55ec23a9d0050b3b37070342acdd55ebd3400dada2ba01fc2a9af93cf234dabe42bb481842a56ad05dbece9dbd88a61dc5289442cc469bd125455004db31d054a2527015f0901b89005514564eadaeda664a958729e6cb95e20f3e7da36ba3b7b0914df0311761024118812493fdf6b247bff1c9f223169ea751e5b81317772112cd8ec0cbd069940a5f76c773c0a7f9ed474e2988429364f4d641396041cf3cbe9c362fe2b9ca16aa3abfd0f5d330b51fa8c9f82c35c20364e06f82939cd822a850a9f2b4243b015ee5d0a2632aaa20708a46b8d25d7bbfed78139ee4ec68a3f81a010829bf912315e3f21e5dcf6b1eff162b54d6a53349e46e3fcf26339e92c7e60c3ae9fb47b85118c588ecc5108b5fc4dd55a64752de77cb5a84015dba2a83eacb1f4d204ec6d5dcf3d46213672756fa208b60da9d796f2741663a7014d9a8861921b24a6033335cd58bbe8d48fa7b450080000000000000b942b1f2266a72e345824667c475cf83f43b0f7ae28494832429eaaf948999a7a2300144ead4d0c8270819d6491b2c4d028ce6ce433b6303d21e98540de6c8b2acfa7459fb8fac1946e72614b69a56681b500f74e383b6d2def4d9acd380f6871e95755446356d07d4aa3799395c7ced26f3413c056e946a1d07ef8836088e180d431c984826dca8fee16d23ef8de84fe21b33453ae00db5a550528c298cf3108e33bcf0f765ef4ecb8019ae5a4d3254b07a848455a9c851c92671e319d546116bd1598e2a5f9dcd2d24e8a37e358aa62392a789d75261270d31c968c3e5da1e6c35ae17361067267fe4eec991f9c57f0e980cd8cdf61279dc869bf7203b8e7e07d8a5299b9de69eef62cccd2b96a75efd661f06ddf9aa7f91e73c4864ee10c9c0e670ea39253fdc9c66cf547ff248674460b8a761affc640af34eb4a76f617c51debdb722e58dd319c2aeb4de0e3cdd08faa7233361da41a070cef2a999aa94e6bebcb22b941504c20f0c3aae149877acb1926c068ef45fd1c6cd4d38e0ae61a63a0bb95e183c222be8d7591d406805e08103c492366e2bd287230188e3642989425d0381f87d44e487091da3d4c7b3e08407eda5170eb847f8b5dbb1be2ea2d743175ca7fdfa72437e4bade577ba17b4cffc04ae84eae486008164626cad9d45087f102dcf6d622f37f05b8bd9c8cd3dca0419353626937b558921137667044f35ccab6b94dc1eb3c582e3af71545307f49eb5b5fa62c4f495aa1faba26101e3fec3d93161e4769fde078b0e39ca049d23f9d81190206068fc416cceee1989ce7fd0cd800a361686bc3eafe8dacb37070f6b06b19d2b1f9adab20d5439c9f61fb9edce8da6451fc3e7d89267791c9ed0f5399f37c017392dadbfa0c447bb3ba7aef67d41d6571b68ea9d1769642db0ee8c084ef5c11c0e40c33de540e6f214ff54daff543e50b412f89bda9cde4c7f7a99b7418637cb5c38bd33dd9d995ce54856d84e22121ee3637e92ef382eac5596197f1dca3c671779330681b5748fc85ad167452a8b2de8c5f42471f24abb8fb9784db9f13b8512b382c319e77fe95700fabafc7f2584f2149403e36f46cb177fd3ba215534e5a64525a99bb8f683c0246182c81553c890e8dd382854354985948b889a2c9288f1a76847cb70e95837394c3a2fe879b69f4456c5d265936e2722db579dc39283139d22b35eeb7659d310ad3906a3983c1a8266a8dea4fb98c65c3fc0cbc83826d706002f3c817743dc8441e073c4769cb4a0fc013e920caf009b5f55572d3e3b620fb79f4486cae07f8fab432a34839435d0ef781bf37cc3fb0fa7770e612e80f024e0eb45734672323e374be2d59b3b8e6b44f8e1f136100997dac2dedd1772efaa31cccacfe690528fa2d2de36075e9200518d24c21d796f495e95f97b98b6ff70e9f5ac54567444d2167bceb26f7f6a9abd9f66eeae32cadb08e75f138ddecbeac970b5a19de8a25a972f611e4fa6292490d28f12730e388f2165314dff374f906a429b9401d38e8d139bb66a9af5b82997c3d2a438b695013d6570650e0d31f4cd78d948cd98bd5cee86c332a0b137d91f0563d040ca60c7ae62ef01055c31b02c85538005fd7bc52019f12cacaec5b50e8b3e754c7be0ff7d19f203e4d605b0e168d02dac967d7f6b2dd5626354c21f4d66881f5202e88ffbb1f5c760a22f1083fdcc54bd72e3b5fc7505b5a64d44d8fc7252be90e4432878d682a2edd5693b2be5bc29ad00"}) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$AUTOFS_IOC_EXPIRE(r1, 0x810c9365, &(0x7f0000000340)={{0x3, 0x9}, 0x100, './file0\x00'}) 05:22:44 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bd6, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:22:44 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0xfdef) 05:22:44 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x7ffff000, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) [ 3325.167789] Bluetooth: hci1: command 0x0406 tx timeout [ 3325.207053] audit: type=1400 audit(1709097781.112:506): avc: denied { block_suspend } for pid=19869 comm="syz-executor.3" capability=36 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 05:23:01 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) (fail_nth: 28) 05:23:01 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa74, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:23:01 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0xfff5) 05:23:01 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bd7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:23:01 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x6, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:23:01 executing program 3: ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f00000001c0)=ANY=[@ANYBLOB="01841b5b75b4ce649cd4b859d700174ebb46000000000000", @ANYRES32=0xffffffffffffffff, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file0\x00']) syz_io_uring_setup(0x18b9, &(0x7f00000000c0)={0x0, 0x328e, 0x20, 0x0, 0x26f, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000140), &(0x7f0000000180)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r1, &(0x7f0000000000)={0x28000000}) preadv(r1, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) 05:23:01 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x2, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:23:01 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x15412, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) [ 3325.231198] FAULT_INJECTION: forcing a failure. [ 3325.231198] name failslab, interval 1, probability 0, space 0, times 0 [ 3325.232257] CPU: 0 PID: 19865 Comm: syz-executor.5 Not tainted 5.10.210 #1 [ 3325.232811] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3325.233505] Call Trace: [ 3325.233734] dump_stack+0x107/0x167 [ 3325.234043] should_fail.cold+0x5/0xa [ 3325.234365] ? create_object.isra.0+0x3a/0xa20 [ 3325.234748] should_failslab+0x5/0x20 [ 3325.235064] kmem_cache_alloc+0x5b/0x310 [ 3325.235413] create_object.isra.0+0x3a/0xa20 [ 3325.235769] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3325.236186] kmem_cache_alloc+0x159/0x310 [ 3325.236539] alloc_buffer_head+0x20/0x110 [ 3325.236877] alloc_page_buffers+0x14d/0x700 [ 3325.237239] create_empty_buffers+0x2c/0x640 [ 3325.237627] create_page_buffers+0x1bb/0x230 [ 3325.237997] __block_write_begin_int+0x1d1/0x19c0 [ 3325.238394] ? fat_add_cluster+0x100/0x100 [ 3325.238741] ? add_to_page_cache_locked+0x40/0x40 [ 3325.239134] ? __page_cache_alloc+0x10d/0x360 [ 3325.239510] ? remove_inode_buffers+0x300/0x300 [ 3325.239896] ? pagecache_get_page+0x243/0xc80 [ 3325.240261] ? unlock_page_memcg+0x96/0x170 [ 3325.240618] ? wait_for_stable_page+0x92/0xe0 [ 3325.240985] cont_write_begin+0x472/0x980 [ 3325.241324] ? fat_add_cluster+0x100/0x100 [ 3325.241685] ? nobh_write_begin+0xed0/0xed0 [ 3325.242043] ? __wb_update_bandwidth.constprop.0+0xe00/0xe00 [ 3325.242512] ? generic_write_end+0x20e/0x3f0 [ 3325.242887] ? iov_iter_fault_in_readable+0x9a/0x410 [ 3325.243322] fat_write_begin+0x89/0x180 [ 3325.243641] ? fat_add_cluster+0x100/0x100 [ 3325.243995] generic_perform_write+0x20a/0x4f0 [ 3325.244373] ? fat_direct_IO+0x1ef/0x380 [ 3325.244702] ? page_cache_prev_miss+0x310/0x310 [ 3325.245097] __generic_file_write_iter+0x2cd/0x5d0 [ 3325.245508] generic_file_write_iter+0xdb/0x230 [ 3325.245892] do_iter_readv_writev+0x476/0x750 [ 3325.246269] ? new_sync_write+0x660/0x660 [ 3325.246619] ? selinux_file_permission+0x92/0x520 [ 3325.247032] do_iter_write+0x191/0x670 [ 3325.247355] ? trace_hardirqs_on+0x5b/0x180 [ 3325.247719] vfs_iter_write+0x70/0xa0 [ 3325.248037] iter_file_splice_write+0x762/0xc30 [ 3325.248433] ? generic_splice_sendpage+0x140/0x140 [ 3325.248850] ? avc_policy_seqno+0x9/0x70 [ 3325.249183] ? selinux_file_permission+0x92/0x520 [ 3325.249586] ? lockdep_init_map_type+0x2c7/0x780 [ 3325.249973] ? generic_splice_sendpage+0x140/0x140 [ 3325.250376] direct_splice_actor+0x10f/0x170 [ 3325.250743] splice_direct_to_actor+0x387/0x980 [ 3325.251137] ? pipe_to_sendpage+0x380/0x380 [ 3325.251499] ? do_splice_to+0x160/0x160 [ 3325.251834] ? security_file_permission+0x24e/0x570 [ 3325.252258] do_splice_direct+0x1c4/0x290 [ 3325.252599] ? splice_direct_to_actor+0x980/0x980 [ 3325.252995] ? selinux_file_permission+0x92/0x520 [ 3325.253399] ? security_file_permission+0x24e/0x570 [ 3325.253831] do_sendfile+0x553/0x1090 [ 3325.254158] ? do_pwritev+0x270/0x270 [ 3325.254483] ? wait_for_completion_io+0x270/0x270 [ 3325.254880] ? rcu_read_lock_any_held+0x75/0xa0 [ 3325.255269] ? vfs_write+0x354/0xa70 [ 3325.255586] __x64_sys_sendfile64+0x1d1/0x210 [ 3325.255956] ? __ia32_sys_sendfile+0x220/0x220 [ 3325.256346] do_syscall_64+0x33/0x40 [ 3325.256662] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 3325.257083] RIP: 0033:0x7fa47a8f1b19 [ 3325.257386] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3325.258890] RSP: 002b:00007fa477e67188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3325.259501] RAX: ffffffffffffffda RBX: 00007fa47aa04f60 RCX: 00007fa47a8f1b19 [ 3325.260076] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 3325.260656] RBP: 00007fa477e671d0 R08: 0000000000000000 R09: 0000000000000000 [ 3325.261237] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000002 [ 3325.261832] R13: 00007ffc61c0da3f R14: 00007fa477e67300 R15: 0000000000022000 05:23:01 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xa7a, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:23:01 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000000), 0x0, 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0) read(r1, &(0x7f0000000000), 0x2000) splice(r1, &(0x7f0000000100)=0x8, r0, &(0x7f0000000140)=0x2, 0x200, 0x1) close(r1) ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000180)={0x3ee3, 0x7fffffff, 0x25}) sendmsg$IPSET_CMD_GET_BYNAME(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, 0xe, 0x6, 0x0, 0x0, 0x0, {0x3, 0x0, 0x3}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20040000}, 0x14) 05:23:01 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x3, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:23:01 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x7, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:23:01 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bd8, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:23:17 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x15413, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:23:17 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xb00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:23:17 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) (fail_nth: 29) 05:23:17 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bd9, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:23:17 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x400000) 05:23:17 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x4, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:23:17 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x8, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:23:17 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f00000001c0)=[{&(0x7f0000000340)=""/4096}, {&(0x7f0000000000)=""/141}, {&(0x7f00000000c0)=""/88}, {&(0x7f0000000140)=""/88}], 0x1, 0x1, 0x0) 05:23:17 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x400, 0x0) 05:23:17 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) r1 = dup2(r0, r0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_GET_WOWLAN(r1, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYRES32=r1, @ANYRES16=r2, @ANYBLOB="00042bbd7000fedbdf25c9000000080001000e00000008000300", @ANYRES32=r3, @ANYBLOB], 0x24}, 0x1, 0x0, 0x0, 0x20}, 0x40080) [ 3342.051706] FAULT_INJECTION: forcing a failure. [ 3342.051706] name failslab, interval 1, probability 0, space 0, times 0 [ 3342.053054] CPU: 1 PID: 19960 Comm: syz-executor.5 Not tainted 5.10.210 #1 [ 3342.053768] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3342.054601] Call Trace: [ 3342.054887] dump_stack+0x107/0x167 [ 3342.055265] should_fail.cold+0x5/0xa [ 3342.055653] ? fat_cache_add.part.0+0x3c6/0x5d0 [ 3342.056137] should_failslab+0x5/0x20 [ 3342.056530] kmem_cache_alloc+0x5b/0x310 [ 3342.056959] fat_cache_add.part.0+0x3c6/0x5d0 [ 3342.057418] fat_get_cluster+0x91e/0xd40 [ 3342.057864] ? fat_cache_inval_inode+0x290/0x290 [ 3342.058330] ? __brelse+0x84/0xa0 [ 3342.058703] fat_get_mapped_cluster+0x212/0x440 [ 3342.059182] ? fat_get_cluster+0xd40/0xd40 [ 3342.059578] ? perf_trace_lock+0xac/0x490 [ 3342.060007] fat_bmap+0x1f8/0x460 [ 3342.060355] fat_get_block+0x33a/0x940 [ 3342.060758] ? fat_add_cluster+0x100/0x100 [ 3342.061183] ? create_empty_buffers+0x4a3/0x640 [ 3342.061644] ? create_page_buffers+0x139/0x230 [ 3342.062123] __block_write_begin_int+0x3d1/0x19c0 [ 3342.062584] ? fat_add_cluster+0x100/0x100 [ 3342.063023] ? remove_inode_buffers+0x300/0x300 [ 3342.063488] ? pagecache_get_page+0x243/0xc80 [ 3342.063937] ? unlock_page_memcg+0x96/0x170 [ 3342.064355] ? wait_for_stable_page+0x92/0xe0 [ 3342.064812] cont_write_begin+0x472/0x980 [ 3342.065240] ? fat_add_cluster+0x100/0x100 [ 3342.065652] ? nobh_write_begin+0xed0/0xed0 [ 3342.066085] ? __wb_update_bandwidth.constprop.0+0xe00/0xe00 [ 3342.066640] ? generic_write_end+0x20e/0x3f0 [ 3342.067088] ? iov_iter_fault_in_readable+0x9a/0x410 [ 3342.067601] fat_write_begin+0x89/0x180 [ 3342.067996] ? fat_add_cluster+0x100/0x100 [ 3342.068399] generic_perform_write+0x20a/0x4f0 [ 3342.068857] ? fat_direct_IO+0x1ef/0x380 [ 3342.069251] ? page_cache_prev_miss+0x310/0x310 [ 3342.069746] __generic_file_write_iter+0x2cd/0x5d0 [ 3342.070228] generic_file_write_iter+0xdb/0x230 [ 3342.070695] do_iter_readv_writev+0x476/0x750 [ 3342.071141] ? new_sync_write+0x660/0x660 [ 3342.071553] ? selinux_file_permission+0x92/0x520 [ 3342.072043] do_iter_write+0x191/0x670 [ 3342.072438] ? trace_hardirqs_on+0x5b/0x180 [ 3342.072885] vfs_iter_write+0x70/0xa0 [ 3342.073272] iter_file_splice_write+0x762/0xc30 [ 3342.073759] ? generic_splice_sendpage+0x140/0x140 [ 3342.074244] ? avc_policy_seqno+0x9/0x70 [ 3342.074661] ? selinux_file_permission+0x92/0x520 [ 3342.075137] ? lockdep_init_map_type+0x2c7/0x780 [ 3342.075602] ? generic_splice_sendpage+0x140/0x140 [ 3342.076072] direct_splice_actor+0x10f/0x170 [ 3342.076491] splice_direct_to_actor+0x387/0x980 [ 3342.076952] ? pipe_to_sendpage+0x380/0x380 [ 3342.077374] ? do_splice_to+0x160/0x160 [ 3342.077786] ? security_file_permission+0x24e/0x570 [ 3342.078302] do_splice_direct+0x1c4/0x290 [ 3342.078700] ? splice_direct_to_actor+0x980/0x980 [ 3342.079184] ? selinux_file_permission+0x92/0x520 [ 3342.079673] ? security_file_permission+0x24e/0x570 [ 3342.080190] do_sendfile+0x553/0x1090 [ 3342.080573] ? do_pwritev+0x270/0x270 [ 3342.080966] ? wait_for_completion_io+0x270/0x270 [ 3342.081439] ? rcu_read_lock_any_held+0x75/0xa0 [ 3342.081927] ? vfs_write+0x354/0xa70 [ 3342.082311] __x64_sys_sendfile64+0x1d1/0x210 [ 3342.082778] ? __ia32_sys_sendfile+0x220/0x220 [ 3342.083240] do_syscall_64+0x33/0x40 [ 3342.083624] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 3342.084124] RIP: 0033:0x7fa47a8f1b19 [ 3342.084486] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3342.086262] RSP: 002b:00007fa477e67188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3342.087014] RAX: ffffffffffffffda RBX: 00007fa47aa04f60 RCX: 00007fa47a8f1b19 [ 3342.087714] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 3342.088413] RBP: 00007fa477e671d0 R08: 0000000000000000 R09: 0000000000000000 [ 3342.089093] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000002 [ 3342.089783] R13: 00007ffc61c0da3f R14: 00007fa477e67300 R15: 0000000000022000 05:23:18 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x800000) 05:23:18 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/consoles\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) fcntl$setown(r0, 0x8, 0x0) 05:23:18 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x5, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:23:36 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) (fail_nth: 30) 05:23:36 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) r1 = syz_open_dev$hiddev(&(0x7f0000000000), 0x2, 0xfd3fae81d6349235) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r1, {0x4}}, './file0\x00'}) 05:23:36 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xb01, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:23:36 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x20000000) 05:23:36 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x15414, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:23:36 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x9, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:23:36 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bda, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:23:36 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x6, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) [ 3360.337296] FAULT_INJECTION: forcing a failure. [ 3360.337296] name failslab, interval 1, probability 0, space 0, times 0 [ 3360.338553] CPU: 0 PID: 20040 Comm: syz-executor.5 Not tainted 5.10.210 #1 [ 3360.339232] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3360.340067] Call Trace: [ 3360.340340] dump_stack+0x107/0x167 [ 3360.340710] should_fail.cold+0x5/0xa [ 3360.341097] ? create_object.isra.0+0x3a/0xa20 [ 3360.341559] should_failslab+0x5/0x20 [ 3360.341953] kmem_cache_alloc+0x5b/0x310 [ 3360.342365] create_object.isra.0+0x3a/0xa20 [ 3360.342804] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3360.343325] kmem_cache_alloc+0x159/0x310 [ 3360.343752] fat_cache_add.part.0+0x3c6/0x5d0 [ 3360.344230] fat_get_cluster+0x91e/0xd40 [ 3360.344657] ? fat_cache_inval_inode+0x290/0x290 [ 3360.345151] ? __brelse+0x84/0xa0 [ 3360.345534] fat_get_mapped_cluster+0x212/0x440 [ 3360.346033] ? fat_get_cluster+0xd40/0xd40 [ 3360.346471] ? perf_trace_lock+0xac/0x490 [ 3360.346924] fat_bmap+0x1f8/0x460 [ 3360.347285] fat_get_block+0x33a/0x940 [ 3360.347695] ? fat_add_cluster+0x100/0x100 [ 3360.348123] ? create_empty_buffers+0x4a3/0x640 [ 3360.348606] ? create_page_buffers+0x139/0x230 [ 3360.349078] __block_write_begin_int+0x3d1/0x19c0 [ 3360.349576] ? fat_add_cluster+0x100/0x100 [ 3360.350034] ? remove_inode_buffers+0x300/0x300 [ 3360.350510] ? pagecache_get_page+0x243/0xc80 [ 3360.350967] ? unlock_page_memcg+0x96/0x170 [ 3360.351407] ? wait_for_stable_page+0x92/0xe0 [ 3360.351860] cont_write_begin+0x472/0x980 [ 3360.352297] ? fat_add_cluster+0x100/0x100 [ 3360.352723] ? nobh_write_begin+0xed0/0xed0 [ 3360.353170] ? __wb_update_bandwidth.constprop.0+0xe00/0xe00 [ 3360.353757] ? generic_write_end+0x20e/0x3f0 [ 3360.354226] ? iov_iter_fault_in_readable+0x9a/0x410 [ 3360.354751] fat_write_begin+0x89/0x180 [ 3360.355166] ? fat_add_cluster+0x100/0x100 [ 3360.355615] generic_perform_write+0x20a/0x4f0 [ 3360.356111] ? fat_direct_IO+0x1ef/0x380 [ 3360.356521] ? page_cache_prev_miss+0x310/0x310 [ 3360.357015] __generic_file_write_iter+0x2cd/0x5d0 [ 3360.357524] generic_file_write_iter+0xdb/0x230 [ 3360.358021] do_iter_readv_writev+0x476/0x750 [ 3360.358487] ? new_sync_write+0x660/0x660 [ 3360.358910] ? selinux_file_permission+0x92/0x520 [ 3360.359414] do_iter_write+0x191/0x670 [ 3360.359817] ? trace_hardirqs_on+0x5b/0x180 [ 3360.360265] vfs_iter_write+0x70/0xa0 [ 3360.360658] iter_file_splice_write+0x762/0xc30 [ 3360.361136] ? generic_splice_sendpage+0x140/0x140 [ 3360.361643] ? avc_policy_seqno+0x9/0x70 [ 3360.362069] ? selinux_file_permission+0x92/0x520 [ 3360.362566] ? lockdep_init_map_type+0x2c7/0x780 [ 3360.363048] ? generic_splice_sendpage+0x140/0x140 [ 3360.363551] direct_splice_actor+0x10f/0x170 [ 3360.364000] splice_direct_to_actor+0x387/0x980 [ 3360.364486] ? pipe_to_sendpage+0x380/0x380 [ 3360.364925] ? do_splice_to+0x160/0x160 [ 3360.365330] ? security_file_permission+0x24e/0x570 [ 3360.365857] do_splice_direct+0x1c4/0x290 [ 3360.366301] ? splice_direct_to_actor+0x980/0x980 [ 3360.366797] ? selinux_file_permission+0x92/0x520 [ 3360.367299] ? security_file_permission+0x24e/0x570 [ 3360.367834] do_sendfile+0x553/0x1090 [ 3360.368247] ? do_pwritev+0x270/0x270 [ 3360.368649] ? wait_for_completion_io+0x270/0x270 [ 3360.369146] ? rcu_read_lock_any_held+0x75/0xa0 [ 3360.369617] ? vfs_write+0x354/0xa70 [ 3360.370031] __x64_sys_sendfile64+0x1d1/0x210 [ 3360.370497] ? __ia32_sys_sendfile+0x220/0x220 [ 3360.370990] do_syscall_64+0x33/0x40 [ 3360.371384] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 3360.371923] RIP: 0033:0x7fa47a8f1b19 [ 3360.372317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3360.374195] RSP: 002b:00007fa477e67188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3360.374976] RAX: ffffffffffffffda RBX: 00007fa47aa04f60 RCX: 00007fa47a8f1b19 [ 3360.375697] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 3360.376410] RBP: 00007fa477e671d0 R08: 0000000000000000 R09: 0000000000000000 [ 3360.377150] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000002 [ 3360.377894] R13: 00007ffc61c0da3f R14: 00007fa477e67300 R15: 0000000000022000 05:23:36 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0) read(r0, &(0x7f0000000000), 0x2000) close(r0) dup(r0) preadv(0xffffffffffffffff, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x40) getsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000000), &(0x7f00000000c0)=0x14) ioctl$SG_GET_SCSI_ID(r1, 0x2276, &(0x7f0000000140)) fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff) 05:23:36 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x15415, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:23:36 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x8, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:23:36 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0xa, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:23:36 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xc00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:23:36 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bdb, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:23:36 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0) read(r2, &(0x7f0000000000), 0x2000) close(r2) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc018937e, &(0x7f0000000180)={{0x1, 0x1, 0x18, r2, @out_args}, './file0\x00'}) read(r1, &(0x7f0000000000), 0x2000) close(r1) sendmsg$IPVS_CMD_SET_SERVICE(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x34, 0x0, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x21a0}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x2}]}, 0x34}, 0x1, 0x0, 0x0, 0x10040050}, 0x30040004) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) 05:23:36 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xc01, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:23:54 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x48, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:23:54 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xd00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:23:54 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bdc, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:23:54 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) (fail_nth: 31) 05:23:54 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x9, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:23:54 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0xeffdffff) 05:23:54 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x15416, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:23:54 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000340)={0x0}, &(0x7f0000000380)=0xc) sendmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r1}}}], 0x20}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000340)={0x0}, &(0x7f0000000380)=0xc) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x105000, 0x0) read(r4, &(0x7f0000000000), 0x2000) close(r4) fchmod(r4, 0x100) sendmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r3}}}], 0x20}, 0x40001) clone3(&(0x7f0000000340)={0x2000, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140), {0x1b}, &(0x7f0000000180)=""/131, 0x83, &(0x7f0000000240)=""/1, &(0x7f00000002c0)=[r1, r3, 0xffffffffffffffff], 0x3}, 0x58) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f00000004c0)=""/140, 0x8c}], 0x1, 0x1, 0x2) ioctl$FS_IOC_FSGETXATTR(r5, 0x801c581f, &(0x7f0000000000)={0xb887, 0xe2, 0x0, 0x1ff, 0x2792}) [ 3378.792304] FAULT_INJECTION: forcing a failure. [ 3378.792304] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 3378.793318] CPU: 1 PID: 20165 Comm: syz-executor.5 Not tainted 5.10.210 #1 [ 3378.793869] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3378.794517] Call Trace: [ 3378.794732] dump_stack+0x107/0x167 [ 3378.795026] should_fail.cold+0x5/0xa [ 3378.795336] __alloc_pages_nodemask+0x182/0x600 [ 3378.795708] ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130 [ 3378.796191] ? find_get_entry+0x2c8/0x740 [ 3378.796520] ? lock_chain_count+0x20/0x20 [ 3378.796857] alloc_pages_current+0x187/0x280 [ 3378.797209] __page_cache_alloc+0x2d2/0x360 [ 3378.797553] pagecache_get_page+0x2c7/0xc80 [ 3378.797898] ? unlock_page_memcg+0x96/0x170 [ 3378.798255] grab_cache_page_write_begin+0x64/0xa0 [ 3378.798646] cont_write_begin+0x448/0x980 [ 3378.798987] ? fat_add_cluster+0x100/0x100 [ 3378.799323] ? nobh_write_begin+0xed0/0xed0 [ 3378.799668] ? __wb_update_bandwidth.constprop.0+0xe00/0xe00 [ 3378.800124] ? generic_write_end+0x20e/0x3f0 [ 3378.800477] ? iov_iter_fault_in_readable+0x9a/0x410 [ 3378.800881] fat_write_begin+0x89/0x180 [ 3378.801194] ? fat_add_cluster+0x100/0x100 [ 3378.801540] generic_perform_write+0x20a/0x4f0 [ 3378.801910] ? fat_direct_IO+0x1ef/0x380 [ 3378.802239] ? page_cache_prev_miss+0x310/0x310 [ 3378.802622] __generic_file_write_iter+0x2cd/0x5d0 [ 3378.803016] generic_file_write_iter+0xdb/0x230 [ 3378.803392] do_iter_readv_writev+0x476/0x750 [ 3378.803750] ? new_sync_write+0x660/0x660 [ 3378.804080] ? selinux_file_permission+0x92/0x520 [ 3378.804476] do_iter_write+0x191/0x670 [ 3378.804792] ? trace_hardirqs_on+0x5b/0x180 [ 3378.805141] vfs_iter_write+0x70/0xa0 [ 3378.805460] iter_file_splice_write+0x762/0xc30 [ 3378.805842] ? generic_splice_sendpage+0x140/0x140 [ 3378.806244] ? avc_policy_seqno+0x9/0x70 [ 3378.806564] ? selinux_file_permission+0x92/0x520 [ 3378.806957] ? lockdep_init_map_type+0x2c7/0x780 [ 3378.807332] ? generic_splice_sendpage+0x140/0x140 [ 3378.807719] direct_splice_actor+0x10f/0x170 [ 3378.808079] splice_direct_to_actor+0x387/0x980 [ 3378.808452] ? pipe_to_sendpage+0x380/0x380 [ 3378.808797] ? do_splice_to+0x160/0x160 [ 3378.809120] ? security_file_permission+0x24e/0x570 [ 3378.809520] do_splice_direct+0x1c4/0x290 [ 3378.809851] ? splice_direct_to_actor+0x980/0x980 [ 3378.810239] ? selinux_file_permission+0x92/0x520 [ 3378.810626] ? security_file_permission+0x24e/0x570 [ 3378.811031] do_sendfile+0x553/0x1090 [ 3378.811342] ? do_pwritev+0x270/0x270 [ 3378.811648] ? wait_for_completion_io+0x270/0x270 [ 3378.812036] ? rcu_read_lock_any_held+0x75/0xa0 [ 3378.812405] ? vfs_write+0x354/0xa70 [ 3378.812706] __x64_sys_sendfile64+0x1d1/0x210 [ 3378.813063] ? __ia32_sys_sendfile+0x220/0x220 [ 3378.813439] do_syscall_64+0x33/0x40 [ 3378.813735] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 3378.814147] RIP: 0033:0x7fa47a8f1b19 [ 3378.814450] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3378.815886] RSP: 002b:00007fa477e67188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3378.816491] RAX: ffffffffffffffda RBX: 00007fa47aa04f60 RCX: 00007fa47a8f1b19 [ 3378.817054] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 3378.817612] RBP: 00007fa477e671d0 R08: 0000000000000000 R09: 0000000000000000 [ 3378.818177] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000002 [ 3378.818731] R13: 00007ffc61c0da3f R14: 00007fa477e67300 R15: 0000000000022000 05:23:54 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0xa, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:23:54 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0xf5ffffff) 05:23:54 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xd01, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:23:54 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x4c, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:23:54 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x15417, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:23:54 executing program 1: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3f, 0x80, 0xc1, 0xa, 0x0, 0x1f, 0x94, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff7, 0x0, @perf_config_ext={0x200, 0x6}, 0x203, 0x0, 0x9, 0x1, 0x2432a59d, 0x3275, 0x1, 0x0, 0x87, 0x0, 0x1}, 0x0, 0x9, 0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x13bdd, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x70bd26, 0xffffffff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 05:23:54 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x68, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:23:54 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0xb, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:23:54 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0xe00, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0) 05:23:54 executing program 3: prctl$PR_SET_THP_DISABLE(0x29, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) 05:23:55 executing program 6: openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x600081, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003) r2 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x39d1, 0x10, 0x2, 0x3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'}) inotify_add_watch(r6, &(0x7f0000000140)='./file0\x00', 0x140) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20d315) inotify_rm_watch(0xffffffffffffffff, r1) close(r5) r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x8013, r2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) syz_io_uring_submit(r7, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x8001) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0xfffffdef) 05:23:55 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801290470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) (fail_nth: 32) 05:23:55 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r1) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000340)={0x0, 0x15418, &(0x7f0000000040)={&(0x7f00000000c0)={0x34, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}]}, 0x34}}, 0x0) 05:23:55 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/key-users\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/126, 0x7e}], 0x1, 0x1, 0x0) [ 3379.194582] FAULT_INJECTION: forcing a failure. [ 3379.194582] name failslab, interval 1, probability 0, space 0, times 0 [ 3379.195767] CPU: 0 PID: 20229 Comm: syz-executor.5 Not tainted 5.10.210 #1 [ 3379.196283] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 3379.196901] Call Trace: [ 3379.197114] dump_stack+0x107/0x167 [ 3379.197398] should_fail.cold+0x5/0xa [ 3379.197695] ? create_object.isra.0+0x3a/0xa20 [ 3379.198043] should_failslab+0x5/0x20 [ 3379.198345] kmem_cache_alloc+0x5b/0x310 [ 3379.198666] create_object.isra.0+0x3a/0xa20 [ 3379.199012] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3379.199525] kmem_cache_alloc+0x159/0x310 [ 3379.199871] ? mempool_free_pages+0x20/0x20 [ 3379.200316] mempool_alloc+0x148/0x360 [ 3379.200717] ? mempool_resize+0x7d0/0x7d0 [ 3379.201144] ? mark_lock+0xf5/0x2df0 [ 3379.201528] ? perf_trace_lock+0xac/0x490 [ 3379.201964] __sg_alloc_table+0x24e/0x390 [ 3379.202313] sg_alloc_table_chained+0x9b/0x1f0 [ 3379.202770] ? sg_alloc_table_chained+0x1f0/0x1f0 [ 3379.203259] scsi_alloc_sgtables+0x236/0xaf0 [ 3379.203626] ? scsi_cmd_runtime_exceeced+0x1d0/0x1d0 [ 3379.204133] ? lockdep_init_map_type+0x2c7/0x780 [ 3379.204533] sd_init_command+0x516/0x3550 [ 3379.204963] scsi_queue_rq+0xe5e/0x27f0 [ 3379.205381] blk_mq_dispatch_rq_list+0x372/0x1c40 [ 3379.205788] ? elv_rb_del+0x50/0xa0 [ 3379.206158] ? elv_rqhash_del+0x119/0x160 [ 3379.206570] ? blk_mq_dequeue_from_ctx+0x7f0/0x7f0 [ 3379.207071] ? dd_dispatch_request+0x1c0/0x990 [ 3379.207536] blk_mq_do_dispatch_sched+0x7f4/0xa00 [ 3379.208038] ? blk_mq_sched_mark_restart_hctx+0x80/0x80 [ 3379.208474] ? lock_acquire+0x197/0x470 [ 3379.208877] ? hctx_lock+0x7f/0x200 [ 3379.209252] __blk_mq_sched_dispatch_requests+0x2d7/0x450 [ 3379.209808] ? blk_mq_do_dispatch_sched+0xa00/0xa00 [ 3379.210229] blk_mq_sched_dispatch_requests+0xfb/0x180 [ 3379.210765] __blk_mq_run_hw_queue+0x12c/0x290 [ 3379.211228] ? blk_mq_start_request+0x3f0/0x3f0 [ 3379.211610] ? do_raw_spin_lock+0x121/0x260 [ 3379.212057] __blk_mq_delay_run_hw_queue+0x4f1/0x550 [ 3379.212568] blk_mq_run_hw_queue+0x170/0x2f0 [ 3379.212927] ? blk_mq_delay_run_hw_queues+0x1a0/0x1a0 [ 3379.213461] ? dd_dispatch_request+0x990/0x990 [ 3379.213913] blk_mq_sched_insert_requests+0x247/0x720 [ 3379.214447] blk_mq_flush_plug_list+0x415/0x6c0 [ 3379.214930] ? blk_mq_insert_requests+0x450/0x450 [ 3379.215420] ? trace_event_raw_event_iomap_apply+0x430/0x430 [ 3379.216007] blk_flush_plug_list+0x26c/0x3c0 [ 3379.216450] ? mark_held_locks+0x9e/0xe0 [ 3379.216877] ? blk_insert_cloned_request+0x460/0x460 [ 3379.217304] blk_finish_plug+0x50/0xa0 [ 3379.217705] __iomap_dio_rw+0xca0/0x1110 [ 3379.218026] ? iomap_dio_bio_actor+0xef0/0xef0 [ 3379.218493] ? ext4_orphan_add+0x253/0x9e0 [ 3379.218916] ? jbd2_buffer_abort_trigger+0x80/0x80 [ 3379.219415] ? ext4_empty_dir+0xae0/0xae0 [ 3379.219833] ? jbd2__journal_start+0xf3/0x7e0 [ 3379.220291] iomap_dio_rw+0x31/0x90 [ 3379.220667] ext4_file_write_iter+0xb26/0x18d0 [ 3379.221142] ? ext4_file_read_iter+0x4c0/0x4c0 [ 3379.221513] ? kasan_save_stack+0x32/0x40 [ 3379.221934] ? kasan_save_stack+0x1b/0x40 [ 3379.222279] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 3379.222794] ? iter_file_splice_write+0x16d/0xc30 [ 3379.223183] ? direct_splice_actor+0x10f/0x170 [ 3379.223646] ? splice_direct_to_actor+0x387/0x980 [ 3379.224033] ? do_splice_direct+0x1c4/0x290 [ 3379.224465] ? do_sendfile+0x553/0x1090 [ 3379.224787] ? __x64_sys_sendfile64+0x1d1/0x210 [ 3379.225262] do_iter_readv_writev+0x476/0x750 [ 3379.225632] ? new_sync_write+0x660/0x660 [ 3379.226050] ? selinux_file_permission+0x92/0x520 [ 3379.226468] do_iter_write+0x191/0x670 [ 3379.226863] ? trace_hardirqs_on+0x5b/0x180 [ 3379.227303] vfs_iter_write+0x70/0xa0 [ 3379.227683] iter_file_splice_write+0x762/0xc30 [ 3379.228166] ? generic_splice_sendpage+0x140/0x140 [ 3379.228667] ? avc_policy_seqno+0x9/0x70 [ 3379.229078] ? selinux_file_permission+0x92/0x520 [ 3379.229569] ? lockdep_init_map_type+0x2c7/0x780 [ 3379.230059] ? generic_splice_sendpage+0x140/0x140 [ 3379.230468] direct_splice_actor+0x10f/0x170 [ 3379.230923] splice_direct_to_actor+0x387/0x980 [ 3379.231392] ? pipe_to_sendpage+0x380/0x380 [ 3379.231720] ? do_splice_to+0x160/0x160 [ 3379.232122] ? security_file_permission+0x24e/0x570 [ 3379.232638] do_splice_direct+0x1c4/0x290 [ 3379.233054] ? splice_direct_to_actor+0x980/0x980 [ 3379.233536] ? selinux_file_permission+0x92/0x520 [ 3379.233940] ? security_file_permission+0x24e/0x570 [ 3379.234456] do_sendfile+0x553/0x1090 [ 3379.234847] ? do_pwritev+0x270/0x270 [ 3379.235236] ? wait_for_completion_io+0x270/0x270 [ 3379.235729] ? rcu_read_lock_any_held+0x75/0xa0 [ 3379.236192] ? vfs_write+0x354/0xa70 [ 3379.236575] __x64_sys_sendfile64+0x1d1/0x210 [ 3379.236939] ? __ia32_sys_sendfile+0x220/0x220 [ 3379.237415] do_syscall_64+0x33/0x40 [ 3379.237720] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 3379.238245] RIP: 0033:0x7fa47a8f1b19 [ 3379.238622] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 3379.240448] RSP: 002b:00007fa477e67188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 3379.241207] RAX: ffffffffffffffda RBX: 00007fa47aa04f60 RCX: 00007fa47a8f1b19 [ 3379.241924] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 3379.242665] RBP: 00007fa477e671d0 R08: 0000000000000000 R09: 0000000000000000 [ 3379.243373] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000002 [ 3379.244080] R13: 00007ffc61c0da3f R14: 00007fa477e67300 R15: 0000000000022000 BUG: leak checking failed VM DIAGNOSIS: 05:23:55 Registers: info registers vcpu 0 RAX=0000000000000001 RBX=000000000000000c RCX=ffffffff81fa50f9 RDX=ffffed100b7b1846 RSI=0000000000000008 RDI=ffff88805bd8c226 RBP=ffff88805bd8c226 RSP=ffff88803dd172e8 R8 =0000000000000000 R9 =ffff88805bd8c22d R10=ffffed100b7b1845 R11=0000000000000001 R12=0000000000000008 R13=ffff88805cd993bc R14=ffff88805bd8c226 R15=0000000000000b08 RIP=ffffffff816c6550 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f90df01d5c0 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055886e4ab3e8 CR3=0000000047aa2000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=0000000000020005002b000c00000000 XMM02=00000000000000000001008400020088 XMM03=00000000000000010000000000000001 XMM04=00004f0d65dec36b00020010000002c8 XMM05=000003e8000027100000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000001 XMM08=00000001000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=1ffff11007f1a0b7 RBX=dffffc0000000000 RCX=ffffffff831deda7 RDX=ffff888048d74ec0 RSI=ffffffff831dceff RDI=ffff88803f8d05b8 RBP=ffff88803f8d0000 RSP=ffff88805ed1f288 R8 =0000000000000000 R9 =ffff88805555d0e4 R10=0000000000000000 R11=0000000000000001 R12=ffff888054edc000 R13=0000000000000000 R14=ffff88800974a190 R15=ffff888054edc000 RIP=ffffffff831dcf1e RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f58e53695c0 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055f9a62c70a8 CR3=0000000041fb6000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=001a008cd93a424aa8adeeee0036000c XMM03=00000001000000010000000100000000 XMM04=00004f1165dec36b00020010000002c8 XMM05=000003e8000027100000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000001 XMM08=00000001000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000